|
Log-Analyse und Auswertung: Spam-Mails unter meinem Namen versendetWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
09.02.2016, 09:04 | #1 | ||
| Spam-Mails unter meinem Namen versendet Guten Morgen, in meinem Namen (aber von anderen oder ähnlich aussehenden Yahoo-Mailadressen) wurden am Wochenende Spam-Mails an meine Kontakte versandt. Ich habe alle Passwörter geändert, was ich auch regelmäßig mache. Ich habe nun gestern schon AdwCleaner und Malwarebytes suchen lassen, die auch fündig wurden. Doof im Nachhinein, ich hätte lieber gleich fragen sollen. Könnt Ihr mir trotzdem noch helfen? Könnt Ihr erkennen, ob die gefundenen Dateien die Ursache für das Kontakte-Abfischen gewesen sein können. Hier die Logfiles: Zitat:
Zitat:
|
09.02.2016, 10:46 | #2 |
/// TB-Ausbilder | Spam-Mails unter meinem Namen versendetMein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags: So funktioniert es: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Da wurde nur etwas Werbesoftware gefunden, nichts gefährliches. Zur ersten Analyse bitte FRST und TDSS-Killer ausführen: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
09.02.2016, 12:11 | #3 |
| Spam-Mails unter meinem Namen versendet Hallo Matthias,
__________________danke für Deinen Einsatz bis hier! Die Logfiles sehen wie folgt aus: TDSSKiller Code:
ATTFilter 11:53:00.0937 0x1764 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12 11:53:13.0141 0x1764 ============================================================ 11:53:13.0141 0x1764 Current date / time: 2016/02/09 11:53:13.0141 11:53:13.0141 0x1764 SystemInfo: 11:53:13.0141 0x1764 11:53:13.0141 0x1764 OS Version: 6.1.7601 ServicePack: 1.0 11:53:13.0141 0x1764 Product type: Workstation 11:53:13.0141 0x1764 ComputerName: NEUERMEDION 11:53:13.0141 0x1764 UserName: FamilieJacobs 11:53:13.0141 0x1764 Windows directory: C:\Windows 11:53:13.0141 0x1764 System windows directory: C:\Windows 11:53:13.0141 0x1764 Running under WOW64 11:53:13.0141 0x1764 Processor architecture: Intel x64 11:53:13.0141 0x1764 Number of processors: 4 11:53:13.0141 0x1764 Page size: 0x1000 11:53:13.0141 0x1764 Boot type: Normal boot 11:53:13.0141 0x1764 ============================================================ 11:53:13.0687 0x1764 KLMD registered as C:\Windows\system32\drivers\14024215.sys 11:53:14.0267 0x1764 System UUID: {CEB81F15-8E5F-3DF1-4373-57A6FC1DA5EC} 11:53:15.0691 0x1764 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 11:53:15.0722 0x1764 ============================================================ 11:53:15.0722 0x1764 \Device\Harddisk0\DR0: 11:53:15.0722 0x1764 MBR partitions: 11:53:15.0722 0x1764 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 11:53:15.0722 0x1764 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x50F13000 11:53:15.0722 0x1764 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x50F45800, BlocksNum 0x6400000 11:53:15.0722 0x1764 ============================================================ 11:53:15.0737 0x1764 C: <-> \Device\Harddisk0\DR0\Partition2 11:53:15.0792 0x1764 D: <-> \Device\Harddisk0\DR0\Partition3 11:53:15.0792 0x1764 ============================================================ 11:53:15.0792 0x1764 Initialize success 11:53:15.0792 0x1764 ============================================================ 11:53:50.0504 0x1a80 ============================================================ 11:53:50.0504 0x1a80 Scan started 11:53:50.0504 0x1a80 Mode: Manual; SigCheck; TDLFS; 11:53:50.0504 0x1a80 ============================================================ 11:53:50.0504 0x1a80 KSN ping started 11:53:53.0547 0x1a80 KSN ping finished: true 11:53:54.0732 0x1a80 ================ Scan system memory ======================== 11:53:54.0732 0x1a80 System memory - ok 11:53:54.0732 0x1a80 ================ Scan services ============================= 11:53:55.0013 0x1a80 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 11:53:55.0185 0x1a80 1394ohci - ok 11:53:55.0278 0x1a80 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys 11:53:55.0325 0x1a80 ACPI - ok 11:53:55.0372 0x1a80 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 11:53:55.0419 0x1a80 AcpiPmi - ok 11:53:55.0497 0x1a80 [ 62B7936F9036DD6ED36E6A7EFA805DC0, C58EA1B46CB3595386C9217A7785F2A436916FB1E0BDC0E4BE484292C55AA455 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 11:53:55.0528 0x1a80 AdobeARMservice - ok 11:53:55.0606 0x1a80 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 11:53:55.0668 0x1a80 adp94xx - ok 11:53:55.0731 0x1a80 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys 11:53:55.0777 0x1a80 adpahci - ok 11:53:55.0855 0x1a80 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 11:53:55.0918 0x1a80 adpu320 - ok 11:53:55.0949 0x1a80 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 11:53:55.0996 0x1a80 AeLookupSvc - ok 11:53:56.0074 0x1a80 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys 11:53:56.0183 0x1a80 AFD - ok 11:53:56.0214 0x1a80 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys 11:53:56.0261 0x1a80 agp440 - ok 11:53:56.0292 0x1a80 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe 11:53:56.0339 0x1a80 ALG - ok 11:53:56.0401 0x1a80 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys 11:53:56.0448 0x1a80 aliide - ok 11:53:56.0479 0x1a80 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys 11:53:56.0511 0x1a80 amdide - ok 11:53:56.0542 0x1a80 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 11:53:56.0573 0x1a80 AmdK8 - ok 11:53:56.0651 0x1a80 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 11:53:56.0682 0x1a80 AmdPPM - ok 11:53:56.0713 0x1a80 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys 11:53:56.0745 0x1a80 amdsata - ok 11:53:56.0807 0x1a80 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 11:53:56.0838 0x1a80 amdsbs - ok 11:53:56.0901 0x1a80 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys 11:53:56.0916 0x1a80 amdxata - ok 11:53:56.0994 0x1a80 [ 157B1C973637919DCD0D0464167C86BA, 26495E1390392694F0E33100FB26B2539015414C9F8384F73C66B370A16FD187 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys 11:53:57.0025 0x1a80 AMPPAL - ok 11:53:57.0057 0x1a80 [ 157B1C973637919DCD0D0464167C86BA, 26495E1390392694F0E33100FB26B2539015414C9F8384F73C66B370A16FD187 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys 11:53:57.0103 0x1a80 AMPPALP - ok 11:53:57.0213 0x1a80 [ FB70F8C1283C8CC6BFAA6F9971107E68, 3EAB3703DC27EE94531DA60C2ACF73CAF33F6BA2ED5822D90BF2A97A3A98C4EA ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe 11:53:57.0322 0x1a80 AMPPALR3 - ok 11:53:57.0481 0x1a80 [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe 11:53:57.0606 0x1a80 AntiVirMailService - ok 11:53:57.0699 0x1a80 [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 11:53:57.0762 0x1a80 AntiVirSchedulerService - ok 11:53:57.0871 0x1a80 [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 11:53:57.0933 0x1a80 AntiVirService - ok 11:53:58.0058 0x1a80 [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F, 827400CFB53026757B3D75B6C5AC7BBECE7E62B335160C18CBF6A41047F4A400 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe 11:53:58.0198 0x1a80 AntiVirWebService - ok 11:53:58.0245 0x1a80 [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID C:\Windows\system32\drivers\appid.sys 11:53:58.0276 0x1a80 AppID - ok 11:53:58.0308 0x1a80 [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc C:\Windows\System32\appidsvc.dll 11:53:58.0340 0x1a80 AppIDSvc - ok 11:53:58.0371 0x1a80 [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\Windows\System32\appinfo.dll 11:53:58.0402 0x1a80 Appinfo - ok 11:53:58.0480 0x1a80 [ 2D564BB1C4559A517B390A031955714D, 3048C187FD107C958D43DD8B954AB55FDD1BC538D3E0066CBFCB428C7A8A87E1 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 11:53:58.0511 0x1a80 Apple Mobile Device Service - ok 11:53:58.0558 0x1a80 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys 11:53:58.0589 0x1a80 arc - ok 11:53:58.0605 0x1a80 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys 11:53:58.0636 0x1a80 arcsas - ok 11:53:58.0699 0x1a80 [ EFD89582B55DD32DC79C1A4EB54612A1, 7631F39174E7AE2A162F25D7069123C51274130298A3E5AE10AC1406CD948355 ] ASLDRService C:\Program Files (x86)\PHotkey\ASLDRSrv.exe 11:53:58.0730 0x1a80 ASLDRService - ok 11:53:58.0833 0x1a80 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 11:53:58.0895 0x1a80 aspnet_state - ok 11:53:58.0942 0x1a80 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 11:53:59.0047 0x1a80 AsyncMac - ok 11:53:59.0093 0x1a80 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys 11:53:59.0115 0x1a80 atapi - ok 11:53:59.0193 0x1a80 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 11:53:59.0287 0x1a80 AudioEndpointBuilder - ok 11:53:59.0349 0x1a80 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll 11:53:59.0427 0x1a80 AudioSrv - ok 11:53:59.0509 0x1a80 [ 29E019B4607E410BFE4DB778C3300BC5, 32D1A5A5836152BAAA168B4A06AC6F52DBC19150D339B5F87E8E3A1E1EE580C3 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 11:53:59.0541 0x1a80 avgntflt - ok 11:53:59.0587 0x1a80 [ 1AD2C8F543F261F0AB90AD80767AB21D, 364DA0D0B8A91688CE39FEDF68EB93260819849097444F6A10A3F95CC32F9EA5 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 11:53:59.0619 0x1a80 avipbb - ok 11:53:59.0728 0x1a80 [ DFF7C7E8DB2A8F520BF0550AAD17FF99, 350E4E41E3932B155C93A061B7209645969FD6EE597CF5BBF4BBF7AB0EBBB7FD ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe 11:53:59.0790 0x1a80 Avira.ServiceHost - ok 11:53:59.0821 0x1a80 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 11:53:59.0853 0x1a80 avkmgr - ok 11:53:59.0899 0x1a80 [ 99672CCD11058D6E2F627473B773F971, 4EF2BCDA4678F9ECE499F216AC0F8105F37D2AB0320064741A8DFB5C39E5048C ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys 11:53:59.0949 0x1a80 avnetflt - ok 11:54:00.0010 0x1a80 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll 11:54:00.0072 0x1a80 AxInstSV - ok 11:54:00.0149 0x1a80 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 11:54:00.0242 0x1a80 b06bdrv - ok 11:54:00.0307 0x1a80 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 11:54:00.0366 0x1a80 b57nd60a - ok 11:54:00.0405 0x1a80 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll 11:54:00.0459 0x1a80 BDESVC - ok 11:54:00.0487 0x1a80 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys 11:54:00.0626 0x1a80 Beep - ok 11:54:00.0736 0x1a80 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll 11:54:00.0826 0x1a80 BFE - ok 11:54:00.0884 0x1a80 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll 11:54:01.0065 0x1a80 BITS - ok 11:54:01.0112 0x1448 Object required for P2P: [ 81E02299B534F61E104C1235519C37B3 ] AntiVirMailService 11:54:01.0112 0x1a80 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 11:54:01.0143 0x1a80 blbdrive - ok 11:54:01.0299 0x1a80 [ A52EA1D8C2900055323C93DDB252A3DA, 70C30AACE3948DFD2E4C52818F93F03AF32430B43229F613FEE3C4CD4FA1EFE6 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe 11:54:01.0377 0x1a80 Bluetooth Device Monitor - ok 11:54:01.0486 0x1a80 [ 091210450CA7CED08F360D9D7FEC5D11, 52298A6FE7DCF5EA484E6A1CBE48E2B1106D006E18F2278CB38AAAB10BB905BD ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe 11:54:01.0595 0x1a80 Bluetooth Media Service - ok 11:54:01.0704 0x1a80 [ 392450754E17FF778CBC5B9D20583AD1, 4E2CC0D5D41303202EE7655FB1F779C41808A714486BAFF22A321A5BAF9FD0F6 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe 11:54:01.0814 0x1a80 Bluetooth OBEX Service - ok 11:54:01.0892 0x1a80 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 11:54:01.0954 0x1a80 Bonjour Service - ok 11:54:01.0985 0x1a80 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 11:54:02.0032 0x1a80 bowser - ok 11:54:02.0063 0x1a80 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 11:54:02.0094 0x1a80 BrFiltLo - ok 11:54:02.0126 0x1a80 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 11:54:02.0157 0x1a80 BrFiltUp - ok 11:54:02.0188 0x1a80 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll 11:54:02.0235 0x1a80 Browser - ok 11:54:02.0282 0x1a80 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys 11:54:02.0344 0x1a80 Brserid - ok 11:54:02.0375 0x1a80 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 11:54:02.0406 0x1a80 BrSerWdm - ok 11:54:02.0422 0x1a80 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 11:54:02.0469 0x1a80 BrUsbMdm - ok 11:54:02.0500 0x1a80 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 11:54:02.0531 0x1a80 BrUsbSer - ok 11:54:02.0594 0x1a80 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys 11:54:02.0625 0x1a80 BthEnum - ok 11:54:02.0656 0x1a80 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 11:54:02.0687 0x1a80 BTHMODEM - ok 11:54:02.0734 0x1a80 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 11:54:02.0765 0x1a80 BthPan - ok 11:54:02.0828 0x1a80 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys 11:54:02.0906 0x1a80 BTHPORT - ok 11:54:02.0952 0x1a80 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll 11:54:03.0062 0x1a80 bthserv - ok 11:54:03.0093 0x1a80 [ FA2D081709A764F6BEE16B7FFE03E36C, 2BBDFBD313ABB87B76D4A30EC042B9D72ED4F62CF18B98229A6366B1A7211ECD ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe 11:54:03.0124 0x1a80 BTHSSecurityMgr - ok 11:54:03.0155 0x1a80 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys 11:54:03.0186 0x1a80 BTHUSB - ok 11:54:03.0233 0x1a80 [ 988CC6CC49303665D3B2435C51505C3F, 5217A7A1BAD77EBF4E5D68D191FCFD7CE4FB96ABB91638383A077BE9CE794EE3 ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys 11:54:03.0264 0x1a80 btmaux - ok 11:54:03.0361 0x1a80 [ 2B4B508AFAC2A563931AF1FE875A5B16, F6A5261BD3FB8AE7BF26F32B681A15E56317EF8A9D8AB84B9B6BCA66F5484698 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys 11:54:03.0455 0x1a80 btmhsf - ok 11:54:03.0495 0x1a80 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 11:54:03.0604 0x1a80 cdfs - ok 11:54:03.0651 0x1a80 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 11:54:03.0682 0x1a80 cdrom - ok 11:54:03.0729 0x1a80 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll 11:54:03.0807 0x1448 Object send P2P result: true 11:54:03.0807 0x1448 Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirSchedulerService 11:54:03.0838 0x1a80 CertPropSvc - ok 11:54:03.0885 0x1a80 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys 11:54:03.0916 0x1a80 circlass - ok 11:54:04.0010 0x1a80 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys 11:54:04.0104 0x1a80 CLFS - ok 11:54:04.0166 0x1a80 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 11:54:04.0197 0x1a80 clr_optimization_v2.0.50727_32 - ok 11:54:04.0244 0x1a80 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 11:54:04.0291 0x1a80 clr_optimization_v2.0.50727_64 - ok 11:54:04.0369 0x1a80 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 11:54:04.0462 0x1a80 clr_optimization_v4.0.30319_32 - ok 11:54:04.0494 0x1a80 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 11:54:04.0603 0x1a80 clr_optimization_v4.0.30319_64 - ok 11:54:04.0634 0x1a80 [ E13A438F9E51DD034730678E33B73290, 3BB111DFDAEAB8DA6124600C7F6E080C2950A0BB420803FC12560343E1A9280A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys 11:54:04.0665 0x1a80 clwvd - ok 11:54:04.0712 0x1a80 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys 11:54:04.0743 0x1a80 CmBatt - ok 11:54:04.0774 0x0998 Object required for P2P: [ DFF7C7E8DB2A8F520BF0550AAD17FF99 ] Avira.ServiceHost 11:54:04.0774 0x1a80 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys 11:54:04.0806 0x1a80 cmdide - ok 11:54:04.0884 0x1a80 [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG C:\Windows\system32\Drivers\cng.sys 11:54:05.0008 0x1a80 CNG - ok 11:54:05.0040 0x1a80 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 11:54:05.0071 0x1a80 Compbatt - ok 11:54:05.0118 0x1a80 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 11:54:05.0164 0x1a80 CompositeBus - ok 11:54:05.0180 0x1a80 COMSysApp - ok 11:54:05.0317 0x1a80 [ 236172C3A418B9A0F26B416A72F5A556, 315D8C8A002BE607A7AC011DA17C6CE305C49C6AF458669C3D2B649A06DBCDFB ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe 11:54:05.0424 0x1a80 cphs - ok 11:54:05.0488 0x1a80 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 11:54:05.0534 0x1a80 crcdisk - ok 11:54:05.0597 0x1a80 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll 11:54:05.0642 0x1a80 CryptSvc - ok 11:54:05.0720 0x1a80 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll 11:54:05.0845 0x1a80 DcomLaunch - ok 11:54:05.0892 0x1a80 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll 11:54:06.0017 0x1a80 defragsvc - ok 11:54:06.0048 0x1a80 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys 11:54:06.0157 0x1a80 DfsC - ok 11:54:06.0204 0x1a80 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll 11:54:06.0266 0x1a80 Dhcp - ok 11:54:06.0376 0x1448 Object send P2P result: true 11:54:06.0376 0x1448 Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirService 11:54:06.0407 0x1a80 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll 11:54:06.0578 0x1a80 DiagTrack - ok 11:54:06.0643 0x1a80 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys 11:54:06.0736 0x1a80 discache - ok 11:54:06.0768 0x1a80 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys 11:54:06.0814 0x1a80 Disk - ok 11:54:06.0846 0x1a80 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll 11:54:06.0908 0x1a80 Dnscache - ok 11:54:06.0939 0x1a80 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll 11:54:07.0064 0x1a80 dot3svc - ok 11:54:07.0095 0x1a80 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll 11:54:07.0189 0x1a80 DPS - ok 11:54:07.0220 0x1a80 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 11:54:07.0251 0x1a80 drmkaud - ok 11:54:07.0329 0x1a80 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 11:54:07.0345 0x0998 Object send P2P result: true 11:54:07.0423 0x1a80 DXGKrnl - ok 11:54:07.0454 0x1a80 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll 11:54:07.0532 0x1a80 EapHost - ok 11:54:07.0766 0x1a80 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys 11:54:08.0016 0x1a80 ebdrv - ok 11:54:08.0062 0x1a80 [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] EFS C:\Windows\System32\lsass.exe 11:54:08.0109 0x1a80 EFS - ok 11:54:08.0218 0x1a80 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 11:54:08.0322 0x1a80 ehRecvr - ok 11:54:08.0353 0x1a80 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe 11:54:08.0400 0x1a80 ehSched - ok 11:54:08.0462 0x1a80 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys 11:54:08.0540 0x1a80 elxstor - ok 11:54:08.0650 0x1a80 [ A7E8186E04F38E836C19AC147F8B2ED0, 329639595F02060C215A6334FCE1651FB9B9B5679BA9052A487B57265608D162 ] EPSON_PM_RPCV4_05 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE 11:54:08.0681 0x1a80 EPSON_PM_RPCV4_05 - ok 11:54:08.0712 0x1a80 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys 11:54:08.0743 0x1a80 ErrDev - ok 11:54:08.0837 0x1a80 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll 11:54:08.0946 0x1a80 EventSystem - ok 11:54:08.0993 0x1448 Object send P2P result: true 11:54:08.0993 0x1448 Object required for P2P: [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F ] AntiVirWebService 11:54:09.0118 0x1a80 [ 52AE29A233832E0C704FD7FC534AF9FB, CEF03BC535A2330CA33C0C83B6A048CED1663DEFA02FBB80676AC35FA7B0ED0B ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe 11:54:09.0196 0x1a80 EvtEng - ok 11:54:09.0258 0x1a80 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys 11:54:09.0352 0x1a80 exfat - ok 11:54:09.0398 0x1a80 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys 11:54:09.0508 0x1a80 fastfat - ok 11:54:09.0586 0x1a80 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe 11:54:09.0664 0x1a80 Fax - ok 11:54:09.0695 0x1a80 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys 11:54:09.0726 0x1a80 fdc - ok 11:54:09.0742 0x1a80 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll 11:54:09.0835 0x1a80 fdPHost - ok 11:54:09.0866 0x1a80 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll 11:54:09.0960 0x1a80 FDResPub - ok 11:54:10.0007 0x1a80 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 11:54:10.0038 0x1a80 FileInfo - ok 11:54:10.0069 0x1a80 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 11:54:10.0163 0x1a80 Filetrace - ok 11:54:10.0194 0x1a80 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 11:54:10.0225 0x1a80 flpydisk - ok 11:54:10.0272 0x1a80 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 11:54:10.0334 0x1a80 FltMgr - ok 11:54:10.0459 0x1a80 [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache C:\Windows\system32\FntCache.dll 11:54:10.0584 0x1a80 FontCache - ok 11:54:10.0646 0x1a80 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 11:54:10.0678 0x1a80 FontCache3.0.0.0 - ok 11:54:10.0709 0x1a80 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 11:54:10.0740 0x1a80 FsDepends - ok 11:54:10.0771 0x1a80 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 11:54:10.0802 0x1a80 Fs_Rec - ok 11:54:10.0880 0x1a80 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 11:54:10.0927 0x1a80 fvevol - ok 11:54:10.0974 0x1a80 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 11:54:11.0005 0x1a80 gagp30kx - ok 11:54:11.0052 0x1a80 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 11:54:11.0068 0x1a80 GEARAspiWDM - ok 11:54:11.0146 0x1a80 [ 4E1D0A246E10CFDDBF856432418DE404, 17AC5322A50D0914F90F41E9CBFEBE04CDC3BCA1CFAFE8A3F6CADD305738E1AF ] GFNEXSrv C:\Program Files (x86)\PHotkey\GFNEXSrv.exe 11:54:11.0161 0x1a80 GFNEXSrv - detected UnsignedFile.Multi.Generic ( 1 ) 11:54:11.0598 0x1448 Object send P2P result: true 11:54:13.0704 0x1a80 Detect skipped due to KSN trusted 11:54:13.0704 0x1a80 GFNEXSrv - ok 11:54:13.0798 0x1a80 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll 11:54:13.0969 0x1a80 gpsvc - ok 11:54:14.0047 0x1a80 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 11:54:14.0078 0x1a80 gupdate - ok 11:54:14.0110 0x1a80 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 11:54:14.0141 0x1a80 gupdatem - ok 11:54:14.0219 0x1a80 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 11:54:14.0266 0x1a80 gusvc - ok 11:54:14.0281 0x1a80 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 11:54:14.0312 0x1a80 hcw85cir - ok 11:54:14.0359 0x1a80 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 11:54:14.0437 0x1a80 HdAudAddService - ok 11:54:14.0484 0x1a80 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 11:54:14.0531 0x1a80 HDAudBus - ok 11:54:14.0578 0x1a80 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 11:54:14.0609 0x1a80 HidBatt - ok 11:54:14.0624 0x1a80 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys 11:54:14.0671 0x1a80 HidBth - ok 11:54:14.0718 0x1a80 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys 11:54:14.0765 0x1a80 HidIr - ok 11:54:14.0796 0x1a80 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll 11:54:14.0890 0x1a80 hidserv - ok 11:54:14.0936 0x1a80 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 11:54:14.0983 0x1a80 HidUsb - ok 11:54:15.0014 0x1a80 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll 11:54:15.0124 0x1a80 hkmsvc - ok 11:54:15.0139 0x1a80 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 11:54:15.0202 0x1a80 HomeGroupListener - ok 11:54:15.0248 0x1a80 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 11:54:15.0295 0x1a80 HomeGroupProvider - ok 11:54:15.0326 0x1a80 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 11:54:15.0358 0x1a80 HpSAMD - ok 11:54:15.0436 0x1a80 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys 11:54:15.0545 0x1a80 HTTP - ok 11:54:15.0592 0x1a80 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 11:54:15.0623 0x1a80 hwpolicy - ok 11:54:15.0670 0x1a80 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 11:54:15.0716 0x1a80 i8042prt - ok 11:54:15.0794 0x1a80 [ C224331A54571C8C9162F7714400BBBD, C2CA4881ACD46071E67435BE5E3DB133D0743B026FD20D6D6E26B2FE7A03FCAA ] iaStor C:\Windows\system32\drivers\iaStor.sys 11:54:15.0857 0x1a80 iaStor - ok 11:54:15.0935 0x1a80 [ 7D4B9A48430ED57ACA6373B71D5904CA, 6ED72DAA7A4951142F036364E8F237E74246EF3E9EA089448DEF15380DAB0DB3 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 11:54:15.0950 0x1a80 IAStorDataMgrSvc - ok 11:54:16.0028 0x1a80 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 11:54:16.0091 0x1a80 iaStorV - ok 11:54:16.0122 0x1a80 [ 60CC7AE9AEDB4D1E7923BD053B176D97, 52783EE81DCA8267267ADD862A1BF049765BB154F904196B55C0CA26E30FD393 ] ibtfltcoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys 11:54:16.0153 0x1a80 ibtfltcoex - ok 11:54:16.0278 0x1a80 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 11:54:16.0372 0x1a80 idsvc - ok 11:54:16.0418 0x1a80 IEEtwCollectorService - ok 11:54:17.0368 0x1a80 [ 3FB253E8059A1AAC3A8B83A31D094CC5, 4D4988BF7D81FB6D75CDB65E1E42AC72DA76D3F84712AA1A27428A6490E342D0 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 11:54:19.0089 0x1a80 igfx - ok 11:54:19.0176 0x1a80 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys 11:54:19.0192 0x1a80 iirsp - ok 11:54:19.0285 0x1a80 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll 11:54:19.0363 0x1a80 IKEEXT - ok 11:54:19.0410 0x1a80 [ A387D6DE360C3B2284B23000B212910A, 1DEAFDB1C9A467E437714E753292313F58526B6D719C2B21BD23C6F2F0389251 ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys 11:54:19.0441 0x1a80 intaud_WaveExtensible - ok 11:54:19.0818 0x1a80 [ 059DDDEDBE5701DC3B779D32798108AC, 4735C52D5F7A7AC07985835C17955C96418BB3C3316264CF6A44F6150E10755B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 11:54:20.0114 0x1a80 IntcAzAudAddService - ok 11:54:20.0255 0x1a80 [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys 11:54:20.0317 0x1a80 IntcDAud - ok 11:54:20.0395 0x1a80 [ 832CE330DD987227B7DEA8C03F22AEFA, 3DE64D9519D9D865D4C1AA7483D846F0154392B6685BDC451DEC7DA5EA0E2B2E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe 11:54:20.0489 0x1a80 Intel(R) Capability Licensing Service Interface - ok 11:54:20.0504 0x1a80 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys 11:54:20.0536 0x1a80 intelide - ok 11:54:20.0568 0x1a80 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 11:54:20.0614 0x1a80 intelppm - ok 11:54:20.0646 0x1a80 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll 11:54:20.0755 0x1a80 IPBusEnum - ok 11:54:20.0786 0x1a80 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 11:54:20.0880 0x1a80 IpFilterDriver - ok 11:54:20.0958 0x1a80 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 11:54:21.0037 0x1a80 iphlpsvc - ok 11:54:21.0083 0x1a80 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 11:54:21.0115 0x1a80 IPMIDRV - ok 11:54:21.0146 0x1a80 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys 11:54:21.0255 0x1a80 IPNAT - ok 11:54:21.0364 0x1a80 [ B066C46E4B638B849245E35A5703AF80, 738A2A76A68721DCA5004DFF381EF2F032A7E309454294E4ABDFF5141BAC9337 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 11:54:21.0458 0x1a80 iPod Service - ok 11:54:21.0473 0x1a80 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys 11:54:21.0520 0x1a80 IRENUM - ok 11:54:21.0551 0x1a80 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys 11:54:21.0583 0x1a80 isapnp - ok 11:54:21.0629 0x1a80 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 11:54:21.0676 0x1a80 iScsiPrt - ok 11:54:21.0723 0x1a80 [ 846354992EBB373F452EB9182D501B08, 453459133DCA875E93CAAE9852E652F3794F8C31CE53526C47A181FDBABE6849 ] iusb3hcs C:\Windows\system32\drivers\iusb3hcs.sys 11:54:21.0754 0x1a80 iusb3hcs - ok 11:54:21.0801 0x1a80 [ 1D88A23853387D34D52CC8F9DDBFC56C, D00083B61E93E7E1D247EAB332787912FCF7605AF7043F071238C50E4A15016B ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys 11:54:21.0848 0x1a80 iusb3hub - ok 11:54:21.0926 0x1a80 [ FC5EFD7C797DF19DFB999F0605A7924E, C56CE3840F3B11D81BED38E5F59ABCA190DFB7127F06263193870312A83379AF ] iusb3xhc C:\Windows\system32\drivers\iusb3xhc.sys 11:54:22.0004 0x1a80 iusb3xhc - ok 11:54:22.0019 0x1a80 [ 716F66336F10885D935B08174DC54242, 1992708956A2A45A8870CFCB532F3ABF24B1143B75EF32AB1F59D5D86E65F493 ] iwdbus C:\Windows\system32\drivers\iwdbus.sys 11:54:22.0051 0x1a80 iwdbus - ok 11:54:22.0097 0x1a80 [ 13E838EA8652F8451F29301D3B56B17B, 2FE65DDBB0ACFD34227001616D0B66B8748132DB7C0FA9342D3AB404B92732CC ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe 11:54:22.0129 0x1a80 jhi_service - ok 11:54:22.0175 0x1a80 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 11:54:22.0222 0x1a80 kbdclass - ok 11:54:22.0269 0x1a80 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 11:54:22.0300 0x1a80 kbdhid - ok 11:54:22.0316 0x1a80 [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] KeyIso C:\Windows\system32\lsass.exe 11:54:22.0363 0x1a80 KeyIso - ok 11:54:22.0394 0x1a80 [ 0F776895884B8DC430A307D57FD867BB, F9E8C8A04D757CEAD86938BEEFFAD9750589037E16FB1A2B0A90E4484E1A6B65 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 11:54:22.0441 0x1a80 KSecDD - ok 11:54:22.0472 0x1a80 [ 28E75F316CCCD79337E4957C53017D4B, 3BABDA50B4CE72F7F9A0FD7A33DDB19463A01F188D46354E0B411FC0389C01BE ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 11:54:22.0503 0x1a80 KSecPkg - ok 11:54:22.0534 0x1a80 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 11:54:22.0643 0x1a80 ksthunk - ok 11:54:22.0706 0x1a80 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll 11:54:22.0831 0x1a80 KtmRm - ok 11:54:22.0893 0x1a80 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll 11:54:23.0018 0x1a80 LanmanServer - ok 11:54:23.0033 0x1a80 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 11:54:23.0143 0x1a80 LanmanWorkstation - ok 11:54:23.0205 0x1a80 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 11:54:23.0299 0x1a80 lltdio - ok 11:54:23.0345 0x1a80 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll 11:54:23.0470 0x1a80 lltdsvc - ok 11:54:23.0501 0x1a80 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll 11:54:23.0611 0x1a80 lmhosts - ok 11:54:23.0673 0x1a80 [ BD9457699AC9C1A0FE43398043617279, 7955D2F5B9CB4FAD53F8D2CCC163FD575714175623F03DA1C3C2495CE3C0F342 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 11:54:23.0704 0x1a80 LMS - ok 11:54:23.0767 0x1a80 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 11:54:23.0813 0x1a80 LSI_FC - ok 11:54:23.0845 0x1a80 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 11:54:23.0876 0x1a80 LSI_SAS - ok 11:54:23.0907 0x1a80 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 11:54:23.0938 0x1a80 LSI_SAS2 - ok 11:54:23.0985 0x1a80 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 11:54:24.0016 0x1a80 LSI_SCSI - ok 11:54:24.0079 0x1a80 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys 11:54:24.0188 0x1a80 luafv - ok 11:54:24.0235 0x1a80 MBAMSwissArmy - ok 11:54:24.0281 0x1a80 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 11:54:24.0344 0x1a80 Mcx2Svc - ok 11:54:24.0375 0x1a80 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys 11:54:24.0406 0x1a80 megasas - ok 11:54:24.0469 0x1a80 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 11:54:24.0515 0x1a80 MegaSR - ok 11:54:24.0578 0x1a80 [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys 11:54:24.0593 0x1a80 MEIx64 - ok 11:54:24.0656 0x1a80 [ 8A43D23ACE2E8C95A2D87B6E9599DEDA, 18683A7CE5AF0A9C5D7E33EB99588AE55FC61103A8894F3F45E2101355966A71 ] MemeoBackgroundService C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe 11:54:24.0671 0x1a80 MemeoBackgroundService - ok 11:54:24.0718 0x1a80 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll 11:54:24.0812 0x1a80 MMCSS - ok 11:54:24.0859 0x1a80 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys 11:54:24.0952 0x1a80 Modem - ok 11:54:24.0983 0x1a80 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 11:54:25.0015 0x1a80 monitor - ok 11:54:25.0061 0x1a80 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 11:54:25.0093 0x1a80 mouclass - ok 11:54:25.0139 0x1a80 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 11:54:25.0171 0x1a80 mouhid - ok 11:54:25.0202 0x1a80 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 11:54:25.0233 0x1a80 mountmgr - ok 11:54:25.0327 0x1a80 [ 4DA42FB0A8294C9FBD52B0EF2EA9EE07, 4C327BC4DCE86CE5DFDD57F2CF09DD9EF52E3E1D0D74BB5825808975FFA7B0FD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 11:54:25.0358 0x1a80 MozillaMaintenance - ok 11:54:25.0389 0x1a80 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys 11:54:25.0436 0x1a80 mpio - ok 11:54:25.0483 0x1a80 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 11:54:25.0576 0x1a80 mpsdrv - ok 11:54:25.0654 0x1a80 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll 11:54:25.0810 0x1a80 MpsSvc - ok 11:54:25.0841 0x1a80 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 11:54:25.0888 0x1a80 MRxDAV - ok 11:54:25.0935 0x1a80 [ 32B85C4923D895B2FB35821A799BA38D, 7A7E5D08F745DB9B498B4BE946325FF7DAA7FA27589D9423FCA4558D20780026 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 11:54:25.0982 0x1a80 mrxsmb - ok 11:54:26.0013 0x1a80 [ A572BEF41F3C55D7DAF24D2340C91FEC, 1E51EEFEABCDCB664CD39437C2275B160860FB433EAA8DC905D5BC742FD03529 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 11:54:26.0075 0x1a80 mrxsmb10 - ok 11:54:26.0091 0x1a80 [ C49F1C4CA74FC52AFB2E892D8E50EA39, 9E7A2453627A82AFF4CE3F285AFF105C3F92F423C07E5C43E76BEC523841B8F7 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 11:54:26.0138 0x1a80 mrxsmb20 - ok 11:54:26.0169 0x1a80 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys 11:54:26.0200 0x1a80 msahci - ok 11:54:26.0247 0x1a80 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys 11:54:26.0278 0x1a80 msdsm - ok 11:54:26.0325 0x1a80 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe 11:54:26.0372 0x1a80 MSDTC - ok 11:54:26.0419 0x1a80 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys 11:54:26.0528 0x1a80 Msfs - ok 11:54:26.0559 0x1a80 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 11:54:26.0653 0x1a80 mshidkmdf - ok 11:54:26.0684 0x1a80 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 11:54:26.0715 0x1a80 msisadrv - ok 11:54:26.0746 0x1a80 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 11:54:26.0855 0x1a80 MSiSCSI - ok 11:54:26.0855 0x1a80 msiserver - ok 11:54:26.0887 0x1a80 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 11:54:26.0980 0x1a80 MSKSSRV - ok 11:54:26.0996 0x1a80 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 11:54:27.0105 0x1a80 MSPCLOCK - ok 11:54:27.0121 0x1a80 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 11:54:27.0214 0x1a80 MSPQM - ok 11:54:27.0245 0x1a80 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 11:54:27.0292 0x1a80 MsRPC - ok 11:54:27.0323 0x1a80 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 11:54:27.0355 0x1a80 mssmbios - ok 11:54:27.0370 0x1a80 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 11:54:27.0448 0x1a80 MSTEE - ok 11:54:27.0464 0x1a80 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 11:54:27.0495 0x1a80 MTConfig - ok 11:54:27.0511 0x1a80 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys 11:54:27.0526 0x1a80 Mup - ok 11:54:27.0591 0x1a80 [ 4D02A9A4AAE43280D8631F232AAD79BC, 2122C1901F16FDCAE35C434FF44D86800F63DBB902165EEB471404D93601D5E5 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe 11:54:27.0622 0x1a80 MyWiFiDHCPDNS - ok 11:54:27.0669 0x1a80 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll 11:54:27.0792 0x1a80 napagent - ok 11:54:27.0870 0x1a80 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 11:54:27.0932 0x1a80 NativeWifiP - ok 11:54:28.0041 0x1a80 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys 11:54:28.0151 0x1a80 NDIS - ok 11:54:28.0182 0x1a80 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 11:54:28.0275 0x1a80 NdisCap - ok 11:54:28.0307 0x1a80 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 11:54:28.0400 0x1a80 NdisTapi - ok 11:54:28.0431 0x1a80 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 11:54:28.0525 0x1a80 Ndisuio - ok 11:54:28.0556 0x1a80 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 11:54:28.0650 0x1a80 NdisWan - ok 11:54:28.0681 0x1a80 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 11:54:28.0775 0x1a80 NDProxy - ok 11:54:28.0790 0x1a80 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 11:54:28.0884 0x1a80 NetBIOS - ok 11:54:28.0915 0x1a80 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 11:54:29.0024 0x1a80 NetBT - ok 11:54:29.0040 0x1a80 [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] Netlogon C:\Windows\system32\lsass.exe 11:54:29.0071 0x1a80 Netlogon - ok 11:54:29.0118 0x1a80 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll 11:54:29.0258 0x1a80 Netman - ok 11:54:29.0352 0x1a80 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 11:54:29.0414 0x1a80 NetMsmqActivator - ok 11:54:29.0430 0x1a80 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 11:54:29.0477 0x1a80 NetPipeActivator - ok 11:54:29.0508 0x1a80 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll 11:54:29.0664 0x1a80 netprofm - ok 11:54:29.0695 0x1a80 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 11:54:29.0742 0x1a80 NetTcpActivator - ok 11:54:29.0757 0x1a80 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 11:54:29.0789 0x1a80 NetTcpPortSharing - ok 11:54:30.0584 0x1a80 [ 262225F08B891FD7F16B3B93A3177C1F, 40F82431C26617B40573BBB6715D13294B10CBE6B357E26D5406FA7321F4554F ] NETwNs64 C:\Windows\system32\DRIVERS\Netwsw00.sys 11:54:31.0255 0x1a80 NETwNs64 - ok 11:54:31.0317 0x1a80 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 11:54:31.0349 0x1a80 nfrd960 - ok 11:54:31.0395 0x1a80 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll 11:54:31.0442 0x1a80 NlaSvc - ok 11:54:31.0473 0x1a80 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys 11:54:31.0551 0x1a80 Npfs - ok 11:54:31.0567 0x1a80 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll 11:54:31.0676 0x1a80 nsi - ok 11:54:31.0676 0x1a80 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 11:54:31.0770 0x1a80 nsiproxy - ok 11:54:31.0926 0x1a80 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 11:54:32.0113 0x1a80 Ntfs - ok 11:54:32.0129 0x1a80 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys 11:54:32.0222 0x1a80 Null - ok 11:54:32.0300 0x1a80 [ A85B4F2EF3A7304A5399EF0526423040, E45854691BA6AE36E53C2922CC93FF13DC2D84CBE7FE13A2F0B1CE1C16D1D158 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys 11:54:32.0394 0x1a80 NVENETFD - ok 11:54:33.0205 0x1a80 [ DD81FBC57AB9134CDDC5CE90880BFD80, 16DF4D9645238D1014FA9189FF171DCF7B7C7573F759B5AC73025518139D86B1 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 11:54:33.0891 0x1a80 nvlddmkm - ok 11:54:33.0954 0x1a80 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys 11:54:33.0985 0x1a80 nvraid - ok 11:54:34.0016 0x1a80 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys 11:54:34.0047 0x1a80 nvstor - ok 11:54:34.0094 0x1a80 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 11:54:34.0125 0x1a80 nv_agp - ok 11:54:34.0172 0x1a80 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 11:54:34.0203 0x1a80 ohci1394 - ok 11:54:34.0266 0x1a80 [ 4965B005492CBA7719E82B71E3245495, 52AD72C05FACC1E0E416A1FA25F34FDD3CB274FAB973BEAAE911A2FACA42B650 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 11:54:34.0297 0x1a80 ose64 - ok 11:54:34.0718 0x1a80 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 11:54:35.0155 0x1a80 osppsvc - ok 11:54:35.0311 0x1a80 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 11:54:35.0373 0x1a80 p2pimsvc - ok 11:54:35.0436 0x1a80 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll 11:54:35.0546 0x1a80 p2psvc - ok 11:54:35.0580 0x1a80 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys 11:54:35.0627 0x1a80 Parport - ok 11:54:35.0658 0x1a80 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys 11:54:35.0708 0x1a80 partmgr - ok 11:54:35.0743 0x1a80 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll 11:54:35.0808 0x1a80 PcaSvc - ok 11:54:35.0839 0x1a80 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys 11:54:35.0885 0x1a80 pci - ok 11:54:35.0919 0x1a80 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys 11:54:35.0949 0x1a80 pciide - ok 11:54:35.0977 0x1a80 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 11:54:36.0023 0x1a80 pcmcia - ok 11:54:36.0070 0x1a80 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys 11:54:36.0101 0x1a80 pcw - ok 11:54:36.0164 0x1a80 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys 11:54:36.0259 0x1a80 PEAUTH - ok 11:54:36.0313 0x1a80 [ EE926C59CBD4DC4DC9FBB85014A2F1A5, 777459BD30A480E03EA5D0BBA431C2CD573403687FAA0B29F172086A0304E230 ] PEGAGFN C:\Program Files (x86)\PHotkey\PEGAGFN.sys 11:54:36.0351 0x1a80 PEGAGFN - ok 11:54:36.0456 0x1a80 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe 11:54:36.0515 0x1a80 PerfHost - ok 11:54:36.0666 0x1a80 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll 11:54:36.0885 0x1a80 pla - ok 11:54:36.0949 0x1a80 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 11:54:37.0027 0x1a80 PlugPlay - ok 11:54:37.0043 0x1a80 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 11:54:37.0089 0x1a80 PNRPAutoReg - ok 11:54:37.0136 0x1a80 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 11:54:37.0199 0x1a80 PNRPsvc - ok 11:54:37.0329 0x1a80 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 11:54:37.0478 0x1a80 PolicyAgent - ok 11:54:37.0525 0x1a80 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll 11:54:37.0618 0x1a80 Power - ok 11:54:37.0681 0x1a80 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 11:54:37.0774 0x1a80 PptpMiniport - ok 11:54:37.0805 0x1a80 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys 11:54:37.0837 0x1a80 Processor - ok 11:54:37.0883 0x1a80 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll 11:54:37.0930 0x1a80 ProfSvc - ok 11:54:37.0946 0x1a80 [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] ProtectedStorage C:\Windows\system32\lsass.exe 11:54:37.0977 0x1a80 ProtectedStorage - ok 11:54:38.0008 0x1a80 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 11:54:38.0102 0x1a80 Psched - ok 11:54:38.0273 0x1a80 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 11:54:38.0432 0x1a80 ql2300 - ok 11:54:38.0479 0x1a80 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 11:54:38.0510 0x1a80 ql40xx - ok 11:54:38.0557 0x1a80 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll 11:54:38.0635 0x1a80 QWAVE - ok 11:54:38.0666 0x1a80 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 11:54:38.0713 0x1a80 QWAVEdrv - ok 11:54:38.0729 0x1a80 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 11:54:38.0822 0x1a80 RasAcd - ok 11:54:38.0869 0x1a80 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 11:54:38.0963 0x1a80 RasAgileVpn - ok 11:54:38.0994 0x1a80 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll 11:54:39.0088 0x1a80 RasAuto - ok 11:54:39.0119 0x1a80 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 11:54:39.0212 0x1a80 Rasl2tp - ok 11:54:39.0275 0x1a80 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll 11:54:39.0400 0x1a80 RasMan - ok 11:54:39.0431 0x1a80 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 11:54:39.0540 0x1a80 RasPppoe - ok 11:54:39.0571 0x1a80 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 11:54:39.0665 0x1a80 RasSstp - ok 11:54:39.0696 0x1a80 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 11:54:39.0821 0x1a80 rdbss - ok 11:54:39.0852 0x1a80 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 11:54:39.0899 0x1a80 rdpbus - ok 11:54:39.0914 0x1a80 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 11:54:40.0008 0x1a80 RDPCDD - ok 11:54:40.0024 0x1a80 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 11:54:40.0117 0x1a80 RDPENCDD - ok 11:54:40.0133 0x1a80 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 11:54:40.0226 0x1a80 RDPREFMP - ok 11:54:40.0273 0x1a80 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 11:54:40.0336 0x1a80 RDPWD - ok 11:54:40.0398 0x1a80 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 11:54:40.0445 0x1a80 rdyboost - ok 11:54:40.0507 0x1a80 [ C480D028012881E0136962A49379688D, 538BC0C4A614E90BE1E0351B1D8192ACCB5C550222F51A24F236CB96AEF285D1 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 11:54:40.0554 0x1a80 RegSrvc - ok 11:54:40.0585 0x1a80 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll 11:54:40.0694 0x1a80 RemoteAccess - ok 11:54:40.0726 0x1a80 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll 11:54:40.0835 0x1a80 RemoteRegistry - ok 11:54:40.0913 0x1a80 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 11:54:40.0960 0x1a80 RFCOMM - ok 11:54:40.0991 0x1a80 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 11:54:41.0084 0x1a80 RpcEptMapper - ok 11:54:41.0116 0x1a80 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe 11:54:41.0147 0x1a80 RpcLocator - ok 11:54:41.0209 0x1a80 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll 11:54:41.0334 0x1a80 RpcSs - ok 11:54:41.0381 0x1a80 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 11:54:41.0474 0x1a80 rspndr - ok 11:54:41.0537 0x1a80 [ 135A64530D7699AD48F29D73A658DD11, 35838AE8ACFD9047C68DD0C8910557A82998E5CD778D5B98D4767AFA4BCE85BB ] RSUSBSTOR C:\Windows\System32\Drivers\RtsUStor.sys 11:54:41.0584 0x1a80 RSUSBSTOR - ok 11:54:41.0662 0x1a80 [ 9140DB0911DE035FED0A9A77A2D156EA, 07C9D7E2978062ABD84B58B390360D4C0F72C6A5A2310444579DC095943BD008 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 11:54:41.0708 0x1a80 RTL8167 - ok 11:54:41.0833 0x1a80 [ B3F36B4B3F192EA87DDC119F3A0B3E45, DE80502994ED9977AD64483385A0BC0C6060EA9E9C08645E72FBBCFE8B2358C7 ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys 11:54:41.0896 0x1a80 RTL8192su - ok 11:54:41.0911 0x1a80 [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] SamSs C:\Windows\system32\lsass.exe 11:54:41.0942 0x1a80 SamSs - ok 11:54:41.0974 0x1a80 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 11:54:42.0020 0x1a80 sbp2port - ok 11:54:42.0052 0x1a80 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll 11:54:42.0161 0x1a80 SCardSvr - ok 11:54:42.0192 0x1a80 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 11:54:42.0286 0x1a80 scfilter - ok 11:54:42.0426 0x1a80 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll 11:54:42.0566 0x1a80 Schedule - ok 11:54:42.0613 0x1a80 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll 11:54:42.0707 0x1a80 SCPolicySvc - ok 11:54:42.0738 0x1a80 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll 11:54:42.0785 0x1a80 SDRSVC - ok 11:54:42.0832 0x1a80 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 11:54:42.0910 0x1a80 secdrv - ok 11:54:42.0925 0x1a80 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll 11:54:43.0019 0x1a80 seclogon - ok 11:54:43.0050 0x1a80 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll 11:54:43.0144 0x1a80 SENS - ok 11:54:43.0175 0x1a80 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll 11:54:43.0206 0x1a80 SensrSvc - ok 11:54:43.0237 0x1a80 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys 11:54:43.0284 0x1a80 Serenum - ok 11:54:43.0300 0x1a80 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys 11:54:43.0346 0x1a80 Serial - ok 11:54:43.0409 0x1a80 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys 11:54:43.0440 0x1a80 sermouse - ok 11:54:43.0471 0x1a80 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll 11:54:43.0580 0x1a80 SessionEnv - ok 11:54:43.0596 0x1a80 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 11:54:43.0627 0x1a80 sffdisk - ok 11:54:43.0658 0x1a80 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 11:54:43.0690 0x1a80 sffp_mmc - ok 11:54:43.0721 0x1a80 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 11:54:43.0752 0x1a80 sffp_sd - ok 11:54:43.0783 0x1a80 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 11:54:43.0814 0x1a80 sfloppy - ok 11:54:43.0877 0x1a80 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll 11:54:44.0002 0x1a80 SharedAccess - ok 11:54:44.0064 0x1a80 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 11:54:44.0173 0x1a80 ShellHWDetection - ok 11:54:44.0204 0x1a80 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 11:54:44.0236 0x1a80 SiSRaid2 - ok 11:54:44.0267 0x1a80 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 11:54:44.0298 0x1a80 SiSRaid4 - ok 11:54:44.0329 0x1a80 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys 11:54:44.0423 0x1a80 Smb - ok 11:54:44.0470 0x1a80 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 11:54:44.0516 0x1a80 SNMPTRAP - ok 11:54:44.0532 0x1a80 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys 11:54:44.0563 0x1a80 spldr - ok 11:54:44.0626 0x1a80 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe 11:54:44.0719 0x1a80 Spooler - ok 11:54:44.0984 0x1a80 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe 11:54:45.0374 0x1a80 sppsvc - ok 11:54:45.0530 0x1a80 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll 11:54:45.0640 0x1a80 sppuinotify - ok 11:54:45.0702 0x1a80 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys 11:54:45.0764 0x1a80 srv - ok 11:54:45.0827 0x1a80 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 11:54:45.0889 0x1a80 srv2 - ok 11:54:45.0936 0x1a80 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 11:54:45.0967 0x1a80 srvnet - ok 11:54:46.0030 0x1a80 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 11:54:46.0139 0x1a80 SSDPSRV - ok 11:54:46.0154 0x1a80 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll 11:54:46.0264 0x1a80 SstpSvc - ok 11:54:46.0295 0x1a80 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys 11:54:46.0310 0x1a80 stexstor - ok 11:54:46.0388 0x1a80 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll 11:54:46.0498 0x1a80 stisvc - ok 11:54:46.0513 0x1a80 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys 11:54:46.0544 0x1a80 swenum - ok 11:54:46.0591 0x1a80 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll 11:54:46.0747 0x1a80 swprv - ok 11:54:46.0825 0x1a80 [ BD4F51AEF67AB7D57698BC4AAD983D1F, 1953BE906222CD9761CC46F471903E92682D7AC68FD0BC14EDB7F59D4C0C7290 ] SynTP C:\Windows\system32\drivers\SynTP.sys 11:54:46.0888 0x1a80 SynTP - ok 11:54:47.0044 0x1a80 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll 11:54:47.0231 0x1a80 SysMain - ok 11:54:47.0278 0x1a80 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll 11:54:47.0324 0x1a80 TabletInputService - ok 11:54:47.0371 0x1a80 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll 11:54:47.0527 0x1a80 TapiSrv - ok 11:54:47.0558 0x1a80 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll 11:54:47.0652 0x1a80 TBS - ok 11:54:47.0824 0x1a80 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 11:54:48.0011 0x1a80 Tcpip - ok 11:54:48.0167 0x1a80 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 11:54:48.0323 0x1a80 TCPIP6 - ok 11:54:48.0370 0x1a80 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 11:54:48.0385 0x1a80 tcpipreg - ok 11:54:48.0416 0x1a80 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 11:54:48.0448 0x1a80 TDPIPE - ok 11:54:48.0479 0x1a80 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 11:54:48.0510 0x1a80 TDTCP - ok 11:54:48.0557 0x1a80 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 11:54:48.0604 0x1a80 tdx - ok 11:54:48.0619 0x1a80 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys 11:54:48.0650 0x1a80 TermDD - ok 11:54:48.0728 0x1a80 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll 11:54:48.0806 0x1a80 TermService - ok 11:54:48.0838 0x1a80 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll 11:54:48.0884 0x1a80 Themes - ok 11:54:48.0947 0x1a80 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll 11:54:49.0103 0x1a80 THREADORDER - ok 11:54:49.0134 0x1a80 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll 11:54:49.0243 0x1a80 TrkWks - ok 11:54:49.0321 0x1a80 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 11:54:49.0430 0x1a80 TrustedInstaller - ok 11:54:49.0462 0x1a80 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 11:54:49.0493 0x1a80 tssecsrv - ok 11:54:49.0524 0x1a80 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 11:54:49.0571 0x1a80 TsUsbFlt - ok 11:54:49.0618 0x1a80 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 11:54:49.0649 0x1a80 TsUsbGD - ok 11:54:49.0696 0x1a80 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 11:54:49.0789 0x1a80 tunnel - ok 11:54:49.0820 0x1a80 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 11:54:49.0852 0x1a80 uagp35 - ok 11:54:49.0898 0x1a80 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 11:54:50.0008 0x1a80 udfs - ok 11:54:50.0039 0x1a80 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe 11:54:50.0086 0x1a80 UI0Detect - ok 11:54:50.0117 0x1a80 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 11:54:50.0148 0x1a80 uliagpkx - ok 11:54:50.0195 0x1a80 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys 11:54:50.0226 0x1a80 umbus - ok 11:54:50.0242 0x1a80 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys 11:54:50.0273 0x1a80 UmPass - ok 11:54:50.0366 0x1a80 [ F76057596EF65049869098677AB72C30, 4EE9353243CB64D0A3AFE060924D93225FB2EB085212F3AEC7A862FFF449C82A ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 11:54:50.0429 0x1a80 UNS - ok 11:54:50.0476 0x1a80 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll 11:54:50.0616 0x1a80 upnphost - ok 11:54:50.0647 0x1a80 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 11:54:50.0678 0x1a80 usbccgp - ok 11:54:50.0725 0x1a80 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys 11:54:50.0772 0x1a80 usbcir - ok 11:54:50.0803 0x1a80 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys 11:54:50.0834 0x1a80 usbehci - ok 11:54:50.0897 0x1a80 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 11:54:50.0944 0x1a80 usbhub - ok 11:54:50.0975 0x1a80 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys 11:54:51.0006 0x1a80 usbohci - ok 11:54:51.0037 0x1a80 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 11:54:51.0084 0x1a80 usbprint - ok 11:54:51.0115 0x1a80 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 11:54:51.0146 0x1a80 USBSTOR - ok 11:54:51.0162 0x1a80 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 11:54:51.0193 0x1a80 usbuhci - ok 11:54:51.0256 0x1a80 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys 11:54:51.0302 0x1a80 usbvideo - ok 11:54:51.0334 0x1a80 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll 11:54:51.0427 0x1a80 UxSms - ok 11:54:51.0458 0x1a80 [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] VaultSvc C:\Windows\system32\lsass.exe 11:54:51.0490 0x1a80 VaultSvc - ok 11:54:51.0521 0x1a80 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 11:54:51.0552 0x1a80 vdrvroot - ok 11:54:51.0614 0x1a80 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe 11:54:51.0770 0x1a80 vds - ok 11:54:51.0817 0x1a80 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 11:54:51.0848 0x1a80 vga - ok 11:54:51.0880 0x1a80 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys 11:54:51.0973 0x1a80 VgaSave - ok 11:54:52.0036 0x1a80 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 11:54:52.0067 0x1a80 vhdmp - ok 11:54:52.0129 0x1a80 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys 11:54:52.0160 0x1a80 viaide - ok 11:54:52.0192 0x1a80 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys 11:54:52.0223 0x1a80 volmgr - ok 11:54:52.0285 0x1a80 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 11:54:52.0348 0x1a80 volmgrx - ok 11:54:52.0394 0x1a80 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys 11:54:52.0441 0x1a80 volsnap - ok 11:54:52.0504 0x1a80 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 11:54:52.0535 0x1a80 vsmraid - ok 11:54:52.0691 0x1a80 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe 11:54:52.0909 0x1a80 VSS - ok 11:54:52.0940 0x1a80 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 11:54:52.0987 0x1a80 vwifibus - ok 11:54:53.0003 0x1a80 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 11:54:53.0065 0x1a80 vwififlt - ok 11:54:53.0081 0x1a80 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 11:54:53.0112 0x1a80 vwifimp - ok 11:54:53.0190 0x1a80 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll 11:54:53.0330 0x1a80 W32Time - ok 11:54:53.0346 0x1a80 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 11:54:53.0377 0x1a80 WacomPen - ok 11:54:53.0440 0x1a80 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 11:54:53.0533 0x1a80 WANARP - ok 11:54:53.0549 0x1a80 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 11:54:53.0642 0x1a80 Wanarpv6 - ok 11:54:53.0767 0x1a80 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe 11:54:53.0939 0x1a80 wbengine - ok 11:54:53.0986 0x1a80 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 11:54:54.0048 0x1a80 WbioSrvc - ok 11:54:54.0111 0x1a80 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll 11:54:54.0189 0x1a80 wcncsvc - ok 11:54:54.0221 0x1a80 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 11:54:54.0252 0x1a80 WcsPlugInService - ok 11:54:54.0299 0x1a80 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys 11:54:54.0314 0x1a80 Wd - ok 11:54:54.0392 0x1a80 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 11:54:54.0470 0x1a80 Wdf01000 - ok 11:54:54.0517 0x1a80 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll 11:54:54.0564 0x1a80 WdiServiceHost - ok 11:54:54.0579 0x1a80 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll 11:54:54.0611 0x1a80 WdiSystemHost - ok 11:54:54.0673 0x1a80 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll 11:54:54.0751 0x1a80 WebClient - ok 11:54:54.0782 0x1a80 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll 11:54:54.0907 0x1a80 Wecsvc - ok 11:54:54.0923 0x1a80 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll 11:54:55.0032 0x1a80 wercplsupport - ok 11:54:55.0063 0x1a80 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll 11:54:55.0158 0x1a80 WerSvc - ok 11:54:55.0204 0x1a80 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 11:54:55.0298 0x1a80 WfpLwf - ok 11:54:55.0314 0x1a80 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 11:54:55.0345 0x1a80 WIMMount - ok 11:54:55.0376 0x1a80 WinDefend - ok 11:54:55.0407 0x1a80 WinHttpAutoProxySvc - ok 11:54:55.0485 0x1a80 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 11:54:55.0594 0x1a80 Winmgmt - ok 11:54:55.0782 0x1a80 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll 11:54:56.0016 0x1a80 WinRM - ok 11:54:56.0094 0x1a80 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\drivers\WinUsb.sys 11:54:56.0141 0x1a80 WinUsb - ok 11:54:56.0219 0x1a80 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll 11:54:56.0360 0x1a80 Wlansvc - ok 11:54:56.0578 0x1a80 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 11:54:56.0765 0x1a80 wlidsvc - ok 11:54:56.0797 0x1a80 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 11:54:56.0843 0x1a80 WmiAcpi - ok 11:54:56.0875 0x1a80 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 11:54:56.0921 0x1a80 wmiApSrv - ok 11:54:56.0953 0x1a80 WMPNetworkSvc - ok 11:54:56.0984 0x1a80 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll 11:54:57.0031 0x1a80 WPCSvc - ok 11:54:57.0062 0x1a80 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 11:54:57.0109 0x1a80 WPDBusEnum - ok 11:54:57.0141 0x1a80 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 11:54:57.0234 0x1a80 ws2ifsl - ok 11:54:57.0250 0x1a80 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll 11:54:57.0312 0x1a80 wscsvc - ok 11:54:57.0344 0x1a80 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys 11:54:57.0375 0x1a80 WSDPrintDevice - ok 11:54:57.0406 0x1a80 [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys 11:54:57.0453 0x1a80 WSDScan - ok 11:54:57.0468 0x1a80 WSearch - ok 11:54:57.0515 0x1a80 [ 82E8F5AA03DF7DBDB8A33F700D5D8CDA, 7EEB1B8F1430AFB06A18DC6107DBDD57EBBF473FF96F3578481EB89724823393 ] wsvd C:\Windows\system32\DRIVERS\wsvd.sys 11:54:57.0546 0x1a80 wsvd - ok 11:54:57.0765 0x1a80 [ 6075791ED85E47A2A2916B1F34582944, 25B5FAD161711875B38BDD014A26FA527C8EE4854D485989D19A72D5EBBA4054 ] wuauserv C:\Windows\system32\wuaueng.dll 11:54:58.0048 0x1a80 wuauserv - ok 11:54:58.0079 0x1a80 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 11:54:58.0141 0x1a80 WudfPf - ok 11:54:58.0188 0x1a80 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 11:54:58.0235 0x1a80 WUDFRd - ok 11:54:58.0266 0x1a80 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 11:54:58.0297 0x1a80 wudfsvc - ok 11:54:58.0344 0x1a80 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll 11:54:58.0406 0x1a80 WwanSvc - ok 11:54:58.0687 0x1a80 [ 118C018DF1C53B94F8C06D2CABBBDA52, 7C5844AF7B02DBC5A10ECFA2A09F1CE5121B93A276AF7C1BBE496253C6B0EEAB ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe 11:54:58.0890 0x1a80 ZeroConfigService - ok 11:54:58.0952 0x1a80 ================ Scan global =============================== 11:54:58.0984 0x1a80 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll 11:54:59.0015 0x1a80 [ CE14A4BBF890A7D4C898CF886D145EC9, AD4BE7CBB0C624EC00E8496AF33AC5AB8C5689C75C66C4C99F2FB7149E912D18 ] C:\Windows\system32\winsrv.dll 11:54:59.0062 0x1a80 [ CE14A4BBF890A7D4C898CF886D145EC9, AD4BE7CBB0C624EC00E8496AF33AC5AB8C5689C75C66C4C99F2FB7149E912D18 ] C:\Windows\system32\winsrv.dll 11:54:59.0093 0x1a80 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll 11:54:59.0140 0x1a80 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe 11:54:59.0171 0x1a80 [ Global ] - ok 11:54:59.0171 0x1a80 ================ Scan MBR ================================== 11:54:59.0186 0x1a80 [ 9FE16FF95180A12A49CD2E9879C991E6 ] \Device\Harddisk0\DR0 11:55:03.0773 0x1a80 \Device\Harddisk0\DR0 - ok 11:55:03.0773 0x1a80 ================ Scan VBR ================================== 11:55:03.0773 0x1a80 [ A20827DC65E27968F5154F84148E33D6 ] \Device\Harddisk0\DR0\Partition1 11:55:03.0773 0x1a80 \Device\Harddisk0\DR0\Partition1 - ok 11:55:03.0788 0x1a80 [ 98754DAF62F60B2D0BAF682649A90F83 ] \Device\Harddisk0\DR0\Partition2 11:55:03.0788 0x1a80 \Device\Harddisk0\DR0\Partition2 - ok 11:55:03.0788 0x1a80 [ 1F00D2B2A965D9948BBC52103EB4B231 ] \Device\Harddisk0\DR0\Partition3 11:55:03.0804 0x1a80 \Device\Harddisk0\DR0\Partition3 - ok 11:55:03.0804 0x1a80 ================ Scan generic autorun ====================== 11:55:03.0882 0x1a80 [ F10B83038ACC83CEEA4B3C6C6FE46E72, 947B374696957E317BAAA7D240FAE58DE613792347E6C1CEF287A3CCAC54227D ] C:\Windows\system32\hkcmd.exe 11:55:03.0944 0x1a80 HotKeysCmds - ok 11:55:04.0022 0x1a80 [ 143DA8EEAE483C00DEF75BA50B218C67, 170A8C4B9864E8A26F63E583BCD494895CD1BE253CD797318F8BA50A4092AF22 ] C:\Windows\system32\igfxpers.exe 11:55:04.0085 0x1a80 Persistence - ok 11:55:04.0943 0x1a80 [ CCC2990D218899C9D4EA36CD520DD29A, C78FD6490778DBFA174DDAEEB60E1C610F4E8AA24C35752E9CAE331BD27B7058 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 11:55:05.0754 0x1a80 RtHDVCpl - ok 11:55:05.0848 0x1a80 [ B1DDCBE7D17DE94045FE9E40EB3D0170, 76EAF208139160C10937FEB4CB47A9890BF66414A3958289DDDCE62EA6E701FC ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 11:55:05.0941 0x1a80 RtHDVBg_Dolby - ok 11:55:05.0941 0x1a80 SynTPEnh - ok 11:55:05.0988 0x1a80 [ C8560742F5E4C77A91A75C14D3583604, EDFFBCF84667C47621D78C3239DCC296AC5295249CCE01850AE2578EC59FF045 ] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe 11:55:06.0035 0x1a80 BLEServicesCtrl - ok 11:55:06.0035 0x1a80 BTMTrayAgent - ok 11:55:06.0097 0x1a80 [ ADFCC68B42627055979B26FC00759D17, 5C1C8395A7846E5DDEB6FFE2B37B537DDA4712D62CE05D7EA8B1773C75D46DE6 ] C:\Program Files\iTunes\iTunesHelper.exe 11:55:06.0128 0x1a80 iTunesHelper - ok 11:55:06.0191 0x1a80 [ 4D1DA8CE5E364D22B4FF00F163194514, 165DE474309206A0F51266F19EDB4AF3D7BAD19FDA61B636AEE7A04278DBBC2C ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe 11:55:06.0238 0x1a80 USB3MON - ok 11:55:06.0300 0x1a80 [ EFC77110B674E4F0945E7E85E2EAAB7C, F6CC7D74C45A9EDAC81E97EB225DD1465A640A6DF79605A468C1C381FB12D5F4 ] C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe 11:55:06.0362 0x1a80 Dolby Advanced Audio v2 - ok 11:55:06.0425 0x1a80 [ 35048D8E8A0BF7A797CD5757ACD7EED0, 890FCF24869614B3990B575A588ECB35C25A5B896F21BF9C66D43C93787FDD7A ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe 11:55:06.0456 0x1a80 CLMLServer - ok 11:55:06.0518 0x1a80 [ 7AA219D7AEAA8BADCAC7853AE6AE3BD5, 018F85DCD9EB33DC775CCCB58B999A640B6F8FEF37898EA45600B433E77CF9AE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe 11:55:06.0550 0x1a80 APSDaemon - ok 11:55:06.0659 0x1a80 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 11:55:06.0830 0x1a80 Sidebar - ok 11:55:06.0862 0x1a80 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 11:55:06.0908 0x1a80 mctadmin - ok 11:55:07.0002 0x1a80 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 11:55:07.0127 0x1a80 Sidebar - ok 11:55:07.0142 0x1a80 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 11:55:07.0189 0x1a80 mctadmin - ok 11:55:07.0252 0x1a80 [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 11:55:07.0283 0x1a80 swg - ok 11:55:07.0298 0x1a80 GoogleDriveSync - ok 11:55:07.0392 0x1a80 [ 6ECE746BB283927604DA192CA0D1403D, 327E1E908B6DB1C8414B31DB277EF5EABA340B2EE7FEE19349860B3C8F7778FE ] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIJJE.EXE 11:55:07.0439 0x1a80 EPLTarget\P0000000000000001 - ok 11:55:07.0470 0x1a80 [ 6ECE746BB283927604DA192CA0D1403D, 327E1E908B6DB1C8414B31DB277EF5EABA340B2EE7FEE19349860B3C8F7778FE ] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIJJE.EXE 11:55:07.0517 0x1a80 EPLTarget\P0000000000000002 - ok 11:55:07.0517 0x1a80 Waiting for KSN requests completion. In queue: 17 11:55:08.0531 0x1a80 Waiting for KSN requests completion. In queue: 17 11:55:09.0545 0x1a80 Waiting for KSN requests completion. In queue: 17 11:55:10.0902 0x1a80 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.15.106 ), 0x41000 ( enabled : updated ) 11:55:10.0996 0x1a80 Win FW state via NFP2: enabled ( trusted ) 11:55:13.0585 0x1a80 ============================================================ 11:55:13.0585 0x1a80 Scan finished 11:55:13.0585 0x1a80 ============================================================ 11:55:13.0601 0x1510 Detected object count: 0 11:55:13.0601 0x1510 Actual detected object count: 0 |
09.02.2016, 12:13 | #4 |
| Spam-Mails unter meinem Namen versendet FRST FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016 durchgeführt von FamilieJacobs (Administrator) auf NEUERMEDION (09-02-2016 11:43:49) Gestartet von C:\Users\FamilieJacobs\Desktop Geladene Profile: FamilieJacobs (Verfügbare Profile: FamilieJacobs) Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) () C:\Program Files (x86)\PHotkey\AsLdrSrv.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe () C:\Program Files (x86)\PHotkey\PHotkey.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (TODO: <公司名稱>) C:\Program Files (x86)\PHotkey\GPMTray.exe () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIJJE.EXE (SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIJJE.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe (TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe () C:\Program Files (x86)\PHotkey\PVDesktop.exe () C:\Program Files (x86)\PHotkey\PVDAgent.exe () C:\Program Files (x86)\PHotkey\POsd.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Microsoft Corporation) C:\Windows\System32\prevhost.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\WINWORD.EXE (Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12452456 2012-02-22] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-02-08] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2870032 2012-02-10] (Synaptics Incorporated) HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [177936 2012-02-17] (Intel Corporation) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation) HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-21] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-03] (CyberLink) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-12-17] (Apple Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-05] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-1037136450-1297708825-110652001-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-09-27] (Google Inc.) HKU\S-1-5-21-1037136450-1297708825-110652001-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23499656 2016-01-15] (Google) HKU\S-1-5-21-1037136450-1297708825-110652001-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIJJE.EXE [283232 2012-09-27] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-1037136450-1297708825-110652001-1000\...\Run: [EPLTarget\P0000000000000002] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIJJE.EXE [283232 2012-09-27] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-1037136450-1297708825-110652001-1000\...\MountPoints2: {7795442a-7806-11e5-af72-4c72b95eba7d} - F:\ting.exe ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google) ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => Keine Datei ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk [2014-03-31] ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe () ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{4B46B66F-8E2A-45C3-A55C-3444AF55136F}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{CB2F0A73-FF8E-4567-A25A-EA56F828F1F8}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-1037136450-1297708825-110652001-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ HKU\S-1-5-21-1037136450-1297708825-110652001-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-22] (Google Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-23] (Oracle Corporation) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03] (Adobe Systems Incorporated) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-23] (Oracle Corporation) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22] (Google Inc.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-23] (Oracle Corporation) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-22] (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22] (Google Inc.) Toolbar: HKU\S-1-5-21-1037136450-1297708825-110652001-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-22] (Google Inc.) Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\FamilieJacobs\AppData\Roaming\Mozilla\Firefox\Profiles\q4l8v9lg.default FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-07-28] (Tracker Software Products (Canada) Ltd.) FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-23] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-23] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-23] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-07-28] (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] () FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-07-28] (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-03-23] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-23] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-07-28] (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-01-03] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1037136450-1297708825-110652001-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-07-28] (Tracker Software Products (Canada) Ltd.) Chrome: ======= CHR Profile: C:\Users\FamilieJacobs\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\FamilieJacobs\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05] CHR Extension: (Google Drive) - C:\Users\FamilieJacobs\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (YouTube) - C:\Users\FamilieJacobs\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] CHR Extension: (Google-Suche) - C:\Users\FamilieJacobs\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26] CHR Extension: (Avira Browserschutz) - C:\Users\FamilieJacobs\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-01-26] CHR Extension: (Google Docs Offline) - C:\Users\FamilieJacobs\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18] CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\FamilieJacobs\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-09-08] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\FamilieJacobs\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24] CHR Extension: (Google Mail) - C:\Users\FamilieJacobs\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30] CHR HKU\S-1-5-21-1037136450-1297708825-110652001-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\FAMILI~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-08-27] CHR HKU\S-1-5-21-1037136450-1297708825-110652001-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG) R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.) R2 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2009-12-18] () R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249120 2016-01-05] (Avira Operations GmbH & Co. KG) R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [156672 2011-10-13] () [Datei ist nicht signiert] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [162648 2012-03-15] (Intel Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-03-29] () S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-03-29] (Intel® Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-01] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2015-12-01] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-08-15] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-01] (Avira Operations GmbH & Co. KG) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON) S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-02-09 11:43 - 2016-02-09 11:44 - 00023691 _____ C:\Users\FamilieJacobs\Desktop\FRST.txt 2016-02-09 11:43 - 2016-02-09 11:43 - 00000000 ____D C:\FRST 2016-02-09 11:42 - 2016-02-09 11:42 - 02370560 _____ (Farbar) C:\Users\FamilieJacobs\Desktop\FRST64.exe 2016-02-09 11:41 - 2016-02-09 11:41 - 01721344 _____ (Farbar) C:\Users\FamilieJacobs\Desktop\FRST.exe 2016-02-09 10:32 - 2016-02-09 10:59 - 00013455 _____ C:\Users\FamilieJacobs\Downloads\4c_E-Mail (1).xlsx 2016-02-08 22:46 - 2016-02-08 22:47 - 00001465 _____ C:\Users\FamilieJacobs\Desktop\AdwCleaner[C1].txt 2016-02-08 22:28 - 2016-02-08 22:28 - 00002019 _____ C:\Users\FamilieJacobs\Downloads\malwarebytes.txt 2016-02-02 22:00 - 2016-02-02 22:11 - 00000000 ____D C:\Users\FamilieJacobs\AppData\Local\Mozilla 2016-02-02 22:00 - 2016-02-02 22:00 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-02-02 22:00 - 2016-02-02 22:00 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2016-02-02 21:59 - 2016-02-02 22:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-02-01 13:46 - 2016-02-01 13:46 - 00001757 _____ C:\Users\Public\Desktop\iTunes.lnk 2016-02-01 13:46 - 2016-02-01 13:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2016-02-01 13:45 - 2016-02-01 13:46 - 00000000 ____D C:\Program Files\iTunes 2016-02-01 13:45 - 2016-02-01 13:45 - 00000000 ____D C:\Program Files\iPod 2016-02-01 13:45 - 2016-02-01 13:45 - 00000000 ____D C:\Program Files (x86)\iTunes 2016-02-01 13:40 - 2016-02-01 13:40 - 00000000 ____D C:\Program Files\Bonjour 2016-02-01 13:40 - 2016-02-01 13:40 - 00000000 ____D C:\Program Files (x86)\Bonjour 2016-02-01 13:38 - 2016-02-01 13:38 - 00000000 ____D C:\Windows\System32\Tasks\Apple 2016-02-01 13:38 - 2016-02-01 13:38 - 00000000 ____D C:\Program Files (x86)\Apple Software Update 2016-01-20 09:13 - 2016-01-20 09:13 - 00000000 ___SD C:\Users\FamilieJacobs\Documents\Meine Datenquellen 2016-01-13 10:41 - 2015-12-11 19:57 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2016-01-13 10:41 - 2015-12-08 22:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2016-01-13 10:41 - 2015-12-08 22:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2016-01-13 10:41 - 2015-12-08 22:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL 2016-01-13 10:41 - 2015-12-08 22:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL 2016-01-13 10:41 - 2015-12-08 22:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL 2016-01-13 10:41 - 2015-12-08 22:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL 2016-01-13 10:41 - 2015-12-08 22:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll 2016-01-13 10:41 - 2015-12-08 22:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL 2016-01-13 10:41 - 2015-12-08 22:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL 2016-01-13 10:41 - 2015-12-08 22:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL 2016-01-13 10:41 - 2015-12-08 22:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL 2016-01-13 10:41 - 2015-12-08 22:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL 2016-01-13 10:41 - 2015-12-08 22:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2016-01-13 10:41 - 2015-12-08 22:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2016-01-13 10:41 - 2015-12-08 22:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll 2016-01-13 10:41 - 2015-12-08 22:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL 2016-01-13 10:41 - 2015-12-08 22:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL 2016-01-13 10:41 - 2015-12-08 22:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2016-01-13 10:41 - 2015-12-08 22:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2016-01-13 10:41 - 2015-12-08 22:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2016-01-13 10:41 - 2015-12-08 22:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL 2016-01-13 10:41 - 2015-12-08 22:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2016-01-13 10:41 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL 2016-01-13 10:41 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL 2016-01-13 10:41 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL 2016-01-13 10:41 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll 2016-01-13 10:41 - 2015-12-08 22:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax 2016-01-13 10:41 - 2015-12-08 22:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL 2016-01-13 10:41 - 2015-12-08 22:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2016-01-13 10:41 - 2015-12-08 22:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL 2016-01-13 10:41 - 2015-12-08 22:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll 2016-01-13 10:41 - 2015-12-08 22:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll 2016-01-13 10:41 - 2015-12-08 22:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2016-01-13 10:41 - 2015-12-08 22:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2016-01-13 10:41 - 2015-12-08 22:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll 2016-01-13 10:41 - 2015-12-08 22:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2016-01-13 10:41 - 2015-12-08 20:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2016-01-13 10:41 - 2015-12-08 20:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2016-01-13 10:41 - 2015-12-08 20:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL 2016-01-13 10:41 - 2015-12-08 20:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2016-01-13 10:41 - 2015-12-08 20:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL 2016-01-13 10:41 - 2015-12-08 20:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2016-01-13 10:41 - 2015-12-08 20:07 - 01393152 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll 2016-01-13 10:41 - 2015-12-08 20:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll 2016-01-13 10:41 - 2015-12-08 20:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL 2016-01-13 10:41 - 2015-12-08 20:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL 2016-01-13 10:41 - 2015-12-08 20:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL 2016-01-13 10:41 - 2015-12-08 20:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll 2016-01-13 10:41 - 2015-12-08 20:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll 2016-01-13 10:41 - 2015-12-08 20:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL 2016-01-13 10:41 - 2015-12-08 20:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL 2016-01-13 10:41 - 2015-12-08 20:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL 2016-01-13 10:41 - 2015-12-08 20:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL 2016-01-13 10:41 - 2015-12-08 20:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2016-01-13 10:41 - 2015-12-08 20:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2016-01-13 10:41 - 2015-12-08 20:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL 2016-01-13 10:41 - 2015-12-08 20:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL 2016-01-13 10:41 - 2015-12-08 20:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2016-01-13 10:41 - 2015-12-08 20:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll 2016-01-13 10:41 - 2015-12-08 20:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2016-01-13 10:41 - 2015-12-08 20:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL 2016-01-13 10:41 - 2015-12-08 20:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll 2016-01-13 10:41 - 2015-12-08 20:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL 2016-01-13 10:41 - 2015-12-08 20:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL 2016-01-13 10:41 - 2015-12-08 20:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL 2016-01-13 10:41 - 2015-12-08 20:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2016-01-13 10:41 - 2015-12-08 20:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL 2016-01-13 10:41 - 2015-12-08 20:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL 2016-01-13 10:41 - 2015-12-08 20:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll 2016-01-13 10:41 - 2015-12-08 20:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll 2016-01-13 10:41 - 2015-12-08 20:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2016-01-13 10:41 - 2015-12-08 20:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll 2016-01-13 10:41 - 2015-12-08 20:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax 2016-01-13 10:41 - 2015-12-08 20:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2016-01-13 10:41 - 2015-12-08 20:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2016-01-13 10:41 - 2015-12-08 19:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys 2016-01-13 10:41 - 2015-12-08 19:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys 2016-01-13 10:41 - 2015-12-08 19:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys 2016-01-13 10:41 - 2015-12-08 18:58 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-01-13 10:41 - 2015-11-17 02:11 - 00025024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2016-01-13 10:41 - 2015-11-17 02:08 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2016-01-13 10:41 - 2015-11-17 02:08 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2016-01-13 10:41 - 2015-11-17 02:08 - 00705536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2016-01-13 10:41 - 2015-11-17 02:08 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2016-01-13 10:41 - 2015-11-17 02:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2016-01-13 10:41 - 2015-11-16 21:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2016-01-13 10:41 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll 2016-01-13 10:41 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll 2016-01-13 10:41 - 2015-11-14 00:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe 2016-01-13 10:41 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll 2016-01-13 10:41 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll 2016-01-13 10:41 - 2015-11-13 23:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe 2016-01-13 10:40 - 2015-12-24 00:13 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-01-13 10:40 - 2015-12-23 23:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2016-01-13 10:40 - 2015-12-12 19:54 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-01-13 10:40 - 2015-12-12 19:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-01-13 10:40 - 2015-12-12 19:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2016-01-13 10:40 - 2015-12-12 19:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2016-01-13 10:40 - 2015-12-12 19:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-01-13 10:40 - 2015-12-12 19:15 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-01-13 10:40 - 2015-12-12 19:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-01-13 10:40 - 2015-12-12 19:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2016-01-13 10:40 - 2015-12-12 19:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2016-01-13 10:40 - 2015-12-12 19:07 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-01-13 10:40 - 2015-12-12 19:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-01-13 10:40 - 2015-12-12 19:07 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2016-01-13 10:40 - 2015-12-12 19:03 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-01-13 10:40 - 2015-12-12 19:02 - 20367360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-01-13 10:40 - 2015-12-12 19:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-01-13 10:40 - 2015-12-12 19:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-01-13 10:40 - 2015-12-12 19:02 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-01-13 10:40 - 2015-12-12 19:02 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2016-01-13 10:40 - 2015-12-12 18:55 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2016-01-13 10:40 - 2015-12-12 18:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-01-13 10:40 - 2015-12-12 18:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2016-01-13 10:40 - 2015-12-12 18:44 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-01-13 10:40 - 2015-12-12 18:40 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2016-01-13 10:40 - 2015-12-12 18:39 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-01-13 10:40 - 2015-12-12 18:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-01-13 10:40 - 2015-12-12 18:37 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-01-13 10:40 - 2015-12-12 18:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2016-01-13 10:40 - 2015-12-12 18:37 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2016-01-13 10:40 - 2015-12-12 18:36 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2016-01-13 10:40 - 2015-12-12 18:36 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2016-01-13 10:40 - 2015-12-12 18:35 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2016-01-13 10:40 - 2015-12-12 18:33 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-01-13 10:40 - 2015-12-12 18:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2016-01-13 10:40 - 2015-12-12 18:30 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2016-01-13 10:40 - 2015-12-12 18:28 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2016-01-13 10:40 - 2015-12-12 18:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2016-01-13 10:40 - 2015-12-12 18:27 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2016-01-13 10:40 - 2015-12-12 18:27 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2016-01-13 10:40 - 2015-12-12 18:25 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-01-13 10:40 - 2015-12-12 18:23 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-01-13 10:40 - 2015-12-12 18:22 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-01-13 10:40 - 2015-12-12 18:21 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2016-01-13 10:40 - 2015-12-12 18:20 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-01-13 10:40 - 2015-12-12 18:19 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2016-01-13 10:40 - 2015-12-12 18:18 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-01-13 10:40 - 2015-12-12 18:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2016-01-13 10:40 - 2015-12-12 18:12 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2016-01-13 10:40 - 2015-12-12 18:10 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2016-01-13 10:40 - 2015-12-12 18:10 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2016-01-13 10:40 - 2015-12-12 18:09 - 04610560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-01-13 10:40 - 2015-12-12 18:08 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2016-01-13 10:40 - 2015-12-12 18:06 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-01-13 10:40 - 2015-12-12 18:02 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2016-01-13 10:40 - 2015-12-12 18:00 - 12856320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-01-13 10:40 - 2015-12-12 18:00 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2016-01-13 10:40 - 2015-12-12 18:00 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2016-01-13 10:40 - 2015-12-12 18:00 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-01-13 10:40 - 2015-12-12 17:54 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-01-13 10:40 - 2015-12-12 17:42 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-01-13 10:40 - 2015-12-12 17:41 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-01-13 10:40 - 2015-12-12 17:38 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-01-13 10:40 - 2015-12-12 17:36 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2016-01-13 10:38 - 2015-12-30 20:08 - 05572544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-01-13 10:38 - 2015-12-30 20:01 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-01-13 10:38 - 2015-12-30 20:01 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-01-13 10:38 - 2015-12-30 19:57 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-01-13 10:38 - 2015-12-30 19:38 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2016-01-13 10:38 - 2015-12-08 22:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2016-01-13 10:38 - 2015-12-08 22:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2016-01-13 10:38 - 2015-12-08 20:07 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2016-01-13 10:38 - 2015-12-08 20:07 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2016-01-13 10:37 - 2015-12-30 20:08 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-01-13 10:37 - 2015-12-30 20:08 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2016-01-13 10:37 - 2015-12-30 20:05 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-01-13 10:37 - 2015-12-30 20:02 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2016-01-13 10:37 - 2015-12-30 20:02 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2016-01-13 10:37 - 2015-12-30 20:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2016-01-13 10:37 - 2015-12-30 20:02 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2016-01-13 10:37 - 2015-12-30 20:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2016-01-13 10:37 - 2015-12-30 20:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2016-01-13 10:37 - 2015-12-30 20:01 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2016-01-13 10:37 - 2015-12-30 20:01 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2016-01-13 10:37 - 2015-12-30 20:01 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2016-01-13 10:37 - 2015-12-30 20:01 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2016-01-13 10:37 - 2015-12-30 20:01 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2016-01-13 10:37 - 2015-12-30 20:00 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2016-01-13 10:37 - 2015-12-30 19:59 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-01-13 10:37 - 2015-12-30 19:59 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-01-13 10:37 - 2015-12-30 19:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2016-01-13 10:37 - 2015-12-30 19:58 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-01-13 10:37 - 2015-12-30 19:58 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2016-01-13 10:37 - 2015-12-30 19:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2016-01-13 10:37 - 2015-12-30 19:57 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2016-01-13 10:37 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2016-01-13 10:37 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2016-01-13 10:37 - 2015-12-30 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2016-01-13 10:37 - 2015-12-30 19:54 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2016-01-13 10:37 - 2015-12-30 19:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2016-01-13 10:37 - 2015-12-30 19:54 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:47 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2016-01-13 10:37 - 2015-12-30 19:47 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2016-01-13 10:37 - 2015-12-30 19:44 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2016-01-13 10:37 - 2015-12-30 19:41 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2016-01-13 10:37 - 2015-12-30 19:41 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2016-01-13 10:37 - 2015-12-30 19:41 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2016-01-13 10:37 - 2015-12-30 19:41 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2016-01-13 10:37 - 2015-12-30 19:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2016-01-13 10:37 - 2015-12-30 19:41 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2016-01-13 10:37 - 2015-12-30 19:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2016-01-13 10:37 - 2015-12-30 19:41 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2016-01-13 10:37 - 2015-12-30 19:40 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2016-01-13 10:37 - 2015-12-30 19:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2016-01-13 10:37 - 2015-12-30 19:39 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2016-01-13 10:37 - 2015-12-30 19:39 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2016-01-13 10:37 - 2015-12-30 19:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2016-01-13 10:37 - 2015-12-30 19:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2016-01-13 10:37 - 2015-12-30 19:38 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2016-01-13 10:37 - 2015-12-30 19:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2016-01-13 10:37 - 2015-12-30 19:37 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2016-01-13 10:37 - 2015-12-30 19:37 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 18:57 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2016-01-13 10:37 - 2015-12-30 18:50 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2016-01-13 10:37 - 2015-12-30 18:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2016-01-13 10:37 - 2015-12-30 18:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2016-01-13 10:37 - 2015-12-30 18:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-01-13 10:37 - 2015-12-30 18:42 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-01-13 10:37 - 2015-12-30 18:42 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-01-13 10:37 - 2015-12-30 18:41 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2016-01-13 10:37 - 2015-12-30 18:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2016-01-13 10:37 - 2015-12-30 18:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2016-01-13 10:37 - 2015-12-30 18:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2016-01-13 10:37 - 2015-12-30 18:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2016-01-13 10:37 - 2015-12-30 18:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2016-01-13 10:37 - 2015-12-30 18:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2016-01-13 10:37 - 2015-12-30 18:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 18:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 18:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2016-01-13 10:37 - 2015-12-30 18:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2016-01-10 14:48 - 2016-01-10 17:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-02-09 11:07 - 2012-09-27 20:06 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-02-09 10:07 - 2009-07-14 05:45 - 00017264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-02-09 10:07 - 2009-07-14 05:45 - 00017264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-02-09 10:04 - 2015-10-23 13:58 - 00000000 ____D C:\Users\FamilieJacobs\AppData\Local\Dropbox 2016-02-09 09:59 - 2015-03-21 12:44 - 00000000 ____D C:\Users\FamilieJacobs\Documents\Youcam 2016-02-09 09:59 - 2014-08-26 12:05 - 00000000 ___RD C:\Users\FamilieJacobs\Google Drive 2016-02-09 09:57 - 2012-09-27 20:06 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-02-09 09:57 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-02-09 09:15 - 2012-11-14 12:23 - 00000000 ____D C:\ProgramData\Skype 2016-02-09 09:12 - 2014-01-05 16:42 - 00000000 ____D C:\Users\FamilieJacobs\AppData\Roaming\Dropbox 2016-02-09 09:11 - 2015-10-23 13:53 - 00000000 ___RD C:\Users\FamilieJacobs\Dropbox 2016-02-09 08:45 - 2013-09-01 19:39 - 00000000 ____D C:\AdwCleaner 2016-02-09 08:20 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp 2016-02-08 12:26 - 2011-05-16 15:04 - 00699682 _____ C:\Windows\system32\perfh007.dat 2016-02-08 12:26 - 2011-05-16 15:04 - 00149790 _____ C:\Windows\system32\perfc007.dat 2016-02-08 12:26 - 2009-07-14 06:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI 2016-02-08 12:26 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2016-02-07 10:50 - 2012-09-27 20:52 - 00000000 ____D C:\Users\FamilieJacobs\AppData\Local\Paint.NET 2016-02-06 08:08 - 2014-08-16 07:39 - 00000000 ____D C:\ProgramData\Package Cache 2016-02-05 18:41 - 2012-12-29 07:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2016-02-05 16:21 - 2013-03-19 20:56 - 00000000 ____D C:\Users\FamilieJacobs\Documents\Martina 2016-02-05 11:11 - 2012-09-27 20:06 - 00002208 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-02-05 11:11 - 2012-09-27 20:06 - 00002179 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-02-03 08:19 - 2012-10-17 08:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-02-02 21:54 - 2012-09-27 20:27 - 00000000 ____D C:\Users\FamilieJacobs\AppData\Local\Google 2016-02-02 19:02 - 2012-09-27 20:06 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-02-02 19:02 - 2012-09-27 20:06 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2016-02-01 21:08 - 2015-03-21 08:47 - 00000000 ____D C:\Users\FamilieJacobs\Documents\O2_Rechnungen 2016-02-01 13:45 - 2015-05-27 16:49 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 2016-02-01 13:45 - 2012-10-20 08:38 - 00000000 ____D C:\Program Files\Common Files\Apple 2016-02-01 13:38 - 2012-10-20 08:38 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2016-02-01 10:18 - 2014-08-26 12:04 - 00002046 _____ C:\Users\Public\Desktop\Google Slides.lnk 2016-02-01 10:18 - 2014-08-26 12:04 - 00002044 _____ C:\Users\Public\Desktop\Google Sheets.lnk 2016-02-01 10:18 - 2014-08-26 12:04 - 00002034 _____ C:\Users\Public\Desktop\Google Docs.lnk 2016-02-01 10:18 - 2014-08-26 12:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2016-01-30 22:21 - 2015-11-13 08:34 - 00000165 _____ C:\Users\FamilieJacobs\Desktop\todod.txt 2016-01-27 11:38 - 2014-11-25 19:54 - 00000000 ____D C:\Users\FamilieJacobs\Documents\Elternverein 2016-01-22 12:15 - 2012-10-07 21:15 - 00000000 ____D C:\ProgramData\tmp 2016-01-22 12:07 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF 2016-01-19 13:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2016-01-13 15:01 - 2009-07-14 05:45 - 00385392 _____ C:\Windows\system32\FNTCACHE.DAT 2016-01-13 14:57 - 2015-04-15 12:45 - 00000000 ____D C:\Windows\system32\appraiser 2016-01-13 14:57 - 2014-05-07 11:26 - 00000000 ___SD C:\Windows\system32\CompatTel 2016-01-13 13:43 - 2013-03-14 08:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-01-13 13:41 - 2013-03-14 08:30 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2016-01-13 13:41 - 2013-03-14 08:30 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2016-01-13 13:38 - 2014-02-24 23:29 - 00000000 ____D C:\Windows\system32\MRT 2016-01-13 13:26 - 2011-07-18 21:31 - 143671360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2012-10-25 08:32 - 2012-10-25 08:32 - 0017408 _____ () C:\Users\FamilieJacobs\AppData\Local\WebpageIcons.db Einige Dateien in TEMP: ==================== C:\Users\FamilieJacobs\AppData\Local\Temp\avgnt.exe C:\Users\FamilieJacobs\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_9rzsb.dll C:\Users\FamilieJacobs\AppData\Local\Temp\GUR428B.exe C:\Users\FamilieJacobs\AppData\Local\Temp\jre-8u51-windows-au.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-02-01 12:39 ==================== Ende von FRST.txt ============================ Addition Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-02-2016 durchgeführt von FamilieJacobs (2016-02-09 11:45:44) Gestartet von C:\Users\FamilieJacobs\Desktop Windows 7 Home Premium Service Pack 1 (X64) (2012-09-27 19:12:13) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-1037136450-1297708825-110652001-500 - Administrator - Disabled) FamilieJacobs (S-1-5-21-1037136450-1297708825-110652001-1000 - Administrator - Enabled) => C:\Users\FamilieJacobs Gast (S-1-5-21-1037136450-1297708825-110652001-501 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) Adobe Reader X (10.1.2) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.2 - Adobe Systems Incorporated) AMI VR-pulse OS Switcher (HKLM\...\{EC1369CF-15BD-4FAF-BA84-65E4788C682E}) (Version: 1.1 - American Megatrends Inc.) Apple Application Support (32-Bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG) Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG) Avira Launcher (HKLM-x32\...\{ccdc9cfe-8ba7-4c6c-ac5f-b2d6cfa49efc}) (Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG) Avira Launcher (x32 Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG) Hidden AVNavigator 2012.I (HKU\S-1-5-21-1037136450-1297708825-110652001-1000\...\AVNavigator 2012.I) (Version: 1.13.0.007.1 - PIONEER CORPORATION) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) BUDNI Fotowelt (HKLM-x32\...\BUDNI Fotowelt) (Version: 6.1.2 - CEWE Stiftung u Co. KGaA) CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.) CyberLink YouCam 5 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.1402 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.11 - Dolby Laboratories Inc) EPSON WF-3520 Series Printer Uninstall (HKLM\...\EPSON WF-3520 Series) (Version: - SEIKO EPSON Corporation) Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.103 - Google Inc.) Google Drive (HKLM-x32\...\{EF61675D-9BBC-4EC7-B906-F13BE8D3BD20}) (Version: 1.27.1227.2094 - Google, Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation) Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation) Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{37EC048A-81A2-452A-8D1F-3BE2018E767D}) (Version: 15.1.0.0096 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{520C4DD4-2BC7-409B-BA48-E1A4F832662D}) (Version: 2.1.0.0140 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation) Intel(R) WiDi (HKLM\...\{4E4282C3-F66E-4852-837A-7675527178C2}) (Version: 3.1.26.0 - Intel Corporation) Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - ) Intel® PROSet/Wireless WiFi Software (HKLM\...\{54EB8041-1115-4406-AA4B-44D236E84B3B}) (Version: 15.01.1000.0927 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation) iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.) Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation) Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation) Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.3216 - CyberLink Corp.) Medion Home Cinema (x32 Version: 8.0.3216 - CyberLink Corp.) Hidden Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7943 - Memeo Inc.) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Mathematics (64-Bit) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 44.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0 (x86 de)) (Version: 44.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0 - Mozilla) Mozilla Thunderbird 38.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.5.0 (x86 de)) (Version: 38.5.0 - Mozilla) Mozilla Thunderbird 38.5.1 (x86 de) (HKU\S-1-5-21-1037136450-1297708825-110652001-1000\...\Mozilla Thunderbird 38.5.1 (x86 de)) (Version: 38.5.1 - Mozilla) OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation) Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC) PCSUITE SHREDDER (HKLM-x32\...\PCSUITE_SHREDDER_PRO_is1) (Version: - Markement GmbH) PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.309.0 - Tracker Software Products Ltd) PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0059 - Pegatron Corporation) PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Ravensburger tiptoi (HKLM-x32\...\Ravensburger tiptoi) (Version: - ) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6586 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden Software Updater (HKLM-x32\...\{FA7EE274-7370-43B7-9A45-A39B17CCCDC5}) (Version: 4.3.3 - SEIKO EPSON CORPORATION) Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.45.0 - Synaptics Incorporated) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation) Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation) WISO Steuer-Sparbuch 2012 (HKLM-x32\...\{0CC1DAFB-40C8-4903-953D-471E541477C7}) (Version: 19.10.7954 - Buhl Data Service GmbH) WISO Steuer-Sparbuch 2013 (HKLM-x32\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH) WISO Steuer-Sparbuch 2014 (HKLM-x32\...\{36E3B422-5AA2-470A-9CDB-8522A778750C}) (Version: 21.00.8480 - Buhl Data Service GmbH) WISO Steuer-Sparbuch 2015 (HKLM-x32\...\{ABC93C08-CEEA-4777-BB89-3DCE144ACD5D}) (Version: 22.09.9087 - Buhl Data Service GmbH) Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {1F16D326-3B8C-47CC-B425-B8759BD86E2D} - System32\Tasks\{29E14434-9B24-448E-A54B-4C509A84E4F4} => pcalua.exe -a C:\Users\FamilieJacobs\Downloads\RegCleaner.exe -d C:\Users\FamilieJacobs\Downloads Task: {434075BD-6841-415B-98A2-F8B9842F44BB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {6DE5FE3B-5E88-4EDA-9218-6C82788FB200} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation) Task: {79367E01-C6AA-470C-8EDF-40A7BAA6D6C6} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation) Task: {8307B23E-192A-44A5-9255-595E02EE00CE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {8DB94DB5-1934-484F-AE1D-395DDFA10C35} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2012-02-02] (CyberLink Corp.) Task: {B79B1EF8-3542-439F-8076-B0763687E969} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.) Task: {EBFDDCA5-42F0-4BA5-8AF1-F70815CB8EF8} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ShortcutWithArgument: C:\Users\Public\Desktop\LIFESTORE.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> www.medion.com/lifestore ShortcutWithArgument: C:\Users\Public\Desktop\MEDIONplay.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.medion.com/de/electronics/cat/MEDIONplay/gaming_browsergames_88 ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2012-04-11 10:57 - 2009-12-18 23:40 - 00104968 _____ () C:\Program Files (x86)\PHotkey\ASLDRSrv.exe 2012-04-11 10:57 - 2011-10-13 22:38 - 00156672 _____ () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe 2015-02-13 03:20 - 2015-02-13 03:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-12-17 18:38 - 2015-12-17 18:38 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2012-04-11 10:57 - 2012-03-27 22:19 - 00826880 _____ () C:\Program Files (x86)\PHotkey\PHotkey.exe 2012-04-11 10:57 - 2010-01-13 01:36 - 00117256 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe 2012-04-11 10:57 - 2010-01-13 01:36 - 00121864 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe 2012-04-11 08:57 - 2012-03-27 01:33 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2012-04-11 10:57 - 2012-01-13 01:58 - 00552960 _____ () C:\Program Files (x86)\PHotkey\PVDesktop.exe 2012-04-11 10:57 - 2012-01-13 01:58 - 00477696 _____ () C:\Program Files (x86)\PHotkey\PVDAgent.exe 2012-04-11 10:57 - 2012-02-24 22:13 - 03458560 _____ () C:\Program Files (x86)\PHotkey\POSD.exe 2013-09-04 23:17 - 2013-09-04 23:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf 2012-04-11 10:57 - 2009-12-18 23:36 - 00973432 _____ () C:\Program Files (x86)\PHotkey\acAuth.dll 2012-04-11 10:57 - 2009-12-18 23:41 - 00129544 _____ () C:\Program Files (x86)\PHotkey\GFNEX.dll 2016-02-09 09:58 - 2016-02-09 09:58 - 00098816 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\win32api.pyd 2016-02-09 09:58 - 2016-02-09 09:58 - 00110080 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\pywintypes27.dll 2016-02-09 09:58 - 2016-02-09 09:58 - 00364544 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\pythoncom27.dll 2016-02-09 09:58 - 2016-02-09 09:58 - 00320512 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\win32com.shell.shell.pyd 2016-02-09 09:58 - 2016-02-09 09:58 - 00776704 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\_hashlib.pyd 2016-02-09 09:58 - 2016-02-09 09:58 - 01176576 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\wx._core_.pyd 2016-02-09 09:58 - 2016-02-09 09:58 - 00806400 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\wx._gdi_.pyd 2016-02-09 09:58 - 2016-02-09 09:58 - 00816128 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\wx._windows_.pyd 2016-02-09 09:58 - 2016-02-09 09:58 - 01067008 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\wx._controls_.pyd 2016-02-09 09:58 - 2016-02-09 09:58 - 00733184 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\wx._misc_.pyd 2016-02-09 09:58 - 2016-02-09 09:58 - 00682496 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\pysqlite2._sqlite.pyd 2016-02-09 09:58 - 2016-02-09 09:58 - 00088064 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\_ctypes.pyd 2016-02-09 09:58 - 2016-02-09 09:58 - 00119808 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\win32file.pyd 2016-02-09 09:58 - 2016-02-09 09:58 - 00108544 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\win32security.pyd 2016-02-09 09:58 - 2016-02-09 09:58 - 00007168 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\hashobjs_ext.pyd 2016-02-09 09:58 - 2016-02-09 09:58 - 00017920 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\thumbnails_ext.pyd 2016-02-09 09:58 - 2016-02-09 09:58 - 00088064 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\usb_ext.pyd 2016-02-09 09:58 - 2016-02-09 09:58 - 00167936 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\win32gui.pyd 2016-02-09 09:58 - 2016-02-09 09:58 - 00018432 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\win32event.pyd 2016-02-09 09:58 - 2016-02-09 09:58 - 00046080 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\_socket.pyd 2016-02-09 09:58 - 2016-02-09 09:58 - 01208320 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\_ssl.pyd 2016-02-09 09:58 - 2016-02-09 09:58 - 00128512 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\_elementtree.pyd 2016-02-09 09:58 - 2016-02-09 09:58 - 00127488 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\pyexpat.pyd 2016-02-09 09:58 - 2016-02-09 09:58 - 00013824 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\common.time34.pyd 2016-02-09 09:58 - 2016-02-09 09:58 - 00036864 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\_psutil_windows.pyd 2016-02-09 09:58 - 2016-02-09 09:58 - 00038912 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\win32inet.pyd 2016-02-09 09:58 - 2016-02-09 09:58 - 00525240 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\windows._lib_cacheinvalidation.pyd 2016-02-09 09:58 - 2016-02-09 09:58 - 00011264 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\win32crypt.pyd 2016-02-09 09:58 - 2016-02-09 09:58 - 00077312 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\wx._html2.pyd 2016-02-09 09:58 - 2016-02-09 09:58 - 00027136 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\_multiprocessing.pyd 2016-02-09 09:58 - 2016-02-09 09:58 - 00020480 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\_yappi.pyd 2016-02-09 09:58 - 2016-02-09 09:58 - 00035840 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\win32process.pyd 2016-02-09 09:58 - 2016-02-09 09:58 - 00686080 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\unicodedata.pyd 2016-02-09 09:58 - 2016-02-09 09:58 - 00078848 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\wx._animate.pyd 2016-02-09 09:58 - 2016-02-09 09:58 - 00123392 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\wx._wizard.pyd 2016-02-09 09:58 - 2016-02-09 09:58 - 00024064 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\win32pipe.pyd 2016-02-09 09:58 - 2016-02-09 09:58 - 00010240 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\select.pyd 2016-02-09 09:58 - 2016-02-09 09:58 - 00025600 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\win32pdh.pyd 2016-02-09 09:58 - 2016-02-09 09:58 - 00017408 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\win32profile.pyd 2016-02-09 09:58 - 2016-02-09 09:58 - 00022528 _____ () C:\Users\FamilieJacobs\AppData\Local\Temp\_MEI29962\win32ts.pyd 2010-08-03 23:39 - 2010-08-03 23:39 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll 2010-08-03 23:39 - 2010-08-03 23:39 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll 2014-10-17 20:40 - 2014-10-17 20:40 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\92a1650dbe9fad5f46633b835420e1a8\IsdiInterop.ni.dll 2012-04-11 09:39 - 2011-11-30 04:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2012-04-11 09:31 - 2012-03-06 14:27 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2016-02-05 11:11 - 2016-02-03 08:27 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.103\libglesv2.dll 2016-02-05 11:11 - 2016-02-03 08:27 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.103\libegl.dll 2016-01-10 14:48 - 2016-01-10 14:49 - 00153032 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll 2016-01-10 14:48 - 2016-01-10 14:49 - 00022472 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-1037136450-1297708825-110652001-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\FamilieJacobs\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^watchmi tray.lnk => C:\Windows\pss\watchmi tray.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WISO Mein Steuer-Sparbuch heute.lnk => C:\Windows\pss\WISO Mein Steuer-Sparbuch heute.lnk.CommonStartup MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{85832019-5E10-4687-9BE8-ECC6260C4DFB}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{3F0CB73A-4640-4B7B-A0AC-524E66E23823}] => (Allow) LPort=2869 FirewallRules: [{D63C74F5-9DCE-4F49-A501-D838905BB8A3}] => (Allow) LPort=1900 FirewallRules: [{914D9672-2983-4BD2-8AF9-E937A47B0886}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{B6251A33-87E8-45FA-BFE4-E8F4CF1C5BDD}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe FirewallRules: [{D6BFF3C8-D4CC-440C-B12D-821B6935032D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{446F1012-A0FB-4E68-B9AB-B94E8CB6BBBA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{5A81AA43-1F00-4ECB-9F84-FB5B7F3CE940}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{78256F18-1722-400D-B4BB-CBE4A04DA3D3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [TCP Query User{26CBEFBC-5C91-4573-89C7-3A1FE951B833}C:\users\familiejacobs\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\familiejacobs\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{AB5CD92A-47BE-46D7-89D1-174419D3F180}C:\users\familiejacobs\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\familiejacobs\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{879CF7B2-4E96-4330-8C5D-D689EA7E212A}] => (Allow) C:\Users\FamilieJacobs\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{3B720F69-CD9C-483A-8320-D3CAD1BEA0DB}] => (Allow) C:\Users\FamilieJacobs\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{D9C926DC-A118-4376-9FC5-723A366807D8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{69737934-B8A0-4CD4-ACE4-495B0191A25C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{AA5E4815-1682-47BE-A54B-4EA64D9BFC67}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{6E9E22DD-4946-40C9-ADF4-4A641DA73070}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{B90B0612-3861-4AD9-8B0A-760C76677625}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{DA666D96-1601-434C-9049-83481EEF22FD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{A3B29C5D-E6FB-4BC5-9AD5-6D7694E18A10}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{D1CE7352-E24A-4FF4-A41A-6FBE4249E855}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Wiederherstellungspunkte ========================= 22-01-2016 09:54:27 Geplanter Prüfpunkt 01-02-2016 12:46:47 Geplanter Prüfpunkt 09-02-2016 09:14:04 Removed Skype™ 7.0 ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (02/08/2016 08:27:54 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: ) Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden. bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data) bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor) bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider) --- Ende der internen Ausnahmestapelüberwachung --- bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity) bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args) Error: (02/07/2016 10:20:03 AM) (Source: MemeoBackgroundService) (EventID: 0) (User: ) Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden. bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data) bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor) bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider) --- Ende der internen Ausnahmestapelüberwachung --- bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity) bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args) Error: (02/06/2016 11:35:27 AM) (Source: MemeoBackgroundService) (EventID: 0) (User: ) Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden. bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data) bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor) bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider) --- Ende der internen Ausnahmestapelüberwachung --- bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity) bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args) Error: (02/06/2016 08:06:30 AM) (Source: MemeoBackgroundService) (EventID: 0) (User: ) Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden. bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data) bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor) bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider) --- Ende der internen Ausnahmestapelüberwachung --- bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity) bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args) Error: (02/05/2016 03:52:54 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1866068 Error: (02/05/2016 03:52:54 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1866068 Error: (02/05/2016 03:52:54 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (02/05/2016 03:21:53 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 5101 Error: (02/05/2016 03:21:53 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 5101 Error: (02/05/2016 03:21:53 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Systemfehler: ============= Error: (02/09/2016 09:58:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "MemeoBackgroundService" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (02/09/2016 09:58:33 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst MemeoBackgroundService erreicht. Error: (02/09/2016 09:57:28 AM) (Source: Application Popup) (EventID: 56) (User: ) Description: Treiber ACPI hat eine ungültige ID für das untergeordnete Gerät (1) zurückgegeben. Error: (02/09/2016 08:19:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "MemeoBackgroundService" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (02/09/2016 08:19:45 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst MemeoBackgroundService erreicht. Error: (02/09/2016 08:18:43 AM) (Source: Application Popup) (EventID: 56) (User: ) Description: Treiber ACPI hat eine ungültige ID für das untergeordnete Gerät (1) zurückgegeben. Error: (02/08/2016 10:49:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "MemeoBackgroundService" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (02/08/2016 10:49:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst MemeoBackgroundService erreicht. Error: (02/08/2016 10:48:17 PM) (Source: Application Popup) (EventID: 56) (User: ) Description: Treiber ACPI hat eine ungültige ID für das untergeordnete Gerät (1) zurückgegeben. Error: (02/08/2016 10:47:51 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT) Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet. Modulpfad: C:\Windows\System32\IWMSSvc.dll ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i3-2370M CPU @ 2.40GHz Prozentuale Nutzung des RAM: 59% Installierter physikalischer RAM: 3990.83 MB Verfügbarer physikalischer RAM: 1627.5 MB Summe virtueller Speicher: 7979.87 MB Verfügbarer virtueller Speicher: 4835.53 MB ==================== Laufwerke ================================ Drive c: (Boot) (Fixed) (Total:647.54 GB) (Free:532.95 GB) NTFS Drive d: (Recover) (Fixed) (Total:50 GB) (Free:17.58 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 698.6 GB) (Disk ID: 2BD2C32A) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=647.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=1 GB) - (Type=12) ==================== Ende von Addition.txt ============================ |
09.02.2016, 14:36 | #5 | |
/// TB-Ausbilder | Spam-Mails unter meinem Namen versendet Servus, ich sehe da so gut wie nichts in den Logdateien. Nur was willst du mit dieser extrem veralteten Version von AdwCleaner? Zitat:
Wir lassen nochmal ein paar Programme laufen, zur Sicherheit würde ich sagen. Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte Malwarebytes Anti-Malware
Schritt 3 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
10.02.2016, 22:35 | #6 |
| Spam-Mails unter meinem Namen versendet Hallo Matthias, das beruhigt mich schon mal. Dann war das vielleicht doch nur eine "Altlast" - 2014 hatte ich schon mal das Problem...war nur erschrocken, dass das nun wieder losgeht. Also, hier nun die Logs: die Logdatei von AdwCleaner (warum hier oben im Bericht AdwCleaner_4.112.exe steht und unten die neue Version, verstehe ich nicht ???): AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v4.112 - Bericht erstellt 20/03/2015 um 15:25:52 # Aktualisiert 09/03/2015 von Xplode # Datenbank : 2015-03-15.1 [Server] # Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64) # Benutzername : FamilieJacobs - NEUERMEDION # Gestarted von : C:\Users\FamilieJacobs\Downloads\AdwCleaner_4.112.exe # Option : Löschen ***** [ Dienste ] ***** ***** [ Dateien / Ordner ] ***** ***** [ Geplante Tasks ] ***** ***** [ Verknüpfungen ] ***** ***** [ Registrierungsdatenbank ] ***** Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} ***** [ Internetbrowser ] ***** -\\ Internet Explorer v11.0.9600.17689 -\\ Google Chrome v41.0.2272.101 ************************* AdwCleaner[R0].txt - [10100 Bytes] - [01/09/2013 19:39:51] AdwCleaner[R1].txt - [1333 Bytes] - [23/09/2013 21:58:21] AdwCleaner[R2].txt - [2711 Bytes] - [11/10/2013 19:46:56] AdwCleaner[R3].txt - [1673 Bytes] - [28/10/2013 10:20:56] AdwCleaner[R4].txt - [1351 Bytes] - [30/10/2013 20:12:04] AdwCleaner[R5].txt - [1472 Bytes] - [30/10/2013 20:32:40] AdwCleaner[R6].txt - [5353 Bytes] - [14/03/2015 12:50:34] AdwCleaner[R7].txt - [1754 Bytes] - [20/03/2015 14:37:32] AdwCleaner[S0].txt - [9733 Bytes] - [01/09/2013 19:44:33] AdwCleaner[S1].txt - [1246 Bytes] - [23/09/2013 21:59:51] AdwCleaner[S2].txt - [2650 Bytes] - [11/10/2013 19:48:22] AdwCleaner[S3].txt - [1577 Bytes] - [28/10/2013 10:22:35] AdwCleaner[S4].txt - [1413 Bytes] - [30/10/2013 20:16:09] AdwCleaner[S5].txt - [1533 Bytes] - [30/10/2013 20:36:49] AdwCleaner[S6].txt - [5002 Bytes] - [14/03/2015 12:58:30] AdwCleaner[S7].txt - [1676 Bytes] - [20/03/2015 15:25:52] ########## EOF - C:\AdwCleaner\AdwCleaner[S7].txt - [1735 Bytes] ########## AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v5.033 - Bericht erstellt am 10/02/2016 um 20:50:13 # Aktualisiert am 07/02/2016 von Xplode # Datenbank : 2016-02-07.2 [Server] # Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64) # Benutzername : FamilieJacobs - NEUERMEDION # Gestartet von : C:\Users\FamilieJacobs\Desktop\AdwCleaner_5.033.exe # Option : Suchlauf # Unterstützung : hxxp://toolslib.net/forum ***** [ Dienste ] ***** ***** [ Ordner ] ***** ***** [ Dateien ] ***** ***** [ DLL ] ***** ***** [ Verknüpfungen ] ***** ***** [ Aufgabenplanung ] ***** ***** [ Registrierungsdatenbank ] ***** ***** [ Internetbrowser ] ***** ########## EOF - C:\AdwCleaner\AdwCleaner[S7].txt - [2471 Bytes] ########## die Logdatei von MBAM: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 10.02.2016 Suchlaufzeit: 21:01 Protokolldatei: mbam.text Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2016.02.10.05 Rootkit-Datenbank: v2016.02.08.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: FamilieJacobs Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 380591 Abgelaufene Zeit: 54 Min., 57 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.0.2 (01.06.2016) Operating System: Windows 7 Home Premium x64 Ran by FamilieJacobs (Administrator) on 10.02.2016 at 22:07:22,72 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 43 Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\{0311E5FD-01D1-483E-A870-0037058D54C7} (Empty Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\{1ADF0D01-144B-4F28-9A8B-6444FC886ED4} (Empty Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\{20B05A9D-5DEE-4EBE-876E-7687544524E5} (Empty Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\{322B5E99-7E7B-4DAC-8CE7-FE91C5F11139} (Empty Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\{37554ED0-4943-4DE4-A704-98A26FAF18A5} (Empty Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\{3A9E20C2-B7EA-4DF5-98F5-A51EAF54948A} (Empty Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\{42E60E88-3A99-4E22-BE98-5D18C621F1AB} (Empty Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\{4ABC76FE-EDA3-4D8E-80B7-03C8650F40FB} (Empty Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\{50E63202-9793-440C-8C8D-2DF859222A41} (Empty Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\{54776848-F80D-46A3-AB3E-79861D7E68C1} (Empty Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\{5C2D9EA2-A248-4914-BB1C-7A8798FDA092} (Empty Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\{66B28C7E-5E66-4D14-8865-9041ACA69CF8} (Empty Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\{70C58C12-07C6-4B19-BE81-8C1BE8CD232B} (Empty Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\{7DCD4910-C0BD-4675-A836-BBFDF1C6575A} (Empty Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\{921D774D-E999-4DD7-872A-10C38309FE02} (Empty Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\{9618D623-3DD4-4279-8121-B91CB672D1D3} (Empty Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\{96E1428E-100B-4444-B9BD-0AA5C7E11489} (Empty Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\{99A10413-50F7-408A-8C56-733FB53BE841} (Empty Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\{A796E8E7-D87D-4B39-90AC-9A1D4C76AB8B} (Empty Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\{B1645600-3254-4CE6-9BB7-0002F9389C70} (Empty Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\{B85D9A5D-FC02-4D72-A28D-266540B21ADD} (Empty Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\{BEEDC7D8-2D4B-4618-9A51-B9016527AB00} (Empty Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\{BF98CD34-07F5-4C2F-8FC6-EDCF5F469289} (Empty Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\{CAB6BC15-A77C-44B2-9068-C9B7356F10E5} (Empty Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\{CACA244F-81C2-4837-9390-E5FAE37405FC} (Empty Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\{CB437B2D-59CF-48F6-A1F2-9DECE83AD163} (Empty Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\{CFAC325E-F0D1-499B-B601-647AD3FCBDC0} (Empty Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\{D6E9DEEA-BF8E-4CC2-BB97-BF73A6AC446F} (Empty Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\{DD50177D-2FC8-4D9E-95BC-8DBEF04D606A} (Empty Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\{DD99F370-B7FE-4B18-A1B2-14843DCED0DF} (Empty Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\{DF725B96-C73B-4CF8-A0B4-B614EC2D1511} (Empty Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\{E2297F75-5318-4497-882F-574ABB41C4BB} (Empty Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\{E72D6D10-3651-4414-A9E6-40D5CA048D78} (Empty Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\{EBEB7976-E5EC-4008-9D84-98B4AEF8F969} (Empty Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\{F84F97DA-64E2-4BD1-AC42-2A34435215C9} (Empty Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2CSF2IKD (Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3BL01SI1 (Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D6WWTSUA (Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HWDC1B09 (Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QVTAPWVG (Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RD8GKN4I (Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TTPW1D93 (Folder) Successfully deleted: C:\Users\FamilieJacobs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UQ5O7BFM (Folder) Registry: 1 Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 10.02.2016 at 22:12:40,56 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ FRST FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016 durchgeführt von FamilieJacobs (Administrator) auf NEUERMEDION (10-02-2016 22:20:47) Gestartet von C:\Users\FamilieJacobs\Desktop Geladene Profile: FamilieJacobs & (Verfügbare Profile: FamilieJacobs) Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) () C:\Program Files (x86)\PHotkey\AsLdrSrv.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12452456 2012-02-22] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-02-08] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2870032 2012-02-10] (Synaptics Incorporated) HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [177936 2012-02-17] (Intel Corporation) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation) HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-21] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-03] (CyberLink) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-12-17] (Apple Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-05] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-1037136450-1297708825-110652001-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-09-27] (Google Inc.) HKU\S-1-5-21-1037136450-1297708825-110652001-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23499656 2016-01-15] (Google) HKU\S-1-5-21-1037136450-1297708825-110652001-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIJJE.EXE [283232 2012-09-27] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-1037136450-1297708825-110652001-1000\...\Run: [EPLTarget\P0000000000000002] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIJJE.EXE [283232 2012-09-27] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-1037136450-1297708825-110652001-1000\...\MountPoints2: {7795442a-7806-11e5-af72-4c72b95eba7d} - F:\ting.exe HKU\S-1-5-21-1037136450-1297708825-110652001-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-09-27] (Google Inc.) HKU\S-1-5-21-1037136450-1297708825-110652001-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23499656 2016-01-15] (Google) HKU\S-1-5-21-1037136450-1297708825-110652001-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIJJE.EXE [283232 2012-09-27] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-1037136450-1297708825-110652001-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EPLTarget\P0000000000000002] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIJJE.EXE [283232 2012-09-27] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-1037136450-1297708825-110652001-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {7795442a-7806-11e5-af72-4c72b95eba7d} - F:\ting.exe ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google) ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => Keine Datei ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => Keine Datei Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk [2014-03-31] ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe () ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{4B46B66F-8E2A-45C3-A55C-3444AF55136F}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{CB2F0A73-FF8E-4567-A25A-EA56F828F1F8}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-1037136450-1297708825-110652001-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ HKU\S-1-5-21-1037136450-1297708825-110652001-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com HKU\S-1-5-21-1037136450-1297708825-110652001-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ HKU\S-1-5-21-1037136450-1297708825-110652001-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-22] (Google Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-23] (Oracle Corporation) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03] (Adobe Systems Incorporated) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-23] (Oracle Corporation) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22] (Google Inc.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-23] (Oracle Corporation) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-22] (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22] (Google Inc.) Toolbar: HKU\S-1-5-21-1037136450-1297708825-110652001-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-22] (Google Inc.) Toolbar: HKU\S-1-5-21-1037136450-1297708825-110652001-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-22] (Google Inc.) Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\FamilieJacobs\AppData\Roaming\Mozilla\Firefox\Profiles\q4l8v9lg.default FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-07-28] (Tracker Software Products (Canada) Ltd.) FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-23] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-23] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-23] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-07-28] (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] () FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-07-28] (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-03-23] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-23] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-07-28] (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-01-03] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1037136450-1297708825-110652001-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-07-28] (Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-1037136450-1297708825-110652001-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-07-28] (Tracker Software Products (Canada) Ltd.) Chrome: ======= CHR Profile: C:\Users\FamilieJacobs\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\FamilieJacobs\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05] CHR Extension: (Google Drive) - C:\Users\FamilieJacobs\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (YouTube) - C:\Users\FamilieJacobs\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] CHR Extension: (Google-Suche) - C:\Users\FamilieJacobs\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26] CHR Extension: (Avira Browserschutz) - C:\Users\FamilieJacobs\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-01-26] CHR Extension: (Google Docs Offline) - C:\Users\FamilieJacobs\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18] CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\FamilieJacobs\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-09-08] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\FamilieJacobs\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24] CHR Extension: (Google Mail) - C:\Users\FamilieJacobs\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30] CHR HKU\S-1-5-21-1037136450-1297708825-110652001-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\FAMILI~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-08-27] CHR HKU\S-1-5-21-1037136450-1297708825-110652001-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-1037136450-1297708825-110652001-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\FAMILI~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-08-27] CHR HKU\S-1-5-21-1037136450-1297708825-110652001-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG) R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.) R2 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2009-12-18] () R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249120 2016-01-05] (Avira Operations GmbH & Co. KG) R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [156672 2011-10-13] () [Datei ist nicht signiert] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [162648 2012-03-15] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-03-29] () S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-03-29] (Intel® Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-01] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2015-12-01] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-08-15] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-01] (Avira Operations GmbH & Co. KG) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-02-10] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation) R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-02-10 22:12 - 2016-02-10 22:15 - 00005757 _____ C:\Users\FamilieJacobs\Desktop\JRT.txt 2016-02-10 22:06 - 2016-02-10 22:06 - 01609032 _____ (Malwarebytes) C:\Users\FamilieJacobs\Desktop\JRT.exe 2016-02-10 22:01 - 2016-02-10 22:01 - 00001206 _____ C:\Users\FamilieJacobs\Desktop\mbam.text 2016-02-10 21:00 - 2016-02-10 22:09 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-02-10 21:00 - 2016-02-10 21:00 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-02-10 21:00 - 2016-02-10 21:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-02-10 21:00 - 2016-02-10 21:00 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-02-10 21:00 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-02-10 21:00 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-02-10 21:00 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-02-10 20:59 - 2016-02-10 20:59 - 00017154 _____ C:\Users\FamilieJacobs\Desktop\Download.htm 2016-02-10 20:53 - 2016-02-10 20:53 - 00002550 _____ C:\Users\FamilieJacobs\Desktop\AdwCleaner_20161002.txt 2016-02-10 13:07 - 2016-02-10 13:08 - 22908888 _____ (Malwarebytes ) C:\Users\FamilieJacobs\Desktop\mbam-setup-2.2.0.1024.exe 2016-02-10 13:06 - 2016-02-10 13:07 - 01508352 _____ C:\Users\FamilieJacobs\Desktop\AdwCleaner_5.033.exe 2016-02-10 09:32 - 2016-02-06 11:48 - 25839104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-02-10 09:32 - 2016-02-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-02-10 09:32 - 2016-02-06 11:24 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-02-10 09:32 - 2016-02-06 11:11 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-02-10 09:32 - 2016-02-06 11:10 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-02-10 09:32 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-02-10 09:32 - 2016-02-06 10:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2016-02-10 09:32 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-02-10 09:32 - 2016-02-06 10:38 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2016-02-10 09:32 - 2016-02-06 10:37 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2016-02-10 09:32 - 2016-02-06 10:32 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-02-10 09:32 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-02-10 09:32 - 2016-02-06 10:09 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-02-10 09:32 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-02-10 09:32 - 2016-01-16 20:06 - 00025024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2016-02-10 09:32 - 2016-01-16 19:54 - 01162240 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2016-02-10 09:32 - 2016-01-11 15:08 - 01362944 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2016-02-10 09:32 - 2016-01-11 15:08 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2016-02-10 09:32 - 2016-01-11 15:08 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2016-02-10 09:32 - 2016-01-11 15:08 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2016-02-10 09:32 - 2016-01-11 15:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2016-02-10 09:32 - 2016-01-07 18:53 - 03211776 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-02-10 09:32 - 2016-01-06 20:02 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2016-02-10 09:32 - 2016-01-06 20:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll 2016-02-10 09:32 - 2016-01-06 19:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll 2016-02-10 09:31 - 2016-01-22 21:31 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-02-10 09:31 - 2016-01-22 21:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2016-02-10 09:31 - 2016-01-22 07:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2016-02-10 09:31 - 2016-01-22 07:41 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2016-02-10 09:31 - 2016-01-22 07:40 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-02-10 09:31 - 2016-01-22 07:40 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-02-10 09:31 - 2016-01-22 07:40 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2016-02-10 09:31 - 2016-01-22 07:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2016-02-10 09:31 - 2016-01-22 07:33 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-02-10 09:31 - 2016-01-22 07:32 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2016-02-10 09:31 - 2016-01-22 07:29 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-02-10 09:31 - 2016-01-22 07:27 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-02-10 09:31 - 2016-01-22 07:27 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-02-10 09:31 - 2016-01-22 07:27 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2016-02-10 09:31 - 2016-01-22 07:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2016-02-10 09:31 - 2016-01-22 07:17 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-02-10 09:31 - 2016-01-22 07:09 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-02-10 09:31 - 2016-01-22 07:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2016-02-10 09:31 - 2016-01-22 07:05 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2016-02-10 09:31 - 2016-01-22 07:04 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-02-10 09:31 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-02-10 09:31 - 2016-01-22 07:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-02-10 09:31 - 2016-01-22 07:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2016-02-10 09:31 - 2016-01-22 07:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2016-02-10 09:31 - 2016-01-22 07:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2016-02-10 09:31 - 2016-01-22 07:00 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2016-02-10 09:31 - 2016-01-22 07:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2016-02-10 09:31 - 2016-01-22 06:55 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2016-02-10 09:31 - 2016-01-22 06:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2016-02-10 09:31 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2016-02-10 09:31 - 2016-01-22 06:51 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2016-02-10 09:31 - 2016-01-22 06:50 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-02-10 09:31 - 2016-01-22 06:48 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-02-10 09:31 - 2016-01-22 06:47 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-02-10 09:31 - 2016-01-22 06:46 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-02-10 09:31 - 2016-01-22 06:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2016-02-10 09:31 - 2016-01-22 06:43 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2016-02-10 09:31 - 2016-01-22 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2016-02-10 09:31 - 2016-01-22 06:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2016-02-10 09:31 - 2016-01-22 06:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2016-02-10 09:31 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-02-10 09:31 - 2016-01-22 06:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2016-02-10 09:31 - 2016-01-22 06:34 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2016-02-10 09:31 - 2016-01-22 06:33 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2016-02-10 09:31 - 2016-01-22 06:31 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-02-10 09:31 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2016-02-10 09:31 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-02-10 09:31 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2016-02-10 09:31 - 2016-01-22 06:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2016-02-10 09:31 - 2016-01-22 06:08 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-02-10 09:31 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-02-10 09:31 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2016-02-10 09:30 - 2016-01-07 18:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2016-02-10 09:29 - 2016-01-16 20:01 - 02085888 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2016-02-10 09:29 - 2016-01-16 19:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2016-02-10 09:29 - 2016-01-11 20:05 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2016-02-10 09:29 - 2016-01-11 20:05 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2016-02-10 09:29 - 2016-01-11 20:05 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2016-02-10 09:29 - 2016-01-11 19:52 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2016-02-10 09:29 - 2016-01-11 19:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2016-02-10 09:29 - 2016-01-11 19:26 - 02610176 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2016-02-10 09:29 - 2016-01-11 19:24 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2016-02-10 09:29 - 2016-01-11 19:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2016-02-10 09:29 - 2016-01-11 19:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2016-02-10 09:29 - 2016-01-11 19:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2016-02-10 09:29 - 2016-01-11 19:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2016-02-10 09:29 - 2016-01-11 19:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2016-02-10 09:29 - 2016-01-11 19:14 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2016-02-10 09:29 - 2016-01-11 19:14 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2016-02-10 09:29 - 2016-01-11 19:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2016-02-10 09:29 - 2016-01-11 19:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2016-02-10 09:28 - 2016-01-22 07:27 - 05573056 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-02-10 09:28 - 2016-01-22 07:27 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-02-10 09:28 - 2016-01-22 07:27 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2016-02-10 09:28 - 2016-01-22 07:24 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-02-10 09:28 - 2016-01-22 07:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2016-02-10 09:28 - 2016-01-22 07:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2016-02-10 09:28 - 2016-01-22 07:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2016-02-10 09:28 - 2016-01-22 07:20 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2016-02-10 09:28 - 2016-01-22 07:20 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2016-02-10 09:28 - 2016-01-22 07:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2016-02-10 09:28 - 2016-01-22 07:20 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2016-02-10 09:28 - 2016-01-22 07:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2016-02-10 09:28 - 2016-01-22 07:20 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2016-02-10 09:28 - 2016-01-22 07:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2016-02-10 09:28 - 2016-01-22 07:19 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-02-10 09:28 - 2016-01-22 07:19 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-02-10 09:28 - 2016-01-22 07:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2016-02-10 09:28 - 2016-01-22 07:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll 2016-02-10 09:28 - 2016-01-22 07:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll 2016-02-10 09:28 - 2016-01-22 07:18 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2016-02-10 09:28 - 2016-01-22 07:17 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-02-10 09:28 - 2016-01-22 07:17 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-02-10 09:28 - 2016-01-22 07:17 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll 2016-02-10 09:28 - 2016-01-22 07:16 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-02-10 09:28 - 2016-01-22 07:15 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2016-02-10 09:28 - 2016-01-22 07:15 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-02-10 09:28 - 2016-01-22 07:15 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2016-02-10 09:28 - 2016-01-22 07:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2016-02-10 09:28 - 2016-01-22 07:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2016-02-10 09:28 - 2016-01-22 07:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2016-02-10 09:28 - 2016-01-22 07:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2016-02-10 09:28 - 2016-01-22 07:13 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2016-02-10 09:28 - 2016-01-22 07:12 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2016-02-10 09:28 - 2016-01-22 07:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2016-02-10 09:28 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2016-02-10 09:28 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2016-02-10 09:28 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2016-02-10 09:28 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-02-10 09:28 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2016-02-10 09:28 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2016-02-10 09:28 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2016-02-10 09:28 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2016-02-10 09:28 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2016-02-10 09:28 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2016-02-10 09:28 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2016-02-10 09:28 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2016-02-10 09:28 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2016-02-10 09:28 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2016-02-10 09:28 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2016-02-10 09:28 - 2016-01-22 07:09 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2016-02-10 09:28 - 2016-01-22 07:06 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2016-02-10 09:28 - 2016-01-22 07:06 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2016-02-10 09:28 - 2016-01-22 07:06 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2016-02-10 09:28 - 2016-01-22 07:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2016-02-10 09:28 - 2016-01-22 07:06 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2016-02-10 09:28 - 2016-01-22 07:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2016-02-10 09:28 - 2016-01-22 07:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2016-02-10 09:28 - 2016-01-22 07:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2016-02-10 09:28 - 2016-01-22 07:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2016-02-10 09:28 - 2016-01-22 07:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2016-02-10 09:28 - 2016-01-22 07:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll 2016-02-10 09:28 - 2016-01-22 07:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll 2016-02-10 09:28 - 2016-01-22 07:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2016-02-10 09:28 - 2016-01-22 07:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2016-02-10 09:28 - 2016-01-22 07:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2016-02-10 09:28 - 2016-01-22 07:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll 2016-02-10 09:28 - 2016-01-22 07:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll 2016-02-10 09:28 - 2016-01-22 06:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2016-02-10 09:28 - 2016-01-22 06:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2016-02-10 09:28 - 2016-01-22 06:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2016-02-10 09:28 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2016-02-10 09:28 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2016-02-10 09:28 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2016-02-10 09:28 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2016-02-10 09:28 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2016-02-10 09:28 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2016-02-10 09:28 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2016-02-10 09:28 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2016-02-10 09:28 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2016-02-10 09:28 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2016-02-10 09:28 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-02-10 09:28 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2016-02-10 09:28 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2016-02-10 09:28 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2016-02-10 09:28 - 2016-01-22 06:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2016-02-10 09:28 - 2016-01-22 06:07 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2016-02-10 09:28 - 2016-01-22 06:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2016-02-10 09:28 - 2016-01-22 06:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2016-02-10 09:28 - 2016-01-22 05:59 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-02-10 09:28 - 2016-01-22 05:58 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-02-10 09:28 - 2016-01-22 05:58 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-02-10 09:28 - 2016-01-22 05:57 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2016-02-10 09:28 - 2016-01-22 05:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2016-02-10 09:28 - 2016-01-22 05:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2016-02-10 09:28 - 2016-01-22 05:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2016-02-10 09:27 - 2016-01-22 07:19 - 14179840 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2016-02-10 09:27 - 2016-01-22 07:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2016-02-10 09:27 - 2016-01-22 07:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2016-02-10 09:27 - 2016-01-22 07:12 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2016-02-10 09:27 - 2016-01-22 07:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2016-02-10 09:27 - 2016-01-22 07:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2016-02-10 09:27 - 2016-01-22 07:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2016-02-10 09:27 - 2016-01-22 07:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2016-02-10 09:27 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2016-02-10 09:27 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2016-02-10 09:27 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2016-02-10 09:27 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2016-02-10 09:27 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2016-02-10 09:27 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2016-02-10 09:27 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2016-02-10 09:27 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2016-02-10 09:27 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2016-02-10 09:27 - 2016-01-22 07:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2016-02-10 09:27 - 2016-01-22 07:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2016-02-10 09:27 - 2016-01-22 06:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2016-02-10 09:27 - 2016-01-22 06:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2016-02-10 09:27 - 2016-01-22 06:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2016-02-10 09:27 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2016-02-10 09:27 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2016-02-10 09:27 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2016-02-10 09:27 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2016-02-10 09:27 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2016-02-10 09:27 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2016-02-10 09:27 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2016-02-10 09:27 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2016-02-10 09:27 - 2016-01-22 05:53 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2016-02-10 09:27 - 2016-01-22 05:53 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2016-02-10 09:27 - 2016-01-22 05:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2016-02-10 09:27 - 2016-01-22 05:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2016-02-10 09:27 - 2016-01-22 05:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2016-02-10 09:27 - 2016-01-22 05:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2016-02-10 09:27 - 2016-01-22 05:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2016-02-10 09:26 - 2016-01-22 07:15 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2016-02-10 09:26 - 2016-01-22 07:12 - 01940992 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2016-02-10 09:26 - 2016-01-22 07:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2016-02-10 09:26 - 2016-01-22 07:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll 2016-02-10 09:26 - 2016-01-22 06:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2016-02-10 09:26 - 2016-01-22 06:19 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2016-02-10 09:26 - 2016-01-22 06:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2016-02-09 12:05 - 2016-02-09 12:05 - 00107631 _____ C:\Users\FamilieJacobs\Desktop\tdssKiller.txt 2016-02-09 11:53 - 2016-02-09 12:14 - 00215352 _____ C:\TDSSKiller.3.1.0.9_09.02.2016_11.53.00_log.txt 2016-02-09 11:52 - 2016-02-09 11:52 - 00000490 _____ C:\TDSSKiller.3.1.0.9_09.02.2016_11.52.05_log.txt 2016-02-09 11:51 - 2016-02-09 11:51 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\FamilieJacobs\Desktop\tdsskiller.exe 2016-02-09 11:43 - 2016-02-10 22:21 - 00025106 _____ C:\Users\FamilieJacobs\Desktop\FRST.txt 2016-02-09 11:43 - 2016-02-10 22:20 - 00000000 ____D C:\FRST 2016-02-09 11:42 - 2016-02-09 11:42 - 02370560 _____ (Farbar) C:\Users\FamilieJacobs\Desktop\FRST64.exe 2016-02-09 11:41 - 2016-02-09 11:41 - 01721344 _____ (Farbar) C:\Users\FamilieJacobs\Desktop\FRST.exe 2016-02-08 22:46 - 2016-02-08 22:47 - 00001465 _____ C:\Users\FamilieJacobs\Desktop\AdwCleaner[C1].txt 2016-02-08 22:28 - 2016-02-08 22:28 - 00002019 _____ C:\Users\FamilieJacobs\Downloads\malwarebytes.txt 2016-02-02 22:00 - 2016-02-02 22:11 - 00000000 ____D C:\Users\FamilieJacobs\AppData\Local\Mozilla 2016-02-02 22:00 - 2016-02-02 22:00 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-02-02 22:00 - 2016-02-02 22:00 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2016-02-02 21:59 - 2016-02-02 22:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-02-01 13:46 - 2016-02-01 13:46 - 00001757 _____ C:\Users\Public\Desktop\iTunes.lnk 2016-02-01 13:46 - 2016-02-01 13:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2016-02-01 13:45 - 2016-02-01 13:46 - 00000000 ____D C:\Program Files\iTunes 2016-02-01 13:45 - 2016-02-01 13:45 - 00000000 ____D C:\Program Files\iPod 2016-02-01 13:45 - 2016-02-01 13:45 - 00000000 ____D C:\Program Files (x86)\iTunes 2016-02-01 13:40 - 2016-02-01 13:40 - 00000000 ____D C:\Program Files\Bonjour 2016-02-01 13:40 - 2016-02-01 13:40 - 00000000 ____D C:\Program Files (x86)\Bonjour 2016-02-01 13:38 - 2016-02-01 13:38 - 00000000 ____D C:\Windows\System32\Tasks\Apple 2016-02-01 13:38 - 2016-02-01 13:38 - 00000000 ____D C:\Program Files (x86)\Apple Software Update 2016-01-20 09:13 - 2016-01-20 09:13 - 00000000 ___SD C:\Users\FamilieJacobs\Documents\Meine Datenquellen 2016-01-13 10:41 - 2015-12-08 22:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2016-01-13 10:41 - 2015-12-08 22:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2016-01-13 10:41 - 2015-12-08 22:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL 2016-01-13 10:41 - 2015-12-08 22:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL 2016-01-13 10:41 - 2015-12-08 22:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL 2016-01-13 10:41 - 2015-12-08 22:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL 2016-01-13 10:41 - 2015-12-08 22:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll 2016-01-13 10:41 - 2015-12-08 22:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL 2016-01-13 10:41 - 2015-12-08 22:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL 2016-01-13 10:41 - 2015-12-08 22:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL 2016-01-13 10:41 - 2015-12-08 22:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL 2016-01-13 10:41 - 2015-12-08 22:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL 2016-01-13 10:41 - 2015-12-08 22:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2016-01-13 10:41 - 2015-12-08 22:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2016-01-13 10:41 - 2015-12-08 22:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll 2016-01-13 10:41 - 2015-12-08 22:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL 2016-01-13 10:41 - 2015-12-08 22:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL 2016-01-13 10:41 - 2015-12-08 22:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2016-01-13 10:41 - 2015-12-08 22:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2016-01-13 10:41 - 2015-12-08 22:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2016-01-13 10:41 - 2015-12-08 22:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL 2016-01-13 10:41 - 2015-12-08 22:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2016-01-13 10:41 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL 2016-01-13 10:41 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL 2016-01-13 10:41 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL 2016-01-13 10:41 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll 2016-01-13 10:41 - 2015-12-08 22:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax 2016-01-13 10:41 - 2015-12-08 22:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL 2016-01-13 10:41 - 2015-12-08 22:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2016-01-13 10:41 - 2015-12-08 22:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL 2016-01-13 10:41 - 2015-12-08 22:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll 2016-01-13 10:41 - 2015-12-08 22:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll 2016-01-13 10:41 - 2015-12-08 22:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2016-01-13 10:41 - 2015-12-08 22:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2016-01-13 10:41 - 2015-12-08 22:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll 2016-01-13 10:41 - 2015-12-08 22:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2016-01-13 10:41 - 2015-12-08 20:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2016-01-13 10:41 - 2015-12-08 20:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2016-01-13 10:41 - 2015-12-08 20:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL 2016-01-13 10:41 - 2015-12-08 20:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2016-01-13 10:41 - 2015-12-08 20:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL 2016-01-13 10:41 - 2015-12-08 20:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2016-01-13 10:41 - 2015-12-08 20:07 - 01393152 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll 2016-01-13 10:41 - 2015-12-08 20:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll 2016-01-13 10:41 - 2015-12-08 20:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL 2016-01-13 10:41 - 2015-12-08 20:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL 2016-01-13 10:41 - 2015-12-08 20:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL 2016-01-13 10:41 - 2015-12-08 20:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll 2016-01-13 10:41 - 2015-12-08 20:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll 2016-01-13 10:41 - 2015-12-08 20:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL 2016-01-13 10:41 - 2015-12-08 20:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL 2016-01-13 10:41 - 2015-12-08 20:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL 2016-01-13 10:41 - 2015-12-08 20:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL 2016-01-13 10:41 - 2015-12-08 20:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2016-01-13 10:41 - 2015-12-08 20:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2016-01-13 10:41 - 2015-12-08 20:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL 2016-01-13 10:41 - 2015-12-08 20:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL 2016-01-13 10:41 - 2015-12-08 20:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2016-01-13 10:41 - 2015-12-08 20:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll 2016-01-13 10:41 - 2015-12-08 20:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2016-01-13 10:41 - 2015-12-08 20:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL 2016-01-13 10:41 - 2015-12-08 20:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll 2016-01-13 10:41 - 2015-12-08 20:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL 2016-01-13 10:41 - 2015-12-08 20:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL 2016-01-13 10:41 - 2015-12-08 20:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL 2016-01-13 10:41 - 2015-12-08 20:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2016-01-13 10:41 - 2015-12-08 20:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL 2016-01-13 10:41 - 2015-12-08 20:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL 2016-01-13 10:41 - 2015-12-08 20:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll 2016-01-13 10:41 - 2015-12-08 20:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll 2016-01-13 10:41 - 2015-12-08 20:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2016-01-13 10:41 - 2015-12-08 20:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll 2016-01-13 10:41 - 2015-12-08 20:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax 2016-01-13 10:41 - 2015-12-08 20:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2016-01-13 10:41 - 2015-12-08 20:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2016-01-13 10:41 - 2015-12-08 19:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys 2016-01-13 10:41 - 2015-12-08 19:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys 2016-01-13 10:41 - 2015-12-08 19:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys 2016-01-13 10:41 - 2015-11-16 21:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2016-01-13 10:41 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll 2016-01-13 10:41 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll 2016-01-13 10:41 - 2015-11-14 00:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe 2016-01-13 10:41 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll 2016-01-13 10:41 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll 2016-01-13 10:41 - 2015-11-13 23:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe 2016-01-13 10:38 - 2015-12-08 22:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2016-01-13 10:38 - 2015-12-08 20:07 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-02-10 22:19 - 2011-05-16 15:04 - 00699682 _____ C:\Windows\system32\perfh007.dat 2016-02-10 22:19 - 2011-05-16 15:04 - 00149790 _____ C:\Windows\system32\perfc007.dat 2016-02-10 22:19 - 2009-07-14 06:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI 2016-02-10 22:19 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2016-02-10 22:07 - 2012-09-27 20:06 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-02-10 20:44 - 2009-07-14 05:45 - 00017264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-02-10 20:44 - 2009-07-14 05:45 - 00017264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-02-10 19:10 - 2012-09-27 20:06 - 00002208 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-02-10 19:10 - 2012-09-27 20:06 - 00002179 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-02-10 19:07 - 2012-09-27 20:06 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-02-10 18:34 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2016-02-10 17:09 - 2015-03-21 12:44 - 00000000 ____D C:\Users\FamilieJacobs\Documents\Youcam 2016-02-10 17:08 - 2014-08-26 12:05 - 00000000 ___RD C:\Users\FamilieJacobs\Google Drive 2016-02-10 17:05 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-02-10 17:04 - 2009-07-14 05:45 - 00385392 _____ C:\Windows\system32\FNTCACHE.DAT 2016-02-10 17:00 - 2015-04-15 12:45 - 00000000 ____D C:\Windows\system32\appraiser 2016-02-10 17:00 - 2014-05-07 11:26 - 00000000 ___SD C:\Windows\system32\CompatTel 2016-02-10 17:00 - 2011-04-12 09:28 - 00000000 ____D C:\Program Files\Windows Journal 2016-02-10 15:35 - 2014-02-24 23:29 - 00000000 ____D C:\Windows\system32\MRT 2016-02-10 15:24 - 2011-07-18 21:31 - 146614896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-02-10 08:31 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp 2016-02-09 13:06 - 2014-11-25 19:54 - 00000000 ____D C:\Users\FamilieJacobs\Documents\Elternverein 2016-02-09 13:06 - 2013-03-19 20:56 - 00000000 ____D C:\Users\FamilieJacobs\Documents\Martina 2016-02-09 13:03 - 2012-09-27 20:52 - 00000000 ____D C:\Users\FamilieJacobs\AppData\Local\Paint.NET 2016-02-09 10:04 - 2015-10-23 13:58 - 00000000 ____D C:\Users\FamilieJacobs\AppData\Local\Dropbox 2016-02-09 09:15 - 2012-11-14 12:23 - 00000000 ____D C:\ProgramData\Skype 2016-02-09 09:12 - 2014-01-05 16:42 - 00000000 ____D C:\Users\FamilieJacobs\AppData\Roaming\Dropbox 2016-02-09 09:11 - 2015-10-23 13:53 - 00000000 ___RD C:\Users\FamilieJacobs\Dropbox 2016-02-09 08:45 - 2013-09-01 19:39 - 00000000 ____D C:\AdwCleaner 2016-02-06 08:08 - 2014-08-16 07:39 - 00000000 ____D C:\ProgramData\Package Cache 2016-02-05 18:41 - 2012-12-29 07:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2016-02-03 08:19 - 2012-10-17 08:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-02-02 21:54 - 2012-09-27 20:27 - 00000000 ____D C:\Users\FamilieJacobs\AppData\Local\Google 2016-02-02 19:02 - 2012-09-27 20:06 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-02-02 19:02 - 2012-09-27 20:06 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2016-02-01 21:08 - 2015-03-21 08:47 - 00000000 ____D C:\Users\FamilieJacobs\Documents\O2_Rechnungen 2016-02-01 13:45 - 2015-05-27 16:49 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 2016-02-01 13:45 - 2012-10-20 08:38 - 00000000 ____D C:\Program Files\Common Files\Apple 2016-02-01 13:38 - 2012-10-20 08:38 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2016-02-01 10:18 - 2014-08-26 12:04 - 00002046 _____ C:\Users\Public\Desktop\Google Slides.lnk 2016-02-01 10:18 - 2014-08-26 12:04 - 00002044 _____ C:\Users\Public\Desktop\Google Sheets.lnk 2016-02-01 10:18 - 2014-08-26 12:04 - 00002034 _____ C:\Users\Public\Desktop\Google Docs.lnk 2016-02-01 10:18 - 2014-08-26 12:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2016-01-30 22:21 - 2015-11-13 08:34 - 00000165 _____ C:\Users\FamilieJacobs\Desktop\todod.txt 2016-01-22 12:15 - 2012-10-07 21:15 - 00000000 ____D C:\ProgramData\tmp 2016-01-22 12:07 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF 2016-01-13 13:43 - 2013-03-14 08:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-01-13 13:41 - 2013-03-14 08:30 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2016-01-13 13:41 - 2013-03-14 08:30 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2012-10-25 08:32 - 2012-10-25 08:32 - 0017408 _____ () C:\Users\FamilieJacobs\AppData\Local\WebpageIcons.db Einige Dateien in TEMP: ==================== C:\Users\FamilieJacobs\AppData\Local\Temp\avgnt.exe C:\Users\FamilieJacobs\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_9rzsb.dll C:\Users\FamilieJacobs\AppData\Local\Temp\GUR428B.exe C:\Users\FamilieJacobs\AppData\Local\Temp\jre-8u51-windows-au.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-02-10 14:26 ==================== Ende von FRST.txt ============================ FRST Addition Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-02-2016 durchgeführt von FamilieJacobs (2016-02-10 22:21:42) Gestartet von C:\Users\FamilieJacobs\Desktop Windows 7 Home Premium Service Pack 1 (X64) (2012-09-27 19:12:13) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-1037136450-1297708825-110652001-500 - Administrator - Disabled) FamilieJacobs (S-1-5-21-1037136450-1297708825-110652001-1000 - Administrator - Enabled) => C:\Users\FamilieJacobs Gast (S-1-5-21-1037136450-1297708825-110652001-501 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) Adobe Reader X (10.1.2) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.2 - Adobe Systems Incorporated) AMI VR-pulse OS Switcher (HKLM\...\{EC1369CF-15BD-4FAF-BA84-65E4788C682E}) (Version: 1.1 - American Megatrends Inc.) Apple Application Support (32-Bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG) Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG) Avira Launcher (HKLM-x32\...\{ccdc9cfe-8ba7-4c6c-ac5f-b2d6cfa49efc}) (Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG) Avira Launcher (x32 Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG) Hidden AVNavigator 2012.I (HKU\S-1-5-21-1037136450-1297708825-110652001-1000\...\AVNavigator 2012.I) (Version: 1.13.0.007.1 - PIONEER CORPORATION) AVNavigator 2012.I (HKU\S-1-5-21-1037136450-1297708825-110652001-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\AVNavigator 2012.I) (Version: 1.13.0.007.1 - PIONEER CORPORATION) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) BUDNI Fotowelt (HKLM-x32\...\BUDNI Fotowelt) (Version: 6.1.2 - CEWE Stiftung u Co. KGaA) CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.) CyberLink YouCam 5 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.1402 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.11 - Dolby Laboratories Inc) EPSON WF-3520 Series Printer Uninstall (HKLM\...\EPSON WF-3520 Series) (Version: - SEIKO EPSON Corporation) Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.) Google Drive (HKLM-x32\...\{EF61675D-9BBC-4EC7-B906-F13BE8D3BD20}) (Version: 1.27.1227.2094 - Google, Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation) Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation) Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{37EC048A-81A2-452A-8D1F-3BE2018E767D}) (Version: 15.1.0.0096 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{520C4DD4-2BC7-409B-BA48-E1A4F832662D}) (Version: 2.1.0.0140 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation) Intel(R) WiDi (HKLM\...\{4E4282C3-F66E-4852-837A-7675527178C2}) (Version: 3.1.26.0 - Intel Corporation) Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - ) Intel® PROSet/Wireless WiFi Software (HKLM\...\{54EB8041-1115-4406-AA4B-44D236E84B3B}) (Version: 15.01.1000.0927 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation) iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.) Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation) Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation) Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.3216 - CyberLink Corp.) Medion Home Cinema (x32 Version: 8.0.3216 - CyberLink Corp.) Hidden Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7943 - Memeo Inc.) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Mathematics (64-Bit) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 44.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0 (x86 de)) (Version: 44.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0 - Mozilla) Mozilla Thunderbird 38.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.5.0 (x86 de)) (Version: 38.5.0 - Mozilla) Mozilla Thunderbird 38.5.1 (x86 de) (HKU\S-1-5-21-1037136450-1297708825-110652001-1000\...\Mozilla Thunderbird 38.5.1 (x86 de)) (Version: 38.5.1 - Mozilla) Mozilla Thunderbird 38.5.1 (x86 de) (HKU\S-1-5-21-1037136450-1297708825-110652001-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Mozilla Thunderbird 38.5.1 (x86 de)) (Version: 38.5.1 - Mozilla) OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation) Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC) PCSUITE SHREDDER (HKLM-x32\...\PCSUITE_SHREDDER_PRO_is1) (Version: - Markement GmbH) PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.309.0 - Tracker Software Products Ltd) PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0059 - Pegatron Corporation) PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Ravensburger tiptoi (HKLM-x32\...\Ravensburger tiptoi) (Version: - ) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6586 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden Software Updater (HKLM-x32\...\{FA7EE274-7370-43B7-9A45-A39B17CCCDC5}) (Version: 4.3.3 - SEIKO EPSON CORPORATION) Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.45.0 - Synaptics Incorporated) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation) Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation) WISO Steuer-Sparbuch 2012 (HKLM-x32\...\{0CC1DAFB-40C8-4903-953D-471E541477C7}) (Version: 19.10.7954 - Buhl Data Service GmbH) WISO Steuer-Sparbuch 2013 (HKLM-x32\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH) WISO Steuer-Sparbuch 2014 (HKLM-x32\...\{36E3B422-5AA2-470A-9CDB-8522A778750C}) (Version: 21.00.8480 - Buhl Data Service GmbH) WISO Steuer-Sparbuch 2015 (HKLM-x32\...\{ABC93C08-CEEA-4777-BB89-3DCE144ACD5D}) (Version: 22.09.9087 - Buhl Data Service GmbH) Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {1F16D326-3B8C-47CC-B425-B8759BD86E2D} - System32\Tasks\{29E14434-9B24-448E-A54B-4C509A84E4F4} => pcalua.exe -a C:\Users\FamilieJacobs\Downloads\RegCleaner.exe -d C:\Users\FamilieJacobs\Downloads Task: {434075BD-6841-415B-98A2-F8B9842F44BB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {8307B23E-192A-44A5-9255-595E02EE00CE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {8DB94DB5-1934-484F-AE1D-395DDFA10C35} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2012-02-02] (CyberLink Corp.) Task: {B4063259-3A54-4913-8B12-5B32A74D88D5} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation) Task: {B79B1EF8-3542-439F-8076-B0763687E969} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.) Task: {E9E07C2A-B9ED-45E4-B45E-F45BABC4AE61} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation) Task: {EBFDDCA5-42F0-4BA5-8AF1-F70815CB8EF8} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ShortcutWithArgument: C:\Users\Public\Desktop\LIFESTORE.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> www.medion.com/lifestore ShortcutWithArgument: C:\Users\Public\Desktop\MEDIONplay.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.medion.com/de/electronics/cat/MEDIONplay/gaming_browsergames_88 ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2012-04-11 10:57 - 2009-12-18 23:40 - 00104968 _____ () C:\Program Files (x86)\PHotkey\ASLDRSrv.exe 2012-04-11 10:57 - 2011-10-13 22:38 - 00156672 _____ () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe 2015-02-13 03:20 - 2015-02-13 03:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-12-17 18:38 - 2015-12-17 18:38 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2012-04-11 09:39 - 2011-11-30 04:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2012-04-11 09:31 - 2012-03-06 14:27 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2016-02-10 19:10 - 2016-02-09 12:58 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libglesv2.dll 2016-02-10 19:10 - 2016-02-09 12:58 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libegl.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-1037136450-1297708825-110652001-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\FamilieJacobs\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-1037136450-1297708825-110652001-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\FamilieJacobs\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^watchmi tray.lnk => C:\Windows\pss\watchmi tray.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WISO Mein Steuer-Sparbuch heute.lnk => C:\Windows\pss\WISO Mein Steuer-Sparbuch heute.lnk.CommonStartup MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{85832019-5E10-4687-9BE8-ECC6260C4DFB}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{3F0CB73A-4640-4B7B-A0AC-524E66E23823}] => (Allow) LPort=2869 FirewallRules: [{D63C74F5-9DCE-4F49-A501-D838905BB8A3}] => (Allow) LPort=1900 FirewallRules: [{914D9672-2983-4BD2-8AF9-E937A47B0886}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{B6251A33-87E8-45FA-BFE4-E8F4CF1C5BDD}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe FirewallRules: [{D6BFF3C8-D4CC-440C-B12D-821B6935032D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{446F1012-A0FB-4E68-B9AB-B94E8CB6BBBA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{5A81AA43-1F00-4ECB-9F84-FB5B7F3CE940}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{78256F18-1722-400D-B4BB-CBE4A04DA3D3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [TCP Query User{26CBEFBC-5C91-4573-89C7-3A1FE951B833}C:\users\familiejacobs\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\familiejacobs\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{AB5CD92A-47BE-46D7-89D1-174419D3F180}C:\users\familiejacobs\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\familiejacobs\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{879CF7B2-4E96-4330-8C5D-D689EA7E212A}] => (Allow) C:\Users\FamilieJacobs\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{3B720F69-CD9C-483A-8320-D3CAD1BEA0DB}] => (Allow) C:\Users\FamilieJacobs\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{D9C926DC-A118-4376-9FC5-723A366807D8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{69737934-B8A0-4CD4-ACE4-495B0191A25C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{AA5E4815-1682-47BE-A54B-4EA64D9BFC67}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{6E9E22DD-4946-40C9-ADF4-4A641DA73070}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{B90B0612-3861-4AD9-8B0A-760C76677625}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{DA666D96-1601-434C-9049-83481EEF22FD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{A3B29C5D-E6FB-4BC5-9AD5-6D7694E18A10}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{B0AA1650-2492-4B0C-ACE9-F333613E53E8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Wiederherstellungspunkte ========================= 10-02-2016 15:00:23 Windows Update 10-02-2016 22:07:26 JRT Pre-Junkware Removal ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (02/10/2016 05:05:32 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: ) Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden. bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data) bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor) bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider) --- Ende der internen Ausnahmestapelüberwachung --- bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity) bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args) Error: (02/10/2016 04:59:41 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: ZeroConfigService.exe, Version: 15.1.1.2, Zeitstempel: 0x4f746f5a Name des fehlerhaften Moduls: MurocApi.dll, Version: 15.1.1.1, Zeitstempel: 0x4f746e76 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000002be1b ID des fehlerhaften Prozesses: 0x9f8 Startzeit der fehlerhaften Anwendung: 0xZeroConfigService.exe0 Pfad der fehlerhaften Anwendung: ZeroConfigService.exe1 Pfad des fehlerhaften Moduls: ZeroConfigService.exe2 Berichtskennung: ZeroConfigService.exe3 Error: (02/10/2016 04:59:21 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: ) Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden. bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data) bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor) bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider) --- Ende der internen Ausnahmestapelüberwachung --- bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity) bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args) Error: (02/10/2016 03:14:00 PM) (Source: Windows Search Service) (EventID: 3007) (User: ) Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut. Kontext: Anwendung, SystemIndex Katalog Error: (02/09/2016 11:01:33 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 184689 Error: (02/09/2016 11:01:33 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 184689 Error: (02/09/2016 11:01:33 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (02/09/2016 10:58:31 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2215 Error: (02/09/2016 10:58:31 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 2215 Error: (02/09/2016 10:58:31 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Systemfehler: ============= Error: (02/10/2016 05:03:00 PM) (Source: Application Popup) (EventID: 56) (User: ) Description: Treiber ACPI hat eine ungültige ID für das untergeordnete Gerät (1) zurückgegeben. Error: (02/10/2016 04:59:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (02/10/2016 04:58:15 PM) (Source: Application Popup) (EventID: 56) (User: ) Description: Treiber ACPI hat eine ungültige ID für das untergeordnete Gerät (1) zurückgegeben. Error: (02/10/2016 08:56:58 AM) (Source: bowser) (EventID: 8003) (User: ) Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "O2", der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{CB2F0A73-FF8E-4567-A25A-EA56F828F1F8}-Transport zu sein scheint. Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen. Error: (02/10/2016 08:31:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Bluetooth OBEX Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (02/10/2016 08:31:41 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Bluetooth OBEX Service erreicht. Error: (02/10/2016 08:31:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "MemeoBackgroundService" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (02/10/2016 08:31:02 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst MemeoBackgroundService erreicht. Error: (02/10/2016 08:30:04 AM) (Source: Application Popup) (EventID: 56) (User: ) Description: Treiber ACPI hat eine ungültige ID für das untergeordnete Gerät (1) zurückgegeben. Error: (02/09/2016 10:42:18 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {9413856E-4FBA-4435-BD38-3B9C00757465} ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i3-2370M CPU @ 2.40GHz Prozentuale Nutzung des RAM: 57% Installierter physikalischer RAM: 3990.83 MB Verfügbarer physikalischer RAM: 1702.9 MB Summe virtueller Speicher: 7979.87 MB Verfügbarer virtueller Speicher: 5111.4 MB ==================== Laufwerke ================================ Drive c: (Boot) (Fixed) (Total:647.54 GB) (Free:532.4 GB) NTFS Drive d: (Recover) (Fixed) (Total:50 GB) (Free:17.58 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 698.6 GB) (Disk ID: 2BD2C32A) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=647.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=1 GB) - (Type=12) ==================== Ende von Addition.txt ============================ |
11.02.2016, 10:59 | #7 | ||||||||||
/// TB-Ausbilder | Spam-Mails unter meinem Namen versendet Logdateien sehen gut aus. Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber. Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern. Cleanup: Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Sofern du noch unentschieden bist, verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank: Microsoft Security Essentials (MSE) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE entschieden hast, brauchst du nicht extra MSE zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür. Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional: Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren. NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen. Lade Software von einem sauberen Portal wie . Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen:
Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen. Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann. |
11.02.2016, 11:08 | #8 |
| Spam-Mails unter meinem Namen versendet Danke!!! |
11.02.2016, 11:09 | #9 |
/// TB-Ausbilder | Spam-Mails unter meinem Namen versendet Ich bin froh, dass wir helfen konnten In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest: Lob, Kritik und Wünsche Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank! Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM. Jeder andere bitte hier klicken und einen eigenen Thread erstellen. |
Themen zu Spam-Mails unter meinem Namen versendet |
appdata, bericht, betriebssystem, browser, dateien, erkannt, explorer, frage, gelöscht, google, home, internet, internet explorer, internetbrowser, logfiles, malwarebytes, microsoft, namen, ordner, passwörter, server, software, spam versand von meinem account, suche, websites, windows |