| |
| |||||||
Log-Analyse und Auswertung: Sicherheitswarnung von der Telekom, Citadell-Virus festgestelltWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
10.02.2016, 15:27
| #1 |
| |  Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt Hallo liebe Community, schon mehrfach habe ich von der Telekom (Abuse-Team) einen Brief bekommen mit dem Betreff: "Wichtige Sicherheitswarnung zu Ihrem Internetzugang". Laut telefonischer Aussage von der Hotline soll sich ein "Citadell-Virus" auf einem meiner Rechner befinden. Ich nutze über meinen Internetzugang einen Laptop und ein Smartphone. Weiterhin befinden sich noch eine PS3- und PS4-Konsole sowie ein Smart-TV im Netzwerk, die man wohl ausschließen kann. Laut meinem Antivirenprogramm "Microsoft Security Essentials" befindet sich kein Virus auf dem Laptop. Ich hänge mal meine 2 Logs von FRST an: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:07-02-2016
durchgeführt von privat (Administrator) auf CHRIS-PC (10-02-2016 14:47:38)
Gestartet von C:\Users\privat\Downloads
Geladene Profile: privat (Verfügbare Profile: Chris & privat)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files\Dell Wireless\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files\Dell Wireless\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
() C:\ProgramData\DatacardService\HWDeviceService.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Atheros Communications) C:\Program Files\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Atheros Commnucations) C:\Program Files\Dell Wireless\Bluetooth Suite\AthBtTray.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe
(Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_20_0_0_267_Plugin.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-06-08] (Intel Corporation)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files\Dell Wireless\Bluetooth Suite\BtvStack.exe [474272 2010-09-02] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files\Dell Wireless\Bluetooth Suite\AthBtTray.exe [298144 2010-09-02] (Atheros Commnucations)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM\...\Run: [RemoteControl9] => C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
HKLM\...\Run: [PDVD9LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-04-29] (CyberLink Corp.)
HKLM\...\Run: [Dell Webcam Central] => C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [487562 2010-08-20] (Creative Technology Ltd)
HKLM\...\Run: [RoxWatchTray] => C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-09-04] (Sonic Solutions)
HKLM\...\Run: [Desktop Disc Tool] => C:\Program Files\Roxio\oem\Roxio Burn\RoxioBurnLauncher.exe [522736 2010-11-01] ()
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [1797488 2011-01-07] (Microsoft Corporation)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-12-17] (Apple Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-29] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157456 2015-12-17] (Apple Inc.)
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [EPSON SX510W Series] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE [199680 2008-11-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [EPSON SX510W Series (Kopie 1)] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE [199680 2008-11-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [Device Detection] => C:\Program Files\Lidl_Fotos\dd.exe [860528 2013-10-30] ()
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [] => [X]
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [NokiaSuite.exe] => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1090040 2012-12-21] (Nokia)
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [Guiqmex] => C:\Users\privat\AppData\Roaming\Bayd\noyr.exe [253440 2013-01-12] ()
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {1305b0a3-f675-11e1-a1da-90004e013ab8} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {41144100-92dc-11e1-8581-90004e013ab8} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {4114411a-92dc-11e1-8581-90004e013ab8} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {41144133-92dc-11e1-8581-90004e013ab8} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {7357d7ff-4967-11e2-8651-f04da26bc8e0} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {7357d81a-4967-11e2-8651-f04da26bc8e0} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {750a411f-34c9-11e0-b132-806e6f6e6963} - D:\autorun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {dc37c5b5-6a52-11e2-b7ff-f04da26bc8e0} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {f8f69999-c40f-11e2-a005-f04da26bc8e0} - E:\AutoRun.exe
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll [2013-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll [2013-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll [2013-03-12] (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{2258AB48-4D93-4911-96B8-1B32A6796175}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{448221D6-933B-418F-8123-42221C7068BA}: [DhcpNameServer] 139.7.30.126 139.7.30.125
Tcpip\..\Interfaces\{8A4DA0DA-3D99-4A6E-9C53-1FCE9296A33F}: [NameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{A85015A4-C874-4C44-846D-25AEC4860175}: [NameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{AF10391C-F1D8-4024-BC6B-26BD4465F675}: [NameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{BBE6AA86-1C5F-45F8-8486-9DB31DA9A39B}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=10&cc=&mi=e816127f00000000000090004e013ab7
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USSMB/8
SearchScopes: HKLM -> DefaultScope {4B9FC999-DF9D-4DA9-B7D2-A17ED9193392} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {4B9FC999-DF9D-4DA9-B7D2-A17ED9193392} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-583576071-2610798785-2159693280-1003 -> DefaultScope {B6A9F6CA-8C02-4118-92F4-807A7285F11B} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=e816127f00000000000090004e013ab7&r=415
SearchScopes: HKU\S-1-5-21-583576071-2610798785-2159693280-1003 -> {4B9FC999-DF9D-4DA9-B7D2-A17ED9193392} URL =
SearchScopes: HKU\S-1-5-21-583576071-2610798785-2159693280-1003 -> {B6A9F6CA-8C02-4118-92F4-807A7285F11B} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=e816127f00000000000090004e013ab7&r=415
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-30] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2011-05-13] (Microsoft Corporation)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-04-01] (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-30] (Oracle Corporation)
BHO: Softonic Helper Object -> {E87806B5-E908-45FD-AF5E-957D83E58E68} -> C:\Program Files\Softonic\Softonic\1.8.21.14\bh\Softonic.dll [2013-06-11] (Softonic.com)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2015-01-28] (DVDVideoSoft Ltd.)
BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-04-01] (Microsoft Corporation.)
Toolbar: HKLM - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files\Softonic\Softonic\1.8.21.14\SoftonicTlbr.dll [2013-06-11] (Softonic.com)
Toolbar: HKU\S-1-5-21-583576071-2610798785-2159693280-1003 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - Keine Datei
FireFox:
========
FF ProfilePath: C:\Users\privat\AppData\Roaming\Mozilla\Firefox\Profiles\wwe6u0x0.default-1431504965002
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF Homepage: hxxps://www.google.de/?gws_rd=ssl
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_267.dll [2016-01-14] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-30] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2012-12-21] ( )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\privat\AppData\Roaming\Mozilla\Firefox\Profiles\wwe6u0x0.default-1431504965002\user.js [2016-01-04]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2008-10-24] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Extension: WEB.DE MailCheck - C:\Users\privat\AppData\Roaming\Mozilla\Firefox\Profiles\wwe6u0x0.default-1431504965002\extensions\mailcheck@web.de [2015-12-16]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-01-08] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2016-01-08] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2016-01-08] [ist nicht signiert]
FF Extension: UITBAutoInstaller - C:\Program Files\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2016-01-08] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - c:\Program Files\Trend Micro\Client Server Security Agent\bho\1056\FirefoxExtension => nicht gefunden
FF HKLM\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx32\addon
FF Extension: Bytemobile Optimization Client - C:\Program Files\T-Mobile\InternetManager_H\OCx32\addon [2012-12-19] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff => nicht gefunden
FF HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\privat\AppData\Roaming\Mozilla\Firefox\Profiles\kpwvyoo0.default\extensions\cliqz@cliqz.com => nicht gefunden
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-11-16]
Chrome:
=======
CHR Profile: C:\Users\privat\AppData\Local\Google\Chrome\User Data\default
CHR Extension: (Softonic Chrome Toolbar) - C:\Users\privat\AppData\Local\Google\Chrome\User Data\default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf [2013-10-23]
CHR HKLM\...\Chrome\Extension: [elchiiiejkobdbblfejjkbphbddgmljf] - C:\Program Files\Softonic\Softonic\1.8.21.14\Softonic.crx [2013-06-11]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files\Dell Wireless\Ath_CoexAgent.exe [151552 2010-05-24] (Atheros) [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files\Dell Wireless\Bluetooth Suite\adminservice.exe [56480 2010-09-02] (Atheros Commnucations) [Datei ist nicht signiert]
R2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
R2 EPSON_EB_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE [143872 2007-12-17] (SEIKO EPSON CORPORATION)
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [113664 2007-01-11] (SEIKO EPSON CORPORATION)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2011-02-10] (Macrovision Europe Ltd.) [Datei ist nicht signiert]
R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [270176 2011-01-28] ()
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Datei ist nicht signiert]
S2 Internet Manager. RunOuc; C:\Program Files\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [224096 2012-12-19] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
S3 RoxMediaDB12OEM; C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [1116656 2010-09-04] (Sonic Solutions)
S2 RoxWatch12; C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [219632 2010-09-04] (Sonic Solutions)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AthBTPort; C:\Windows\System32\DRIVERS\btath_flt.sys [37224 2010-07-08] (Atheros)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281504 2013-04-29] ()
R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [13184 2012-12-19] (Bytemobile, Inc.) [Datei ist nicht signiert]
S3 BTATH_A2DP; C:\Windows\System32\drivers\btath_a2dp.sys [257896 2010-07-08] (Atheros)
R3 BTATH_BUS; C:\Windows\System32\DRIVERS\btath_bus.sys [26984 2010-07-08] (Atheros)
S3 BTATH_HCRP; C:\Windows\System32\DRIVERS\btath_hcrp.sys [178024 2010-07-08] (Atheros)
S3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [47976 2010-09-02] (Atheros)
S3 BTATH_RCP; C:\Windows\System32\DRIVERS\btath_rcp.sys [143336 2010-07-08] (Atheros)
S3 BtFilter; C:\Windows\System32\DRIVERS\btfilter.sys [237416 2010-08-31] (Atheros)
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [63464 2013-01-22] (FTDI Ltd.)
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [90112 2012-12-19] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [26624 2012-12-19] (Huawei Technologies Co., Ltd.)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [181760 2012-12-19] (Huawei Technologies Co., Ltd.)
S3 KMWDFILTERx86; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [25088 2009-04-29] (Windows (R) Codename Longhorn DDK provider)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2013-04-29] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
R1 MpKsl12950f27; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{445E671A-CBFD-4210-99BE-CFCC493851C1}\MpKsl12950f27.sys [39168 2016-02-10] (Microsoft Corporation)
S3 mvusbcomm; C:\Windows\System32\Drivers\mvusbcomm.sys [17408 2013-08-22] (Marvell Semiconductor, Inc.)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl.sys [18432 2012-03-26] (Apple Inc.) [Datei ist nicht signiert]
R2 risdpcie; C:\Windows\System32\DRIVERS\risdpe86.sys [49152 2009-06-30] (REDC)
S3 rixdpcie; C:\Windows\system32\DRIVERS\rixdpe86.sys [38400 2009-07-04] (REDC)
R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [172416 2010-11-20] (Microsoft Corporation)
R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [48128 2010-11-20] (Microsoft Corporation)
R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2010-11-20] (Microsoft Corporation)
R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [296064 2010-11-20] (Microsoft Corporation)
S3 adxapie; \??\C:\Users\privat\AppData\Local\Temp\adxapie.sys [X]
S3 PCDSRVC{E9D79540-57D5953E-06020101}_0; \??\c:\program files\dell support center\pcdsrvc.pkms [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-10 14:47 - 2016-02-10 14:49 - 00025102 _____ C:\Users\privat\Downloads\FRST.txt
2016-02-10 14:47 - 2016-02-10 14:47 - 00000000 ____D C:\FRST
2016-02-10 14:46 - 2016-02-10 14:46 - 01721344 _____ (Farbar) C:\Users\privat\Downloads\FRST.exe
2016-02-10 14:23 - 2016-02-10 14:24 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\privat\Downloads\SpyHunter-Installer (1).exe
2016-02-10 14:23 - 2016-02-10 14:23 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\privat\Downloads\SpyHunter-Installer.exe
2016-02-10 04:12 - 2016-02-10 04:12 - 00000000 ____D C:\ef66c554362ecf4d43f9d71f6f1364ae
2016-02-09 22:03 - 2016-01-16 19:42 - 00022464 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-02-09 22:03 - 2016-01-16 19:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-09 22:03 - 2016-01-16 19:34 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-02-09 22:03 - 2016-01-11 15:07 - 01198080 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-02-09 22:03 - 2016-01-11 15:07 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-02-09 22:03 - 2016-01-11 15:07 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-02-09 22:03 - 2016-01-11 15:07 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-02-09 22:03 - 2016-01-11 15:07 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-02-09 22:00 - 2016-01-22 07:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-02-09 22:00 - 2016-01-22 07:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-09 22:00 - 2016-01-22 07:09 - 01310232 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-09 22:00 - 2016-01-22 07:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-09 22:00 - 2016-01-22 07:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-09 22:00 - 2016-01-22 07:02 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-09 22:00 - 2016-01-22 07:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-09 22:00 - 2016-01-22 07:02 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-09 22:00 - 2016-01-22 07:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
2016-02-09 22:00 - 2016-01-22 07:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-09 22:00 - 2016-01-22 06:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-02-09 22:00 - 2016-01-07 18:47 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-09 22:00 - 2016-01-07 18:35 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-09 22:00 - 2016-01-06 19:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-02-09 22:00 - 2016-01-06 18:56 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-02-09 22:00 - 2015-12-20 19:45 - 02745856 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-02-09 22:00 - 2015-12-20 19:45 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-02-09 22:00 - 2015-12-20 17:16 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-02-09 21:59 - 2016-01-22 07:13 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-09 21:59 - 2016-01-22 07:13 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-02-09 21:59 - 2016-01-22 07:06 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-02-09 21:59 - 2016-01-22 07:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-02-09 21:59 - 2016-01-22 07:06 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-02-09 21:59 - 2016-01-22 07:06 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-02-09 21:59 - 2016-01-22 07:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-02-09 21:59 - 2016-01-22 07:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-02-09 21:59 - 2016-01-22 07:05 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-09 21:59 - 2016-01-22 07:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-02-09 21:59 - 2016-01-22 07:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-02-09 21:59 - 2016-01-22 07:02 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-09 21:59 - 2016-01-22 07:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-09 21:59 - 2016-01-22 07:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-02-09 21:59 - 2016-01-22 07:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-02-09 21:59 - 2016-01-22 07:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-02-09 21:59 - 2016-01-22 06:01 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-02-09 21:59 - 2016-01-22 06:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-02-09 21:59 - 2016-01-22 05:53 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-02-09 21:59 - 2016-01-22 05:53 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-09 21:59 - 2016-01-22 05:53 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-09 21:59 - 2016-01-22 05:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-02-09 21:59 - 2016-01-22 05:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-02-09 21:59 - 2016-01-22 05:51 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-02-09 21:59 - 2016-01-22 05:51 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-02-09 21:59 - 2016-01-22 05:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 05:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 05:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 05:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-09 21:58 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-09 21:58 - 2016-02-06 10:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-02-09 21:58 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-09 21:58 - 2016-02-06 10:38 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-02-09 21:58 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-09 21:58 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-09 21:58 - 2016-01-22 21:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-09 21:58 - 2016-01-22 07:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-02-09 21:58 - 2016-01-22 07:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-02-09 21:58 - 2016-01-22 07:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-02-09 21:58 - 2016-01-22 07:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-02-09 21:58 - 2016-01-22 06:55 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-02-09 21:58 - 2016-01-22 06:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-02-09 21:58 - 2016-01-22 06:52 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-02-09 21:58 - 2016-01-22 06:51 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-02-09 21:58 - 2016-01-22 06:51 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-02-09 21:58 - 2016-01-22 06:46 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-09 21:58 - 2016-01-22 06:43 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-02-09 21:58 - 2016-01-22 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-09 21:58 - 2016-01-22 06:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-02-09 21:58 - 2016-01-22 06:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-02-09 21:58 - 2016-01-22 06:34 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-02-09 21:58 - 2016-01-22 06:33 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-02-09 21:58 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-09 21:58 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-09 21:58 - 2016-01-22 06:25 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-09 21:58 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-09 21:58 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-09 21:58 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-09 21:57 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-09 21:57 - 2016-01-22 07:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-02-09 21:57 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-09 21:57 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-09 21:57 - 2016-01-22 06:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-02-09 21:57 - 2016-01-22 06:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-02-09 21:56 - 2016-01-11 19:47 - 02956288 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-02-09 21:56 - 2016-01-11 19:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-02-09 21:56 - 2016-01-11 19:35 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-02-09 21:56 - 2016-01-11 19:17 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-09 21:56 - 2016-01-11 19:14 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-02-09 21:56 - 2016-01-11 19:14 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-02-09 21:56 - 2016-01-11 19:14 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-02-09 21:56 - 2016-01-11 19:14 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-02-09 21:56 - 2016-01-11 19:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-02-09 21:56 - 2016-01-11 19:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-02-09 21:56 - 2016-01-11 19:14 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-01-20 13:19 - 2016-01-20 13:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-01-20 13:11 - 2016-01-20 13:19 - 00000000 ____D C:\Program Files\QuickTime
2016-01-13 22:45 - 2016-01-13 22:45 - 00000000 ____D C:\Users\Chris\AppData\Local\Apple
2016-01-13 09:44 - 2015-12-08 22:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-01-13 09:44 - 2015-12-08 22:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 01202688 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-13 09:44 - 2015-12-08 22:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-01-13 09:44 - 2015-12-08 22:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-13 09:44 - 2015-12-08 22:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-01-13 09:44 - 2015-12-08 22:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-01-13 09:44 - 2015-12-08 22:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-01-13 09:44 - 2015-12-08 22:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-01-13 09:44 - 2015-12-08 22:43 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-01-13 09:44 - 2015-12-08 22:11 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-01-13 09:44 - 2015-12-08 22:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-01-13 09:44 - 2015-11-16 21:12 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-01-13 09:44 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-01-13 09:44 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-01-13 09:44 - 2015-11-13 23:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-10 14:50 - 2011-02-17 16:11 - 00000422 _____ C:\Windows\Tasks\SystemToolsDailyTest.job
2016-02-10 14:48 - 2011-06-24 16:32 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-10 14:40 - 2009-07-14 05:34 - 00025216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-10 14:40 - 2009-07-14 05:34 - 00025216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-10 14:35 - 2011-02-10 12:53 - 00000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini
2016-02-10 10:03 - 2011-02-10 12:07 - 02293438 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-10 10:03 - 2009-07-14 09:47 - 00964984 _____ C:\Windows\system32\perfh007.dat
2016-02-10 10:03 - 2009-07-14 09:47 - 00238790 _____ C:\Windows\system32\perfc007.dat
2016-02-10 10:03 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-02-10 10:01 - 2011-06-24 16:32 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-10 05:09 - 2015-02-26 04:23 - 00000000 ____D C:\Windows\rescache
2016-02-10 04:19 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-10 04:16 - 2015-10-12 11:34 - 00000946 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-02-10 04:16 - 2009-07-14 05:33 - 00663416 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-10 04:13 - 2014-12-12 03:34 - 00000000 ____D C:\Windows\system32\appraiser
2016-02-10 04:13 - 2014-05-07 02:02 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-02-10 04:13 - 2009-07-14 09:57 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 03:56 - 2009-07-14 03:04 - 00000478 _____ C:\Windows\win.ini
2016-02-10 03:28 - 2013-08-15 20:25 - 00000000 ____D C:\Windows\system32\MRT
2016-02-10 03:14 - 2011-02-19 11:57 - 144254680 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-09 22:42 - 2014-09-02 17:32 - 00000000 ____D C:\Users\privat\AppData\Local\Adobe
2016-02-09 22:42 - 2012-04-22 17:31 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-02-09 22:42 - 2011-05-19 18:23 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-02-09 19:54 - 2011-03-21 18:09 - 00000240 _____ C:\Windows\Tasks\Epson Printer Software Downloader.job
2016-02-08 20:36 - 2013-01-16 20:35 - 00000000 ____D C:\Users\privat\Documents\Outlook-Dateien
2016-02-07 00:51 - 2011-04-23 18:46 - 00000000 ____D C:\Users\privat\AppData\Local\CrashDumps
2016-02-04 13:05 - 2011-03-26 11:36 - 00000000 ____D C:\Program Files\Opera
2016-02-01 13:29 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2016-01-18 22:19 - 2015-02-19 20:41 - 00229113 _____ C:\Users\privat\Documents\RK-2015-Taudte NEU.xlsx
2016-01-14 19:33 - 2011-02-17 16:11 - 00000564 _____ C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2016-01-14 08:50 - 2015-11-30 11:23 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-14 03:50 - 2016-01-08 09:23 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-01-14 03:50 - 2012-05-13 20:13 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-01-14 03:50 - 2011-02-10 12:34 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-14 03:28 - 2011-02-10 12:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-11-18 10:07 - 2015-11-18 10:07 - 0207386 _____ () C:\Users\privat\AppData\Local\ars.cache
2015-11-18 10:07 - 2015-11-18 10:07 - 0333491 _____ () C:\Users\privat\AppData\Local\census.cache
2011-09-09 20:57 - 2013-05-08 18:45 - 0008704 _____ () C:\Users\privat\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-18 09:28 - 2015-11-18 09:28 - 0000036 _____ () C:\Users\privat\AppData\Local\housecall.guid.cache
2012-01-07 13:04 - 2015-12-17 20:46 - 0007602 _____ () C:\Users\privat\AppData\Local\Resmon.ResmonCfg
Einige Dateien in TEMP:
====================
C:\Users\Chris\AppData\Local\Temp\bitmaps.dll
C:\Users\Chris\AppData\Local\Temp\DiscoveryLib.dll
C:\Users\Chris\AppData\Local\Temp\DiscoveryLib64.dll
C:\Users\Chris\AppData\Local\Temp\fwDownloadLib.dll
C:\Users\Chris\AppData\Local\Temp\fwDownloadLib64.dll
C:\Users\Chris\AppData\Local\Temp\fwupdate.exe
C:\Users\Chris\AppData\Local\Temp\InstallLib.dll
C:\Users\Chris\AppData\Local\Temp\InstallLib64.dll
C:\Users\Chris\AppData\Local\Temp\InstallSeqLib.dll
C:\Users\Chris\AppData\Local\Temp\InstallSeqLib64.dll
C:\Users\Chris\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Chris\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Chris\AppData\Local\Temp\openslp32.dll
C:\Users\Chris\AppData\Local\Temp\openslp64.dll
C:\Users\Chris\AppData\Local\Temp\Setup.exe
C:\Users\Chris\AppData\Local\Temp\Uninstall.exe
C:\Users\Chris\AppData\Local\Temp\winstaller.exe
C:\Users\Chris\AppData\Local\Temp\winstaller64.exe
C:\Users\privat\AppData\Local\Temp\NOSEventMessages.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-02-10 05:01
==================== Ende vom FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:07-02-2016
durchgeführt von privat (2016-02-10 14:50:36)
Gestartet von C:\Users\privat\Downloads
Microsoft Windows 7 Professional Service Pack 1 (X86) (2011-02-17 15:08:49)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-583576071-2610798785-2159693280-500 - Administrator - Disabled)
Chris (S-1-5-21-583576071-2610798785-2159693280-1000 - Administrator - Enabled) => C:\Users\Chris
Gast (S-1-5-21-583576071-2610798785-2159693280-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-583576071-2610798785-2159693280-1002 - Limited - Enabled)
privat (S-1-5-21-583576071-2610798785-2159693280-1003 - Administrator - Enabled) => C:\Users\privat
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
ABBYY FineReader 6.0 Sprint (HKLM\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House)
Adobe Acrobat 9 Standard - English, Français, Deutsch (HKLM\...\{AC76BA86-1033-F400-BA7E-000000000004}{AC76BA86-1033-F400-BA7E-000000000004}) (Version: 9.5.5 - Adobe Systems)
Adobe Acrobat 9.5.5 - CPSID_83708 (HKLM\...\{AC76BA86-1033-F400-BA7E-000000000004}_955) (Version: - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM\...\{2BD2FA21-B51D-4F01-94A7-AC16737B2163}) (Version: 10.0.12.36 - Adobe Systems, Inc.)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Flash Player 20 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
ANNO 1503 (HKLM\...\{EBBB1DEF-8878-4CB8-BC0D-1196B30E7527}) (Version: - )
Anno 1701 (HKLM\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.00 - Sunflowers)
Apple Application Support (32-Bit) (HKLM\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{9A629DCB-415D-4A50-85B9-5C2E4F8F74A8}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Beyond Good & Evil (HKLM\...\{6BF81CE7-3D5A-497F-8912-2A65A0253E1B}) (Version: 1.01.000 - )
Bing Bar (HKLM\...\{449CE12D-E2C7-4B97-B19E-55D163EA9435}) (Version: 7.0.619.0 - Microsoft Corporation)
Bluetooth Win7 Suite (HKLM\...\{101A497C-7EF6-4001-834D-E5FA1C70FEFA}) (Version: 7.2.0.6 - Atheros Communications)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
Broken Sword 2.5 (HKLM\...\Broken Sword 2.5_is1) (Version: - mindFactory)
CCleaner (HKLM\...\CCleaner) (Version: 3.20 - Piriform)
Cliqz (HKLM\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
combit address manager 15 Workstation Einrichtung (HKLM\...\combit address manager 15 Workstation Einrichtung) (Version: 1.0.0 - combit GmbH)
Commandos 2: Men of Courage (HKLM\...\{F7963BA0-EE1C-11D4-9FA5-00A0C9E6A342}) (Version: - )
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.129.0.64 - Conexant)
CyberLink PowerDVD 9.5 (HKLM\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.3225 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery Manager (HKLM\...\{4688EB75-28E2-4731-9BCB-55E624F7CD45}) (Version: 1.3 - Dell Inc.)
Dell Bluetooth Installation (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{3138EAD3-700B-4A10-B617-B3F8096EE30D}) (Version: 1.0.0 - Dell Inc)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.0.5621.01 - Dell Inc.)
Dell Support Center (Version: 3.0.5621.01 - PC-Doctor, Inc.) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1007.101.102 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Central (HKLM\...\Dell Webcam Central) (Version: 2.00.35 - Creative Technology Ltd)
Der Pate® Das Spiel (HKLM\...\{1D2CF076-A63F-41A5-00A1-5924FADFAD9D}) (Version: - )
Desperados 1.0 (HKLM\...\Desperados 1.0) (Version: - )
DialUp (HKLM\...\DialUp) (Version: 12.08.101 - Huawei Technologies Co.,Ltd)
Die Gilde (HKLM\...\Die Gilde) (Version: - )
Die Gilde Update 1.05 Beta 3 (HKLM\...\Die Gilde Update 1.05 Beta 3) (Version: - )
DIE SIEDLER - Aufstieg eines Königreichs (HKLM\...\{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}) (Version: 1.00.0000 - Ubisoft)
DIE SIEDLER - Das Erbe der Könige - Gold Edition (HKLM\...\{E08DE897-B6AF-4DFF-9E90-131E80C876B4}) (Version: 1.00.0000 - Blue Byte)
Die Siedler 2 - Die nächste Generation (HKLM\...\{ED56EF4F-35FF-48D4-B616-A66E791EF1B6}) (Version: 1.00.0000 - UBISOFT)
DirectX 9 Runtime (Version: 1.00.0000 - Sonic Solutions) Hidden
Drakensang (HKLM\...\Drakensang_is1) (Version: - dtp)
Dropbox (HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Dropbox) (Version: 1.6.18 - Dropbox, Inc.)
Dungeon Keeper (HKLM\...\Keeper) (Version: - )
Emulator Starter (HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\32bce9526e87661e) (Version: 1.0.0.141 - Free Game Empire)
Epson Easy Photo Print 2 (HKLM\...\{87C2248A-C7DD-49ED-9BCD-B312A9D0819E}) (Version: 2.1.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation)
Epson Printer Software Downloader (HKLM\...\Epson Printer Software Downloader) (Version: - )
Epson Printer Software Downloader (Version: 2.0.0 - SEIKO EPSON CORPORATION) Hidden
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - )
Epson Stylus SX510W_TX550W Handbuch (HKLM\...\Epson Stylus SX510W_TX550W Benutzerhandbuch) (Version: - )
EPSON SX510W Series Printer Uninstall (HKLM\...\EPSON SX510W Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4i - SEIKO EPSON CORPORATION)
EpsonNet Setup (HKLM\...\{FFFAE01B-466F-4C07-9821-A94FD753BDDA}) (Version: 3.1c - SEIKO EPSON CORPORATION)
EXIFeditor (HKLM\...\{50FC1CE8-FF32-4F3B-B654-050DD6ECD474}) (Version: 1.0.0 - kiwi.software.NET)
Fallout 3 (HKLM\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
FlexMail 4.0 (HKLM\...\{A95AD78E-D9C4-4ECE-8D54-CED21CEB2D52}) (Version: 4.00.0000 - Flex Systems B.V.)
fotokasten comfort 5.4 (HKLM\...\fotokasten comfort_is1) (Version: - )
Foto-Mosaik-Edda Standard V6.6.12082.1 (HKLM\...\{A2D6ECD0-7E52-42B7-9236-DB2951436616}_is1) (Version: - Steffen Schirmer)
Fotor 1.3.0 (HKLM\...\Fotor) (Version: 1.3.0 - Everimaging Co., Ltd.)
FP-PostBase (HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\32b33acc94e46eaf) (Version: 1.8.0.0 - Francotyp-Postalia)
Free YouTube to MP3 Converter version 3.12.54.128 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.54.128 - DVDVideoSoft Ltd.)
FUJIdirekt Bestellsoftware 5.1 (HKLM\...\FUJIdirekt Bestellsoftware_is1) (Version: - )
Garmin Trip and Waypoint Manager v5 (HKLM\...\{414A373B-59DF-4102-94CA-9FE9A74CBDDA}) (Version: 5.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
GIMP 2.6.11 (HKLM\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
GLtron version 0.70 (HKLM\...\GLtron_is1) (Version: - )
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
GPSBabel 1.4.2 (HKLM\...\{1B8FE958-A304-4902-BF7A-4E2F0F5B7017}_is1) (Version: - GPSBabel)
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.7.50 - Conexant Systems)
Hex-Editor MX (HKLM\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2182 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.4.1002 - Intel Corporation)
Internet Manager (HKLM\...\Internet Manager) (Version: 22.001.18.00.748 - Huawei Technologies Co.,Ltd)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iTunes (HKLM\...\{2C741651-87E0-4479-9703-6DD0D7988B84}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 66 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lidl-Fotos (HKLM\...\Lidl-Fotos_is1) (Version: - )
locr GPS Photo (HKLM\...\{E58A0BB1-1FA1-40DC-AFA4-2C86D0A3B879}) (Version: 1.2.4 - locr)
Luminance HDR 2.3.1 (HKLM\...\{7020FC34-6E04-4858-924D-354B28CB2402}_is1) (Version: - Luminance HDR Dev Team)
M Series Driver (HKLM\...\M Series Driver) (Version: - )
mailcredit (HKLM\...\{986D05F1-1487-4865-BBAF-70A969B95A24}) (Version: 1.2.4 - Francotyp-Postalia)
mailreport (HKLM\...\{1C9F6F44-3990-48AE-926B-C5F3B8D23B45}) (Version: 1.6.0 - FP)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
MFCLOC (Version: 1.00.0000 - Dell Inc.) Hidden
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Age of Empires II (HKLM\...\Age of Empires 2.0) (Version: - )
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}) (Version: 3.0.19.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.0 (HKLM\...\{CD232781-26CA-4E18-BC70-4343A2F0D583}) (Version: 8.01.249.0 - Microsoft)
Microsoft Office Access Runtime (English) 2007 (HKLM\...\{90120000-001C-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Access Runtime (German) 2007 (HKLM\...\{90120000-001C-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Minecraft (HKLM\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mobile Partner (HKLM\...\Mobile Partner) (Version: 16.001.06.01.500 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 43.0.4 (x86 de) (HKLM\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Navigator Base Components (HKLM\...\{759F0957-BB9E-4C55-88A7-86961F9099A8}) (Version: 1.3.0.0 - FP)
NehrimUninstaller (HKLM\...\Nehrim - Am Rande des Schicksals_is1) (Version: 1.0.0 - SureAI)
Nokia Connectivity Cable Driver (HKLM\...\{6FE12C01-2FBC-42E2-AEB9-4CA2238C462F}) (Version: 7.1.101.0 - Nokia)
Nokia PC Suite (HKLM\...\Nokia PC Suite) (Version: 7.1.60.0 - Nokia)
Nokia PC Suite (Version: 7.1.60.0 - Nokia) Hidden
Nokia Suite (HKLM\...\Nokia Suite) (Version: 3.7.22.0 - Nokia)
Nokia Suite (Version: 3.7.22.0 - Nokia) Hidden
Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
NVIDIA PhysX (HKLM\...\{B83FC356-B7C0-441F-8A4D-D71E088E7974}) (Version: 9.09.0428 - NVIDIA Corporation)
Nvu 1.0 (HKLM\...\Nvu_is1) (Version: 1.0 - Thorsten Fritz)
Oblivion (HKLM\...\{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}) (Version: 1.2.0416 - Bethesda Softworks)
OpenAL (HKLM\...\OpenAL) (Version: - )
OpenTTD 1.1.1 (HKLM\...\OpenTTD) (Version: 1.1.1 - OpenTTD)
Opera 12.17 (HKLM\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Opera Stable 35.0.2066.37 (HKLM\...\Opera 35.0.2066.37) (Version: 35.0.2066.37 - Opera Software)
Origin (HKLM\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
OSM World Routable (HKLM\...\OSM World Routable) (Version: - )
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}) (Version: 3.60.0 - dotPDN LLC)
PC Connectivity Solution (HKLM\...\{6B722793-E77B-41F5-BAB3-6C9832274E75}) (Version: 12.0.76.0 - Nokia)
Perfect Effects 4.0.1 (HKLM\...\{385E6A4D-A440-43E2-9BAF-A012FB5FC2E2}) (Version: 4.0.1 - onOne Software)
PhotoShowExpress (Version: 2.0.028 - Sonic Solutions) Hidden
Picture Collage Maker Free 2.1.2 (HKLM\...\{DEB7295A-D00E-4D45-846C-2947E8C3F080}_is1) (Version: - PearlMountain Soft)
PL-2303 Vista Driver Installer (HKLM\...\{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}) (Version: 3.0.1.0 - Prolific)
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Risen (HKLM\...\{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}) (Version: 1.00.0000 - Deep Silver)
Roxio Burn (HKLM\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.8.57.4 - Roxio)
Roxio Creator Starter (HKLM\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.40.0 - Roxio)
ScummVM 1.5.0 (HKLM\...\ScummVM_is1) (Version: - The ScummVM Team)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shape Collage (HKLM\...\ShapeCollage) (Version: - Shape Collage Inc.)
Sid Meier's Civilization IV Colonization (HKLM\...\{EF36A836-BF89-4A4F-B079-057B0C68C1E0}) (Version: 1.00 - Firaxis Games)
Sid Meier's Pirates! (HKLM\...\InstallShield_{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}) (Version: 1.00.0000 - Ihr Firmenname)
Sid Meier's Pirates! (Version: 1.00.0000 - Ihr Firmenname) Hidden
SimCity 3000 (HKLM\...\SimCity 3000) (Version: - )
Snapseed (HKLM\...\{D5BEB842-5696-4AE8-A222-03D06384856D}) (Version: 1.2.1 - Nik Software, Inc.)
Softonic toolbar on IE and Chrome (HKLM\...\Softonic) (Version: 1.8.21.14 - Softonic) <==== ACHTUNG
Sonic CinePlayer Decoder Pack (Version: 4.3.0 - Sonic Solutions) Hidden
System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version: - )
TB-Logger (HKLM\...\{0A6E0A7D-0F43-4D71-849C-C3DBB03FDF72}) (Version: 1.00.0000 - Seelenreiter Software)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.01 - Ghisler Software GmbH)
Transport Tycoon Deluxe (HKLM\...\ft_Transport Tycoon Deluxe) (Version: - )
Tropico 3: Absolute Power (HKLM\...\Tropico3) (Version: 2.01 - Kalypso Media)
VLC media player 1.1.11 (HKLM\...\VLC media player) (Version: 1.1.11 - VideoLAN)
WEB.DE MailCheck für Mozilla Firefox (HKLM\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 3.0.1.1739 - 1&1 Mail & Media GmbH)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)
Windows-Treiberpaket - Nokia Modem (06/09/2010 7.01.0.8) (HKLM\...\E5372C32E8562C76C24DBA6525002B1031495F34) (Version: 06/09/2010 7.01.0.8 - Nokia)
Windows-Treiberpaket - Nokia Modem (10/07/2010 4.6) (HKLM\...\6DA48AFDE796708D5A4C9121A83E7617A63A9A15) (Version: 10/07/2010 4.6 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\privat\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{3A999A50-AB25-4A20-90A9-08F71FCE320F}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\W32X86\3\HPCDMC32.DLL (HP)
CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{98087D89-B93F-4BCF-A998-AE4D9F607C14}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\W32X86\3\HPCDMC32.DLL (HP)
CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{B286F068-5B17-4AE8-989B-8F9A199C47BA}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\W32X86\3\HPCDMC32.DLL (HP)
CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {06FA2F6D-6D2F-4739-AFDF-011FCFD6B4ED} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-06-22] (Piriform Ltd)
Task: {0833FD78-E630-457E-9947-33225F0994AD} - System32\Tasks\{9B46B8A8-F2CE-4EFA-A9EA-21D54C46250D} => pcalua.exe -a C:\Users\privat\Downloads\freecol-0.10.7-installer.exe -d C:\Users\privat\Downloads
Task: {106C5547-C970-48C4-98D3-9A69E1E8217D} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell Support Center\pcdrcui.exe [2010-08-05] (PC-Doctor, Inc.)
Task: {305297D7-3F18-4448-958C-463AA931B8BC} - System32\Tasks\{432716FB-6E5B-48C0-B400-ADA1E77754EA} => pcalua.exe -a "E:\Drivers\Huawei Win Driver 3.17.00.00\DriverSetup.exe" -d "E:\Drivers\Huawei Win Driver 3.17.00.00"
Task: {31ED0145-0072-4BE0-B2F8-3E0773E4E233} - System32\Tasks\Epson Printer Software Downloader => C:\Program Files\EPSON\EPAPDL\E_SAPDL2.EXE [2009-05-26] (SEIKO EPSON CORPORATION)
Task: {3683B6EC-41DE-4347-B438-1DFB3360EC75} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe [2010-08-05] (PC-Doctor, Inc.)
Task: {47906A49-AACC-4DDE-BE34-84FA8036A59E} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-11-09] (Oracle Corporation)
Task: {53DDFE59-4F7F-452F-81BB-85BFAFC07A80} - System32\Tasks\{AC89E59D-1720-4EF5-A2AA-AEA3059E64D8} => C:\Program Files\Railroad Tycoon 3\RT3.EXE
Task: {5792CAA8-BDDF-478E-A175-683AF94919D3} - System32\Tasks\{6795A8F1-12C3-4B30-95E2-E56FF108CAB8} => pcalua.exe -a C:\Users\Chris\Downloads\Francotyp\dotnetfx35.exe -d C:\Users\Chris\Downloads\Francotyp
Task: {5C172A1C-E728-4FB2-AFA0-EAEAB9078C64} - System32\Tasks\{32694C1D-C6FD-445E-862F-98800CCC474E} => pcalua.exe -a D:\Desperados.exe -d D:\ -c -autorun
Task: {6427F481-55CF-4BFC-8EF2-51E3132043CE} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-01-07] (Microsoft Corporation)
Task: {72C7C7E6-2016-4A49-9947-A96D3708455B} - System32\Tasks\{FACA8AB1-8477-4456-85AE-07DBE1AA83B6} => C:\Spiele\Black Isle\BGII - SvA\baldur.exe
Task: {906BEC28-8275-42EE-BD7B-6725E865EE5B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {97D56506-9867-477D-B10A-80C5E2A42F1C} - System32\Tasks\{9FA1911B-70FF-4B59-AD46-7A38C41BA63A} => pcalua.exe -a C:\Users\Chris\Downloads\Francotyp\SSM-PC²\SSM-PC²_2.9.3\dotnetfx.exe -d C:\Users\Chris\Downloads\Francotyp\SSM-PC²\SSM-PC²_2.9.3
Task: {A9122413-B787-4F21-B0D1-8ACA54041341} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe [2016-02-09] (Adobe Systems Incorporated)
Task: {B680FFBC-F40E-4A0A-9E59-73C67D95A013} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {B9468491-1DD7-41F7-AB2D-C0BC34B4EE7C} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {C0E586BE-4F89-4744-AD68-FC203C7D70EE} - System32\Tasks\{BB66391B-993D-4607-AA35-975E7C3830D7} => pcalua.exe -a C:\Users\privat\Downloads\TagesSetup.exe -d "C:\Program Files\Mozilla Firefox"
Task: {CECF4D3E-CB7B-4DA8-9D83-6DC2E7336D83} - System32\Tasks\{624BB5A4-6322-4841-9017-29740BA7C313} => pcalua.exe -a D:\Setup.exe -d D:\
Task: {D1CD5220-A3B6-4926-B75A-BDA6A4914B96} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2010-08-05] ()
Task: {D8C246C0-6B69-46E0-8F2C-9AA3E87BF665} - System32\Tasks\{1EAB8755-15D3-451C-8C4A-BD15D1B399AB} => pcalua.exe -a C:\Users\Chris\Downloads\Francotyp\SSM-PC²\SSM-PC²_2.9.3\Setup.Exe -d C:\Users\Chris\Downloads\Francotyp\SSM-PC²\SSM-PC²_2.9.3
Task: {D9E449DA-6E3C-455C-A00B-8FC79791DBED} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {E3B1F8CF-6126-46AD-AC3B-C8775117E667} - System32\Tasks\Opera scheduled Autoupdate 1418247860 => C:\Program Files\Opera\launcher.exe [2016-02-01] (Opera Software)
Task: {E8702BC3-28A3-4036-BC22-5E08F68D94AE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {EC0040A7-BE93-43A4-B831-933AAD10B65B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {F6CEE181-C99B-48E7-B472-26CC0E000C8A} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\system32\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe
Task: C:\Windows\Tasks\Epson Printer Software Downloader.job => C:\Program Files\EPSON\EPAPDL\E_SAPDL2.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\Dell Support Center\uaclauncher.exeo-backgroundmon scripts\defaultscan.xml
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\Dell Support Center\pcdrcui.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-01-14 09:52 - 2013-12-06 08:00 - 00032768 _____ () C:\Windows\System32\splmk14O.DLL
2013-08-22 12:26 - 2013-08-22 12:26 - 00108544 _____ () C:\Windows\System32\zlm_AstroMSeries.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 04:46 - 2015-10-13 04:46 - 01040144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-01-28 05:03 - 2011-01-28 05:03 - 00270176 _____ () C:\ProgramData\DatacardService\HWDeviceService.exe
2012-12-19 00:00 - 2012-12-19 10:41 - 00224096 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
2012-12-19 00:00 - 2012-05-02 16:51 - 00011362 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll
2012-12-19 00:00 - 2012-05-02 16:51 - 00043008 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll
2012-12-19 00:00 - 2012-05-02 16:51 - 02415104 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll
2012-12-19 00:00 - 2012-05-02 16:51 - 01148416 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll
2011-02-10 12:05 - 2010-06-08 17:44 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-05-19 08:58 - 2009-02-27 23:39 - 00019968 _____ () C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.deu
2011-03-21 18:06 - 2009-03-12 15:45 - 00135168 ____N () C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
2011-03-21 18:06 - 2008-11-21 13:58 - 00057344 ____N () C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll
2016-02-04 13:05 - 2016-02-04 13:04 - 62319736 _____ () C:\Program Files\Opera\35.0.2066.37\opera.dll
2016-02-04 13:05 - 2016-02-04 13:03 - 02074232 _____ () C:\Program Files\Opera\35.0.2066.37\libglesv2.dll
2016-02-04 13:05 - 2016-02-04 13:03 - 00081528 _____ () C:\Program Files\Opera\35.0.2066.37\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\privat\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{3C38CCF7-702E-4CB8-9F0F-063583B21CE5}] => (Allow) C:\Program Files\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{44B096DD-0713-4CA9-823C-1847ECA6FFFA}] => (Allow) C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{B0606A41-F54E-475D-B9AC-A31B6D52A66B}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C60B7DEF-0C69-4797-A9C4-1CB93170BC55}] => (Allow) LPort=2869
FirewallRules: [{C1B020ED-762D-4FC4-91F6-2CDF212E0987}] => (Allow) LPort=1900
FirewallRules: [{290BE0B2-C46D-4E32-8EE5-7A2F13570D77}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{1AC0F625-12FF-49A8-80D8-B1C9BF4F3ADE}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe
FirewallRules: [{3D45F63A-3FDA-49DC-B21C-7369AFE16C74}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [TCP Query User{4E054D63-38F8-43E6-8964-5734EBFD0965}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{14DC5B4C-3581-4462-A607-AB2E42FEB050}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [{72E9878D-0E75-4D16-8F68-247D43DFBCB2}] => (Allow) C:\Program Files\EpsonNet\EpsonNet Setup\tool09\ENEasyApp.exe
FirewallRules: [{A05BC5AC-A497-4A9D-BB84-F6D2DA5B58EB}] => (Allow) C:\Program Files\EpsonNet\EpsonNet Setup\tool09\ENEasyApp.exe
FirewallRules: [TCP Query User{72864067-6E8E-4F1E-992D-EE2B459C9350}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{CC565558-9E3F-44B3-B6A6-5B3FA2E2C6F8}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [{B0BE42B7-89B0-4A03-9304-4350DFCBBE75}] => (Allow) C:\Program Files\Opera\opera.exe
FirewallRules: [{65A064CA-FA6B-4C45-9EEA-B9477BFBF08F}] => (Allow) C:\Program Files\Opera\opera.exe
FirewallRules: [TCP Query User{2209214F-FB63-4126-AA51-63EDED0B7EC1}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{099C7999-1BCE-41F0-A4BD-E05C357D11BD}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{502B46D3-DE80-4545-AE55-CCEDEEC70760}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{CB9D4E65-5D32-4C63-A5E6-DDD749FEA1C8}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{1EE0DBA3-1F76-4866-B1B4-3B8F13190D87}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [UDP Query User{B992EE84-3205-45A6-8B03-2588478CEC4C}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [{CC47A10B-8AFF-4277-86C6-942636607F2B}] => (Allow) C:\Program Files\Ubisoft\DIE SIEDLER - Aufstieg eines Königreichs\base\bin\Settlers6.exe
FirewallRules: [{2D1653DE-5270-4CF1-B49B-399F4632D9C0}] => (Allow) C:\Program Files\Ubisoft\DIE SIEDLER - Aufstieg eines Königreichs\base\bin\Settlers6.exe
FirewallRules: [{D3EE7C81-2420-4E04-BA73-5DF577FF4C64}] => (Allow) C:\Users\privat\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{B13429D1-CB1F-4DA1-83F8-1914AB8A0E15}] => (Allow) C:\Users\privat\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{E3EF4AD6-237A-496D-8C7E-77224B490224}C:\users\privat\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\privat\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{DD4B8ADE-9311-4B6A-A3D5-0E8DD1EECE16}C:\users\privat\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\privat\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{0AF52037-981E-4BE4-B347-2FBEAB0B29DD}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe
FirewallRules: [UDP Query User{78E1F88C-F4F3-4BF4-A348-EBF3E3B15AEA}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe
FirewallRules: [TCP Query User{FCBE8810-6AF2-4F0A-84DB-55AA6DAC1443}C:\program files\microsoft games\age of empires ii\empires2.exe] => (Block) C:\program files\microsoft games\age of empires ii\empires2.exe
FirewallRules: [UDP Query User{EB009E32-192A-4DF1-882F-C4233FDDEC3D}C:\program files\microsoft games\age of empires ii\empires2.exe] => (Block) C:\program files\microsoft games\age of empires ii\empires2.exe
FirewallRules: [{17463ADF-BA96-4C5E-899C-1601D47E2727}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{037F7F0B-A9E4-42F8-A3A1-6CC3EBB19222}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DBECFA57-8DF9-41B2-8498-16D7F62CC1D5}] => (Allow) C:\Program Files\nokia\nokia suite\nokiasuite.exe
FirewallRules: [TCP Query User{5D96BB2B-D88B-4CCE-8C9B-E1C75DAB932B}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [UDP Query User{8A0B0BE5-6DF6-4CAF-81CC-9795EC3C02AD}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [TCP Query User{5B78E45C-8A86-4715-9F6C-EC9CB92FE479}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [UDP Query User{FE52BCC7-B2A3-46B6-BDBE-FDEC371F87E5}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [TCP Query User{20F703AE-2A27-49A6-8C81-AAB5FF0276BE}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [UDP Query User{7BBDCE2C-3C36-45DE-9C70-EF5442EE0811}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [TCP Query User{7041B9BF-BF63-4E58-AEBE-13EB105972A4}C:\program files\onone software\perfect effects 4\perfect effects 4.exe] => (Allow) C:\program files\onone software\perfect effects 4\perfect effects 4.exe
FirewallRules: [UDP Query User{AC0B7146-3890-43F8-984D-7ECA353BAC65}C:\program files\onone software\perfect effects 4\perfect effects 4.exe] => (Allow) C:\program files\onone software\perfect effects 4\perfect effects 4.exe
FirewallRules: [TCP Query User{BE488148-EB2A-4243-95DC-842E5397AA7E}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [UDP Query User{2695B1F1-7F82-4650-B210-17851DC6B263}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [{80BE2064-51E8-4C05-840C-B904A274945D}] => (Allow) C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization IV Colonization\Colonization.exe
FirewallRules: [{29B9E2B6-05B0-4C06-B70D-DCB3F226E8BB}] => (Allow) C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization IV Colonization\Colonization.exe
FirewallRules: [TCP Query User{F410B639-5D80-4B30-99B7-A89888DB4C0C}C:\program files\electronic arts\eadm\core.exe] => (Allow) C:\program files\electronic arts\eadm\core.exe
FirewallRules: [UDP Query User{D4F17FD8-601A-49EA-8437-35D3775DAC62}C:\program files\electronic arts\eadm\core.exe] => (Allow) C:\program files\electronic arts\eadm\core.exe
FirewallRules: [TCP Query User{4A5DC1A0-88F5-4A5D-B2C5-8ADEA5C22CE0}C:\program files\electronic arts\eadm\core.exe] => (Block) C:\program files\electronic arts\eadm\core.exe
FirewallRules: [UDP Query User{C8CC75B5-ED27-4B58-A4B8-198263C44A8F}C:\program files\electronic arts\eadm\core.exe] => (Block) C:\program files\electronic arts\eadm\core.exe
FirewallRules: [TCP Query User{F59809A6-A9E2-44A9-834A-4558E763D0B9}C:\program files\onone software\perfect effects 4\perfect effects 4.exe] => (Allow) C:\program files\onone software\perfect effects 4\perfect effects 4.exe
FirewallRules: [UDP Query User{1F91DFAB-B552-4DE3-9951-DAB1F7111844}C:\program files\onone software\perfect effects 4\perfect effects 4.exe] => (Allow) C:\program files\onone software\perfect effects 4\perfect effects 4.exe
FirewallRules: [TCP Query User{7742D69F-F040-48FF-91CD-3DEDB71BF335}C:\program files\memjet\m series driver\toolbox\usb2http.exe] => (Allow) C:\program files\memjet\m series driver\toolbox\usb2http.exe
FirewallRules: [UDP Query User{5E91F9CF-ACC6-4D96-868C-DA6612C5DC67}C:\program files\memjet\m series driver\toolbox\usb2http.exe] => (Allow) C:\program files\memjet\m series driver\toolbox\usb2http.exe
FirewallRules: [TCP Query User{FCB67176-167B-46EC-912D-BF0558389E75}C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\bin\settlershok.exe] => (Allow) C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\bin\settlershok.exe
FirewallRules: [UDP Query User{F935B6B0-23A4-4708-9EBC-03C46BEE021C}C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\bin\settlershok.exe] => (Allow) C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\bin\settlershok.exe
FirewallRules: [TCP Query User{D650801F-1A42-4E33-AF26-0FE2CBE3EC4D}C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\extra1\bin\settlershok.exe] => (Block) C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\extra1\bin\settlershok.exe
FirewallRules: [UDP Query User{975EA1D6-8B3F-4162-B1CC-9C027911B38E}C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\extra1\bin\settlershok.exe] => (Block) C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\extra1\bin\settlershok.exe
FirewallRules: [{ED91245C-E5D4-450B-B728-F92B83C2AD03}] => (Allow) C:\Program Files\fotokasten comfort\Loader.exe
FirewallRules: [{E5B7E9F0-1676-4A3A-A109-E3F7B01C7BB6}] => (Allow) C:\Program Files\fotokasten comfort\Loader.exe
FirewallRules: [{A901D81D-AC94-4362-B2BE-D22F967E52A1}] => (Allow) C:\Program Files\fotokasten comfort\Loader.exe
FirewallRules: [{AA7E2350-244C-45B6-959E-DF330D5A3A49}] => (Allow) C:\Program Files\fotokasten comfort\Loader.exe
FirewallRules: [{FE68019C-9EF3-4589-B6FC-295543D050DD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{91330218-F13B-49E8-98D8-7C1BE66CFC36}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3B3674F8-FD09-4E15-B14A-D826AA47888A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{600CF4EB-D0D9-4ECA-BC82-82159D0079DB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{15B905FC-11C5-4596-81DE-600FE7C157DE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{BB3AC775-3CC8-452D-BEE0-A94691721D25}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{2CA81FCE-C86F-4C3F-BFBD-0F93D5589729}] => (Allow) C:\Program Files\iTunes\iTunes.exe
==================== Wiederherstellungspunkte =========================
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Dell Wireless 1702 Bluetooth v3.0+HS
Description: Dell Wireless 1702 Bluetooth v3.0+HS
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/10/2016 02:35:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 512447
Error: (02/10/2016 02:35:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 512447
Error: (02/10/2016 02:35:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/10/2016 02:27:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8205
Error: (02/10/2016 02:27:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8205
Error: (02/10/2016 02:27:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/10/2016 02:27:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7067
Error: (02/10/2016 02:27:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7067
Error: (02/10/2016 02:27:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/10/2016 02:27:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6068
Systemfehler:
=============
Error: (02/10/2016 10:14:13 AM) (Source: DCOM) (EventID: 10000) (User: )
Description: "C:\Program Files\Adobe\Acrobat Reader DC\AcroRd32Info.exe" /PDFShell -Embedding2{98D9A6F1-4696-4B5E-A2E8-36B3F9C1E12C}
Error: (02/10/2016 05:17:59 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (02/10/2016 04:20:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Internet Manager. OUC" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (02/10/2016 04:20:01 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Internet Manager. OUC erreicht.
Error: (02/10/2016 04:16:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Internet Manager. OUC" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (02/10/2016 04:16:52 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Internet Manager. OUC erreicht.
Error: (02/10/2016 04:12:34 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f0902 fehlgeschlagen: Update für Windows 7 (KB3123862)
Error: (02/10/2016 04:12:32 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.213.5692.0
Aktualisierungsquelle: %NT-AUTORITÄT59
Aktualisierungsphase: 4.8.0204.00
Quellpfad: 4.8.0204.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (02/10/2016 04:12:32 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.213.5692.0
Aktualisierungsquelle: %NT-AUTORITÄT59
Aktualisierungsphase: 4.8.0204.00
Quellpfad: 4.8.0204.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (02/10/2016 03:36:13 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T6670 @ 2.20GHz
Prozentuale Nutzung des RAM: 64%
Installierter physikalischer RAM: 3036.36 MB
Verfügbarer physikalischer RAM: 1085.12 MB
Summe virtueller Speicher: 6071.04 MB
Verfügbarer virtueller Speicher: 3784.52 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:283.4 GB) (Free:2.65 GB) NTFS
Drive d: (Disc 2) (CDROM) (Total:0.34 GB) (Free:0 GB) CDFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 11121702)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=283.4 GB) - (Type=07 NTFS)
==================== Ende vom Addition.txt ============================
Ich hoffe, ihr könnt mir weiterhelfen. Vielen Dank im Voraus...Chris |
|
10.02.2016, 15:37
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt Moin
__________________ Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
10.02.2016, 20:23
| #3 |
| | Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt Danke für die schnelle Antwort.
__________________Der Scan hat ganz schön lange gedauert, hat aber 2 Sachen gefunden: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2016.02.10.04
rootkit: v2016.02.08.01
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.18204
privat :: CHRIS-PC [administrator]
10.02.2016 16:49:18
mbar-log-2016-02-10 (16-49-18).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 450943
Time elapsed: 3 hour(s), 19 minute(s), 46 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 1
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Guiqmex (Virus.Expiro) -> Data: C:\Users\privat\AppData\Roaming\Bayd\noyr.exe -> Delete on reboot. [e92379e628711d19d2096352986835cb]
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\Users\privat\AppData\Roaming\Bayd\noyr.exe (Virus.Expiro) -> Delete on reboot. [e92379e628711d19d2096352986835cb]
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
10.02.2016, 23:05
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt MBAR bitte wiederholen bis es nix mehr findet
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
11.02.2016, 08:36
| #5 |
| | Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt 2. Scan: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2016.02.10.05
rootkit: v2016.02.08.01
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.18204
privat :: CHRIS-PC [administrator]
10.02.2016 20:26:21
mbar-log-2016-02-10 (20-26-21).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 450502
Time elapsed: 4 hour(s), 15 minute(s), 35 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
11.02.2016, 09:04
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt Ok, ein Check mit TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ --> Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt |
|
11.02.2016, 09:26
| #7 |
| | Sicherheitswarnung von der Telekom, Citadell-Virus festgestelltCode:
ATTFilter 09:23:44.0356 0x04dc TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
09:23:52.0956 0x04dc ============================================================
09:23:52.0957 0x04dc Current date / time: 2016/02/11 09:23:52.0956
09:23:52.0957 0x04dc SystemInfo:
09:23:52.0957 0x04dc
09:23:52.0957 0x04dc OS Version: 6.1.7601 ServicePack: 1.0
09:23:52.0957 0x04dc Product type: Workstation
09:23:52.0957 0x04dc ComputerName: CHRIS-PC
09:23:52.0957 0x04dc UserName: privat
09:23:52.0957 0x04dc Windows directory: C:\Windows
09:23:52.0957 0x04dc System windows directory: C:\Windows
09:23:52.0957 0x04dc Processor architecture: Intel x86
09:23:52.0957 0x04dc Number of processors: 2
09:23:52.0957 0x04dc Page size: 0x1000
09:23:52.0957 0x04dc Boot type: Normal boot
09:23:52.0958 0x04dc ============================================================
09:23:54.0210 0x04dc KLMD registered as C:\Windows\system32\drivers\15082493.sys
09:23:56.0008 0x04dc System UUID: {0ABAEB6E-E6E6-B8EA-CE03-EFEA5470A469}
09:23:57.0340 0x04dc Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:23:57.0343 0x04dc ============================================================
09:23:57.0343 0x04dc \Device\Harddisk0\DR0:
09:23:57.0343 0x04dc MBR partitions:
09:23:57.0343 0x04dc \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000
09:23:57.0343 0x04dc \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D5F9C5, BlocksNum 0x236CE8EB
09:23:57.0343 0x04dc ============================================================
09:23:57.0364 0x04dc C: <-> \Device\Harddisk0\DR0\Partition2
09:23:57.0365 0x04dc ============================================================
09:23:57.0365 0x04dc Initialize success
09:23:57.0365 0x04dc ============================================================
09:24:14.0104 0x0e6c ============================================================
09:24:14.0104 0x0e6c Scan started
09:24:14.0104 0x0e6c Mode: Manual;
09:24:14.0104 0x0e6c ============================================================
09:24:14.0104 0x0e6c KSN ping started
09:24:16.0576 0x0e6c KSN ping finished: true
09:24:17.0877 0x0e6c ================ Scan system memory ========================
09:24:17.0877 0x0e6c System memory - ok
09:24:17.0878 0x0e6c ================ Scan services =============================
09:24:18.0330 0x0e6c [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:24:18.0339 0x0e6c 1394ohci - ok
09:24:18.0442 0x0e6c [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:24:18.0450 0x0e6c ACPI - ok
09:24:18.0544 0x0e6c [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:24:18.0547 0x0e6c AcpiPmi - ok
09:24:18.0723 0x0e6c [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
09:24:18.0728 0x0e6c AdobeARMservice - ok
09:24:18.0878 0x0e6c [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
09:24:18.0913 0x0e6c adp94xx - ok
09:24:19.0017 0x0e6c [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
09:24:19.0031 0x0e6c adpahci - ok
09:24:19.0048 0x0e6c [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
09:24:19.0057 0x0e6c adpu320 - ok
09:24:19.0371 0x0e6c adxapie - ok
09:24:19.0446 0x0e6c [ 39AEAECE9F42407F176FE130D790BFBE, 19010DF87BDC1884268098CC04B4B15ECB710C94054A57157C0F9B7A795BDB28 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:24:19.0450 0x0e6c AeLookupSvc - ok
09:24:19.0503 0x0e6c [ 93B49FA857F7036A4EFF32371F6E7391, B9B2867D9A80E7F028E9D7C6ABCB9EC5198ACE28CEE101C5A846666B356B2843 ] AFD C:\Windows\system32\drivers\afd.sys
09:24:19.0655 0x0e6c AFD - ok
09:24:19.0719 0x0e6c [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
09:24:19.0723 0x0e6c agp440 - ok
09:24:19.0758 0x0e6c [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
09:24:19.0763 0x0e6c aic78xx - ok
09:24:19.0792 0x0e6c [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
09:24:19.0796 0x0e6c ALG - ok
09:24:19.0837 0x0e6c [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
09:24:19.0839 0x0e6c aliide - ok
09:24:19.0864 0x0e6c [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
09:24:19.0870 0x0e6c amdagp - ok
09:24:19.0904 0x0e6c [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
09:24:19.0907 0x0e6c amdide - ok
09:24:19.0926 0x0e6c [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
09:24:19.0930 0x0e6c AmdK8 - ok
09:24:19.0940 0x0e6c [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
09:24:19.0944 0x0e6c AmdPPM - ok
09:24:19.0989 0x0e6c [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:24:19.0997 0x0e6c amdsata - ok
09:24:20.0015 0x0e6c [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
09:24:20.0023 0x0e6c amdsbs - ok
09:24:20.0071 0x0e6c [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:24:20.0073 0x0e6c amdxata - ok
09:24:20.0150 0x0e6c [ E8A8E6072CB7E2032E85E7735DAA511F, 4FA1A2343CE53B5D69DA4BB375E00E87107E12736E4CFB82F6209ADA7A7AF720 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
09:24:20.0162 0x0e6c ApfiltrService - ok
09:24:20.0214 0x0e6c [ FE4F2ADE5DBB3B888E9EB0A1FBA1F152, B17053A912C73835A2E80176D79885B530E15240B988125114B6B877C903D61C ] AppID C:\Windows\system32\drivers\appid.sys
09:24:20.0248 0x0e6c AppID - ok
09:24:20.0312 0x0e6c [ A4DA304773AC1396792C5DE1D1EB601A, ECD23FF67FB1C4B94DBE23F6724E2DA0917CE0E479DE9C9F790A8635A2234950 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:24:20.0340 0x0e6c AppIDSvc - ok
09:24:20.0421 0x0e6c [ 133A7896E643D139443B47FDBFA327C7, 371FC602B531DF1EFDCEEC3A2F5497A0D0BE7F558B0583F572862C69A65BD454 ] Appinfo C:\Windows\System32\appinfo.dll
09:24:20.0424 0x0e6c Appinfo - ok
09:24:20.0497 0x0e6c [ BB6093AD659360CB350F4E84B445F36D, 16E16AD8E58C3777E2C858C8223BEB3CC9999E6FDCD23A0013C39AAADC54193C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:24:20.0503 0x0e6c Apple Mobile Device - ok
09:24:20.0568 0x0e6c [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt C:\Windows\System32\appmgmts.dll
09:24:20.0576 0x0e6c AppMgmt - ok
09:24:20.0589 0x0e6c [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys
09:24:20.0593 0x0e6c arc - ok
09:24:20.0662 0x0e6c [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
09:24:20.0667 0x0e6c arcsas - ok
09:24:20.0810 0x0e6c [ 4170FD789CDDE8767972C7C87E6B3400, 36403DF991F451A2A539B7C9BBF1310768701F68AC5EFFA1E5EE0C07A427E5ED ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
09:24:20.0954 0x0e6c aspnet_state - ok
09:24:20.0996 0x0e6c [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:24:20.0999 0x0e6c AsyncMac - ok
09:24:21.0049 0x0e6c [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
09:24:21.0052 0x0e6c atapi - ok
09:24:21.0106 0x0e6c [ 61361A8A62A193C339DACB341D246E63, EB2F82E6F1F73450A9DECA90286D2A7237FCD79A6E81F2FCF8C0020FB59A04F6 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
09:24:21.0109 0x0e6c AthBTPort - ok
09:24:21.0191 0x0e6c [ A6307F356D778E18A76E7783EF98C6AA, BD8326AA08B669517BDB54BAF53E6D3D6AFFE69359C67EF857114587A9064BA6 ] Atheros Bt&Wlan Coex Agent C:\Program Files\Dell Wireless\Ath_CoexAgent.exe
09:24:21.0336 0x0e6c Atheros Bt&Wlan Coex Agent - ok
09:24:21.0401 0x0e6c [ 183C82F856157F64BC377C100786E10C, 537D31D4F894C3A22699D959BD8D1677483E4255D50449679239CE9D2625D3E2 ] AtherosSvc C:\Program Files\Dell Wireless\Bluetooth Suite\adminservice.exe
09:24:21.0404 0x0e6c AtherosSvc - ok
09:24:21.0540 0x0e6c [ C8BB2E935A5D195692140E795EA9AC14, 09B6A049E6A45673E43F733C03B1CAAD9C87B040ABE00AABAF3F651CB3D5AFD7 ] athr C:\Windows\system32\DRIVERS\athr.sys
09:24:21.0646 0x0e6c athr - ok
09:24:21.0706 0x0e6c [ 70F72C50D39F5AFA76C17F86223A7C4F, 9C16BAB657BB399ACE84666E981BD3913E16E21A19DE0693B32AD4AC6A547B62 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
09:24:21.0839 0x0e6c atksgt - ok
09:24:21.0957 0x0e6c [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:24:22.0003 0x0e6c AudioEndpointBuilder - ok
09:24:22.0029 0x0e6c [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv C:\Windows\System32\Audiosrv.dll
09:24:22.0047 0x0e6c Audiosrv - ok
09:24:22.0133 0x0e6c [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:24:22.0139 0x0e6c AxInstSV - ok
09:24:22.0207 0x0e6c [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
09:24:22.0275 0x0e6c b06bdrv - ok
09:24:22.0308 0x0e6c [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
09:24:22.0319 0x0e6c b57nd60x - ok
09:24:22.0429 0x0e6c [ 0D1EA7509F394D8B705B239EE71F5118, 3F6EA4AC573460D19B40B772CBC85212381191BE2829F19C86AEBA267E614554 ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE
09:24:22.0438 0x0e6c BBSvc - ok
09:24:22.0469 0x0e6c [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
09:24:22.0474 0x0e6c BDESVC - ok
09:24:22.0486 0x0e6c [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
09:24:22.0488 0x0e6c Beep - ok
09:24:22.0548 0x0e6c [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
09:24:22.0570 0x0e6c BFE - ok
09:24:22.0661 0x0e6c [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\System32\qmgr.dll
09:24:22.0691 0x0e6c BITS - ok
09:24:22.0727 0x0e6c [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:24:22.0729 0x0e6c blbdrive - ok
09:24:22.0767 0x0e6c [ 70CD6D71FC48BBBD1385D7B35AEADECC, B4F899D3072F4B6CAA9FFED8FD805EC8FB6B5BCF29875553FBBF3B90D3DAA4DF ] BMLoad C:\Windows\system32\drivers\BMLoad.sys
09:24:22.0827 0x0e6c BMLoad - ok
09:24:22.0914 0x0e6c [ 5EA9C80F18CBC393EA7D9A2991DED4B5, 7E5EB1CE44FEBE93686174058D51581FA00BDFF0EBB84BD74BC08F6386019253 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:24:22.0947 0x0e6c Bonjour Service - ok
09:24:23.0004 0x0e6c [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:24:23.0008 0x0e6c bowser - ok
09:24:23.0017 0x0e6c [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:24:23.0020 0x0e6c BrFiltLo - ok
09:24:23.0027 0x0e6c [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:24:23.0032 0x0e6c BrFiltUp - ok
09:24:23.0074 0x0e6c [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll
09:24:23.0078 0x0e6c Browser - ok
09:24:23.0090 0x0e6c [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:24:23.0098 0x0e6c Brserid - ok
09:24:23.0106 0x0e6c [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:24:23.0109 0x0e6c BrSerWdm - ok
09:24:23.0115 0x0e6c [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:24:23.0117 0x0e6c BrUsbMdm - ok
09:24:23.0123 0x0e6c [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:24:23.0125 0x0e6c BrUsbSer - ok
09:24:23.0184 0x0e6c [ BD9724F2E85F2F3E5B768121D4CF481E, 3EF2AC0B37E0B777E96CAD646FE0F5142F2585A3275909205FBB0690E5537CB8 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
09:24:23.0191 0x0e6c BTATH_A2DP - ok
09:24:23.0229 0x0e6c [ 3D58BED2BFA9EC2F060811B8F5EF1D3B, A14EFFB0888AAF525A426C76D37767C60899FDABD0AEAAD8BC35A19F122E3ABB ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
09:24:23.0232 0x0e6c BTATH_BUS - ok
09:24:23.0266 0x0e6c [ C1D73E8E7570F8BBD27A034F8E3F890B, 847700952766436808CEA0EBB9FD7E7E8B11054BC8FB9FB0749161187E141EFA ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
09:24:23.0274 0x0e6c BTATH_HCRP - ok
09:24:23.0292 0x0e6c [ 5352DD2BCE2675F40C19924AEE25D003, 2061C6FC1A68B255E0BD6BCC14839A7E3C8A6FA97EFF5008F99F48872FBC8DA3 ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
09:24:23.0296 0x0e6c BTATH_LWFLT - ok
09:24:23.0326 0x0e6c [ 954678976BBACCAB3F7D7ACE875AA193, C5A68BCC06566D2DA8AC898ACE9F8F43C574C1B57B7E8AACFA4BF4D14F9B28C3 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
09:24:23.0333 0x0e6c BTATH_RCP - ok
09:24:23.0393 0x0e6c [ 621805F2003FC5E6E758F3ED59BEF7EE, 8E7CC77BB4D4EF89A1AB8CF41AA9F0B6FA36EDEA29FF89A85F1F45616C374597 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
09:24:23.0405 0x0e6c BtFilter - ok
09:24:23.0470 0x0e6c [ 2865A5C8E98C70C605F417908CEBB3A4, B1C5AC228BD7072AF8668C009C6CDC13EE9FCB9481F57524300F37C40BF1E935 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
09:24:23.0473 0x0e6c BthEnum - ok
09:24:23.0503 0x0e6c [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
09:24:23.0507 0x0e6c BTHMODEM - ok
09:24:23.0536 0x0e6c [ AD1872E5829E8A2C3B5B4B641C3EAB0E, 8C2DBCAC08DDB41E2B44E257C55FA2D0272959B308EFF9EAF5FF9AE1E4A0AA39 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
09:24:23.0541 0x0e6c BthPan - ok
09:24:23.0590 0x0e6c [ 1153DE2E4F5941E10C399CB5592F78A1, 2B88AF246D62F72FA9F5B921B0375AE59A0F263672472D5EC9FDB5CA5EF51C31 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
09:24:23.0647 0x0e6c BTHPORT - ok
09:24:23.0709 0x0e6c [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
09:24:23.0714 0x0e6c bthserv - ok
09:24:23.0739 0x0e6c [ C81E9413A25A439F436B1D4B6A0CF9E9, A4C290163207AED22C70C7F90B28F6FC24892889643D60D915059405AC5A4A72 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
09:24:23.0743 0x0e6c BTHUSB - ok
09:24:23.0799 0x0e6c [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:24:23.0803 0x0e6c cdfs - ok
09:24:23.0852 0x0e6c [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:24:23.0858 0x0e6c cdrom - ok
09:24:23.0887 0x0e6c [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
09:24:23.0891 0x0e6c CertPropSvc - ok
09:24:23.0932 0x0e6c [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
09:24:23.0936 0x0e6c circlass - ok
09:24:23.0998 0x0e6c [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS C:\Windows\system32\CLFS.sys
09:24:24.0010 0x0e6c CLFS - ok
09:24:24.0141 0x0e6c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:24:24.0147 0x0e6c clr_optimization_v2.0.50727_32 - ok
09:24:24.0229 0x0e6c [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:24:24.0319 0x0e6c clr_optimization_v4.0.30319_32 - ok
09:24:24.0334 0x0e6c [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:24:24.0337 0x0e6c CmBatt - ok
09:24:24.0373 0x0e6c [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:24:24.0376 0x0e6c cmdide - ok
09:24:24.0432 0x0e6c [ 780FFC005741C9316576086155E55F56, D863E5657F1468410BBDD657D5EA8A2FDDB70FED459CDE3178CB8FDB910058EC ] CNG C:\Windows\system32\Drivers\cng.sys
09:24:24.0464 0x0e6c CNG - ok
09:24:24.0568 0x0e6c [ AE7C11564ECDE146CA5FE35E07CC227E, D9449251DF3EE239DC78F11196EE0F3A49960FBC1DF464D4304733FAD71EA5DA ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT32.sys
09:24:24.0615 0x0e6c CnxtHdAudService - ok
09:24:24.0674 0x0e6c [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:24:24.0677 0x0e6c Compbatt - ok
09:24:24.0725 0x0e6c [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
09:24:24.0729 0x0e6c CompositeBus - ok
09:24:24.0737 0x0e6c COMSysApp - ok
09:24:24.0759 0x0e6c [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
09:24:24.0762 0x0e6c crcdisk - ok
09:24:24.0826 0x0e6c [ 33F67BBCC3C0499D3F3382473114CFA8, FDDCC41CE005B7C1BEBB6F4ACA9A3F10E5972792ADFD7D294E70A0B781460981 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:24:24.0832 0x0e6c CryptSvc - ok
09:24:24.0870 0x0e6c [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC C:\Windows\system32\drivers\csc.sys
09:24:24.0882 0x0e6c CSC - ok
09:24:24.0968 0x0e6c [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService C:\Windows\System32\cscsvc.dll
09:24:24.0986 0x0e6c CscService - ok
09:24:25.0030 0x0e6c [ 0F538DF1673E5216F3BAACB6911D9D0F, 640A0BA1F897E7F927A01E44408202EF4884D2FE68E4CCB185F315D2B6F2E262 ] CtAudDrv C:\Windows\system32\Drivers\CtAudDrv.sys
09:24:25.0034 0x0e6c CtAudDrv - ok
09:24:25.0081 0x0e6c [ CEBA8413F9B2C73A4E9E16DBD127DC25, DE8C8F3ACD21224192B7551A8FCD33AF69FB7DE29AFF4EDE00E54FA6D19026B8 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
09:24:25.0086 0x0e6c CtClsFlt - ok
09:24:25.0120 0x0e6c [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll
09:24:25.0132 0x0e6c DcomLaunch - ok
09:24:25.0166 0x0e6c [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
09:24:25.0173 0x0e6c defragsvc - ok
09:24:25.0189 0x0e6c [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:24:25.0192 0x0e6c DfsC - ok
09:24:25.0258 0x0e6c [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
09:24:25.0271 0x0e6c Dhcp - ok
09:24:25.0421 0x0e6c [ 0A3386E3CF9C5D089D695AC5A35F4C6F, D610071493EB95FCE39E24C457A0B5BBA131193159E43FDC1E8EDABB9C7AB81A ] DiagTrack C:\Windows\system32\diagtrack.dll
09:24:25.0491 0x0e6c DiagTrack - ok
09:24:25.0510 0x0e6c [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
09:24:25.0513 0x0e6c discache - ok
09:24:25.0573 0x0e6c [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\DRIVERS\disk.sys
09:24:25.0577 0x0e6c Disk - ok
09:24:25.0622 0x0e6c [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:24:25.0629 0x0e6c Dnscache - ok
09:24:25.0666 0x0e6c [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
09:24:25.0679 0x0e6c dot3svc - ok
09:24:25.0779 0x0e6c [ B5E479EB83707DD698F66953E922042C, 82891A4699F180A20EB25A0EC49A7E008B007A374BAA3279483AC1C95D125FE8 ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
09:24:25.0788 0x0e6c Dot4 - ok
09:24:25.0833 0x0e6c [ CAEFD09B6A6249C53A67D55A9A9FCABF, A76C951EA8A830E5BA22D8D393A946BBAEEDB76478539F647E58199B383F786B ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
09:24:25.0835 0x0e6c Dot4Print - ok
09:24:25.0862 0x0e6c [ CF491FF38D62143203C065260567E2F7, 4315FD8FC88CF627EBE469A2DF0F280B17C95D3004FC7A93D6F8E47F0D91A037 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
09:24:25.0865 0x0e6c dot4usb - ok
09:24:25.0900 0x0e6c [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
09:24:25.0934 0x0e6c DPS - ok
09:24:25.0978 0x0e6c [ A3F684B866A7D89AE396276CE7AFD416, 1E4C034B7B106FA403B13842A199D88A33B492A577B58CDDAE0B4706266B9565 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:24:25.0999 0x0e6c drmkaud - ok
09:24:26.0079 0x0e6c [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:24:26.0181 0x0e6c DXGKrnl - ok
09:24:26.0291 0x0e6c [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
09:24:26.0297 0x0e6c EapHost - ok
09:24:26.0470 0x0e6c [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
09:24:26.0630 0x0e6c ebdrv - ok
09:24:26.0691 0x0e6c [ 7884C1EDF5BD21749C206E8C4B5DB409, 620638756A5EE6EA933A7A4C94E7DD2537E2A7345BBEFF72D28271C0174D10A2 ] EFS C:\Windows\System32\lsass.exe
09:24:26.0753 0x0e6c EFS - ok
09:24:26.0841 0x0e6c [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:24:26.0887 0x0e6c ehRecvr - ok
09:24:26.0921 0x0e6c [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
09:24:26.0926 0x0e6c ehSched - ok
09:24:26.0968 0x0e6c [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
09:24:27.0014 0x0e6c elxstor - ok
09:24:27.0129 0x0e6c [ ABDD5AD016AFFD34AD40E944CE94BF59, 61089124CD8FEA31142CD4D3C47224A6310B9BE7B7FA974956D9EDDAD4381503 ] EpsonBidirectionalService C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
09:24:27.0134 0x0e6c EpsonBidirectionalService - ok
09:24:27.0314 0x0e6c [ EC6A73CD8413F68655E5E0B99C415A21, 5F56B211E854B316A0512091D9EE5A10199EEF619712B8645A2034165253F2A0 ] EPSON_EB_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
09:24:27.0322 0x0e6c EPSON_EB_RPCV4_01 - ok
09:24:27.0376 0x0e6c [ 8FE6AB59CAB8F2C038FEA9522A5EEBA7, 539C4257DE460F881DAFAD4FD83C216363B558FDD06AE6779FBBCC2B84BCCF56 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
09:24:27.0382 0x0e6c EPSON_PM_RPCV4_01 - ok
09:24:27.0418 0x0e6c [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:24:27.0420 0x0e6c ErrDev - ok
09:24:27.0511 0x0e6c [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
09:24:27.0525 0x0e6c EventSystem - ok
09:24:27.0626 0x0e6c [ 026F6D48CC5293C7B8A696376618B9D2, 850B95FB6A8C8FD7B7F0B5BCE20DDD737CAC31E2A69D8CE7CBA287494492505D ] ewusbmbb C:\Windows\system32\DRIVERS\ewusbwwan.sys
09:24:27.0658 0x0e6c ewusbmbb - ok
09:24:27.0742 0x0e6c [ 57C171EA22F0A7F068FCB0CAEDD1E8E7, 9AAF39AA22372FB8582C1422581C08E61444BF843E1CE2E199EB00FBEA6F9C06 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
09:24:27.0748 0x0e6c ew_hwusbdev - ok
09:24:27.0805 0x0e6c [ 61A973F60E94A551BA7B15F3460444FB, FC2FB69978D99D75673AFE9F08176F3139DCBAEDE4D339BD09DA29CD3EC01005 ] ew_usbenumfilter C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys
09:24:27.0807 0x0e6c ew_usbenumfilter - ok
09:24:27.0836 0x0e6c [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
09:24:27.0844 0x0e6c exfat - ok
09:24:27.0884 0x0e6c [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:24:27.0892 0x0e6c fastfat - ok
09:24:27.0956 0x0e6c [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
09:24:28.0002 0x0e6c Fax - ok
09:24:28.0034 0x0e6c [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:24:28.0038 0x0e6c fdc - ok
09:24:28.0058 0x0e6c [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
09:24:28.0062 0x0e6c fdPHost - ok
09:24:28.0078 0x0e6c [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
09:24:28.0082 0x0e6c FDResPub - ok
09:24:28.0092 0x0e6c [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:24:28.0096 0x0e6c FileInfo - ok
09:24:28.0145 0x0e6c [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:24:28.0146 0x0e6c Filetrace - ok
09:24:28.0222 0x0e6c [ F76D04F7413B07DAA029F6520B64B4E8, 3EB13C0EFE737880853FB8952381E7A57723F9472E0E4ED7CDA8A0D7DE8DC90D ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
09:24:28.0269 0x0e6c FLEXnet Licensing Service - ok
09:24:28.0315 0x0e6c [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:24:28.0317 0x0e6c flpydisk - ok
09:24:28.0349 0x0e6c [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:24:28.0359 0x0e6c FltMgr - ok
09:24:28.0449 0x0e6c [ 23D3F12CA9DEB6EF02DEDC621EC661AC, AA3718715ADFE1666757BCD79D5A8DC591C2C5185802F51A27C119C4C30F360A ] FontCache C:\Windows\system32\FntCache.dll
09:24:28.0623 0x0e6c FontCache - ok
09:24:28.0758 0x0e6c [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:24:28.0760 0x0e6c FontCache3.0.0.0 - ok
09:24:28.0813 0x0e6c [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:24:28.0817 0x0e6c FsDepends - ok
09:24:28.0878 0x0e6c [ BFAAA92861526BB0ADCD01E964AB6609, 5C0B7BAEF04F20C45897CE88559D4B5664121475EFD2489F3D89191DCFC7C8ED ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
09:24:28.0882 0x0e6c fssfltr - ok
09:24:29.0017 0x0e6c [ 40CDFAD174B3D5E80F95DDA003C0B97F, 2DA149CE42B87681ECDCC8905D0957443F430A9C7002FF78F22A95F9112A7C4C ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
09:24:29.0101 0x0e6c fsssvc - ok
09:24:29.0160 0x0e6c [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:24:29.0163 0x0e6c Fs_Rec - ok
09:24:29.0213 0x0e6c [ 8C89DAB1061E3D04E902404754D3FA29, 43249B36BCDB6A684ED709CCCE06380BEE92734EA7B2ACE2190B2F699E8E28D4 ] FTDIBUS C:\Windows\system32\drivers\ftdibus.sys
09:24:29.0295 0x0e6c FTDIBUS - ok
09:24:29.0351 0x0e6c [ B14C967A0ADF2348258DD8312B6C0C58, E592DD0480E845E8A7AE11A2BC11BF4D0B8FD433CCB1A3A7F21E9C5EB5991F06 ] FTSER2K C:\Windows\system32\drivers\ftser2k.sys
09:24:29.0397 0x0e6c FTSER2K - ok
09:24:29.0440 0x0e6c [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:24:29.0450 0x0e6c fvevol - ok
09:24:29.0490 0x0e6c [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
09:24:29.0495 0x0e6c gagp30kx - ok
09:24:29.0545 0x0e6c [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:24:29.0547 0x0e6c GEARAspiWDM - ok
09:24:29.0596 0x0e6c [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\Windows\System32\gpsvc.dll
09:24:29.0655 0x0e6c gpsvc - ok
09:24:29.0826 0x0e6c [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
09:24:29.0831 0x0e6c gupdate - ok
09:24:29.0846 0x0e6c [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
09:24:29.0852 0x0e6c gupdatem - ok
09:24:29.0885 0x0e6c [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:24:29.0887 0x0e6c hcw85cir - ok
09:24:29.0940 0x0e6c [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
09:24:29.0975 0x0e6c HDAudBus - ok
09:24:30.0002 0x0e6c [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
09:24:30.0005 0x0e6c HidBatt - ok
09:24:30.0024 0x0e6c [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
09:24:30.0030 0x0e6c HidBth - ok
09:24:30.0057 0x0e6c [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
09:24:30.0060 0x0e6c HidIr - ok
09:24:30.0103 0x0e6c [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\system32\hidserv.dll
09:24:30.0108 0x0e6c hidserv - ok
09:24:30.0146 0x0e6c [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
09:24:30.0149 0x0e6c HidUsb - ok
09:24:30.0180 0x0e6c [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
09:24:30.0187 0x0e6c hkmsvc - ok
09:24:30.0241 0x0e6c [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:24:30.0254 0x0e6c HomeGroupListener - ok
09:24:30.0319 0x0e6c [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:24:30.0330 0x0e6c HomeGroupProvider - ok
09:24:30.0363 0x0e6c [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:24:30.0368 0x0e6c HpSAMD - ok
09:24:30.0438 0x0e6c [ BFBDBCA42710795C4446C54243970FD1, 03B1D83FE3F5580A6E1FC7B8BF3F55425F7F1214EB386B52C4B4B6C4D8B58A5F ] HsfXAudioService C:\Windows\system32\XAudio32.dll
09:24:30.0495 0x0e6c HsfXAudioService - ok
09:24:30.0573 0x0e6c [ 0CEE084D6FD31836D830054E4D55DCB1, B22B76387F409E3654610740AA9A65C1BECD85DB98FED20EC1933EB957292E9C ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
09:24:30.0676 0x0e6c HSF_DPV - ok
09:24:30.0743 0x0e6c [ 505A930DB626ABB3EC1E65F056551923, 515EC9C6D0892B1C8BED41A81FFEF381CE0FC7438D0E8DE24C13D8CD05835EB3 ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
09:24:30.0749 0x0e6c HSXHWAZL - ok
09:24:30.0861 0x0e6c [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:24:30.0907 0x0e6c HTTP - ok
09:24:30.0958 0x0e6c [ 42A64382A0607B80C99C37170911B346, 54914F2C401824546E7F41F10A42FF242177740F5DE3F34EFC2B8F3E8F7C1480 ] huawei_cdcacm C:\Windows\system32\DRIVERS\ew_jucdcacm.sys
09:24:30.0963 0x0e6c huawei_cdcacm - ok
09:24:31.0004 0x0e6c [ F44461E66F1B7DD267957FE9BAA63ED0, 5B51692F1670A43A8C1B9E2EECB4042AB04BA92AAA347405A61D3EA8C478BC5A ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
09:24:31.0009 0x0e6c huawei_enumerator - ok
09:24:31.0029 0x0e6c [ 69A103138B77AC0950EC3846E2E6F655, 082B59A5560BB58F314E7A7E4210DB7A2AB4F833CD72C5FFBA932F7928F78E3F ] huawei_ext_ctrl C:\Windows\system32\DRIVERS\ew_juextctrl.sys
09:24:31.0032 0x0e6c huawei_ext_ctrl - ok
09:24:31.0062 0x0e6c [ 7DE001BAB4056257E1792AF1FCFA489F, 8C446F5D869C6129392A724FB216469FE32AE2EFD731980B640D429942D5D42F ] huawei_wwanecm C:\Windows\system32\DRIVERS\ew_juwwanecm.sys
09:24:31.0068 0x0e6c huawei_wwanecm - ok
09:24:31.0131 0x0e6c [ F547F862B8907F1BCBD9B72A72A6449E, 18045A85AF0060E599A386D2F50E333D0ADEBECD2987CB4EE6377D1537197285 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
09:24:31.0141 0x0e6c hwdatacard - ok
09:24:31.0194 0x0e6c HWDeviceService.exe - ok
09:24:31.0261 0x0e6c [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:24:31.0264 0x0e6c hwpolicy - ok
09:24:31.0323 0x0e6c [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
09:24:31.0328 0x0e6c i8042prt - ok
09:24:31.0402 0x0e6c [ D80AA0907748D7CC8EFAB3773F32629B, BEE52B4E6099B5B8CA5D6D4DE4A90B124AC7E3EE4A69565BFDD227AF261B6242 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
09:24:31.0419 0x0e6c iaStor - ok
09:24:31.0519 0x0e6c [ A9BE186ABF28B3D3D698CB855EDF457E, 03E1851132E1C8669CF9B3CEB1C9E6AE45BBAC2632FEEDD311F3B3FAA9B623DD ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
09:24:31.0521 0x0e6c IAStorDataMgrSvc - ok
09:24:31.0598 0x0e6c [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:24:31.0628 0x0e6c iaStorV - ok
09:24:31.0754 0x0e6c [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
09:24:31.0760 0x0e6c IDriverT - ok
09:24:31.0877 0x0e6c [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:24:31.0944 0x0e6c idsvc - ok
09:24:31.0992 0x0e6c IEEtwCollectorService - ok
09:24:32.0429 0x0e6c [ DCE0B53570703CCE580D066F89EF58CD, C5C2C4F51F2DB2BB6E7F1218472AEAAD996514AB99EA84946A473CB7A64D9E15 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
09:24:32.0765 0x0e6c igfx - ok
09:24:32.0867 0x0e6c [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
09:24:32.0871 0x0e6c iirsp - ok
09:24:32.0959 0x0e6c [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll
09:24:33.0027 0x0e6c IKEEXT - ok
09:24:33.0067 0x0e6c [ E3C36AC5AE87EC970AE8EA2A93D59AE1, 8403A5243DF38EFC35A0200760EC081E42467744AF25A1F2168D5A8198AF6A5B ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
09:24:33.0074 0x0e6c Impcd - ok
09:24:33.0113 0x0e6c [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
09:24:33.0115 0x0e6c intelide - ok
09:24:33.0137 0x0e6c [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:24:33.0140 0x0e6c intelppm - ok
09:24:33.0238 0x0e6c [ 80A3CB16C3ABAB616D33C1D8B2DB0ECE, 7DE3D5445BB1BD4563E1DF81D01366032F28F4AD445FF80D4ED4DE35DD22269A ] Internet Manager. RunOuc C:\Program Files\T-Mobile\InternetManager_H\UpdateDog\ouc.exe
09:24:33.0362 0x0e6c Internet Manager. RunOuc - ok
09:24:33.0425 0x0e6c [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:24:33.0429 0x0e6c IPBusEnum - ok
09:24:33.0452 0x0e6c [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:24:33.0457 0x0e6c IpFilterDriver - ok
09:24:33.0519 0x0e6c [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:24:33.0572 0x0e6c iphlpsvc - ok
09:24:33.0656 0x0e6c [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:24:33.0660 0x0e6c IPMIDRV - ok
09:24:33.0705 0x0e6c [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:24:33.0710 0x0e6c IPNAT - ok
09:24:33.0858 0x0e6c [ 6079D23EE84798D4EA0A68619E07FF70, 7E84549F90F8D08D268B8D05C82F32FF4ACDDE899DD95D022A9000E6C320CEDA ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
09:24:33.0904 0x0e6c iPod Service - ok
09:24:33.0942 0x0e6c [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:24:33.0945 0x0e6c IRENUM - ok
09:24:33.0970 0x0e6c [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:24:33.0977 0x0e6c isapnp - ok
09:24:34.0004 0x0e6c [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:24:34.0026 0x0e6c iScsiPrt - ok
09:24:34.0047 0x0e6c [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:24:34.0051 0x0e6c kbdclass - ok
09:24:34.0090 0x0e6c [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:24:34.0093 0x0e6c kbdhid - ok
09:24:34.0108 0x0e6c [ 7884C1EDF5BD21749C206E8C4B5DB409, 620638756A5EE6EA933A7A4C94E7DD2537E2A7345BBEFF72D28271C0174D10A2 ] KeyIso C:\Windows\system32\lsass.exe
09:24:34.0112 0x0e6c KeyIso - ok
09:24:34.0142 0x0e6c [ 4476FE98AAF505ACDCD3EE6360AABEC1, 1573C5B9F1B12FEEE6D771AFF8969FB9D06878B1E0BECCD4AF13DA9F194FB256 ] KMWDFILTERx86 C:\Windows\system32\DRIVERS\KMWDFILTER.sys
09:24:34.0146 0x0e6c KMWDFILTERx86 - ok
09:24:34.0206 0x0e6c [ 0C51E9B34F3521806C78325E511E93EF, 5FB73AADC60FE73023BC50B0DB75B68D74A1546F26A65979A6BFBF3963C6FB24 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:24:34.0210 0x0e6c KSecDD - ok
09:24:34.0283 0x0e6c [ CC5B7CF2D08FDDAF1112FE2785F33FAC, DC13591CBB72631C2008781FCF40881182DA87BA1A69F3A858DBD33E8D8FFC95 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:24:34.0290 0x0e6c KSecPkg - ok
09:24:34.0358 0x0e6c [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
09:24:34.0375 0x0e6c KtmRm - ok
09:24:34.0415 0x0e6c [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\system32\srvsvc.dll
09:24:34.0427 0x0e6c LanmanServer - ok
09:24:34.0555 0x0e6c [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:24:34.0565 0x0e6c LanmanWorkstation - ok
09:24:34.0605 0x0e6c [ F8A7212D0864EF5E9185FB95E6623F4D, 277EAA06BD3D1CB31E6CD7B9ECD3A4B7D4AB7A369DB5FFF04EC7D749DF26E3D2 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
09:24:34.0607 0x0e6c lirsgt - ok
09:24:34.0630 0x0e6c [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:24:34.0636 0x0e6c lltdio - ok
09:24:34.0676 0x0e6c [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:24:34.0688 0x0e6c lltdsvc - ok
09:24:34.0709 0x0e6c [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:24:34.0714 0x0e6c lmhosts - ok
09:24:34.0755 0x0e6c [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
09:24:34.0761 0x0e6c LSI_FC - ok
09:24:34.0784 0x0e6c [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
09:24:34.0789 0x0e6c LSI_SAS - ok
09:24:34.0809 0x0e6c [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:24:34.0813 0x0e6c LSI_SAS2 - ok
09:24:34.0833 0x0e6c [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:24:34.0839 0x0e6c LSI_SCSI - ok
09:24:34.0878 0x0e6c [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
09:24:34.0883 0x0e6c luafv - ok
09:24:34.0931 0x0e6c [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:24:34.0938 0x0e6c Mcx2Svc - ok
09:24:34.0963 0x0e6c [ A027DE1E6C11BD2DAF61F6F276B2299F, E2B7A9EDE85DB440FE6ECBD87976B00F01A5BB5DB8D19A38AE8AE66A9962128E ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
09:24:34.0966 0x0e6c mdmxsdk - ok
09:24:34.0989 0x0e6c [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
09:24:34.0992 0x0e6c megasas - ok
09:24:35.0024 0x0e6c [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
09:24:35.0035 0x0e6c MegaSR - ok
09:24:35.0073 0x0e6c [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
09:24:35.0079 0x0e6c MMCSS - ok
09:24:35.0099 0x0e6c [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
09:24:35.0102 0x0e6c Modem - ok
09:24:35.0121 0x0e6c [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:24:35.0122 0x0e6c monitor - ok
09:24:35.0157 0x0e6c [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:24:35.0160 0x0e6c mouclass - ok
09:24:35.0176 0x0e6c [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:24:35.0179 0x0e6c mouhid - ok
09:24:35.0223 0x0e6c [ BAD9C0366134BA181514E9263C8CE606, 7976B2D3DC283ACDBC21C7D197C0E2A650E6555F6569283302766B17D736BDB8 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:24:35.0228 0x0e6c mountmgr - ok
09:24:35.0308 0x0e6c [ 98DA127D0AB8B6CB5773546AF60D9217, BB07F34552342CA40E843F80AA32C928C29EF81789605E53C795EFD564F2DA7F ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:24:35.0451 0x0e6c MozillaMaintenance - ok
09:24:35.0533 0x0e6c [ F112DA773EC3E9D3CDE9221ED300E033, 693C416B281DA3489C096812D0E4E0413C05798D36AF534624C3B29551CE68A4 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
09:24:35.0544 0x0e6c MpFilter - ok
09:24:35.0585 0x0e6c [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys
09:24:35.0592 0x0e6c mpio - ok
09:24:35.0751 0x0e6c [ BB7BB66A8DAF16950F83AE7BF498AF8F, A96FC3BE055C52B98E7ECDF68D69081620F829B04B5496C73D87F271E40EA638 ] MpKsl974eb94c c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2532DCB5-DE2F-4D74-87A1-A8E1513FCFD4}\MpKsl974eb94c.sys
09:24:35.0754 0x0e6c MpKsl974eb94c - ok
09:24:35.0786 0x0e6c [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:24:35.0790 0x0e6c mpsdrv - ok
09:24:35.0846 0x0e6c [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:24:35.0892 0x0e6c MpsSvc - ok
09:24:35.0937 0x0e6c [ 6430A074F6E32176FBEF2DEB110AE952, 0161B3CBCF427F5F9C47EDBA7F6848D9D6EB58B7EF203881E0D288B5ABAEEB98 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:24:36.0012 0x0e6c MRxDAV - ok
09:24:36.0087 0x0e6c [ E900BD16B9EE8F09609D7FBE2027B376, CD71FD868B58EA717499E8D30C78E025DDBCBADA4A7174C4A2FA6E88331AE5E5 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:24:36.0184 0x0e6c mrxsmb - ok
09:24:36.0241 0x0e6c [ 34F71B69DD2875AF07C4DDF19563C457, C679477EFCF2ED385B89F5BE8739D508A6147CE954419EC2F7F4ECA4A6543CAF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:24:36.0334 0x0e6c mrxsmb10 - ok
09:24:36.0394 0x0e6c [ 14063258261AA807DAADC9233422A5E5, 685E5E4374F59CA500242918D2D887798EECAE5E7C31F05ABACA10F86E788EAD ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:24:36.0465 0x0e6c mrxsmb20 - ok
09:24:36.0525 0x0e6c [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys
09:24:36.0528 0x0e6c msahci - ok
09:24:36.0587 0x0e6c [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:24:36.0594 0x0e6c msdsm - ok
09:24:36.0621 0x0e6c [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
09:24:36.0632 0x0e6c MSDTC - ok
09:24:36.0675 0x0e6c [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:24:36.0678 0x0e6c Msfs - ok
09:24:36.0693 0x0e6c [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:24:36.0695 0x0e6c mshidkmdf - ok
09:24:36.0701 0x0e6c [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:24:36.0703 0x0e6c msisadrv - ok
09:24:36.0746 0x0e6c [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:24:36.0751 0x0e6c MSiSCSI - ok
09:24:36.0757 0x0e6c msiserver - ok
09:24:36.0793 0x0e6c [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:24:36.0795 0x0e6c MSKSSRV - ok
09:24:36.0897 0x0e6c [ CC09BB7FDEFC5763CCB3CF7DAE2D76CF, F8F00900EDBA2F64BF136DD0B6C83CAF07C72F24F3D49C78B7EA24757FDBC6D0 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
09:24:36.0899 0x0e6c MsMpSvc - ok
09:24:36.0957 0x0e6c [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:24:36.0960 0x0e6c MSPCLOCK - ok
09:24:36.0983 0x0e6c [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:24:36.0985 0x0e6c MSPQM - ok
09:24:37.0010 0x0e6c [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:24:37.0019 0x0e6c MsRPC - ok
09:24:37.0041 0x0e6c [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
09:24:37.0047 0x0e6c mssmbios - ok
09:24:37.0062 0x0e6c [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:24:37.0064 0x0e6c MSTEE - ok
09:24:37.0075 0x0e6c [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
09:24:37.0077 0x0e6c MTConfig - ok
09:24:37.0091 0x0e6c [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
09:24:37.0094 0x0e6c Mup - ok
09:24:37.0144 0x0e6c [ B45CA4BF954D1C983BB0B9DB9759F708, 997E0CF5D432C565B5404E0E3D2C89EA8C7B74DE3587A67425388B33993391FF ] mvusbcomm C:\Windows\system32\Drivers\mvusbcomm.sys
09:24:37.0181 0x0e6c mvusbcomm - ok
09:24:37.0250 0x0e6c [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll
09:24:37.0295 0x0e6c napagent - ok
09:24:37.0368 0x0e6c [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:24:37.0386 0x0e6c NativeWifiP - ok
09:24:37.0468 0x0e6c [ 9804FB2E46077F2977552347DFCA7E05, A34B703462C6998AB2B3EA6389F4B89616CDC257D44C400C92663E6FB4A8F196 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:24:37.0527 0x0e6c NDIS - ok
09:24:37.0562 0x0e6c [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:24:37.0565 0x0e6c NdisCap - ok
09:24:37.0603 0x0e6c [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:24:37.0606 0x0e6c NdisTapi - ok
09:24:37.0645 0x0e6c [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:24:37.0649 0x0e6c Ndisuio - ok
09:24:37.0686 0x0e6c [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:24:37.0693 0x0e6c NdisWan - ok
09:24:37.0749 0x0e6c [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:24:37.0753 0x0e6c NDProxy - ok
09:24:37.0805 0x0e6c [ 1352E1648213551923A0A822E441553C, F9BCA299249D8E1ADF88F54554F72428E267E39911143F4C99DFF562F0EE4E70 ] Netaapl C:\Windows\system32\DRIVERS\netaapl.sys
09:24:37.0808 0x0e6c Netaapl - ok
09:24:37.0833 0x0e6c [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:24:37.0837 0x0e6c NetBIOS - ok
09:24:37.0871 0x0e6c [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:24:37.0881 0x0e6c NetBT - ok
09:24:37.0917 0x0e6c [ 7884C1EDF5BD21749C206E8C4B5DB409, 620638756A5EE6EA933A7A4C94E7DD2537E2A7345BBEFF72D28271C0174D10A2 ] Netlogon C:\Windows\system32\lsass.exe
09:24:37.0921 0x0e6c Netlogon - ok
09:24:37.0976 0x0e6c [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
09:24:38.0009 0x0e6c Netman - ok
09:24:38.0096 0x0e6c [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:24:38.0248 0x0e6c NetMsmqActivator - ok
09:24:38.0259 0x0e6c [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:24:38.0265 0x0e6c NetPipeActivator - ok
09:24:38.0300 0x0e6c [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
09:24:38.0319 0x0e6c netprofm - ok
09:24:38.0331 0x0e6c [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:24:38.0336 0x0e6c NetTcpActivator - ok
09:24:38.0350 0x0e6c [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:24:38.0356 0x0e6c NetTcpPortSharing - ok
09:24:38.0400 0x0e6c [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
09:24:38.0403 0x0e6c nfrd960 - ok
09:24:38.0469 0x0e6c [ 780FF28BCD8470C5FDDEEF69982AA295, 1ED386E87E0AA733F23D554D2BF4EF4168DB9A419B7BA0BA8FBA20F118BE21DF ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
09:24:38.0474 0x0e6c NisDrv - ok
09:24:38.0518 0x0e6c [ 3FF257F54649D4F19E39263C5D581CD1, 1F201EEE770A452AA30C6270AAA456A77F9F3A102F473E12C22D3B8809932C1B ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
09:24:38.0531 0x0e6c NisSrv - ok
09:24:38.0580 0x0e6c [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:24:38.0594 0x0e6c NlaSvc - ok
09:24:38.0642 0x0e6c [ 33A4B24A4C4DCF3C168E2C1151A62FC5, 451D3276B7604A2F13CC99CA4BA08C6CADD47F8C0BEB08822E078B348BC54690 ] nmwcd C:\Windows\system32\drivers\ccdcmb.sys
09:24:38.0645 0x0e6c nmwcd - ok
09:24:38.0699 0x0e6c [ A77265EF7BF998B8BB22A1A23E72B45D, 52D3B06635600DAB7C7E43E6336FD313EC8C2F4D8756F7B6AF76BE2FC69AF68D ] nmwcdc C:\Windows\system32\drivers\ccdcmbo.sys
09:24:38.0702 0x0e6c nmwcdc - ok
09:24:38.0730 0x0e6c [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:24:38.0734 0x0e6c Npfs - ok
09:24:38.0755 0x0e6c [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
09:24:38.0760 0x0e6c nsi - ok
09:24:38.0782 0x0e6c [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:24:38.0785 0x0e6c nsiproxy - ok
09:24:38.0889 0x0e6c [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:24:38.0974 0x0e6c Ntfs - ok
09:24:38.0997 0x0e6c [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
09:24:38.0999 0x0e6c Null - ok
09:24:39.0043 0x0e6c [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:24:39.0050 0x0e6c nvraid - ok
09:24:39.0105 0x0e6c [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:24:39.0113 0x0e6c nvstor - ok
09:24:39.0188 0x0e6c [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:24:39.0194 0x0e6c nv_agp - ok
09:24:39.0229 0x0e6c [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:24:39.0234 0x0e6c ohci1394 - ok
09:24:39.0282 0x0e6c [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:24:39.0290 0x0e6c ose - ok
09:24:39.0632 0x0e6c [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:24:39.0851 0x0e6c osppsvc - ok
09:24:39.0916 0x0e6c [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:24:39.0925 0x0e6c p2pimsvc - ok
09:24:39.0978 0x0e6c [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
09:24:40.0034 0x0e6c p2psvc - ok
09:24:40.0104 0x0e6c [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
09:24:40.0109 0x0e6c Parport - ok
09:24:40.0145 0x0e6c [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:24:40.0149 0x0e6c partmgr - ok
09:24:40.0165 0x0e6c [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
09:24:40.0168 0x0e6c Parvdm - ok
09:24:40.0218 0x0e6c [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc C:\Windows\System32\pcasvc.dll
09:24:40.0229 0x0e6c PcaSvc - ok
09:24:40.0294 0x0e6c [ F451DCACBAA67F3307305EBD4A39EA07, C4435BF4C2D16F3DC0B35732BE3602FFA28DB0A5BC5576F45E0D32E5F4CD2DEA ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
09:24:40.0297 0x0e6c pccsmcfd - ok
09:24:40.0451 0x0e6c [ 92FDDBED716BF5C3CB766101563CFCE5, BD77BEB532483FBDBE2D69A7D5193F1EB43514CA7A65934F17AE71DCF397CCD4 ] PCDSRVC{E9D79540-57D5953E-06020101}_0 c:\program files\dell support center\pcdsrvc.pkms
09:24:40.0548 0x0e6c PCDSRVC{E9D79540-57D5953E-06020101}_0 - ok
09:24:40.0576 0x0e6c [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys
09:24:40.0585 0x0e6c pci - ok
09:24:40.0619 0x0e6c [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys
09:24:40.0622 0x0e6c pciide - ok
09:24:40.0657 0x0e6c [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
09:24:40.0667 0x0e6c pcmcia - ok
09:24:40.0676 0x0e6c [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
09:24:40.0680 0x0e6c pcw - ok
09:24:40.0731 0x0e6c [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:24:40.0778 0x0e6c PEAUTH - ok
09:24:40.0865 0x0e6c [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
09:24:40.0934 0x0e6c PeerDistSvc - ok
09:24:41.0061 0x0e6c [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
09:24:41.0143 0x0e6c pla - ok
09:24:41.0191 0x0e6c [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:24:41.0247 0x0e6c PlugPlay - ok
09:24:41.0266 0x0e6c [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:24:41.0273 0x0e6c PNRPAutoReg - ok
09:24:41.0298 0x0e6c [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:24:41.0311 0x0e6c PNRPsvc - ok
09:24:41.0360 0x0e6c [ 420336F91EB745811CF130C80EDE0653, DFF3D8B838277FD0E151EB298EE81EF0E41139F625CCBB4F1FD13E1754A9705A ] Point32 C:\Windows\system32\DRIVERS\point32.sys
09:24:41.0364 0x0e6c Point32 - ok
09:24:41.0532 0x0e6c [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:24:41.0550 0x0e6c PolicyAgent - ok
09:24:41.0605 0x0e6c [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
09:24:41.0614 0x0e6c Power - ok
09:24:41.0637 0x0e6c [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:24:41.0641 0x0e6c PptpMiniport - ok
09:24:41.0664 0x0e6c [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys
09:24:41.0667 0x0e6c Processor - ok
09:24:41.0716 0x0e6c [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc C:\Windows\system32\profsvc.dll
09:24:41.0723 0x0e6c ProfSvc - ok
09:24:41.0739 0x0e6c [ 7884C1EDF5BD21749C206E8C4B5DB409, 620638756A5EE6EA933A7A4C94E7DD2537E2A7345BBEFF72D28271C0174D10A2 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:24:41.0743 0x0e6c ProtectedStorage - ok
09:24:41.0777 0x0e6c [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:24:41.0782 0x0e6c Psched - ok
09:24:41.0826 0x0e6c [ E42E3433DBB4CFFE8FDD91EAB29AEA8E, 20ABD8372B242FD356AC143E7EB56F93CFEA4988ED1B0C4434CB64C387D7F66C ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
09:24:41.0830 0x0e6c PxHelp20 - ok
09:24:41.0956 0x0e6c [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
09:24:42.0098 0x0e6c ql2300 - ok
09:24:42.0126 0x0e6c [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
09:24:42.0130 0x0e6c ql40xx - ok
09:24:42.0173 0x0e6c [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
09:24:42.0182 0x0e6c QWAVE - ok
09:24:42.0199 0x0e6c [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:24:42.0202 0x0e6c QWAVEdrv - ok
09:24:42.0225 0x0e6c [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:24:42.0227 0x0e6c RasAcd - ok
09:24:42.0261 0x0e6c [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:24:42.0265 0x0e6c RasAgileVpn - ok
09:24:42.0285 0x0e6c [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
09:24:42.0294 0x0e6c RasAuto - ok
09:24:42.0375 0x0e6c [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:24:42.0380 0x0e6c Rasl2tp - ok
09:24:42.0463 0x0e6c [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
09:24:42.0479 0x0e6c RasMan - ok
09:24:42.0494 0x0e6c [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:24:42.0499 0x0e6c RasPppoe - ok
09:24:42.0513 0x0e6c [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:24:42.0517 0x0e6c RasSstp - ok
09:24:42.0595 0x0e6c [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:24:42.0607 0x0e6c rdbss - ok
09:24:42.0629 0x0e6c [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
09:24:42.0632 0x0e6c rdpbus - ok
09:24:42.0674 0x0e6c [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:24:42.0677 0x0e6c RDPCDD - ok
09:24:42.0718 0x0e6c [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
09:24:42.0726 0x0e6c RDPDR - ok
09:24:42.0746 0x0e6c [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:24:42.0750 0x0e6c RDPENCDD - ok
09:24:42.0762 0x0e6c [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:24:42.0767 0x0e6c RDPREFMP - ok
09:24:42.0907 0x0e6c [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
09:24:42.0936 0x0e6c RdpVideoMiniport - ok
09:24:42.0978 0x0e6c [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:24:42.0987 0x0e6c RDPWD - ok
09:24:43.0029 0x0e6c [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:24:43.0041 0x0e6c rdyboost - ok
09:24:43.0102 0x0e6c [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:24:43.0109 0x0e6c RemoteAccess - ok
09:24:43.0127 0x0e6c [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:24:43.0137 0x0e6c RemoteRegistry - ok
09:24:43.0183 0x0e6c [ CB928D9E6DAF51879DD6BA8D02F01321, DFD263B67DDF98AE09AF6D6986CBC7BE3206BCE8403AAC51BCF9459E78233D12 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
09:24:43.0190 0x0e6c RFCOMM - ok
09:24:43.0227 0x0e6c [ DF672613FBBCD58C38BB0BC2694BCFB0, 9B574773C7E796B7E30481F7A22D996078D5D3D295270B5BA5931A2D2F03EB4B ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
09:24:43.0231 0x0e6c rimmptsk - ok
09:24:43.0263 0x0e6c [ AF213955C4D952C914620E8DB0CD0CF7, 09BCA009E183B448B97677A4E24630BD9CD2B53AFD48828C9B1F980794097899 ] rimspci C:\Windows\system32\DRIVERS\rimspe86.sys
09:24:43.0267 0x0e6c rimspci - ok
09:24:43.0296 0x0e6c [ 9BFB54D3559F2FF7301271D29D383564, DA7F9D7432D2DD4B8FCEEB5D995E4E0A2BF6226C3A244BE4EE6BF08EF29C8687 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
09:24:43.0300 0x0e6c rimsptsk - ok
09:24:43.0328 0x0e6c [ 6978DECC2C38C5CE10A8B0F2B12F4451, 1B211CD20E2D5F7F631FA74EFF124C324A5AAD57A2FE87CA8960155EA2DE3AB8 ] risdpcie C:\Windows\system32\DRIVERS\risdpe86.sys
09:24:43.0332 0x0e6c risdpcie - ok
09:24:43.0341 0x0e6c [ DCB87DA83CC1010CBC9FC4DC9E395BBC, 2123B7CAD746141C69F7DFCB4C351905C32E5B433F806EDA50074B088DC886DC ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
09:24:43.0345 0x0e6c rismxdp - ok
09:24:43.0370 0x0e6c [ 764C1F3453E779724BA647327DE7DDD4, CB270BDDA4D4F9F3F1A1AA21DFF2F96F4B9CC6A21CB243B869666A7DB468C3CA ] rixdpcie C:\Windows\system32\DRIVERS\rixdpe86.sys
09:24:43.0374 0x0e6c rixdpcie - ok
09:24:43.0539 0x0e6c [ BDDC447AB46625A54619808575D5CB46, 5321343BFB972A111D27DED7A3F3A3520E0C77104E6139ADC7765C76A459ED9C ] RoxMediaDB12OEM C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
09:24:43.0617 0x0e6c RoxMediaDB12OEM - ok
09:24:43.0680 0x0e6c [ CE203243ADF512540249DF9C264F12DD, 7BC0A6E9A422D832DDF046F28EA0F80A879A007B7116C4B830D6A39DCDD09EF5 ] RoxWatch12 C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
09:24:43.0687 0x0e6c RoxWatch12 - ok
09:24:43.0724 0x0e6c [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:24:43.0731 0x0e6c RpcEptMapper - ok
09:24:43.0815 0x0e6c [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
09:24:43.0820 0x0e6c RpcLocator - ok
09:24:43.0879 0x0e6c [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\Windows\system32\rpcss.dll
09:24:43.0897 0x0e6c RpcSs - ok
09:24:43.0972 0x0e6c [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:24:43.0974 0x0e6c rspndr - ok
09:24:44.0032 0x0e6c [ 5283B9A27FF230F2FF70D92451FF409A, B8BAC70E1DE4485C79CA7B47D4DCFE0223CECEA8ED75CE4F128D47051F95FE5D ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
09:24:44.0067 0x0e6c RTL8167 - ok
09:24:44.0141 0x0e6c [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap C:\Windows\system32\drivers\vms3cap.sys
09:24:44.0143 0x0e6c s3cap - ok
09:24:44.0169 0x0e6c [ 7884C1EDF5BD21749C206E8C4B5DB409, 620638756A5EE6EA933A7A4C94E7DD2537E2A7345BBEFF72D28271C0174D10A2 ] SamSs C:\Windows\system32\lsass.exe
09:24:44.0173 0x0e6c SamSs - ok
09:24:44.0232 0x0e6c [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:24:44.0237 0x0e6c sbp2port - ok
09:24:44.0284 0x0e6c [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:24:44.0296 0x0e6c SCardSvr - ok
09:24:44.0367 0x0e6c [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:24:44.0371 0x0e6c scfilter - ok
09:24:44.0446 0x0e6c [ 9060B8D5BCD5F2B019249F85E3D811F3, 7FB32AB7FE118462988321B9230074DAA960B587417EB463187539C3215445AE ] Schedule C:\Windows\system32\schedsvc.dll
09:24:44.0527 0x0e6c Schedule - ok
09:24:44.0600 0x0e6c [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
09:24:44.0602 0x0e6c SCPolicySvc - ok
09:24:44.0630 0x0e6c [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:24:44.0641 0x0e6c SDRSVC - ok
09:24:44.0801 0x0e6c [ 78779EE07231C658B483B1F38B5088DF, 42DE06151DA17C218067CA3A22509BC626CB505F87238E39D024CE29554EF47D ] SeaPort C:\Program Files\Microsoft\BingBar\SeaPort.EXE
09:24:44.0813 0x0e6c SeaPort - ok
09:24:44.0895 0x0e6c [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:24:44.0898 0x0e6c secdrv - ok
09:24:44.0928 0x0e6c [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
09:24:44.0934 0x0e6c seclogon - ok
09:24:44.0975 0x0e6c [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\System32\sens.dll
09:24:44.0982 0x0e6c SENS - ok
09:24:45.0069 0x0e6c [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:24:45.0075 0x0e6c SensrSvc - ok
09:24:45.0141 0x0e6c [ CB3E852B818946F396E35A976EE6B552, 2CA45BEBD2F607E66F13DBD23DE7FB4E0C74F9B93A649B270E96A97000B650CA ] Ser2pl C:\Windows\system32\DRIVERS\ser2pl.sys
09:24:45.0146 0x0e6c Ser2pl - ok
09:24:45.0180 0x0e6c [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
09:24:45.0183 0x0e6c Serenum - ok
09:24:45.0208 0x0e6c [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
09:24:45.0214 0x0e6c Serial - ok
09:24:45.0235 0x0e6c [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
09:24:45.0238 0x0e6c sermouse - ok
09:24:45.0337 0x0e6c [ 289E853881E688286AD24299FCC485D8, 14B2359D7301591EF4ECC3DCC75947935AB3C25D240BD26D45DFF8A0F81A4D45 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
09:24:45.0439 0x0e6c ServiceLayer - ok
09:24:45.0521 0x0e6c [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
09:24:45.0531 0x0e6c SessionEnv - ok
09:24:45.0624 0x0e6c [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:24:45.0627 0x0e6c sffdisk - ok
09:24:45.0646 0x0e6c [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:24:45.0649 0x0e6c sffp_mmc - ok
09:24:45.0673 0x0e6c [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:24:45.0676 0x0e6c sffp_sd - ok
09:24:45.0697 0x0e6c [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
09:24:45.0700 0x0e6c sfloppy - ok
09:24:45.0757 0x0e6c [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:24:45.0791 0x0e6c SharedAccess - ok
09:24:45.0911 0x0e6c [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:24:45.0956 0x0e6c ShellHWDetection - ok
09:24:46.0062 0x0e6c [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys
09:24:46.0067 0x0e6c sisagp - ok
09:24:46.0094 0x0e6c [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:24:46.0097 0x0e6c SiSRaid2 - ok
09:24:46.0125 0x0e6c [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
09:24:46.0130 0x0e6c SiSRaid4 - ok
09:24:46.0173 0x0e6c [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:24:46.0178 0x0e6c Smb - ok
09:24:46.0270 0x0e6c [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:24:46.0276 0x0e6c SNMPTRAP - ok
09:24:46.0287 0x0e6c [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
09:24:46.0290 0x0e6c spldr - ok
09:24:46.0372 0x0e6c [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\Windows\System32\spoolsv.exe
09:24:46.0384 0x0e6c Spooler - ok
09:24:46.0685 0x0e6c [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe
09:24:46.0883 0x0e6c sppsvc - ok
09:24:46.0964 0x0e6c [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:24:46.0972 0x0e6c sppuinotify - ok
09:24:47.0076 0x0e6c [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\Windows\system32\DRIVERS\srv.sys
09:24:47.0091 0x0e6c srv - ok
09:24:47.0194 0x0e6c [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:24:47.0237 0x0e6c srv2 - ok
09:24:47.0249 0x0e6c [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:24:47.0255 0x0e6c srvnet - ok
09:24:47.0365 0x0e6c [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:24:47.0377 0x0e6c SSDPSRV - ok
09:24:47.0407 0x0e6c [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:24:47.0417 0x0e6c SstpSvc - ok
09:24:47.0483 0x0e6c [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
09:24:47.0486 0x0e6c stexstor - ok
09:24:47.0553 0x0e6c [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
09:24:47.0601 0x0e6c StiSvc - ok
09:24:47.0656 0x0e6c [ 9E182DD94496550A22A392CC1A8E0F52, 6F630982F7AFDF409F24BB0D9815592000FC8A47200F4FEC4A5C5ED241810244 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
09:24:47.0853 0x0e6c stllssvr - ok
09:24:47.0886 0x0e6c [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt C:\Windows\system32\drivers\vmstorfl.sys
09:24:47.0889 0x0e6c storflt - ok
09:24:47.0951 0x0e6c [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc C:\Windows\system32\storsvc.dll
09:24:47.0958 0x0e6c StorSvc - ok
09:24:47.0996 0x0e6c [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc C:\Windows\system32\drivers\storvsc.sys
09:24:47.0999 0x0e6c storvsc - ok
09:24:48.0053 0x0e6c [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\drivers\swenum.sys
09:24:48.0056 0x0e6c swenum - ok
09:24:48.0086 0x0e6c [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
09:24:48.0137 0x0e6c swprv - ok
09:24:48.0323 0x0e6c [ 4EE25AC85AFC3FD67D9F57ECDF566FF2, F1BFF1FB655F31B97FA9C6A49D433EFD33D8A35F6B28B4D83E45C27A05A86228 ] SysMain C:\Windows\system32\sysmain.dll
09:24:48.0420 0x0e6c SysMain - ok
09:24:48.0465 0x0e6c [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
09:24:48.0474 0x0e6c TabletInputService - ok
09:24:48.0515 0x0e6c [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
09:24:48.0548 0x0e6c TapiSrv - ok
09:24:48.0571 0x0e6c [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
09:24:48.0578 0x0e6c TBS - ok
09:24:48.0685 0x0e6c [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:24:48.0744 0x0e6c Tcpip - ok
09:24:48.0795 0x0e6c [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:24:48.0820 0x0e6c TCPIP6 - ok
09:24:48.0861 0x0e6c [ 74905EBCBB8CBDB1F3C0B1778BBCB4BC, D869FDFD98B9C972933FB6B7C521BB6181A47698D27D53CBEF329EE26C12F1BA ] tcpipBM C:\Windows\system32\drivers\tcpipBM.sys
09:24:48.0928 0x0e6c tcpipBM - ok
09:24:49.0020 0x0e6c [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:24:49.0023 0x0e6c tcpipreg - ok
09:24:49.0056 0x0e6c [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:24:49.0059 0x0e6c TDPIPE - ok
09:24:49.0097 0x0e6c [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:24:49.0100 0x0e6c TDTCP - ok
09:24:49.0146 0x0e6c [ BB8817D0508DD5EA69C770C8DEF5AB67, C55671524EEF6E16BBCC92556E83FD1D6457E707EA9330FC1CDD28FB11D99B77 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:24:49.0213 0x0e6c tdx - ok
09:24:49.0287 0x0e6c [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\drivers\termdd.sys
09:24:49.0291 0x0e6c TermDD - ok
09:24:49.0353 0x0e6c [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService C:\Windows\System32\termsrv.dll
09:24:49.0445 0x0e6c TermService - ok
09:24:49.0494 0x0e6c [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
09:24:49.0502 0x0e6c Themes - ok
09:24:49.0530 0x0e6c [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
09:24:49.0536 0x0e6c THREADORDER - ok
09:24:49.0577 0x0e6c [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
09:24:49.0586 0x0e6c TrkWks - ok
09:24:49.0662 0x0e6c [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:24:49.0672 0x0e6c TrustedInstaller - ok
09:24:49.0771 0x0e6c [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:24:49.0775 0x0e6c tssecsrv - ok
09:24:49.0828 0x0e6c [ 9CE253214ACAA5A7D323327D2055EFAA, 15E7DB578EDF36DD2FD5BA960C3941B2353037323B6B96702CDCDC07588EA724 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:24:49.0832 0x0e6c TsUsbFlt - ok
09:24:49.0897 0x0e6c [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:24:49.0903 0x0e6c tunnel - ok
09:24:49.0967 0x0e6c [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
09:24:49.0972 0x0e6c uagp35 - ok
09:24:50.0050 0x0e6c [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:24:50.0063 0x0e6c udfs - ok
09:24:50.0125 0x0e6c [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:24:50.0132 0x0e6c UI0Detect - ok
09:24:50.0174 0x0e6c [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:24:50.0178 0x0e6c uliagpkx - ok
09:24:50.0193 0x0e6c [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:24:50.0196 0x0e6c umbus - ok
09:24:50.0227 0x0e6c [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
09:24:50.0230 0x0e6c UmPass - ok
09:24:50.0278 0x0e6c [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService C:\Windows\System32\umrdp.dll
09:24:50.0290 0x0e6c UmRdpService - ok
09:24:50.0357 0x0e6c [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
09:24:50.0374 0x0e6c upnphost - ok
09:24:50.0459 0x0e6c [ B671514497DF7417F83919A6A5BD6BB9, 6E407B0A7D9F2D570A18FF64B8CAF7DA49A8574139E8841641F11E939FBDED0E ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
09:24:50.0461 0x0e6c upperdev - ok
09:24:50.0531 0x0e6c [ A176718F0DF45F60F545CF3E14F4D108, 5E767CB0B51B3BA05B6F99A7E46BEC275489DCFE874343C9B992843AA1F2334E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
09:24:50.0535 0x0e6c USBAAPL - ok
09:24:50.0581 0x0e6c [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:24:50.0586 0x0e6c usbccgp - ok
09:24:50.0630 0x0e6c [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:24:50.0635 0x0e6c usbcir - ok
09:24:50.0670 0x0e6c [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:24:50.0674 0x0e6c usbehci - ok
09:24:50.0712 0x0e6c [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:24:50.0725 0x0e6c usbhub - ok
09:24:50.0747 0x0e6c [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:24:50.0751 0x0e6c usbohci - ok
09:24:50.0779 0x0e6c [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:24:50.0783 0x0e6c usbprint - ok
09:24:50.0821 0x0e6c [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
09:24:50.0825 0x0e6c usbscan - ok
09:24:50.0887 0x0e6c [ 007C0C8D5B01D82ACEB70431D15083F6, 7EAF68CD3C38D3CD2CDFEE9ECE1DFB38E274F1F9E6F70B73BCE1336E87D5496C ] usbser C:\Windows\system32\DRIVERS\usbser.sys
09:24:50.0890 0x0e6c usbser - ok
09:24:50.0940 0x0e6c [ FF358FD3176B2E5605C4ACCD5026A5AC, BD7B43B44BA4104A845D6329703B38F420DBE688938FEC37B372D212936AC05C ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
09:24:50.0943 0x0e6c UsbserFilt - ok
09:24:50.0986 0x0e6c [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:24:51.0024 0x0e6c USBSTOR - ok
09:24:51.0062 0x0e6c [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
09:24:51.0065 0x0e6c usbuhci - ok
09:24:51.0121 0x0e6c [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
09:24:51.0128 0x0e6c usbvideo - ok
09:24:51.0162 0x0e6c [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
09:24:51.0169 0x0e6c UxSms - ok
09:24:51.0240 0x0e6c [ 7884C1EDF5BD21749C206E8C4B5DB409, 620638756A5EE6EA933A7A4C94E7DD2537E2A7345BBEFF72D28271C0174D10A2 ] VaultSvc C:\Windows\system32\lsass.exe
09:24:51.0244 0x0e6c VaultSvc - ok
09:24:51.0268 0x0e6c [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:24:51.0272 0x0e6c vdrvroot - ok
09:24:51.0323 0x0e6c [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
09:24:51.0369 0x0e6c vds - ok
09:24:51.0411 0x0e6c [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:24:51.0414 0x0e6c vga - ok
09:24:51.0433 0x0e6c [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
09:24:51.0436 0x0e6c VgaSave - ok
09:24:51.0472 0x0e6c [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:24:51.0478 0x0e6c vhdmp - ok
09:24:51.0508 0x0e6c [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys
09:24:51.0511 0x0e6c viaagp - ok
09:24:51.0534 0x0e6c [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
09:24:51.0539 0x0e6c ViaC7 - ok
09:24:51.0575 0x0e6c [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys
09:24:51.0578 0x0e6c viaide - ok
09:24:51.0593 0x0e6c [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus C:\Windows\system32\drivers\vmbus.sys
09:24:51.0603 0x0e6c vmbus - ok
09:24:51.0625 0x0e6c [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
09:24:51.0628 0x0e6c VMBusHID - ok
09:24:51.0641 0x0e6c [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:24:51.0645 0x0e6c volmgr - ok
09:24:51.0668 0x0e6c [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:24:51.0681 0x0e6c volmgrx - ok
09:24:51.0697 0x0e6c [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:24:51.0704 0x0e6c volsnap - ok
09:24:51.0737 0x0e6c [ B26536ADD1D748CDA104D856C979AE79, C88FBCD63DB3607232616FAB989F0FD7FB00ED542E6AC1BC76076A7C13A6FB22 ] vpcbus C:\Windows\system32\DRIVERS\vpchbus.sys
09:24:51.0742 0x0e6c vpcbus - ok
09:24:51.0764 0x0e6c [ A0F7E923A6261760130F22B85DF9040E, E70ED14497262C75CC2D4B67B046BB43D8F47A4B8487D258694891E9B4C6DA44 ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys
09:24:51.0767 0x0e6c vpcnfltr - ok
09:24:51.0788 0x0e6c [ 5F4B55E91CE7E2523C9E1E0ECE858869, 3C395198C1845A15C4E39888383587A5E481E2761B885DBB5FC2C17C7075E6B4 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys
09:24:51.0792 0x0e6c vpcusb - ok
09:24:51.0847 0x0e6c [ B487191FE18D6863381A1AC55482469A, 77A6C87E833E90FFD2FF51C6B28041D8AE9C6CE293DA4166E65470C18C017971 ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys
09:24:51.0890 0x0e6c vpcvmm - ok
09:24:51.0932 0x0e6c [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
09:24:51.0940 0x0e6c vsmraid - ok
09:24:52.0070 0x0e6c [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe
09:24:52.0119 0x0e6c VSS - ok
09:24:52.0197 0x0e6c [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
09:24:52.0200 0x0e6c vwifibus - ok
09:24:52.0209 0x0e6c [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
09:24:52.0214 0x0e6c vwififlt - ok
09:24:52.0287 0x0e6c [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
09:24:52.0332 0x0e6c W32Time - ok
09:24:52.0389 0x0e6c [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
09:24:52.0391 0x0e6c WacomPen - ok
09:24:52.0418 0x0e6c [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:24:52.0423 0x0e6c WANARP - ok
09:24:52.0431 0x0e6c [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:24:52.0434 0x0e6c Wanarpv6 - ok
09:24:52.0527 0x0e6c [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe
09:24:52.0576 0x0e6c wbengine - ok
09:24:52.0621 0x0e6c [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:24:52.0634 0x0e6c WbioSrvc - ok
09:24:52.0694 0x0e6c [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:24:52.0728 0x0e6c wcncsvc - ok
09:24:52.0754 0x0e6c [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:24:52.0762 0x0e6c WcsPlugInService - ok
09:24:52.0781 0x0e6c [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys
09:24:52.0784 0x0e6c Wd - ok
09:24:52.0844 0x0e6c [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:24:52.0891 0x0e6c Wdf01000 - ok
09:24:52.0949 0x0e6c [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:24:52.0958 0x0e6c WdiServiceHost - ok
09:24:52.0967 0x0e6c [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:24:52.0976 0x0e6c WdiSystemHost - ok
09:24:53.0026 0x0e6c [ 55C70654420DBF429604FD567E6F3CD3, 22191B049BCA76EF13AEDF8078E452E6B35E998A75AD63F14C542B541EA9F67D ] WebClient C:\Windows\System32\webclnt.dll
09:24:53.0041 0x0e6c WebClient - ok
09:24:53.0079 0x0e6c [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:24:53.0089 0x0e6c Wecsvc - ok
09:24:53.0109 0x0e6c [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:24:53.0114 0x0e6c wercplsupport - ok
09:24:53.0140 0x0e6c [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
09:24:53.0145 0x0e6c WerSvc - ok
09:24:53.0163 0x0e6c [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:24:53.0165 0x0e6c WfpLwf - ok
09:24:53.0188 0x0e6c [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:24:53.0189 0x0e6c WIMMount - ok
09:24:53.0256 0x0e6c [ 34B24B7A741F0DEC40699403C43A7093, 1A8C4C637628F728ACAB2FA723DA65773F3709057DF20DAA8A47893742467FA4 ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
09:24:53.0285 0x0e6c winachsf - ok
09:24:53.0412 0x0e6c [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
09:24:53.0514 0x0e6c WinDefend - ok
09:24:53.0542 0x0e6c WinHttpAutoProxySvc - ok
09:24:53.0609 0x0e6c [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:24:53.0618 0x0e6c Winmgmt - ok
09:24:53.0719 0x0e6c [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM C:\Windows\system32\WsmSvc.dll
09:24:53.0844 0x0e6c WinRM - ok
09:24:53.0891 0x0e6c [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb C:\Windows\system32\drivers\WinUsb.sys
09:24:53.0893 0x0e6c WinUsb - ok
09:24:53.0967 0x0e6c [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
09:24:54.0047 0x0e6c Wlansvc - ok
09:24:54.0127 0x0e6c [ 6067ACEF367E79914AF628FA1E9B5330, 491A705267B48C103E00B26BBD21FA8829DB03A88343CBC27264CEE5DE8C8DEF ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:24:54.0131 0x0e6c wlcrasvc - ok
09:24:54.0296 0x0e6c [ FB01D4AE207B9EFDBABFC55DC95C7E31, E0EFDBBE0BAC275230C8C1A053948C21BCF20B99B92E50939E95FFB9DC87F6BA ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:24:54.0397 0x0e6c wlidsvc - ok
09:24:54.0440 0x0e6c [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:24:54.0441 0x0e6c WmiAcpi - ok
09:24:54.0484 0x0e6c [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:24:54.0492 0x0e6c wmiApSrv - ok
09:24:54.0594 0x0e6c [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
09:24:54.0637 0x0e6c WMPNetworkSvc - ok
09:24:54.0665 0x0e6c [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:24:54.0670 0x0e6c WPCSvc - ok
09:24:54.0708 0x0e6c [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:24:54.0717 0x0e6c WPDBusEnum - ok
09:24:54.0748 0x0e6c [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:24:54.0751 0x0e6c ws2ifsl - ok
09:24:54.0771 0x0e6c [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\System32\wscsvc.dll
09:24:54.0780 0x0e6c wscsvc - ok
09:24:54.0810 0x0e6c [ 553F6CCD7C58EB98D4A8FBDAF283D7A9, 71FBE50C470D1F54FDAADCECEC2CB021AE240CD59DE4E8EB5BCAA6E7F2F86560 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
09:24:54.0813 0x0e6c WSDPrintDevice - ok
09:24:54.0854 0x0e6c [ 7DC0270CFD4A05B4112E3EBBF083B595, DF4FCDE511F0B68B6C6E28C820EB722C34710F31A16023A9A297EAD228E00137 ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
09:24:54.0858 0x0e6c WSDScan - ok
09:24:54.0866 0x0e6c WSearch - ok
09:24:55.0007 0x0e6c [ 67AFFF96F5C6B072CE986D91212527C0, 8E7FACC7AB3405A28374F3140C0BA7089DFA21D855B2F4629DF4593832197041 ] wuauserv C:\Windows\system32\wuaueng.dll
09:24:55.0089 0x0e6c wuauserv - ok
09:24:55.0107 0x0e6c [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:24:55.0110 0x0e6c WudfPf - ok
09:24:55.0131 0x0e6c [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:24:55.0138 0x0e6c WUDFRd - ok
09:24:55.0181 0x0e6c [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:24:55.0193 0x0e6c wudfsvc - ok
09:24:55.0245 0x0e6c [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\Windows\System32\wwansvc.dll
09:24:55.0259 0x0e6c WwanSvc - ok
09:24:55.0310 0x0e6c [ 311FAFFB280FCA0D4A7739E2474EAC9F, 59EBA4B6403CD092DF710247180A15E6C5D122B94053F16D8909BDA685700F3D ] XAudio C:\Windows\system32\DRIVERS\XAudio32.sys
09:24:55.0313 0x0e6c XAudio - ok
09:24:55.0384 0x0e6c ================ Scan global ===============================
09:24:55.0415 0x0e6c [ 5E7C5DE85AF978495C3A9A0B720B9811, 142CDEBED78E3BAEE8D2DBF6A97CE26313932024010548EC2E570CAE480AF7C3 ] C:\Windows\system32\basesrv.dll
09:24:55.0478 0x0e6c [ C2E10DD5F72368909C516B24A02CFF12, 6D3E6ED8C6F8617A671737F913E41A292BEE1FD268458BA479B2213B33365D6C ] C:\Windows\system32\winsrv.dll
09:24:55.0578 0x0e6c [ C2E10DD5F72368909C516B24A02CFF12, 6D3E6ED8C6F8617A671737F913E41A292BEE1FD268458BA479B2213B33365D6C ] C:\Windows\system32\winsrv.dll
09:24:55.0647 0x0e6c [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
09:24:55.0711 0x0e6c [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
09:24:55.0726 0x0e6c [ Global ] - ok
09:24:55.0727 0x0e6c ================ Scan MBR ==================================
09:24:55.0744 0x0e6c [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
09:24:56.0220 0x0e6c \Device\Harddisk0\DR0 - ok
09:24:56.0220 0x0e6c ================ Scan VBR ==================================
09:24:56.0224 0x0e6c [ 5F409A8A8C7F3E59175A897F47ECBA4B ] \Device\Harddisk0\DR0\Partition1
09:24:56.0228 0x0e6c \Device\Harddisk0\DR0\Partition1 - ok
09:24:56.0233 0x0e6c [ 7D54A58CCBFCFC80CDCC679EA42F0E05 ] \Device\Harddisk0\DR0\Partition2
09:24:56.0274 0x0e6c \Device\Harddisk0\DR0\Partition2 - ok
09:24:56.0275 0x0e6c ================ Scan generic autorun ======================
09:24:56.0362 0x0e6c [ CBEBF85763814AD2CA23491050B08D76, E67ECEB3B9921DF8EB4236FC811E4C40AE7EE3272ED5D1E6CBF1ACB1E205963B ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
09:24:56.0374 0x0e6c IAStorIcon - ok
09:24:56.0444 0x0e6c [ 77B4FB94F52885F9B2D0F5589DBC7A2D, 719001C1C90A1CD7CFAD9C4C6193E10D295C4986F8B7F6CBAEDB2AA4CE2B3198 ] C:\Program Files\Dell Wireless\Bluetooth Suite\BtvStack.exe
09:24:56.0465 0x0e6c AtherosBtStack - ok
09:24:56.0499 0x0e6c [ 82FE2CDDC4AC7451B88C6F8A6C683F6E, ED7FCE292E7DA459550160EBDA5151E2CFDE2F56F83AAF6E89EC2D3FF02E9DA4 ] C:\Program Files\Dell Wireless\Bluetooth Suite\AthBtTray.exe
09:24:56.0512 0x0e6c AthBtTray - ok
09:24:56.0689 0x0e6c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
09:24:56.0735 0x0e6c Sidebar - ok
09:24:56.0776 0x0e6c [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
09:24:56.0782 0x0e6c mctadmin - ok
09:24:56.0836 0x0e6c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
09:24:56.0866 0x0e6c Sidebar - ok
09:24:56.0875 0x0e6c [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
09:24:56.0879 0x0e6c mctadmin - ok
09:24:56.0965 0x0e6c [ 8BE7AF668EDC9C65C11FB367F4B74942, 30BCC564BF84A1E9F05E8AA441230C8C6DB9C8CB00C0A160275AA59559B09A5B ] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE
09:24:56.0990 0x0e6c Epson Stylus SX510W(Netzwerk) - ok
09:24:57.0011 0x0e6c [ 8BE7AF668EDC9C65C11FB367F4B74942, 30BCC564BF84A1E9F05E8AA441230C8C6DB9C8CB00C0A160275AA59559B09A5B ] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE
09:24:57.0018 0x0e6c EPSON SX510W Series - ok
09:24:57.0039 0x0e6c [ 8BE7AF668EDC9C65C11FB367F4B74942, 30BCC564BF84A1E9F05E8AA441230C8C6DB9C8CB00C0A160275AA59559B09A5B ] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE
09:24:57.0044 0x0e6c EPSON SX510W Series (Kopie 1) - ok
09:24:57.0181 0x0e6c [ BA19D31653730C19A0753C0C032EC628, D11586C8F5BFD79C2F4BCECDB2470CF29529ABDF336149DA83209F95245949E3 ] C:\Program Files\Lidl_Fotos\dd.exe
09:24:57.0211 0x0e6c Device Detection - ok
09:24:57.0254 0x0e6c FlashPlayerUpdate - ok
09:24:57.0339 0x0e6c [ 20DE1CDD37A5D3D4177B8D9FEF907D81, F6CE80984852595A677C92B8C555F9B0D398BAE36768E0D6FC7F8C7211D962D2 ] C:\Program Files\Microsoft Security Client\msseces.exe
09:24:57.0401 0x0e6c Application Restart #0 - ok
09:24:57.0426 0x0e6c [ 8BE7AF668EDC9C65C11FB367F4B74942, 30BCC564BF84A1E9F05E8AA441230C8C6DB9C8CB00C0A160275AA59559B09A5B ] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE
09:24:57.0434 0x0e6c EPSON SX510W Series - ok
09:24:57.0455 0x0e6c [ 8BE7AF668EDC9C65C11FB367F4B74942, 30BCC564BF84A1E9F05E8AA441230C8C6DB9C8CB00C0A160275AA59559B09A5B ] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE
09:24:57.0459 0x0e6c EPSON SX510W Series (Kopie 1) - ok
09:24:57.0502 0x0e6c [ BA19D31653730C19A0753C0C032EC628, D11586C8F5BFD79C2F4BCECDB2470CF29529ABDF336149DA83209F95245949E3 ] C:\Program Files\Lidl_Fotos\dd.exe
09:24:57.0518 0x0e6c Device Detection - ok
09:24:57.0521 0x0e6c Waiting for KSN requests completion. In queue: 167
09:24:58.0521 0x0e6c Waiting for KSN requests completion. In queue: 167
09:24:59.0521 0x0e6c Waiting for KSN requests completion. In queue: 167
09:25:00.0541 0x0e6c AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.8.204.0 ), 0x61000 ( enabled : updated )
09:25:00.0548 0x0e6c Win FW state via NFP2: enabled ( trusted )
09:25:02.0930 0x0e6c ============================================================
09:25:02.0930 0x0e6c Scan finished
09:25:02.0930 0x0e6c ============================================================
09:25:02.0950 0x128c Detected object count: 0
09:25:02.0950 0x128c Actual detected object count: 0
09:25:29.0773 0x0eb0 Deinitialize success
|
|
11.02.2016, 09:33
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.02.2016, 10:12
| #9 |
| | Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt 1. Scan Code:
ATTFilter # AdwCleaner v5.033 - Bericht erstellt am 11/02/2016 um 09:45:39
# Aktualisiert am 07/02/2016 von Xplode
# Datenbank : 2016-02-07.2 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x86)
# Benutzername : privat - CHRIS-PC
# Gestartet von : C:\Users\privat\Downloads\AdwCleaner_5.033.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner Gelöscht : C:\Program Files\Softonic
[-] Ordner Gelöscht : C:\Program Files\Common Files\Plasmoo
[-] Ordner Gelöscht : C:\Users\privat\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf
[-] Ordner Gelöscht : C:\Users\privat\AppData\LocalLow\Softonic
[-] Ordner Gelöscht : C:\Users\privat\AppData\Roaming\dvdvideosoftiehelpers
[-] Ordner Gelöscht : C:\Users\privat\AppData\Roaming\OpenCandy
[-] Ordner Gelöscht : C:\Users\privat\AppData\Roaming\RHEng
[-] Ordner Gelöscht : C:\Users\privat\AppData\Roaming\Systweak
***** [ Dateien ] *****
[-] Datei Gelöscht : C:\Users\privat\AppData\Roaming\Mozilla\Firefox\Profiles\wwe6u0x0.default-1431504965002\user.js
[-] Datei Gelöscht : C:\Windows\system32\roboot.exe
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
[-] Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\elchiiiejkobdbblfejjkbphbddgmljf
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{44B50C01-4993-48E2-ADEE-D812BAE2E9A2}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CA0167C2-6295-41B8-9BDA-704B2F5E4CD9}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{0C58B7D1-D415-492B-A149-E976156BD3B8}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445}
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{5018CFD2-804D-4C99-9F81-25EAEA2769DE}]
[-] Schlüssel Gelöscht : HKCU\Software\InstallCore
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\Softonic
[-] Schlüssel Gelöscht : HKCU\Software\SoftonicToolbar
[-] Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Softonic
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Vittalia
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softonic
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B6A9F6CA-8C02-4118-92F4-807A7285F11B}
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search.softonic.com
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.com
***** [ Internetbrowser ] *****
[-] [C:\Users\privat\AppData\Roaming\Mozilla\Firefox\Profiles\wwe6u0x0.default-1431504965002\prefs.js] [Preference] Gelöscht : user_pref("browser.newtab.url", "chrome://unitedtb/content/newtab/newtab-page.xhtml");
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [8335 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.2 (01.06.2016)
Operating System: Windows 7 Professional x86
Ran by privat (Administrator) on 11.02.2016 at 9:53:51,40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 27
Successfully deleted: C:\Program Files\mozilla firefox\defaults\pref\itms.js (File)
Successfully deleted: C:\Users\privat\AppData\Local\{3B09D72B-749E-4201-98BF-EF7B1E076509} (Empty Folder)
Successfully deleted: C:\Users\privat\AppData\Local\{3F79B348-939E-40CF-9CBB-2AF92813792F} (Empty Folder)
Successfully deleted: C:\Users\privat\AppData\Local\{3FC5B6F3-FAA1-434C-8FE1-7F0C033324ED} (Empty Folder)
Successfully deleted: C:\Users\privat\AppData\Local\{41249AB0-B07D-44A8-9D9D-4F1CFDBEBA67} (Empty Folder)
Successfully deleted: C:\Users\privat\AppData\Local\{518F232A-B275-44C1-9FD9-3D0052ADC045} (Empty Folder)
Successfully deleted: C:\Users\privat\AppData\Local\{5CD2B17C-03A2-439F-8BA1-E2D0E05A478A} (Empty Folder)
Successfully deleted: C:\Users\privat\AppData\Local\{60CE2BB3-5453-484E-9ED9-72FEBAB1F482} (Empty Folder)
Successfully deleted: C:\Users\privat\AppData\Local\{60D90076-B9FA-4C71-9021-453DB6B587E0} (Empty Folder)
Successfully deleted: C:\Users\privat\AppData\Local\{67F619D8-869E-4814-AA75-9058D344AD9F} (Empty Folder)
Successfully deleted: C:\Users\privat\AppData\Local\{8561B854-6248-48AF-AD55-3497E51C6D8A} (Empty Folder)
Successfully deleted: C:\Users\privat\AppData\Local\{8B8B4D5D-48CC-4150-ADBC-22DD63190A27} (Empty Folder)
Successfully deleted: C:\Users\privat\AppData\Local\{95CBC2EA-A387-4EC0-B251-A39A122B31B9} (Empty Folder)
Successfully deleted: C:\Users\privat\AppData\Local\{AC67BB82-0D3B-4A3F-B4C0-8BEC4E0E8757} (Empty Folder)
Successfully deleted: C:\Users\privat\AppData\Local\{B6E2635D-B375-4739-9BF7-5F0FC0745A2C} (Empty Folder)
Successfully deleted: C:\Users\privat\AppData\Local\{C6485B43-0AF8-4334-BBD7-9E794CA76057} (Empty Folder)
Successfully deleted: C:\Users\privat\AppData\Local\{CBEAC313-43EE-4371-82F6-D62A57CD4B14} (Empty Folder)
Successfully deleted: C:\Users\privat\AppData\Local\{DF1767D4-4864-44FE-A944-B0A21DF38F6A} (Empty Folder)
Successfully deleted: C:\Users\privat\AppData\Local\{EA8219FB-00DB-4574-8DAB-8D9EB657358B} (Empty Folder)
Successfully deleted: C:\Users\privat\AppData\Local\{EFB2D5FA-8609-4343-AB62-5467160B3EBC} (Empty Folder)
Successfully deleted: C:\Users\privat\AppData\Roaming\Mozilla\Firefox\Profiles\wwe6u0x0.default-1431504965002\extensions\mailcheck@web.de\searchplugins\mailcom-search.xml (File)
Successfully deleted: C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask (Task)
Successfully deleted: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job (Task)
Successfully deleted: C:\Users\privat\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IOMA25N9 (Folder)
Successfully deleted: C:\Users\privat\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYGO247E (Folder)
Successfully deleted: C:\Users\privat\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RRF6QBNK (Folder)
Successfully deleted: C:\Users\privat\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SVIFX1I9 (Folder)
Registry: 2
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4B9FC999-DF9D-4DA9-B7D2-A17ED9193392} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.02.2016 at 10:01:06,62
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:07-02-2016
durchgeführt von privat (Administrator) auf CHRIS-PC (11-02-2016 10:07:38)
Gestartet von C:\Users\privat\Downloads
Geladene Profile: privat (Verfügbare Profile: Chris & privat)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files\Dell Wireless\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files\Dell Wireless\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
() C:\ProgramData\DatacardService\HWDeviceService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-06-08] (Intel Corporation)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files\Dell Wireless\Bluetooth Suite\BtvStack.exe [474272 2010-09-02] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files\Dell Wireless\Bluetooth Suite\AthBtTray.exe [298144 2010-09-02] (Atheros Commnucations)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM\...\Run: [RemoteControl9] => C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
HKLM\...\Run: [PDVD9LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-04-29] (CyberLink Corp.)
HKLM\...\Run: [Dell Webcam Central] => C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [487562 2010-08-20] (Creative Technology Ltd)
HKLM\...\Run: [RoxWatchTray] => C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-09-04] (Sonic Solutions)
HKLM\...\Run: [Desktop Disc Tool] => C:\Program Files\Roxio\oem\Roxio Burn\RoxioBurnLauncher.exe [522736 2010-11-01] ()
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [1797488 2011-01-07] (Microsoft Corporation)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-12-17] (Apple Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-29] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157456 2015-12-17] (Apple Inc.)
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [EPSON SX510W Series] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE [199680 2008-11-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [EPSON SX510W Series (Kopie 1)] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE [199680 2008-11-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [Device Detection] => C:\Program Files\Lidl_Fotos\dd.exe [860528 2013-10-30] ()
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [] => [X]
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [NokiaSuite.exe] => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1090040 2012-12-21] (Nokia)
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {1305b0a3-f675-11e1-a1da-90004e013ab8} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {41144100-92dc-11e1-8581-90004e013ab8} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {4114411a-92dc-11e1-8581-90004e013ab8} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {41144133-92dc-11e1-8581-90004e013ab8} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {7357d7ff-4967-11e2-8651-f04da26bc8e0} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {7357d81a-4967-11e2-8651-f04da26bc8e0} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {750a411f-34c9-11e0-b132-806e6f6e6963} - D:\autorun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {dc37c5b5-6a52-11e2-b7ff-f04da26bc8e0} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {f8f69999-c40f-11e2-a005-f04da26bc8e0} - E:\AutoRun.exe
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll [2013-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll [2013-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll [2013-03-12] (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{2258AB48-4D93-4911-96B8-1B32A6796175}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{448221D6-933B-418F-8123-42221C7068BA}: [DhcpNameServer] 139.7.30.126 139.7.30.125
Tcpip\..\Interfaces\{8A4DA0DA-3D99-4A6E-9C53-1FCE9296A33F}: [NameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{A85015A4-C874-4C44-846D-25AEC4860175}: [NameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{AF10391C-F1D8-4024-BC6B-26BD4465F675}: [NameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{BBE6AA86-1C5F-45F8-8486-9DB31DA9A39B}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USSMB/8
SearchScopes: HKLM -> DefaultScope {4B9FC999-DF9D-4DA9-B7D2-A17ED9193392} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
SearchScopes: HKLM -> {4B9FC999-DF9D-4DA9-B7D2-A17ED9193392} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-30] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2011-05-13] (Microsoft Corporation)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-04-01] (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-30] (Oracle Corporation)
BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-04-01] (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-583576071-2610798785-2159693280-1003 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - Keine Datei
FireFox:
========
FF ProfilePath: C:\Users\privat\AppData\Roaming\Mozilla\Firefox\Profiles\wwe6u0x0.default-1431504965002
FF Homepage: hxxps://www.google.de/?gws_rd=ssl
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_267.dll [2016-01-14] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-30] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2012-12-21] ( )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2008-10-24] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Extension: WEB.DE MailCheck - C:\Users\privat\AppData\Roaming\Mozilla\Firefox\Profiles\wwe6u0x0.default-1431504965002\extensions\mailcheck@web.de [2015-12-16]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-01-08] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2016-01-08] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2016-01-08] [ist nicht signiert]
FF Extension: UITBAutoInstaller - C:\Program Files\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2016-01-08] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - c:\Program Files\Trend Micro\Client Server Security Agent\bho\1056\FirefoxExtension => nicht gefunden
FF HKLM\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx32\addon
FF Extension: Bytemobile Optimization Client - C:\Program Files\T-Mobile\InternetManager_H\OCx32\addon [2012-12-19] [ist nicht signiert]
FF HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\privat\AppData\Roaming\Mozilla\Firefox\Profiles\kpwvyoo0.default\extensions\cliqz@cliqz.com => nicht gefunden
Chrome:
=======
CHR Profile: C:\Users\privat\AppData\Local\Google\Chrome\User Data\default
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files\Dell Wireless\Ath_CoexAgent.exe [151552 2010-05-24] (Atheros) [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files\Dell Wireless\Bluetooth Suite\adminservice.exe [56480 2010-09-02] (Atheros Commnucations) [Datei ist nicht signiert]
R2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
R2 EPSON_EB_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE [143872 2007-12-17] (SEIKO EPSON CORPORATION)
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [113664 2007-01-11] (SEIKO EPSON CORPORATION)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2011-02-10] (Macrovision Europe Ltd.) [Datei ist nicht signiert]
R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [270176 2011-01-28] ()
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Datei ist nicht signiert]
S2 Internet Manager. RunOuc; C:\Program Files\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [224096 2012-12-19] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
S3 RoxMediaDB12OEM; C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [1116656 2010-09-04] (Sonic Solutions)
S2 RoxWatch12; C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [219632 2010-09-04] (Sonic Solutions)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AthBTPort; C:\Windows\System32\DRIVERS\btath_flt.sys [37224 2010-07-08] (Atheros)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281504 2013-04-29] ()
R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [13184 2012-12-19] (Bytemobile, Inc.) [Datei ist nicht signiert]
S3 BTATH_A2DP; C:\Windows\System32\drivers\btath_a2dp.sys [257896 2010-07-08] (Atheros)
R3 BTATH_BUS; C:\Windows\System32\DRIVERS\btath_bus.sys [26984 2010-07-08] (Atheros)
S3 BTATH_HCRP; C:\Windows\System32\DRIVERS\btath_hcrp.sys [178024 2010-07-08] (Atheros)
S3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [47976 2010-09-02] (Atheros)
S3 BTATH_RCP; C:\Windows\System32\DRIVERS\btath_rcp.sys [143336 2010-07-08] (Atheros)
S3 BtFilter; C:\Windows\System32\DRIVERS\btfilter.sys [237416 2010-08-31] (Atheros)
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [63464 2013-01-22] (FTDI Ltd.)
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [90112 2012-12-19] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [26624 2012-12-19] (Huawei Technologies Co., Ltd.)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [181760 2012-12-19] (Huawei Technologies Co., Ltd.)
S3 KMWDFILTERx86; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [25088 2009-04-29] (Windows (R) Codename Longhorn DDK provider)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2013-04-29] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
R1 MpKslacae96fb; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2532DCB5-DE2F-4D74-87A1-A8E1513FCFD4}\MpKslacae96fb.sys [39168 2016-02-11] (Microsoft Corporation)
S3 mvusbcomm; C:\Windows\System32\Drivers\mvusbcomm.sys [17408 2013-08-22] (Marvell Semiconductor, Inc.)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl.sys [18432 2012-03-26] (Apple Inc.) [Datei ist nicht signiert]
R2 risdpcie; C:\Windows\System32\DRIVERS\risdpe86.sys [49152 2009-06-30] (REDC)
S3 rixdpcie; C:\Windows\system32\DRIVERS\rixdpe86.sys [38400 2009-07-04] (REDC)
R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [172416 2010-11-20] (Microsoft Corporation)
R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [48128 2010-11-20] (Microsoft Corporation)
R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2010-11-20] (Microsoft Corporation)
R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [296064 2010-11-20] (Microsoft Corporation)
S3 adxapie; \??\C:\Users\privat\AppData\Local\Temp\adxapie.sys [X]
S3 PCDSRVC{E9D79540-57D5953E-06020101}_0; \??\c:\program files\dell support center\pcdsrvc.pkms [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-11 10:01 - 2016-02-11 10:01 - 00003795 _____ C:\Users\privat\Desktop\JRT.txt
2016-02-11 09:51 - 2016-02-11 09:51 - 01609032 _____ (Malwarebytes) C:\Users\privat\Downloads\JRT.exe
2016-02-11 09:37 - 2016-02-11 09:45 - 00000000 ____D C:\AdwCleaner
2016-02-11 09:37 - 2016-02-11 09:37 - 01508352 _____ C:\Users\privat\Downloads\AdwCleaner_5.033.exe
2016-02-11 09:23 - 2016-02-11 09:25 - 00231950 _____ C:\TDSSKiller.3.1.0.9_11.02.2016_09.23.44_log.txt
2016-02-11 09:23 - 2016-02-11 09:23 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\privat\Downloads\tdsskiller.exe
2016-02-10 17:55 - 2016-02-10 17:55 - 00058954 _____ C:\Users\privat\Downloads\Abrechnung_4475888970027369_20151114(1).PDF
2016-02-10 17:55 - 2016-02-10 17:55 - 00058558 _____ C:\Users\privat\Downloads\Abrechnung_4475888970027369_20151014.PDF
2016-02-10 17:55 - 2016-02-10 17:55 - 00058089 _____ C:\Users\privat\Downloads\Konto_1163325135-Auszug_2015_005(1).PDF
2016-02-10 17:55 - 2016-02-10 17:55 - 00057300 _____ C:\Users\privat\Downloads\Abrechnung_4475888970027369_20160114.PDF
2016-02-10 17:55 - 2016-02-10 17:55 - 00037353 _____ C:\Users\privat\Downloads\Abrechnung_4475888970027369_20151214(1).PDF
2016-02-10 17:54 - 2016-02-10 17:55 - 00073615 _____ C:\Users\privat\Downloads\Konto_1355011481-Auszug_2015_011(1).PDF
2016-02-10 17:54 - 2016-02-10 17:55 - 00070354 _____ C:\Users\privat\Downloads\Konto_1355011481-Auszug_2015_012(1).PDF
2016-02-10 17:54 - 2016-02-10 17:55 - 00062457 _____ C:\Users\privat\Downloads\Konto_1163325135-Auszug_2015_006(1).PDF
2016-02-10 17:54 - 2016-02-10 17:55 - 00056629 _____ C:\Users\privat\Downloads\Konto_1163325135-Auszug_2015_007(1).PDF
2016-02-10 17:54 - 2016-02-10 17:55 - 00029101 _____ C:\Users\privat\Downloads\Konto_3330022433-Auszug_2015_004(1).PDF
2016-02-10 17:53 - 2016-02-10 17:55 - 00062288 _____ C:\Users\privat\Downloads\Konto_1355011481-Auszug_2016_001.PDF
2016-02-10 16:49 - 2016-02-11 03:25 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-02-10 16:49 - 2016-02-10 16:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-10 16:48 - 2016-02-10 20:25 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-10 16:47 - 2016-02-11 03:23 - 00000000 ____D C:\Users\privat\Desktop\mbar
2016-02-10 16:47 - 2016-02-10 20:24 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-02-10 16:46 - 2016-02-10 16:47 - 16563352 _____ (Malwarebytes Corp.) C:\Users\privat\Downloads\mbar-1.09.3.1001.exe
2016-02-10 14:50 - 2016-02-10 14:52 - 00050353 _____ C:\Users\privat\Downloads\Addition.txt
2016-02-10 14:47 - 2016-02-11 10:07 - 00021095 _____ C:\Users\privat\Downloads\FRST.txt
2016-02-10 14:47 - 2016-02-11 10:07 - 00000000 ____D C:\FRST
2016-02-10 14:46 - 2016-02-10 14:46 - 01721344 _____ (Farbar) C:\Users\privat\Downloads\FRST.exe
2016-02-10 14:23 - 2016-02-10 14:24 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\privat\Downloads\SpyHunter-Installer (1).exe
2016-02-10 14:23 - 2016-02-10 14:23 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\privat\Downloads\SpyHunter-Installer.exe
2016-02-10 04:12 - 2016-02-10 04:12 - 00000000 ____D C:\ef66c554362ecf4d43f9d71f6f1364ae
2016-02-09 22:03 - 2016-01-16 19:42 - 00022464 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-02-09 22:03 - 2016-01-16 19:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-09 22:03 - 2016-01-16 19:34 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-02-09 22:03 - 2016-01-11 15:07 - 01198080 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-02-09 22:03 - 2016-01-11 15:07 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-02-09 22:03 - 2016-01-11 15:07 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-02-09 22:03 - 2016-01-11 15:07 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-02-09 22:03 - 2016-01-11 15:07 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-02-09 22:02 - 2016-01-22 07:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-02-09 22:02 - 2016-01-22 07:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-02-09 22:02 - 2016-01-22 06:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-02-09 22:02 - 2016-01-22 06:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-02-09 22:00 - 2016-01-22 07:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-02-09 22:00 - 2016-01-22 07:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-09 22:00 - 2016-01-22 07:09 - 01310232 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-09 22:00 - 2016-01-22 07:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-09 22:00 - 2016-01-22 07:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-09 22:00 - 2016-01-22 07:02 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-09 22:00 - 2016-01-22 07:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-09 22:00 - 2016-01-22 07:02 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-09 22:00 - 2016-01-22 07:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
2016-02-09 22:00 - 2016-01-22 07:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-09 22:00 - 2016-01-22 06:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-02-09 22:00 - 2016-01-07 18:47 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-09 22:00 - 2016-01-07 18:35 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-09 22:00 - 2016-01-06 19:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-02-09 22:00 - 2016-01-06 18:56 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-02-09 22:00 - 2015-12-20 19:45 - 02745856 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-02-09 22:00 - 2015-12-20 19:45 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-02-09 22:00 - 2015-12-20 17:16 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-02-09 21:59 - 2016-01-22 07:13 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-09 21:59 - 2016-01-22 07:13 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-02-09 21:59 - 2016-01-22 07:06 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-02-09 21:59 - 2016-01-22 07:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-02-09 21:59 - 2016-01-22 07:06 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-02-09 21:59 - 2016-01-22 07:06 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-02-09 21:59 - 2016-01-22 07:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-02-09 21:59 - 2016-01-22 07:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-02-09 21:59 - 2016-01-22 07:05 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-09 21:59 - 2016-01-22 07:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-02-09 21:59 - 2016-01-22 07:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-02-09 21:59 - 2016-01-22 07:02 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-09 21:59 - 2016-01-22 07:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-09 21:59 - 2016-01-22 07:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-02-09 21:59 - 2016-01-22 07:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-02-09 21:59 - 2016-01-22 07:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-02-09 21:59 - 2016-01-22 06:01 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-02-09 21:59 - 2016-01-22 06:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-02-09 21:59 - 2016-01-22 05:53 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-02-09 21:59 - 2016-01-22 05:53 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-09 21:59 - 2016-01-22 05:53 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-09 21:59 - 2016-01-22 05:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-02-09 21:59 - 2016-01-22 05:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-02-09 21:59 - 2016-01-22 05:51 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-02-09 21:59 - 2016-01-22 05:51 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-02-09 21:59 - 2016-01-22 05:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 05:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 05:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 05:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-09 21:58 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-09 21:58 - 2016-02-06 10:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-02-09 21:58 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-09 21:58 - 2016-02-06 10:38 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-02-09 21:58 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-09 21:58 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-09 21:58 - 2016-01-22 21:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-09 21:58 - 2016-01-22 07:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-02-09 21:58 - 2016-01-22 07:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-02-09 21:58 - 2016-01-22 07:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-02-09 21:58 - 2016-01-22 07:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-02-09 21:58 - 2016-01-22 06:55 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-02-09 21:58 - 2016-01-22 06:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-02-09 21:58 - 2016-01-22 06:52 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-02-09 21:58 - 2016-01-22 06:51 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-02-09 21:58 - 2016-01-22 06:51 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-02-09 21:58 - 2016-01-22 06:46 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-09 21:58 - 2016-01-22 06:43 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-02-09 21:58 - 2016-01-22 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-09 21:58 - 2016-01-22 06:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-02-09 21:58 - 2016-01-22 06:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-02-09 21:58 - 2016-01-22 06:34 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-02-09 21:58 - 2016-01-22 06:33 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-02-09 21:58 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-09 21:58 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-09 21:58 - 2016-01-22 06:25 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-09 21:58 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-09 21:58 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-09 21:58 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-09 21:57 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-09 21:57 - 2016-01-22 07:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-02-09 21:57 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-09 21:57 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-09 21:57 - 2016-01-22 06:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-02-09 21:57 - 2016-01-22 06:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-02-09 21:56 - 2016-01-11 19:47 - 02956288 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-02-09 21:56 - 2016-01-11 19:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-02-09 21:56 - 2016-01-11 19:35 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-02-09 21:56 - 2016-01-11 19:17 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-09 21:56 - 2016-01-11 19:14 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-02-09 21:56 - 2016-01-11 19:14 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-02-09 21:56 - 2016-01-11 19:14 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-02-09 21:56 - 2016-01-11 19:14 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-02-09 21:56 - 2016-01-11 19:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-02-09 21:56 - 2016-01-11 19:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-02-09 21:56 - 2016-01-11 19:14 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-01-20 13:19 - 2016-01-20 13:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-01-20 13:11 - 2016-01-20 13:19 - 00000000 ____D C:\Program Files\QuickTime
2016-01-13 22:45 - 2016-01-13 22:45 - 00000000 ____D C:\Users\Chris\AppData\Local\Apple
2016-01-13 09:44 - 2015-12-08 22:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-01-13 09:44 - 2015-12-08 22:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 01202688 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-13 09:44 - 2015-12-08 22:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-01-13 09:44 - 2015-12-08 22:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-13 09:44 - 2015-12-08 22:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-01-13 09:44 - 2015-12-08 22:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-01-13 09:44 - 2015-12-08 22:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-01-13 09:44 - 2015-12-08 22:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-01-13 09:44 - 2015-12-08 22:43 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-01-13 09:44 - 2015-12-08 22:11 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-01-13 09:44 - 2015-12-08 22:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-01-13 09:44 - 2015-11-16 21:12 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-01-13 09:44 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-01-13 09:44 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-01-13 09:44 - 2015-11-13 23:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-11 09:58 - 2009-07-14 05:34 - 00025216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-11 09:58 - 2009-07-14 05:34 - 00025216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-11 09:48 - 2011-06-24 16:32 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-11 09:48 - 2011-06-24 16:32 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-11 09:48 - 2011-02-10 12:53 - 00000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini
2016-02-11 09:47 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-11 09:00 - 2011-02-17 16:11 - 00000422 _____ C:\Windows\Tasks\SystemToolsDailyTest.job
2016-02-11 08:30 - 2011-03-12 17:55 - 00000000 ___RD C:\Users\privat\Virtual Machines
2016-02-11 04:03 - 2015-02-26 04:23 - 00000000 ____D C:\Windows\rescache
2016-02-10 20:20 - 2013-11-30 20:20 - 00149504 ___SH C:\Users\privat\Thumbs.db
2016-02-10 20:11 - 2013-03-20 20:50 - 00000000 ____D C:\Users\privat\AppData\Roaming\Bayd
2016-02-10 18:09 - 2011-03-21 18:09 - 00000240 _____ C:\Windows\Tasks\Epson Printer Software Downloader.job
2016-02-10 10:03 - 2011-02-10 12:07 - 02293438 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-10 10:03 - 2009-07-14 09:47 - 00964984 _____ C:\Windows\system32\perfh007.dat
2016-02-10 10:03 - 2009-07-14 09:47 - 00238790 _____ C:\Windows\system32\perfc007.dat
2016-02-10 10:03 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-02-10 04:16 - 2015-10-12 11:34 - 00000946 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-02-10 04:16 - 2009-07-14 05:33 - 00663416 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-10 04:13 - 2014-12-12 03:34 - 00000000 ____D C:\Windows\system32\appraiser
2016-02-10 04:13 - 2014-05-07 02:02 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-02-10 04:13 - 2009-07-14 09:57 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 03:56 - 2009-07-14 03:04 - 00000478 _____ C:\Windows\win.ini
2016-02-10 03:28 - 2013-08-15 20:25 - 00000000 ____D C:\Windows\system32\MRT
2016-02-10 03:14 - 2011-02-19 11:57 - 144254680 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-09 22:42 - 2014-09-02 17:32 - 00000000 ____D C:\Users\privat\AppData\Local\Adobe
2016-02-09 22:42 - 2012-04-22 17:31 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-02-09 22:42 - 2011-05-19 18:23 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-02-08 20:36 - 2013-01-16 20:35 - 00000000 ____D C:\Users\privat\Documents\Outlook-Dateien
2016-02-07 00:51 - 2011-04-23 18:46 - 00000000 ____D C:\Users\privat\AppData\Local\CrashDumps
2016-02-04 13:05 - 2011-03-26 11:36 - 00000000 ____D C:\Program Files\Opera
2016-02-01 13:29 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2016-01-18 22:19 - 2015-02-19 20:41 - 00229113 _____ C:\Users\privat\Documents\RK-2015-Taudte NEU.xlsx
2016-01-14 08:50 - 2015-11-30 11:23 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-14 03:50 - 2016-01-08 09:23 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-01-14 03:50 - 2012-05-13 20:13 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-01-14 03:50 - 2011-02-10 12:34 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-14 03:28 - 2011-02-10 12:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-11-18 10:07 - 2015-11-18 10:07 - 0207386 _____ () C:\Users\privat\AppData\Local\ars.cache
2015-11-18 10:07 - 2015-11-18 10:07 - 0333491 _____ () C:\Users\privat\AppData\Local\census.cache
2011-09-09 20:57 - 2013-05-08 18:45 - 0008704 _____ () C:\Users\privat\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-18 09:28 - 2015-11-18 09:28 - 0000036 _____ () C:\Users\privat\AppData\Local\housecall.guid.cache
2012-01-07 13:04 - 2015-12-17 20:46 - 0007602 _____ () C:\Users\privat\AppData\Local\Resmon.ResmonCfg
Einige Dateien in TEMP:
====================
C:\Users\Chris\AppData\Local\Temp\bitmaps.dll
C:\Users\Chris\AppData\Local\Temp\DiscoveryLib.dll
C:\Users\Chris\AppData\Local\Temp\DiscoveryLib64.dll
C:\Users\Chris\AppData\Local\Temp\fwDownloadLib.dll
C:\Users\Chris\AppData\Local\Temp\fwDownloadLib64.dll
C:\Users\Chris\AppData\Local\Temp\fwupdate.exe
C:\Users\Chris\AppData\Local\Temp\InstallLib.dll
C:\Users\Chris\AppData\Local\Temp\InstallLib64.dll
C:\Users\Chris\AppData\Local\Temp\InstallSeqLib.dll
C:\Users\Chris\AppData\Local\Temp\InstallSeqLib64.dll
C:\Users\Chris\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Chris\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Chris\AppData\Local\Temp\openslp32.dll
C:\Users\Chris\AppData\Local\Temp\openslp64.dll
C:\Users\Chris\AppData\Local\Temp\Setup.exe
C:\Users\Chris\AppData\Local\Temp\Uninstall.exe
C:\Users\Chris\AppData\Local\Temp\winstaller.exe
C:\Users\Chris\AppData\Local\Temp\winstaller64.exe
C:\Users\privat\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\privat\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-02-10 05:01
==================== Ende vom FRST.txt ============================
|
|
11.02.2016, 10:18
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt Bitte auch ne neue Addition.txt erstellen, dazu FRST starten und einen Haken setzen bei Addition.txt, dann auf Untersuchen klicken.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.02.2016, 10:54
| #11 |
| | Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt OK, beide Logs noch mal nachgereicht! Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:07-02-2016
durchgeführt von privat (Administrator) auf CHRIS-PC (11-02-2016 10:49:53)
Gestartet von C:\Users\privat\Downloads
Geladene Profile: privat (Verfügbare Profile: Chris & privat)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files\Dell Wireless\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files\Dell Wireless\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
() C:\ProgramData\DatacardService\HWDeviceService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-06-08] (Intel Corporation)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files\Dell Wireless\Bluetooth Suite\BtvStack.exe [474272 2010-09-02] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files\Dell Wireless\Bluetooth Suite\AthBtTray.exe [298144 2010-09-02] (Atheros Commnucations)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM\...\Run: [RemoteControl9] => C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
HKLM\...\Run: [PDVD9LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-04-29] (CyberLink Corp.)
HKLM\...\Run: [Dell Webcam Central] => C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [487562 2010-08-20] (Creative Technology Ltd)
HKLM\...\Run: [RoxWatchTray] => C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-09-04] (Sonic Solutions)
HKLM\...\Run: [Desktop Disc Tool] => C:\Program Files\Roxio\oem\Roxio Burn\RoxioBurnLauncher.exe [522736 2010-11-01] ()
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [1797488 2011-01-07] (Microsoft Corporation)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-12-17] (Apple Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-29] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157456 2015-12-17] (Apple Inc.)
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [EPSON SX510W Series] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE [199680 2008-11-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [EPSON SX510W Series (Kopie 1)] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE [199680 2008-11-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [Device Detection] => C:\Program Files\Lidl_Fotos\dd.exe [860528 2013-10-30] ()
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [] => [X]
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [NokiaSuite.exe] => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1090040 2012-12-21] (Nokia)
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {1305b0a3-f675-11e1-a1da-90004e013ab8} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {41144100-92dc-11e1-8581-90004e013ab8} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {4114411a-92dc-11e1-8581-90004e013ab8} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {41144133-92dc-11e1-8581-90004e013ab8} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {7357d7ff-4967-11e2-8651-f04da26bc8e0} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {7357d81a-4967-11e2-8651-f04da26bc8e0} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {750a411f-34c9-11e0-b132-806e6f6e6963} - D:\autorun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {dc37c5b5-6a52-11e2-b7ff-f04da26bc8e0} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {f8f69999-c40f-11e2-a005-f04da26bc8e0} - E:\AutoRun.exe
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll [2013-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll [2013-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll [2013-03-12] (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{2258AB48-4D93-4911-96B8-1B32A6796175}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{448221D6-933B-418F-8123-42221C7068BA}: [DhcpNameServer] 139.7.30.126 139.7.30.125
Tcpip\..\Interfaces\{8A4DA0DA-3D99-4A6E-9C53-1FCE9296A33F}: [NameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{A85015A4-C874-4C44-846D-25AEC4860175}: [NameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{AF10391C-F1D8-4024-BC6B-26BD4465F675}: [NameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{BBE6AA86-1C5F-45F8-8486-9DB31DA9A39B}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USSMB/8
SearchScopes: HKLM -> DefaultScope {4B9FC999-DF9D-4DA9-B7D2-A17ED9193392} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
SearchScopes: HKLM -> {4B9FC999-DF9D-4DA9-B7D2-A17ED9193392} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-30] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2011-05-13] (Microsoft Corporation)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-04-01] (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-30] (Oracle Corporation)
BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-04-01] (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-583576071-2610798785-2159693280-1003 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - Keine Datei
FireFox:
========
FF ProfilePath: C:\Users\privat\AppData\Roaming\Mozilla\Firefox\Profiles\wwe6u0x0.default-1431504965002
FF Homepage: hxxps://www.google.de/?gws_rd=ssl
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_267.dll [2016-01-14] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-30] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2012-12-21] ( )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2008-10-24] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Extension: WEB.DE MailCheck - C:\Users\privat\AppData\Roaming\Mozilla\Firefox\Profiles\wwe6u0x0.default-1431504965002\extensions\mailcheck@web.de [2015-12-16]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-01-08] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2016-01-08] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2016-01-08] [ist nicht signiert]
FF Extension: UITBAutoInstaller - C:\Program Files\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2016-01-08] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - c:\Program Files\Trend Micro\Client Server Security Agent\bho\1056\FirefoxExtension => nicht gefunden
FF HKLM\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx32\addon
FF Extension: Bytemobile Optimization Client - C:\Program Files\T-Mobile\InternetManager_H\OCx32\addon [2012-12-19] [ist nicht signiert]
FF HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\privat\AppData\Roaming\Mozilla\Firefox\Profiles\kpwvyoo0.default\extensions\cliqz@cliqz.com => nicht gefunden
Chrome:
=======
CHR Profile: C:\Users\privat\AppData\Local\Google\Chrome\User Data\default
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files\Dell Wireless\Ath_CoexAgent.exe [151552 2010-05-24] (Atheros) [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files\Dell Wireless\Bluetooth Suite\adminservice.exe [56480 2010-09-02] (Atheros Commnucations) [Datei ist nicht signiert]
R2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
R2 EPSON_EB_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE [143872 2007-12-17] (SEIKO EPSON CORPORATION)
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [113664 2007-01-11] (SEIKO EPSON CORPORATION)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2011-02-10] (Macrovision Europe Ltd.) [Datei ist nicht signiert]
R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [270176 2011-01-28] ()
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Datei ist nicht signiert]
S2 Internet Manager. RunOuc; C:\Program Files\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [224096 2012-12-19] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
S3 RoxMediaDB12OEM; C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [1116656 2010-09-04] (Sonic Solutions)
S2 RoxWatch12; C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [219632 2010-09-04] (Sonic Solutions)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AthBTPort; C:\Windows\System32\DRIVERS\btath_flt.sys [37224 2010-07-08] (Atheros)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281504 2013-04-29] ()
R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [13184 2012-12-19] (Bytemobile, Inc.) [Datei ist nicht signiert]
S3 BTATH_A2DP; C:\Windows\System32\drivers\btath_a2dp.sys [257896 2010-07-08] (Atheros)
R3 BTATH_BUS; C:\Windows\System32\DRIVERS\btath_bus.sys [26984 2010-07-08] (Atheros)
S3 BTATH_HCRP; C:\Windows\System32\DRIVERS\btath_hcrp.sys [178024 2010-07-08] (Atheros)
S3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [47976 2010-09-02] (Atheros)
S3 BTATH_RCP; C:\Windows\System32\DRIVERS\btath_rcp.sys [143336 2010-07-08] (Atheros)
S3 BtFilter; C:\Windows\System32\DRIVERS\btfilter.sys [237416 2010-08-31] (Atheros)
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [63464 2013-01-22] (FTDI Ltd.)
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [90112 2012-12-19] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [26624 2012-12-19] (Huawei Technologies Co., Ltd.)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [181760 2012-12-19] (Huawei Technologies Co., Ltd.)
S3 KMWDFILTERx86; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [25088 2009-04-29] (Windows (R) Codename Longhorn DDK provider)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2013-04-29] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
S3 mvusbcomm; C:\Windows\System32\Drivers\mvusbcomm.sys [17408 2013-08-22] (Marvell Semiconductor, Inc.)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl.sys [18432 2012-03-26] (Apple Inc.) [Datei ist nicht signiert]
R2 risdpcie; C:\Windows\System32\DRIVERS\risdpe86.sys [49152 2009-06-30] (REDC)
S3 rixdpcie; C:\Windows\system32\DRIVERS\rixdpe86.sys [38400 2009-07-04] (REDC)
R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [172416 2010-11-20] (Microsoft Corporation)
R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [48128 2010-11-20] (Microsoft Corporation)
R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2010-11-20] (Microsoft Corporation)
R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [296064 2010-11-20] (Microsoft Corporation)
S3 adxapie; \??\C:\Users\privat\AppData\Local\Temp\adxapie.sys [X]
S3 PCDSRVC{E9D79540-57D5953E-06020101}_0; \??\c:\program files\dell support center\pcdsrvc.pkms [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-11 10:01 - 2016-02-11 10:01 - 00003795 _____ C:\Users\privat\Desktop\JRT.txt
2016-02-11 09:51 - 2016-02-11 09:51 - 01609032 _____ (Malwarebytes) C:\Users\privat\Downloads\JRT.exe
2016-02-11 09:37 - 2016-02-11 09:45 - 00000000 ____D C:\AdwCleaner
2016-02-11 09:37 - 2016-02-11 09:37 - 01508352 _____ C:\Users\privat\Downloads\AdwCleaner_5.033.exe
2016-02-11 09:23 - 2016-02-11 09:25 - 00231950 _____ C:\TDSSKiller.3.1.0.9_11.02.2016_09.23.44_log.txt
2016-02-11 09:23 - 2016-02-11 09:23 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\privat\Downloads\tdsskiller.exe
2016-02-10 17:55 - 2016-02-10 17:55 - 00058954 _____ C:\Users\privat\Downloads\Abrechnung_4475888970027369_20151114(1).PDF
2016-02-10 17:55 - 2016-02-10 17:55 - 00058558 _____ C:\Users\privat\Downloads\Abrechnung_4475888970027369_20151014.PDF
2016-02-10 17:55 - 2016-02-10 17:55 - 00058089 _____ C:\Users\privat\Downloads\Konto_1163325135-Auszug_2015_005(1).PDF
2016-02-10 17:55 - 2016-02-10 17:55 - 00057300 _____ C:\Users\privat\Downloads\Abrechnung_4475888970027369_20160114.PDF
2016-02-10 17:55 - 2016-02-10 17:55 - 00037353 _____ C:\Users\privat\Downloads\Abrechnung_4475888970027369_20151214(1).PDF
2016-02-10 17:54 - 2016-02-10 17:55 - 00073615 _____ C:\Users\privat\Downloads\Konto_1355011481-Auszug_2015_011(1).PDF
2016-02-10 17:54 - 2016-02-10 17:55 - 00070354 _____ C:\Users\privat\Downloads\Konto_1355011481-Auszug_2015_012(1).PDF
2016-02-10 17:54 - 2016-02-10 17:55 - 00062457 _____ C:\Users\privat\Downloads\Konto_1163325135-Auszug_2015_006(1).PDF
2016-02-10 17:54 - 2016-02-10 17:55 - 00056629 _____ C:\Users\privat\Downloads\Konto_1163325135-Auszug_2015_007(1).PDF
2016-02-10 17:54 - 2016-02-10 17:55 - 00029101 _____ C:\Users\privat\Downloads\Konto_3330022433-Auszug_2015_004(1).PDF
2016-02-10 17:53 - 2016-02-10 17:55 - 00062288 _____ C:\Users\privat\Downloads\Konto_1355011481-Auszug_2016_001.PDF
2016-02-10 16:49 - 2016-02-11 03:25 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-02-10 16:49 - 2016-02-10 16:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-10 16:48 - 2016-02-10 20:25 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-10 16:47 - 2016-02-11 03:23 - 00000000 ____D C:\Users\privat\Desktop\mbar
2016-02-10 16:47 - 2016-02-10 20:24 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-02-10 16:46 - 2016-02-10 16:47 - 16563352 _____ (Malwarebytes Corp.) C:\Users\privat\Downloads\mbar-1.09.3.1001.exe
2016-02-10 14:50 - 2016-02-10 14:52 - 00050353 _____ C:\Users\privat\Downloads\Addition.txt
2016-02-10 14:47 - 2016-02-11 10:49 - 00021749 _____ C:\Users\privat\Downloads\FRST.txt
2016-02-10 14:47 - 2016-02-11 10:49 - 00000000 ____D C:\FRST
2016-02-10 14:46 - 2016-02-10 14:46 - 01721344 _____ (Farbar) C:\Users\privat\Downloads\FRST.exe
2016-02-10 14:23 - 2016-02-10 14:24 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\privat\Downloads\SpyHunter-Installer (1).exe
2016-02-10 14:23 - 2016-02-10 14:23 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\privat\Downloads\SpyHunter-Installer.exe
2016-02-10 04:12 - 2016-02-10 04:12 - 00000000 ____D C:\ef66c554362ecf4d43f9d71f6f1364ae
2016-02-09 22:03 - 2016-01-16 19:42 - 00022464 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-02-09 22:03 - 2016-01-16 19:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-09 22:03 - 2016-01-16 19:34 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-02-09 22:03 - 2016-01-11 15:07 - 01198080 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-02-09 22:03 - 2016-01-11 15:07 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-02-09 22:03 - 2016-01-11 15:07 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-02-09 22:03 - 2016-01-11 15:07 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-02-09 22:03 - 2016-01-11 15:07 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-02-09 22:02 - 2016-01-22 07:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-02-09 22:02 - 2016-01-22 07:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-02-09 22:02 - 2016-01-22 06:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-02-09 22:02 - 2016-01-22 06:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-02-09 22:00 - 2016-01-22 07:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-02-09 22:00 - 2016-01-22 07:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-09 22:00 - 2016-01-22 07:09 - 01310232 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-09 22:00 - 2016-01-22 07:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-09 22:00 - 2016-01-22 07:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-09 22:00 - 2016-01-22 07:02 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-09 22:00 - 2016-01-22 07:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-09 22:00 - 2016-01-22 07:02 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-09 22:00 - 2016-01-22 07:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
2016-02-09 22:00 - 2016-01-22 07:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-09 22:00 - 2016-01-22 06:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-02-09 22:00 - 2016-01-07 18:47 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-09 22:00 - 2016-01-07 18:35 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-09 22:00 - 2016-01-06 19:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-02-09 22:00 - 2016-01-06 18:56 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-02-09 22:00 - 2015-12-20 19:45 - 02745856 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-02-09 22:00 - 2015-12-20 19:45 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-02-09 22:00 - 2015-12-20 17:16 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-02-09 21:59 - 2016-01-22 07:13 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-09 21:59 - 2016-01-22 07:13 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-02-09 21:59 - 2016-01-22 07:06 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-02-09 21:59 - 2016-01-22 07:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-02-09 21:59 - 2016-01-22 07:06 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-02-09 21:59 - 2016-01-22 07:06 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-02-09 21:59 - 2016-01-22 07:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-02-09 21:59 - 2016-01-22 07:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-02-09 21:59 - 2016-01-22 07:05 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-09 21:59 - 2016-01-22 07:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-02-09 21:59 - 2016-01-22 07:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-02-09 21:59 - 2016-01-22 07:02 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-09 21:59 - 2016-01-22 07:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-09 21:59 - 2016-01-22 07:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-02-09 21:59 - 2016-01-22 07:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-02-09 21:59 - 2016-01-22 07:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-02-09 21:59 - 2016-01-22 06:01 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-02-09 21:59 - 2016-01-22 06:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-02-09 21:59 - 2016-01-22 05:53 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-02-09 21:59 - 2016-01-22 05:53 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-09 21:59 - 2016-01-22 05:53 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-09 21:59 - 2016-01-22 05:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-02-09 21:59 - 2016-01-22 05:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-02-09 21:59 - 2016-01-22 05:51 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-02-09 21:59 - 2016-01-22 05:51 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-02-09 21:59 - 2016-01-22 05:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 05:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 05:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 05:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-09 21:58 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-09 21:58 - 2016-02-06 10:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-02-09 21:58 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-09 21:58 - 2016-02-06 10:38 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-02-09 21:58 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-09 21:58 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-09 21:58 - 2016-01-22 21:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-09 21:58 - 2016-01-22 07:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-02-09 21:58 - 2016-01-22 07:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-02-09 21:58 - 2016-01-22 07:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-02-09 21:58 - 2016-01-22 07:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-02-09 21:58 - 2016-01-22 06:55 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-02-09 21:58 - 2016-01-22 06:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-02-09 21:58 - 2016-01-22 06:52 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-02-09 21:58 - 2016-01-22 06:51 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-02-09 21:58 - 2016-01-22 06:51 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-02-09 21:58 - 2016-01-22 06:46 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-09 21:58 - 2016-01-22 06:43 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-02-09 21:58 - 2016-01-22 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-09 21:58 - 2016-01-22 06:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-02-09 21:58 - 2016-01-22 06:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-02-09 21:58 - 2016-01-22 06:34 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-02-09 21:58 - 2016-01-22 06:33 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-02-09 21:58 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-09 21:58 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-09 21:58 - 2016-01-22 06:25 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-09 21:58 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-09 21:58 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-09 21:58 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-09 21:57 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-09 21:57 - 2016-01-22 07:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-02-09 21:57 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-09 21:57 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-09 21:57 - 2016-01-22 06:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-02-09 21:57 - 2016-01-22 06:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-02-09 21:56 - 2016-01-11 19:47 - 02956288 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-02-09 21:56 - 2016-01-11 19:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-02-09 21:56 - 2016-01-11 19:35 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-02-09 21:56 - 2016-01-11 19:17 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-09 21:56 - 2016-01-11 19:14 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-02-09 21:56 - 2016-01-11 19:14 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-02-09 21:56 - 2016-01-11 19:14 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-02-09 21:56 - 2016-01-11 19:14 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-02-09 21:56 - 2016-01-11 19:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-02-09 21:56 - 2016-01-11 19:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-02-09 21:56 - 2016-01-11 19:14 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-01-20 13:19 - 2016-01-20 13:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-01-20 13:11 - 2016-01-20 13:19 - 00000000 ____D C:\Program Files\QuickTime
2016-01-13 22:45 - 2016-01-13 22:45 - 00000000 ____D C:\Users\Chris\AppData\Local\Apple
2016-01-13 09:44 - 2015-12-08 22:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-01-13 09:44 - 2015-12-08 22:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 01202688 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-13 09:44 - 2015-12-08 22:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-01-13 09:44 - 2015-12-08 22:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-13 09:44 - 2015-12-08 22:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-01-13 09:44 - 2015-12-08 22:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-01-13 09:44 - 2015-12-08 22:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-01-13 09:44 - 2015-12-08 22:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-01-13 09:44 - 2015-12-08 22:43 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-01-13 09:44 - 2015-12-08 22:11 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-01-13 09:44 - 2015-12-08 22:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-01-13 09:44 - 2015-11-16 21:12 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-01-13 09:44 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-01-13 09:44 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-01-13 09:44 - 2015-11-13 23:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-11 10:48 - 2011-06-24 16:32 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-11 09:58 - 2009-07-14 05:34 - 00025216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-11 09:58 - 2009-07-14 05:34 - 00025216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-11 09:48 - 2011-06-24 16:32 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-11 09:48 - 2011-02-10 12:53 - 00000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini
2016-02-11 09:47 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-11 09:00 - 2011-02-17 16:11 - 00000422 _____ C:\Windows\Tasks\SystemToolsDailyTest.job
2016-02-11 08:30 - 2011-03-12 17:55 - 00000000 ___RD C:\Users\privat\Virtual Machines
2016-02-11 04:03 - 2015-02-26 04:23 - 00000000 ____D C:\Windows\rescache
2016-02-10 20:20 - 2013-11-30 20:20 - 00149504 ___SH C:\Users\privat\Thumbs.db
2016-02-10 20:11 - 2013-03-20 20:50 - 00000000 ____D C:\Users\privat\AppData\Roaming\Bayd
2016-02-10 18:09 - 2011-03-21 18:09 - 00000240 _____ C:\Windows\Tasks\Epson Printer Software Downloader.job
2016-02-10 10:03 - 2011-02-10 12:07 - 02293438 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-10 10:03 - 2009-07-14 09:47 - 00964984 _____ C:\Windows\system32\perfh007.dat
2016-02-10 10:03 - 2009-07-14 09:47 - 00238790 _____ C:\Windows\system32\perfc007.dat
2016-02-10 10:03 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-02-10 04:16 - 2015-10-12 11:34 - 00000946 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-02-10 04:16 - 2009-07-14 05:33 - 00663416 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-10 04:13 - 2014-12-12 03:34 - 00000000 ____D C:\Windows\system32\appraiser
2016-02-10 04:13 - 2014-05-07 02:02 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-02-10 04:13 - 2009-07-14 09:57 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 03:56 - 2009-07-14 03:04 - 00000478 _____ C:\Windows\win.ini
2016-02-10 03:28 - 2013-08-15 20:25 - 00000000 ____D C:\Windows\system32\MRT
2016-02-10 03:14 - 2011-02-19 11:57 - 144254680 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-09 22:42 - 2014-09-02 17:32 - 00000000 ____D C:\Users\privat\AppData\Local\Adobe
2016-02-09 22:42 - 2012-04-22 17:31 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-02-09 22:42 - 2011-05-19 18:23 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-02-08 20:36 - 2013-01-16 20:35 - 00000000 ____D C:\Users\privat\Documents\Outlook-Dateien
2016-02-07 00:51 - 2011-04-23 18:46 - 00000000 ____D C:\Users\privat\AppData\Local\CrashDumps
2016-02-04 13:05 - 2011-03-26 11:36 - 00000000 ____D C:\Program Files\Opera
2016-02-01 13:29 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2016-01-18 22:19 - 2015-02-19 20:41 - 00229113 _____ C:\Users\privat\Documents\RK-2015-Taudte NEU.xlsx
2016-01-14 08:50 - 2015-11-30 11:23 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-14 03:50 - 2016-01-08 09:23 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-01-14 03:50 - 2012-05-13 20:13 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-01-14 03:50 - 2011-02-10 12:34 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-14 03:28 - 2011-02-10 12:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-11-18 10:07 - 2015-11-18 10:07 - 0207386 _____ () C:\Users\privat\AppData\Local\ars.cache
2015-11-18 10:07 - 2015-11-18 10:07 - 0333491 _____ () C:\Users\privat\AppData\Local\census.cache
2011-09-09 20:57 - 2013-05-08 18:45 - 0008704 _____ () C:\Users\privat\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-18 09:28 - 2015-11-18 09:28 - 0000036 _____ () C:\Users\privat\AppData\Local\housecall.guid.cache
2012-01-07 13:04 - 2015-12-17 20:46 - 0007602 _____ () C:\Users\privat\AppData\Local\Resmon.ResmonCfg
Einige Dateien in TEMP:
====================
C:\Users\Chris\AppData\Local\Temp\bitmaps.dll
C:\Users\Chris\AppData\Local\Temp\DiscoveryLib.dll
C:\Users\Chris\AppData\Local\Temp\DiscoveryLib64.dll
C:\Users\Chris\AppData\Local\Temp\fwDownloadLib.dll
C:\Users\Chris\AppData\Local\Temp\fwDownloadLib64.dll
C:\Users\Chris\AppData\Local\Temp\fwupdate.exe
C:\Users\Chris\AppData\Local\Temp\InstallLib.dll
C:\Users\Chris\AppData\Local\Temp\InstallLib64.dll
C:\Users\Chris\AppData\Local\Temp\InstallSeqLib.dll
C:\Users\Chris\AppData\Local\Temp\InstallSeqLib64.dll
C:\Users\Chris\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Chris\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Chris\AppData\Local\Temp\openslp32.dll
C:\Users\Chris\AppData\Local\Temp\openslp64.dll
C:\Users\Chris\AppData\Local\Temp\Setup.exe
C:\Users\Chris\AppData\Local\Temp\Uninstall.exe
C:\Users\Chris\AppData\Local\Temp\winstaller.exe
C:\Users\Chris\AppData\Local\Temp\winstaller64.exe
C:\Users\privat\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\privat\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-02-10 05:01
==================== Ende vom FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:07-02-2016
durchgeführt von privat (2016-02-11 10:50:51)
Gestartet von C:\Users\privat\Downloads
Microsoft Windows 7 Professional Service Pack 1 (X86) (2011-02-17 15:08:49)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-583576071-2610798785-2159693280-500 - Administrator - Disabled)
Chris (S-1-5-21-583576071-2610798785-2159693280-1000 - Administrator - Enabled) => C:\Users\Chris
Gast (S-1-5-21-583576071-2610798785-2159693280-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-583576071-2610798785-2159693280-1002 - Limited - Enabled)
privat (S-1-5-21-583576071-2610798785-2159693280-1003 - Administrator - Enabled) => C:\Users\privat
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
ABBYY FineReader 6.0 Sprint (HKLM\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House)
Adobe Acrobat 9 Standard - English, Français, Deutsch (HKLM\...\{AC76BA86-1033-F400-BA7E-000000000004}{AC76BA86-1033-F400-BA7E-000000000004}) (Version: 9.5.5 - Adobe Systems)
Adobe Acrobat 9.5.5 - CPSID_83708 (HKLM\...\{AC76BA86-1033-F400-BA7E-000000000004}_955) (Version: - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM\...\{2BD2FA21-B51D-4F01-94A7-AC16737B2163}) (Version: 10.0.12.36 - Adobe Systems, Inc.)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Flash Player 20 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
ANNO 1503 (HKLM\...\{EBBB1DEF-8878-4CB8-BC0D-1196B30E7527}) (Version: - )
Anno 1701 (HKLM\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.00 - Sunflowers)
Apple Application Support (32-Bit) (HKLM\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{9A629DCB-415D-4A50-85B9-5C2E4F8F74A8}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Beyond Good & Evil (HKLM\...\{6BF81CE7-3D5A-497F-8912-2A65A0253E1B}) (Version: 1.01.000 - )
Bing Bar (HKLM\...\{449CE12D-E2C7-4B97-B19E-55D163EA9435}) (Version: 7.0.619.0 - Microsoft Corporation)
Bluetooth Win7 Suite (HKLM\...\{101A497C-7EF6-4001-834D-E5FA1C70FEFA}) (Version: 7.2.0.6 - Atheros Communications)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
Broken Sword 2.5 (HKLM\...\Broken Sword 2.5_is1) (Version: - mindFactory)
CCleaner (HKLM\...\CCleaner) (Version: 3.20 - Piriform)
Cliqz (HKLM\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
combit address manager 15 Workstation Einrichtung (HKLM\...\combit address manager 15 Workstation Einrichtung) (Version: 1.0.0 - combit GmbH)
Commandos 2: Men of Courage (HKLM\...\{F7963BA0-EE1C-11D4-9FA5-00A0C9E6A342}) (Version: - )
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.129.0.64 - Conexant)
CyberLink PowerDVD 9.5 (HKLM\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.3225 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery Manager (HKLM\...\{4688EB75-28E2-4731-9BCB-55E624F7CD45}) (Version: 1.3 - Dell Inc.)
Dell Bluetooth Installation (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{3138EAD3-700B-4A10-B617-B3F8096EE30D}) (Version: 1.0.0 - Dell Inc)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.0.5621.01 - Dell Inc.)
Dell Support Center (Version: 3.0.5621.01 - PC-Doctor, Inc.) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1007.101.102 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Central (HKLM\...\Dell Webcam Central) (Version: 2.00.35 - Creative Technology Ltd)
Der Pate® Das Spiel (HKLM\...\{1D2CF076-A63F-41A5-00A1-5924FADFAD9D}) (Version: - )
Desperados 1.0 (HKLM\...\Desperados 1.0) (Version: - )
DialUp (HKLM\...\DialUp) (Version: 12.08.101 - Huawei Technologies Co.,Ltd)
Die Gilde (HKLM\...\Die Gilde) (Version: - )
Die Gilde Update 1.05 Beta 3 (HKLM\...\Die Gilde Update 1.05 Beta 3) (Version: - )
DIE SIEDLER - Aufstieg eines Königreichs (HKLM\...\{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}) (Version: 1.00.0000 - Ubisoft)
DIE SIEDLER - Das Erbe der Könige - Gold Edition (HKLM\...\{E08DE897-B6AF-4DFF-9E90-131E80C876B4}) (Version: 1.00.0000 - Blue Byte)
Die Siedler 2 - Die nächste Generation (HKLM\...\{ED56EF4F-35FF-48D4-B616-A66E791EF1B6}) (Version: 1.00.0000 - UBISOFT)
DirectX 9 Runtime (Version: 1.00.0000 - Sonic Solutions) Hidden
Drakensang (HKLM\...\Drakensang_is1) (Version: - dtp)
Dropbox (HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Dropbox) (Version: 1.6.18 - Dropbox, Inc.)
Dungeon Keeper (HKLM\...\Keeper) (Version: - )
Emulator Starter (HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\32bce9526e87661e) (Version: 1.0.0.141 - Free Game Empire)
Epson Easy Photo Print 2 (HKLM\...\{87C2248A-C7DD-49ED-9BCD-B312A9D0819E}) (Version: 2.1.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation)
Epson Printer Software Downloader (HKLM\...\Epson Printer Software Downloader) (Version: - )
Epson Printer Software Downloader (Version: 2.0.0 - SEIKO EPSON CORPORATION) Hidden
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - )
Epson Stylus SX510W_TX550W Handbuch (HKLM\...\Epson Stylus SX510W_TX550W Benutzerhandbuch) (Version: - )
EPSON SX510W Series Printer Uninstall (HKLM\...\EPSON SX510W Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4i - SEIKO EPSON CORPORATION)
EpsonNet Setup (HKLM\...\{FFFAE01B-466F-4C07-9821-A94FD753BDDA}) (Version: 3.1c - SEIKO EPSON CORPORATION)
EXIFeditor (HKLM\...\{50FC1CE8-FF32-4F3B-B654-050DD6ECD474}) (Version: 1.0.0 - kiwi.software.NET)
Fallout 3 (HKLM\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
FlexMail 4.0 (HKLM\...\{A95AD78E-D9C4-4ECE-8D54-CED21CEB2D52}) (Version: 4.00.0000 - Flex Systems B.V.)
fotokasten comfort 5.4 (HKLM\...\fotokasten comfort_is1) (Version: - )
Foto-Mosaik-Edda Standard V6.6.12082.1 (HKLM\...\{A2D6ECD0-7E52-42B7-9236-DB2951436616}_is1) (Version: - Steffen Schirmer)
Fotor 1.3.0 (HKLM\...\Fotor) (Version: 1.3.0 - Everimaging Co., Ltd.)
FP-PostBase (HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\32b33acc94e46eaf) (Version: 1.8.0.0 - Francotyp-Postalia)
Free YouTube to MP3 Converter version 3.12.54.128 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.54.128 - DVDVideoSoft Ltd.)
FUJIdirekt Bestellsoftware 5.1 (HKLM\...\FUJIdirekt Bestellsoftware_is1) (Version: - )
Garmin Trip and Waypoint Manager v5 (HKLM\...\{414A373B-59DF-4102-94CA-9FE9A74CBDDA}) (Version: 5.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
GIMP 2.6.11 (HKLM\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
GLtron version 0.70 (HKLM\...\GLtron_is1) (Version: - )
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
GPSBabel 1.4.2 (HKLM\...\{1B8FE958-A304-4902-BF7A-4E2F0F5B7017}_is1) (Version: - GPSBabel)
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.7.50 - Conexant Systems)
Hex-Editor MX (HKLM\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2182 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.4.1002 - Intel Corporation)
Internet Manager (HKLM\...\Internet Manager) (Version: 22.001.18.00.748 - Huawei Technologies Co.,Ltd)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iTunes (HKLM\...\{2C741651-87E0-4479-9703-6DD0D7988B84}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 66 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lidl-Fotos (HKLM\...\Lidl-Fotos_is1) (Version: - )
locr GPS Photo (HKLM\...\{E58A0BB1-1FA1-40DC-AFA4-2C86D0A3B879}) (Version: 1.2.4 - locr)
Luminance HDR 2.3.1 (HKLM\...\{7020FC34-6E04-4858-924D-354B28CB2402}_is1) (Version: - Luminance HDR Dev Team)
M Series Driver (HKLM\...\M Series Driver) (Version: - )
mailcredit (HKLM\...\{986D05F1-1487-4865-BBAF-70A969B95A24}) (Version: 1.2.4 - Francotyp-Postalia)
mailreport (HKLM\...\{1C9F6F44-3990-48AE-926B-C5F3B8D23B45}) (Version: 1.6.0 - FP)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
MFCLOC (Version: 1.00.0000 - Dell Inc.) Hidden
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Age of Empires II (HKLM\...\Age of Empires 2.0) (Version: - )
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}) (Version: 3.0.19.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.0 (HKLM\...\{CD232781-26CA-4E18-BC70-4343A2F0D583}) (Version: 8.01.249.0 - Microsoft)
Microsoft Office Access Runtime (English) 2007 (HKLM\...\{90120000-001C-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Access Runtime (German) 2007 (HKLM\...\{90120000-001C-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Minecraft (HKLM\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mobile Partner (HKLM\...\Mobile Partner) (Version: 16.001.06.01.500 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 43.0.4 (x86 de) (HKLM\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Navigator Base Components (HKLM\...\{759F0957-BB9E-4C55-88A7-86961F9099A8}) (Version: 1.3.0.0 - FP)
NehrimUninstaller (HKLM\...\Nehrim - Am Rande des Schicksals_is1) (Version: 1.0.0 - SureAI)
Nokia Connectivity Cable Driver (HKLM\...\{6FE12C01-2FBC-42E2-AEB9-4CA2238C462F}) (Version: 7.1.101.0 - Nokia)
Nokia PC Suite (HKLM\...\Nokia PC Suite) (Version: 7.1.60.0 - Nokia)
Nokia PC Suite (Version: 7.1.60.0 - Nokia) Hidden
Nokia Suite (HKLM\...\Nokia Suite) (Version: 3.7.22.0 - Nokia)
Nokia Suite (Version: 3.7.22.0 - Nokia) Hidden
Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
NVIDIA PhysX (HKLM\...\{B83FC356-B7C0-441F-8A4D-D71E088E7974}) (Version: 9.09.0428 - NVIDIA Corporation)
Nvu 1.0 (HKLM\...\Nvu_is1) (Version: 1.0 - Thorsten Fritz)
Oblivion (HKLM\...\{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}) (Version: 1.2.0416 - Bethesda Softworks)
OpenAL (HKLM\...\OpenAL) (Version: - )
OpenTTD 1.1.1 (HKLM\...\OpenTTD) (Version: 1.1.1 - OpenTTD)
Opera 12.17 (HKLM\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Opera Stable 35.0.2066.37 (HKLM\...\Opera 35.0.2066.37) (Version: 35.0.2066.37 - Opera Software)
Origin (HKLM\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
OSM World Routable (HKLM\...\OSM World Routable) (Version: - )
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}) (Version: 3.60.0 - dotPDN LLC)
PC Connectivity Solution (HKLM\...\{6B722793-E77B-41F5-BAB3-6C9832274E75}) (Version: 12.0.76.0 - Nokia)
Perfect Effects 4.0.1 (HKLM\...\{385E6A4D-A440-43E2-9BAF-A012FB5FC2E2}) (Version: 4.0.1 - onOne Software)
PhotoShowExpress (Version: 2.0.028 - Sonic Solutions) Hidden
Picture Collage Maker Free 2.1.2 (HKLM\...\{DEB7295A-D00E-4D45-846C-2947E8C3F080}_is1) (Version: - PearlMountain Soft)
PL-2303 Vista Driver Installer (HKLM\...\{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}) (Version: 3.0.1.0 - Prolific)
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Risen (HKLM\...\{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}) (Version: 1.00.0000 - Deep Silver)
Roxio Burn (HKLM\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.8.57.4 - Roxio)
Roxio Creator Starter (HKLM\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.40.0 - Roxio)
ScummVM 1.5.0 (HKLM\...\ScummVM_is1) (Version: - The ScummVM Team)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shape Collage (HKLM\...\ShapeCollage) (Version: - Shape Collage Inc.)
Sid Meier's Civilization IV Colonization (HKLM\...\{EF36A836-BF89-4A4F-B079-057B0C68C1E0}) (Version: 1.00 - Firaxis Games)
Sid Meier's Pirates! (HKLM\...\InstallShield_{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}) (Version: 1.00.0000 - Ihr Firmenname)
Sid Meier's Pirates! (Version: 1.00.0000 - Ihr Firmenname) Hidden
SimCity 3000 (HKLM\...\SimCity 3000) (Version: - )
Snapseed (HKLM\...\{D5BEB842-5696-4AE8-A222-03D06384856D}) (Version: 1.2.1 - Nik Software, Inc.)
Sonic CinePlayer Decoder Pack (Version: 4.3.0 - Sonic Solutions) Hidden
System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version: - )
TB-Logger (HKLM\...\{0A6E0A7D-0F43-4D71-849C-C3DBB03FDF72}) (Version: 1.00.0000 - Seelenreiter Software)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.01 - Ghisler Software GmbH)
Transport Tycoon Deluxe (HKLM\...\ft_Transport Tycoon Deluxe) (Version: - )
Tropico 3: Absolute Power (HKLM\...\Tropico3) (Version: 2.01 - Kalypso Media)
VLC media player 1.1.11 (HKLM\...\VLC media player) (Version: 1.1.11 - VideoLAN)
WEB.DE MailCheck für Mozilla Firefox (HKLM\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 3.0.1.1739 - 1&1 Mail & Media GmbH)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)
Windows-Treiberpaket - Nokia Modem (06/09/2010 7.01.0.8) (HKLM\...\E5372C32E8562C76C24DBA6525002B1031495F34) (Version: 06/09/2010 7.01.0.8 - Nokia)
Windows-Treiberpaket - Nokia Modem (10/07/2010 4.6) (HKLM\...\6DA48AFDE796708D5A4C9121A83E7617A63A9A15) (Version: 10/07/2010 4.6 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\privat\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{3A999A50-AB25-4A20-90A9-08F71FCE320F}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\W32X86\3\HPCDMC32.DLL (HP)
CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{98087D89-B93F-4BCF-A998-AE4D9F607C14}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\W32X86\3\HPCDMC32.DLL (HP)
CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{B286F068-5B17-4AE8-989B-8F9A199C47BA}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\W32X86\3\HPCDMC32.DLL (HP)
CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {06FA2F6D-6D2F-4739-AFDF-011FCFD6B4ED} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-06-22] (Piriform Ltd)
Task: {0833FD78-E630-457E-9947-33225F0994AD} - System32\Tasks\{9B46B8A8-F2CE-4EFA-A9EA-21D54C46250D} => pcalua.exe -a C:\Users\privat\Downloads\freecol-0.10.7-installer.exe -d C:\Users\privat\Downloads
Task: {106C5547-C970-48C4-98D3-9A69E1E8217D} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell Support Center\pcdrcui.exe [2010-08-05] (PC-Doctor, Inc.)
Task: {305297D7-3F18-4448-958C-463AA931B8BC} - System32\Tasks\{432716FB-6E5B-48C0-B400-ADA1E77754EA} => pcalua.exe -a "E:\Drivers\Huawei Win Driver 3.17.00.00\DriverSetup.exe" -d "E:\Drivers\Huawei Win Driver 3.17.00.00"
Task: {31ED0145-0072-4BE0-B2F8-3E0773E4E233} - System32\Tasks\Epson Printer Software Downloader => C:\Program Files\EPSON\EPAPDL\E_SAPDL2.EXE [2009-05-26] (SEIKO EPSON CORPORATION)
Task: {47906A49-AACC-4DDE-BE34-84FA8036A59E} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-11-09] (Oracle Corporation)
Task: {53DDFE59-4F7F-452F-81BB-85BFAFC07A80} - System32\Tasks\{AC89E59D-1720-4EF5-A2AA-AEA3059E64D8} => C:\Program Files\Railroad Tycoon 3\RT3.EXE
Task: {5792CAA8-BDDF-478E-A175-683AF94919D3} - System32\Tasks\{6795A8F1-12C3-4B30-95E2-E56FF108CAB8} => pcalua.exe -a C:\Users\Chris\Downloads\Francotyp\dotnetfx35.exe -d C:\Users\Chris\Downloads\Francotyp
Task: {5C172A1C-E728-4FB2-AFA0-EAEAB9078C64} - System32\Tasks\{32694C1D-C6FD-445E-862F-98800CCC474E} => pcalua.exe -a D:\Desperados.exe -d D:\ -c -autorun
Task: {6427F481-55CF-4BFC-8EF2-51E3132043CE} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-01-07] (Microsoft Corporation)
Task: {72C7C7E6-2016-4A49-9947-A96D3708455B} - System32\Tasks\{FACA8AB1-8477-4456-85AE-07DBE1AA83B6} => C:\Spiele\Black Isle\BGII - SvA\baldur.exe
Task: {906BEC28-8275-42EE-BD7B-6725E865EE5B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {97D56506-9867-477D-B10A-80C5E2A42F1C} - System32\Tasks\{9FA1911B-70FF-4B59-AD46-7A38C41BA63A} => pcalua.exe -a C:\Users\Chris\Downloads\Francotyp\SSM-PC²\SSM-PC²_2.9.3\dotnetfx.exe -d C:\Users\Chris\Downloads\Francotyp\SSM-PC²\SSM-PC²_2.9.3
Task: {A9122413-B787-4F21-B0D1-8ACA54041341} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe [2016-02-09] (Adobe Systems Incorporated)
Task: {B680FFBC-F40E-4A0A-9E59-73C67D95A013} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {BBE34391-4A80-476D-9187-2094EC9B77F6} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {C0E586BE-4F89-4744-AD68-FC203C7D70EE} - System32\Tasks\{BB66391B-993D-4607-AA35-975E7C3830D7} => pcalua.exe -a C:\Users\privat\Downloads\TagesSetup.exe -d "C:\Program Files\Mozilla Firefox"
Task: {C7A11EE7-92AE-4829-A260-DA80EE5D5998} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {CECF4D3E-CB7B-4DA8-9D83-6DC2E7336D83} - System32\Tasks\{624BB5A4-6322-4841-9017-29740BA7C313} => pcalua.exe -a D:\Setup.exe -d D:\
Task: {D1CD5220-A3B6-4926-B75A-BDA6A4914B96} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2010-08-05] ()
Task: {D8C246C0-6B69-46E0-8F2C-9AA3E87BF665} - System32\Tasks\{1EAB8755-15D3-451C-8C4A-BD15D1B399AB} => pcalua.exe -a C:\Users\Chris\Downloads\Francotyp\SSM-PC²\SSM-PC²_2.9.3\Setup.Exe -d C:\Users\Chris\Downloads\Francotyp\SSM-PC²\SSM-PC²_2.9.3
Task: {E3B1F8CF-6126-46AD-AC3B-C8775117E667} - System32\Tasks\Opera scheduled Autoupdate 1418247860 => C:\Program Files\Opera\launcher.exe [2016-02-01] (Opera Software)
Task: {E8702BC3-28A3-4036-BC22-5E08F68D94AE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {EC0040A7-BE93-43A4-B831-933AAD10B65B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {F6CEE181-C99B-48E7-B472-26CC0E000C8A} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\system32\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe
Task: C:\Windows\Tasks\Epson Printer Software Downloader.job => C:\Program Files\EPSON\EPAPDL\E_SAPDL2.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\Dell Support Center\pcdrcui.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-01-14 09:52 - 2013-12-06 08:00 - 00032768 _____ () C:\Windows\System32\splmk14O.DLL
2013-08-22 12:26 - 2013-08-22 12:26 - 00108544 _____ () C:\Windows\System32\zlm_AstroMSeries.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 04:46 - 2015-10-13 04:46 - 01040144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-01-28 05:03 - 2011-01-28 05:03 - 00270176 _____ () C:\ProgramData\DatacardService\HWDeviceService.exe
2016-02-10 04:27 - 2016-02-10 04:27 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\701ecb7450d652e9116d1dd67aa198db\IsdiInterop.ni.dll
2011-02-10 12:05 - 2010-06-08 17:44 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2016-02-04 13:05 - 2016-02-04 13:04 - 62319736 _____ () C:\Program Files\Opera\35.0.2066.37\opera.dll
2016-02-04 13:05 - 2016-02-04 13:03 - 02074232 _____ () C:\Program Files\Opera\35.0.2066.37\libglesv2.dll
2016-02-04 13:05 - 2016-02-04 13:03 - 00081528 _____ () C:\Program Files\Opera\35.0.2066.37\libegl.dll
2016-02-09 22:42 - 2016-02-09 22:42 - 16804032 _____ () C:\Windows\system32\Macromed\Flash\pepflashplayer32_20_0_0_306.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\privat\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{3C38CCF7-702E-4CB8-9F0F-063583B21CE5}] => (Allow) C:\Program Files\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{44B096DD-0713-4CA9-823C-1847ECA6FFFA}] => (Allow) C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{B0606A41-F54E-475D-B9AC-A31B6D52A66B}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C60B7DEF-0C69-4797-A9C4-1CB93170BC55}] => (Allow) LPort=2869
FirewallRules: [{C1B020ED-762D-4FC4-91F6-2CDF212E0987}] => (Allow) LPort=1900
FirewallRules: [{290BE0B2-C46D-4E32-8EE5-7A2F13570D77}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{1AC0F625-12FF-49A8-80D8-B1C9BF4F3ADE}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe
FirewallRules: [{3D45F63A-3FDA-49DC-B21C-7369AFE16C74}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [TCP Query User{4E054D63-38F8-43E6-8964-5734EBFD0965}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{14DC5B4C-3581-4462-A607-AB2E42FEB050}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [{72E9878D-0E75-4D16-8F68-247D43DFBCB2}] => (Allow) C:\Program Files\EpsonNet\EpsonNet Setup\tool09\ENEasyApp.exe
FirewallRules: [{A05BC5AC-A497-4A9D-BB84-F6D2DA5B58EB}] => (Allow) C:\Program Files\EpsonNet\EpsonNet Setup\tool09\ENEasyApp.exe
FirewallRules: [TCP Query User{72864067-6E8E-4F1E-992D-EE2B459C9350}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{CC565558-9E3F-44B3-B6A6-5B3FA2E2C6F8}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [{B0BE42B7-89B0-4A03-9304-4350DFCBBE75}] => (Allow) C:\Program Files\Opera\opera.exe
FirewallRules: [{65A064CA-FA6B-4C45-9EEA-B9477BFBF08F}] => (Allow) C:\Program Files\Opera\opera.exe
FirewallRules: [TCP Query User{2209214F-FB63-4126-AA51-63EDED0B7EC1}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{099C7999-1BCE-41F0-A4BD-E05C357D11BD}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{502B46D3-DE80-4545-AE55-CCEDEEC70760}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{CB9D4E65-5D32-4C63-A5E6-DDD749FEA1C8}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{1EE0DBA3-1F76-4866-B1B4-3B8F13190D87}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [UDP Query User{B992EE84-3205-45A6-8B03-2588478CEC4C}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [{CC47A10B-8AFF-4277-86C6-942636607F2B}] => (Allow) C:\Program Files\Ubisoft\DIE SIEDLER - Aufstieg eines Königreichs\base\bin\Settlers6.exe
FirewallRules: [{2D1653DE-5270-4CF1-B49B-399F4632D9C0}] => (Allow) C:\Program Files\Ubisoft\DIE SIEDLER - Aufstieg eines Königreichs\base\bin\Settlers6.exe
FirewallRules: [{D3EE7C81-2420-4E04-BA73-5DF577FF4C64}] => (Allow) C:\Users\privat\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{B13429D1-CB1F-4DA1-83F8-1914AB8A0E15}] => (Allow) C:\Users\privat\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{E3EF4AD6-237A-496D-8C7E-77224B490224}C:\users\privat\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\privat\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{DD4B8ADE-9311-4B6A-A3D5-0E8DD1EECE16}C:\users\privat\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\privat\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{0AF52037-981E-4BE4-B347-2FBEAB0B29DD}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe
FirewallRules: [UDP Query User{78E1F88C-F4F3-4BF4-A348-EBF3E3B15AEA}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe
FirewallRules: [TCP Query User{FCBE8810-6AF2-4F0A-84DB-55AA6DAC1443}C:\program files\microsoft games\age of empires ii\empires2.exe] => (Block) C:\program files\microsoft games\age of empires ii\empires2.exe
FirewallRules: [UDP Query User{EB009E32-192A-4DF1-882F-C4233FDDEC3D}C:\program files\microsoft games\age of empires ii\empires2.exe] => (Block) C:\program files\microsoft games\age of empires ii\empires2.exe
FirewallRules: [{17463ADF-BA96-4C5E-899C-1601D47E2727}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{037F7F0B-A9E4-42F8-A3A1-6CC3EBB19222}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DBECFA57-8DF9-41B2-8498-16D7F62CC1D5}] => (Allow) C:\Program Files\nokia\nokia suite\nokiasuite.exe
FirewallRules: [TCP Query User{5D96BB2B-D88B-4CCE-8C9B-E1C75DAB932B}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [UDP Query User{8A0B0BE5-6DF6-4CAF-81CC-9795EC3C02AD}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [TCP Query User{5B78E45C-8A86-4715-9F6C-EC9CB92FE479}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [UDP Query User{FE52BCC7-B2A3-46B6-BDBE-FDEC371F87E5}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [TCP Query User{20F703AE-2A27-49A6-8C81-AAB5FF0276BE}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [UDP Query User{7BBDCE2C-3C36-45DE-9C70-EF5442EE0811}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [TCP Query User{7041B9BF-BF63-4E58-AEBE-13EB105972A4}C:\program files\onone software\perfect effects 4\perfect effects 4.exe] => (Allow) C:\program files\onone software\perfect effects 4\perfect effects 4.exe
FirewallRules: [UDP Query User{AC0B7146-3890-43F8-984D-7ECA353BAC65}C:\program files\onone software\perfect effects 4\perfect effects 4.exe] => (Allow) C:\program files\onone software\perfect effects 4\perfect effects 4.exe
FirewallRules: [TCP Query User{BE488148-EB2A-4243-95DC-842E5397AA7E}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [UDP Query User{2695B1F1-7F82-4650-B210-17851DC6B263}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [{80BE2064-51E8-4C05-840C-B904A274945D}] => (Allow) C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization IV Colonization\Colonization.exe
FirewallRules: [{29B9E2B6-05B0-4C06-B70D-DCB3F226E8BB}] => (Allow) C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization IV Colonization\Colonization.exe
FirewallRules: [TCP Query User{F410B639-5D80-4B30-99B7-A89888DB4C0C}C:\program files\electronic arts\eadm\core.exe] => (Allow) C:\program files\electronic arts\eadm\core.exe
FirewallRules: [UDP Query User{D4F17FD8-601A-49EA-8437-35D3775DAC62}C:\program files\electronic arts\eadm\core.exe] => (Allow) C:\program files\electronic arts\eadm\core.exe
FirewallRules: [TCP Query User{4A5DC1A0-88F5-4A5D-B2C5-8ADEA5C22CE0}C:\program files\electronic arts\eadm\core.exe] => (Block) C:\program files\electronic arts\eadm\core.exe
FirewallRules: [UDP Query User{C8CC75B5-ED27-4B58-A4B8-198263C44A8F}C:\program files\electronic arts\eadm\core.exe] => (Block) C:\program files\electronic arts\eadm\core.exe
FirewallRules: [TCP Query User{F59809A6-A9E2-44A9-834A-4558E763D0B9}C:\program files\onone software\perfect effects 4\perfect effects 4.exe] => (Allow) C:\program files\onone software\perfect effects 4\perfect effects 4.exe
FirewallRules: [UDP Query User{1F91DFAB-B552-4DE3-9951-DAB1F7111844}C:\program files\onone software\perfect effects 4\perfect effects 4.exe] => (Allow) C:\program files\onone software\perfect effects 4\perfect effects 4.exe
FirewallRules: [TCP Query User{7742D69F-F040-48FF-91CD-3DEDB71BF335}C:\program files\memjet\m series driver\toolbox\usb2http.exe] => (Allow) C:\program files\memjet\m series driver\toolbox\usb2http.exe
FirewallRules: [UDP Query User{5E91F9CF-ACC6-4D96-868C-DA6612C5DC67}C:\program files\memjet\m series driver\toolbox\usb2http.exe] => (Allow) C:\program files\memjet\m series driver\toolbox\usb2http.exe
FirewallRules: [TCP Query User{FCB67176-167B-46EC-912D-BF0558389E75}C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\bin\settlershok.exe] => (Allow) C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\bin\settlershok.exe
FirewallRules: [UDP Query User{F935B6B0-23A4-4708-9EBC-03C46BEE021C}C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\bin\settlershok.exe] => (Allow) C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\bin\settlershok.exe
FirewallRules: [TCP Query User{D650801F-1A42-4E33-AF26-0FE2CBE3EC4D}C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\extra1\bin\settlershok.exe] => (Block) C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\extra1\bin\settlershok.exe
FirewallRules: [UDP Query User{975EA1D6-8B3F-4162-B1CC-9C027911B38E}C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\extra1\bin\settlershok.exe] => (Block) C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\extra1\bin\settlershok.exe
FirewallRules: [{ED91245C-E5D4-450B-B728-F92B83C2AD03}] => (Allow) C:\Program Files\fotokasten comfort\Loader.exe
FirewallRules: [{E5B7E9F0-1676-4A3A-A109-E3F7B01C7BB6}] => (Allow) C:\Program Files\fotokasten comfort\Loader.exe
FirewallRules: [{A901D81D-AC94-4362-B2BE-D22F967E52A1}] => (Allow) C:\Program Files\fotokasten comfort\Loader.exe
FirewallRules: [{AA7E2350-244C-45B6-959E-DF330D5A3A49}] => (Allow) C:\Program Files\fotokasten comfort\Loader.exe
FirewallRules: [{FE68019C-9EF3-4589-B6FC-295543D050DD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{91330218-F13B-49E8-98D8-7C1BE66CFC36}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3B3674F8-FD09-4E15-B14A-D826AA47888A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{600CF4EB-D0D9-4ECA-BC82-82159D0079DB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{15B905FC-11C5-4596-81DE-600FE7C157DE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{BB3AC775-3CC8-452D-BEE0-A94691721D25}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{2CA81FCE-C86F-4C3F-BFBD-0F93D5589729}] => (Allow) C:\Program Files\iTunes\iTunes.exe
==================== Wiederherstellungspunkte =========================
11-02-2016 09:53:51 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Dell Wireless 1702 Bluetooth v3.0+HS
Description: Dell Wireless 1702 Bluetooth v3.0+HS
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/10/2016 10:42:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 27503
Error: (02/10/2016 10:42:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 27503
Error: (02/10/2016 10:42:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/10/2016 10:42:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 26505
Error: (02/10/2016 10:42:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 26505
Error: (02/10/2016 10:42:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/10/2016 10:42:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 25491
Error: (02/10/2016 10:42:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 25491
Error: (02/10/2016 10:42:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/10/2016 10:42:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 24477
Systemfehler:
=============
Error: (02/11/2016 09:48:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Internet Manager. OUC" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (02/11/2016 09:48:56 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Internet Manager. OUC erreicht.
Error: (02/11/2016 09:46:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Apple Mobile Device" wurde aufgrund folgenden Fehlers nicht gestartet:
%%109
Error: (02/11/2016 09:46:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Druckwarteschlange" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (02/11/2016 09:46:36 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "Spooler" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%50
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (02/11/2016 09:46:08 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (02/11/2016 09:45:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ServiceLayer" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/11/2016 09:45:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/11/2016 09:45:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/11/2016 09:45:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T6670 @ 2.20GHz
Prozentuale Nutzung des RAM: 51%
Installierter physikalischer RAM: 3036.36 MB
Verfügbarer physikalischer RAM: 1473.29 MB
Summe virtueller Speicher: 4993.46 MB
Verfügbarer virtueller Speicher: 3137.72 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:283.4 GB) (Free:4.03 GB) NTFS
Drive d: (Disc 2) (CDROM) (Total:0.34 GB) (Free:0 GB) CDFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 11121702)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=283.4 GB) - (Type=07 NTFS)
==================== Ende vom Addition.txt ============================
|
|
11.02.2016, 11:25
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKLM\...\Run: [] => [X]
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [] => [X]
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - Keine Datei
FF HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\privat\AppData\Roaming\Mozilla\Firefox\Profiles\kpwvyoo0.default\extensions\cliqz@cliqz.com => nicht gefunden
S3 adxapie; \??\C:\Users\privat\AppData\Local\Temp\adxapie.sys [X]
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.02.2016, 11:52
| #13 |
| | Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt Hier ist der Log: Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x86) Version:07-02-2016
durchgeführt von privat (2016-02-11 11:37:23) Run:1
Gestartet von C:\Users\privat\Downloads
Geladene Profile: privat (Verfügbare Profile: Chris & privat)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [] => [X]
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - Keine Datei
FF HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\privat\AppData\Roaming\Mozilla\Firefox\Profiles\kpwvyoo0.default\extensions\cliqz@cliqz.com => nicht gefunden
S3 adxapie; \??\C:\Users\privat\AppData\Local\Temp\adxapie.sys [X]
emptytemp:
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => Wert erfolgreich entfernt
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\Software\Microsoft\Windows\CurrentVersion\Run\\ => Wert erfolgreich entfernt
"HKCR\PROTOCOLS\Handler\tmpx" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{0E526CB5-7446-41D1-A403-19BFE95E8C23} => Schlüssel nicht gefunden.
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\Software\Mozilla\Firefox\Extensions\\cliqz@cliqz.com => Wert erfolgreich entfernt
adxapie => service erfolgreich entfernt
EmptyTemp: => 4.5 GB temporäre Dateien entfernt.
Das System musste neu gestartet werden.
==== Ende vom Fixlog 11:44:56 ====
|
|
11.02.2016, 12:56
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt Okay, dann Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte: 1. Schritt: MBAM Downloade Dir bitte  Malwarebytes Anti-Malware
2. Schritt: ESET ESET Online Scanner
3. Schritt: SecurityCheck Downloade Dir bitte  SecurityCheck und:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.02.2016, 09:47
| #15 |
| | Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt Alle 3 Scans durchgeführt, hier sind die Logs: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 11.02.2016 Suchlaufzeit: 20:03 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2016.02.11.04 Rootkit-Datenbank: v2016.02.08.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x86 Dateisystem: NTFS Benutzer: privat Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 419769 Abgelaufene Zeit: 59 Min., 23 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 12 PUP.Optional.SofTonic, HKU\S-1-5-21-583576071-2610798785-2159693280-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}, In Quarantäne, [0769f7684653fc3a55c49901f111b749], PUP.Optional.SofTonic, HKLM\SOFTWARE\CLASSES\Softonic.dskBnd, In Quarantäne, [0769f7684653fc3a55c49901f111b749], PUP.Optional.SofTonic, HKLM\SOFTWARE\CLASSES\Softonic.dskBnd.1, In Quarantäne, [0769f7684653fc3a55c49901f111b749], PUP.Optional.SofTonic, HKU\S-1-5-21-583576071-2610798785-2159693280-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}, In Quarantäne, [0769f7684653fc3a55c49901f111b749], PUP.Optional.SofTonic, HKU\S-1-5-21-583576071-2610798785-2159693280-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{E87806B5-E908-45FD-AF5E-957D83E58E68}, In Quarantäne, [f37dff603d5cb48295af108a0200ce32], PUP.Optional.SofTonic, HKLM\SOFTWARE\CLASSES\Softonic.SoftonicHlpr, In Quarantäne, [f37dff603d5cb48295af108a0200ce32], PUP.Optional.SofTonic, HKLM\SOFTWARE\CLASSES\Softonic.SoftonicHlpr.1, In Quarantäne, [f37dff603d5cb48295af108a0200ce32], PUP.Optional.SofTonic, HKU\S-1-5-21-583576071-2610798785-2159693280-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{E87806B5-E908-45FD-AF5E-957D83E58E68}, In Quarantäne, [f37dff603d5cb48295af108a0200ce32], PUP.Optional.SofTonic, HKLM\SOFTWARE\CLASSES\srv.SoftonicSrvc, In Quarantäne, [ed83e6792970e254c9dd42ba8f749c64], PUP.Optional.SofTonic, HKLM\SOFTWARE\CLASSES\srv.SoftonicSrvc.1, In Quarantäne, [2f41c39c297051e53175c23a05febf41], PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\SYSTWEAK\ssd, In Quarantäne, [d997b4abc9d084b20e312dd88083e41c], PUP.Optional.SystemSpeedup, HKU\S-1-5-21-583576071-2610798785-2159693280-1003\SOFTWARE\SYSTWEAK\ssd, In Quarantäne, [1d53d68921781620ea54c83d887b48b8], Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 6 PUP.Optional.InstallCore, C:\Users\privat\Downloads\cnet2_IDAutomation_PostnetFontAdvantageDEMO_zip.exe, In Quarantäne, [4c24adb2b0e98da9a73962f4e31e05fb], PUP.Optional.DownloadGuide, C:\Users\privat\Downloads\exiftoolgui515_CB-DL-Manager.exe, In Quarantäne, [b9b785da9207b08644b2ba7cf70ad927], PUP.Optional.SofTonic, C:\Users\privat\Downloads\SoftonicDownloader_fuer_snapseed.exe, In Quarantäne, [6e02a6b99900181e4ebe40f52fd22ed2], PUP.Optional.SofTonic, C:\Users\privat\Downloads\SoftonicDownloader_fuer_windows-live-movie-maker.exe, In Quarantäne, [3a364e11aaef3303db88ec4f3cc5bd43], PUP.Optional.VIT, C:\Users\privat\Downloads\installer_dungeon_keeper_2_free_Deutsch.exe, In Quarantäne, [a5cbdc83f9a0a98d09d2e9bad22e49b7], PUP.Optional.ChipDigital, C:\Users\privat\Downloads\CopyTrans Contacts - CHIP-Installer.exe, In Quarantäne, [cfa1e07fa4f560d62fc4339727dd649c], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=0803a88a5f3b9e438604041c6f6dbd01
# end=init
# utc_time=2016-02-11 08:33:48
# local_time=2016-02-11 09:33:48 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 28087
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=0803a88a5f3b9e438604041c6f6dbd01
# end=updated
# utc_time=2016-02-11 08:36:31
# local_time=2016-02-11 09:36:31 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=0803a88a5f3b9e438604041c6f6dbd01
# engine=28087
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-02-12 08:22:07
# local_time=2016-02-12 09:22:07 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 22862517 96575043 0 0
# scanned=385691
# found=16
# cleaned=0
# scan_time=42335
sh=42D1387CA070A110C07E056948621CDC4045DF2E ft=0 fh=0000000000000000 vn="Win32/Toolbar.Montiera.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\softonic.crx.vir"
sh=CF9209557CC4828F1A8536F5AF66358A81393A75 ft=1 fh=b354853738a44732 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\SoftonicApp.dll.vir"
sh=277966AAC8DD994109B77162DB82849EF1FC8D62 ft=1 fh=f7e7b232febc88cd vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\SoftonicEng.dll.vir"
sh=431CA401E93A36C4FB726D12B16B4CC058A2C770 ft=1 fh=7cd1c9f2502352b3 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\Softonicsrv.exe.vir"
sh=09AD2A1BCD218E1EA91FC53F55CB6A61770E1144 ft=1 fh=0234086e10d7e544 vn="Variante von Win32/Toolbar.Montiera.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\SoftonicTlbr.dll.vir"
sh=54002848ADA82AC181EAC551104FA02E8CBE4585 ft=1 fh=bfddd9982b578fa9 vn="Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\uninstall.exe.vir"
sh=54CBEECF2F4AB81622D6708E8A849E3663853F4D ft=1 fh=a481e6d08e557a48 vn="Variante von Win32/Toolbar.Escort.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\bh\Softonic.dll.vir"
sh=E214737549AC8E5F5AEA4C9EBB68843D7B78A639 ft=1 fh=c71c00115e31d3cb vn="Win32/Toolbar.Montiera.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\privat\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\CrmAdpt.dll.vir"
sh=C5DB8386C3A901DD6D4FB8B66685B889FA1099F9 ft=0 fh=0000000000000000 vn="JS/SecurityDisabler.A.Gen evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\privat\AppData\Roaming\Mozilla\Firefox\Profiles\wwe6u0x0.default-1431504965002\user.js.vir"
sh=6FA2A2D98EF6B2CAA336F01CCCCF025D4F2E7CB9 ft=1 fh=16ae7ef5a70a6d29 vn="Win32/Toolbar.Montiera.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\privat\AppData\Roaming\OpenCandy\C8A1F813BBA549FAB028F8306AB4D056\Setupsft_chr_p1v5.exe.vir"
sh=775AB593B2D9373BB23EB26A9DC966BDD76F64AF ft=1 fh=47df90b3b1ccd1b2 vn="Win32/Wajam.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\privat\AppData\Roaming\RHEng\5F156CEDB6274CAC99622D3144E06374\WWE_1.2.0.53.exe.vir"
sh=64F52D0F082C758DBE89032616A5D6ABA9CCE9AC ft=1 fh=0bd034d550e78579 vn="Win32/Systweak.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\privat\AppData\Roaming\Systweak\ssd\SSDPTstub.exe.vir"
sh=05A2E943969BE29318675E105EE1605CC2B7FE50 ft=1 fh=28e73ed5b32e7ff9 vn="Variante von Win32/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\system32\roboot.exe.vir"
sh=C0F2EFFB4A4C9AD276821D19F391D4C7AB141F5F ft=0 fh=0000000000000000 vn="JS/SecurityDisabler.A.Gen evtl. unerwünschte Anwendung" ac=I fn="C:\Users\privat\AppData\Roaming\Mozilla\Firefox\Profiles\wwe6u0x0.default-1431504965002\prefs.js"
sh=FBDEC771FDB5384B956A28E8BBBAE8897CC9133A ft=0 fh=0000000000000000 vn="JS/SecurityDisabler.A.Gen evtl. unerwünschte Anwendung" ac=I fn="C:\Users\privat\Desktop\Alte Firefox-Daten\kpwvyoo0.default\prefs.js"
sh=C280836CCFD246C8DF1AB401A7134589B69E4BD8 ft=0 fh=0000000000000000 vn="JS/SecurityDisabler.A.Gen evtl. unerwünschte Anwendung" ac=I fn="C:\Users\privat\Desktop\Alte Firefox-Daten\kpwvyoo0.default\user.js"
Code:
ATTFilter Results of screen317's Security Check version 1.009
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
CCleaner
Java 8 Update 73
Java version 32-bit out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Adobe Flash Player 20.0.0.267
Mozilla Firefox (43.0.4)
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
Internet Manager OnlineUpdate ouc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
|
|
| Themen zu Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt |
| bonjour, converter, cpu, defender, desktop, dnsapi.dll, entfernen, flash player, homepage, iexplore.exe, installation, mozilla, netzwerk, object, programm, prozesse, registry, scan, security, services.exe, software, svchost.exe, system, vista, windows, wlan |
Linear-Darstellung
