Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Win7 PC: Verdacht auf Viren

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 04.08.2015, 09:02   #1
netzstrolch
 
Win7 PC: Verdacht auf Viren - Standard

Win7 PC: Verdacht auf Viren



Hallo zusammen,

mein PC macht in letzter Zeit komische Sachen:

- im Browser erscheinen fast permanent Werbeeinblendungen
- oft dreht sich der CPU-Lüfter extrem hoch, der PC wird sehr warm und langsam
- manche Links führen auf falsche Seiten

Mein (aktueller) Kaspersky AntiVirus 2015 hat nichts besonderes gefunden.

Ich habe dann mal Malwarebytes drüberlaufen lassen, der fand einige PUPs.

Ich möchte Euch bitten, dass Ihr Euch mal die Logs anschaut und freue mich auf Euer Feedback.

Zitat:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015 01
durchgeführt von *** (Administrator) auf ***-LAPTOP (04-08-2015 09:41:02)
Gestartet von C:\Users\***\Desktop\Check
Geladene Profile: UpdatusUser & *** (Verfügbare Profile: UpdatusUser & ***)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(DATA BECKER GmbH & Co KG) C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
(Dritek System Inc.) C:\Program Files (x86)\Hotkey OSD Driver\hkosdsvis.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Hotkey OSD Driver\NButilps.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avpui.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Sentelic Corporation) C:\Program Files\FSP\FspUip.exe
(VIA Technologies, Inc.) C:\VIA_XHCI\usb3Monitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Dropbox, Inc.) C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(AVM Berlin) C:\Users\***\AppData\Local\Apps\2.0\KPGV4TR2.86B\YD6P7TLW.DXP\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Dritek System Inc.) C:\Program Files (x86)\Hotkey OSD Driver\HotKeyOSD.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_18_0_0_209_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11780712 2011-03-18] (Realtek Semiconductor)
HKLM\...\Run: [fspuip] => C:\Program Files\FSP\fspuip.exe [4058112 2010-12-27] (Sentelic Corporation)
HKLM\...\Run: [VIAxHCUtl] => C:\VIA_XHCI\usb3Monitor.exe [331776 2011-07-12] (VIA Technologies, Inc.)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184112 2012-06-01] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [HotKeyOSD] => C:\Program Files (x86)\Hotkey OSD Driver\HotKeyOSD.exe [345680 2011-02-17] (Dritek System Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1417037402-2155524456-1377376909-1002\...\Run: [AVMUSBFernanschluss] => C:\Users\***\AppData\Local\Apps\2.0\KPGV4TR2.86B\YD6P7TLW.DXP\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe [139264 2014-02-13] (AVM Berlin)
HKU\S-1-5-21-1417037402-2155524456-1377376909-1002\...\Run: [Dropbox Update] => C:\Users\***\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-12] (Dropbox, Inc.)
HKU\S-1-5-21-1417037402-2155524456-1377376909-1002\...\RunOnce: [Application Restart #1] => C:\Users\***\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side- (Der Dateneintrag hat 486 mehr Zeichen).
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-10-27] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-10-27] (NVIDIA Corporation)
Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-06-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2013-02-07]
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKU\S-1-5-21-1417037402-2155524456-1377376909-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1417037402-2155524456-1377376909-1002 -> {44356F6D-F790-4CED-97B7-C8BA0C48D600} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1417037402-2155524456-1377376909-1002 -> {77154BAE-941B-4850-B7ED-1F8685EB0AB1} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=7B52A895-1780-4B1C-960A-894EB8E64564&apn_sauid=110C82EA-FAF0-401F-A55E-B2272C64FAA0
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\x64\IEExt\ie_plugin.dll [2015-01-07] (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll Keine Datei
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-21] (Google Inc.)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\x64\IEExt\ie_plugin.dll [2015-01-07] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\x64\IEExt\ie_plugin.dll [2015-01-07] (Kaspersky Lab ZAO)
BHO: No Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> Keine Datei
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\IEExt\ie_plugin.dll [2015-01-07] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-28] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\OnlineBanking\online_banking_bho.dll Keine Datei
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-21] (Google Inc.)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\IEExt\ie_plugin.dll [2015-01-07] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-28] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\IEExt\ie_plugin.dll [2015-01-07] (Kaspersky Lab ZAO)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-21] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-21] (Google Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.189.1
Tcpip\..\Interfaces\{5D6192CE-5612-4B22-8671-CB3A73ACCA57}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{C9A84B3C-17D2-4EEB-8312-9B1B358B0227}: [DhcpNameServer] 192.168.189.1

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-28] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\content_blocker@kaspersky.com [2015-01-07] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-01-07] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @protectdisc.com/NPPDLicenseHelper -> C:\Program Files (x86)\ProtectDisc\License Helper\NPPDLicenseHelper.dll [2008-02-22] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\content_blocker@kaspersky.com [2015-01-07]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-01-07]

Chrome:
=======
CHR Profile: C:\Users\***\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Kaspersky Protection) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-05-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-25]
CHR Extension: (Google Wallet) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-13]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
R2 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [187456 2009-01-08] (DATA BECKER GmbH & Co KG) [Datei ist nicht signiert]
R2 hkosdservice; C:\Program Files (x86)\Hotkey OSD Driver\hkosdsvis.exe [240208 2011-02-17] (Dritek System Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2013-02-07] (AVM Berlin)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [111104 2012-05-21] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [849408 2012-06-09] (Motorola Solutions, Inc.)
S3 btmlehid; C:\Windows\system32\drivers\btmlehid.sys [66560 2012-06-21] (Motorola Solutions, Inc.)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
R3 fspad_win764; C:\Windows\system32\drivers\fspad_win764.sys [32256 2010-12-28] (Sentelic Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [150536 2015-01-07] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [246456 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [819896 2015-03-10] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55872 2014-06-05] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77512 2015-01-07] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-04] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 MHIKEY10; C:\Windows\System32\Drivers\MHIKEY10x64.sys [60288 2010-09-15] (Generic USB smartcard reader)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [Datei ist nicht signiert]
R3 VUSB3HUB; C:\Windows\system32\drivers\ViaHub3.sys [177152 2011-05-28] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\system32\drivers\xhcdrv.sys [226816 2011-05-28] (VIA Technologies, Inc.)
U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-04 09:40 - 2015-08-04 09:41 - 00000000 ____D C:\FRST
2015-08-04 09:38 - 2015-08-04 09:38 - 00000472 _____ C:\Users\***\Desktop\defogger_disable.log
2015-08-04 09:38 - 2015-08-04 09:38 - 00000000 _____ C:\Users\***\defogger_reenable
2015-08-01 09:19 - 2015-08-04 09:27 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-01 09:19 - 2015-08-01 09:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-08-01 09:19 - 2015-08-01 09:19 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-01 09:19 - 2015-08-01 09:19 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-08-01 09:19 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-08-01 09:19 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-08-01 09:19 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-08-01 09:18 - 2015-08-04 09:41 - 00000000 ____D C:\Users\***\Desktop\Check
2015-07-31 09:39 - 2015-07-31 09:40 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-28 17:09 - 2015-07-28 17:11 - 00000000 ___RD C:\Users\***\Documents\Kirchengemeinde-Burbach
2015-07-28 16:40 - 2015-07-28 16:40 - 00000000 ____D C:\Users\***\Kreiskirchenamt-Jugendreferat
2015-07-28 12:10 - 2015-07-25 20:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-28 12:10 - 2015-07-25 20:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-28 12:10 - 2015-07-25 20:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-28 12:10 - 2015-07-25 20:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-28 12:10 - 2015-07-25 20:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-28 12:10 - 2015-07-25 20:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-28 12:10 - 2015-07-25 20:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-28 12:10 - 2015-07-25 19:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-25 12:36 - 2015-07-25 12:36 - 00009369 _____ C:\Users\***\Desktop\Predigt Lichtblick 1 - Verknüpfung.lnk
2015-07-25 12:12 - 2015-07-25 12:12 - 00004918 _____ C:\Users\***\Desktop\Männerchor Burbach Jubiläum August 2015 - Verknüpfung.lnk
2015-07-22 12:20 - 2015-07-22 12:20 - 00004846 _____ C:\Users\***\Desktop\Matthäus 13 - Verknüpfung.lnk
2015-07-21 11:22 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 11:22 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 11:22 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 11:22 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 11:22 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 11:22 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 11:22 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 11:22 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 11:22 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 11:22 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-19 23:41 - 2015-07-19 23:41 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-07-19 23:41 - 2015-07-19 23:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-19 23:40 - 2015-07-19 23:41 - 00000000 ____D C:\Program Files\iTunes
2015-07-19 23:40 - 2015-07-19 23:40 - 00000000 ____D C:\Program Files\iPod
2015-07-19 23:40 - 2015-07-19 23:40 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-07-17 13:00 - 2015-06-11 19:57 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-07-17 13:00 - 2015-06-11 19:57 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-07-17 13:00 - 2015-06-11 19:57 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-07-17 13:00 - 2015-06-11 19:56 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-07-17 13:00 - 2015-06-11 19:56 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-07-17 13:00 - 2015-06-11 19:56 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-07-17 13:00 - 2015-06-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-07-17 13:00 - 2014-12-11 19:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-07-16 17:20 - 2015-07-16 17:20 - 00000000 ____D C:\Windows\SysWOW64\NV
2015-07-16 17:20 - 2015-07-16 17:20 - 00000000 ____D C:\Windows\system32\NV
2015-07-16 17:10 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-07-16 17:09 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-07-16 17:09 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-07-16 17:09 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-07-16 17:09 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2015-07-16 17:09 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2015-07-16 17:09 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2015-07-16 17:09 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2015-07-16 17:09 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-07-16 17:09 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-07-16 16:59 - 2015-03-14 05:21 - 01632768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-07-16 16:59 - 2015-03-14 05:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-07-16 16:59 - 2015-03-14 05:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-07-16 16:59 - 2015-03-14 05:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-07-16 16:58 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-15 13:13 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 13:13 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 13:13 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 13:13 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 13:13 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 13:13 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 13:13 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 13:13 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 13:13 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 13:13 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 13:13 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 13:13 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 13:13 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 13:13 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 13:13 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 13:13 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 13:13 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 13:13 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 13:13 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 13:13 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 13:13 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 13:13 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 13:13 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 13:13 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 13:13 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 13:13 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 13:13 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 13:13 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 13:13 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 13:13 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 13:13 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 13:13 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 13:13 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 13:13 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 13:13 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 13:13 - 2015-06-09 20:03 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-15 13:13 - 2015-06-09 20:03 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 13:13 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 13:13 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 13:10 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 13:10 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 13:10 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 13:10 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 13:10 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 13:10 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 13:10 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 13:10 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 13:10 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 13:10 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 13:10 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 13:10 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 13:10 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 13:10 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 13:10 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 13:10 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 13:10 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 13:10 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 13:10 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 13:10 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 13:10 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 13:10 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 13:10 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 13:10 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 13:10 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 13:10 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 13:10 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 13:10 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 13:10 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 13:10 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 13:10 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 13:10 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 13:10 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 13:10 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 13:10 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 13:10 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 13:10 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 13:10 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 13:10 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 13:10 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 13:10 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 13:10 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 13:10 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 13:10 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 13:07 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 13:07 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 13:07 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 13:07 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 13:06 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 13:06 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 13:06 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 13:06 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 13:06 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 13:06 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 13:06 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 13:06 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 13:06 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 13:06 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 13:06 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 13:06 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 13:06 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 13:06 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 13:06 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 13:06 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 13:06 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 13:06 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 13:06 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 13:06 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 13:06 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 13:06 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 13:06 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 13:06 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 13:06 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 13:06 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 13:06 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 13:06 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 13:06 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 13:06 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 13:06 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 13:06 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 13:06 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 13:06 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 13:06 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 13:06 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 13:06 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 13:06 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 13:06 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 13:06 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 13:06 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 13:06 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 13:06 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 13:06 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 13:06 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 13:06 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 13:06 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 13:06 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 13:06 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 13:06 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-15 13:06 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 13:06 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 13:06 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 13:06 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-15 13:06 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-15 13:06 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-14 19:44 - 2015-07-14 19:44 - 00299088 _____ C:\Windows\Minidump\071415-23602-01.dmp
2015-07-06 09:35 - 2015-07-06 09:36 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-07-06 09:35 - 2015-07-06 09:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-04 09:41 - 2013-01-18 14:56 - 01763980 _____ C:\Windows\WindowsUpdate.log
2015-08-04 09:38 - 2013-01-30 16:03 - 00000000 ____D C:\Users\***
2015-08-04 09:38 - 2009-07-14 06:45 - 00027568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-04 09:38 - 2009-07-14 06:45 - 00027568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-04 09:35 - 2011-02-23 14:59 - 00701560 _____ C:\Windows\system32\perfh007.dat
2015-08-04 09:35 - 2011-02-23 14:59 - 00150428 _____ C:\Windows\system32\perfc007.dat
2015-08-04 09:35 - 2009-07-14 07:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-04 09:30 - 2013-06-13 12:45 - 00000000 ___RD C:\Users\***\Dropbox
2015-08-04 09:30 - 2013-06-13 12:35 - 00000000 ____D C:\Users\***\AppData\Roaming\Dropbox
2015-08-04 09:30 - 2013-02-08 02:14 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-04 09:28 - 2015-01-07 13:55 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-08-04 09:27 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-04 09:27 - 2009-07-14 06:51 - 00146493 _____ C:\Windows\setupact.log
2015-08-04 09:26 - 2010-11-21 05:47 - 00173210 _____ C:\Windows\PFRO.log
2015-08-01 20:35 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\security
2015-08-01 20:32 - 2015-06-12 23:04 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1417037402-2155524456-1377376909-1002UA.job
2015-08-01 20:32 - 2013-02-08 02:14 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-01 10:03 - 2013-02-08 02:15 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-30 13:03 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-28 23:37 - 2014-05-06 22:43 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-28 23:15 - 2015-06-12 23:04 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1417037402-2155524456-1377376909-1002Core.job
2015-07-28 17:10 - 2013-02-07 15:17 - 00000000 ____D C:\Users\***\Documents\Ordner ***
2015-07-28 08:32 - 2013-02-07 14:12 - 00000000 ____D C:\Users\***\AppData\Local\Deployment
2015-07-25 11:57 - 2015-04-06 23:52 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-22 06:52 - 2009-07-14 06:45 - 00471616 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-20 13:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-19 23:40 - 2013-02-07 15:30 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-07-19 23:10 - 2015-06-12 23:04 - 00004194 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1417037402-2155524456-1377376909-1002UA
2015-07-19 23:10 - 2015-06-12 23:04 - 00003798 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1417037402-2155524456-1377376909-1002Core
2015-07-17 16:36 - 2013-01-15 12:49 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-17 16:33 - 2014-12-26 00:48 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-16 17:20 - 2013-01-15 12:43 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-16 17:19 - 2009-07-14 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-16 17:18 - 2015-04-06 23:52 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-16 17:17 - 2013-01-15 12:38 - 01598636 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-07-16 17:12 - 2013-01-15 12:42 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-07-16 13:32 - 2014-12-11 01:16 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-16 13:32 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-16 11:18 - 2013-02-07 14:02 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-16 11:11 - 2013-08-15 22:38 - 00000000 ____D C:\Windows\system32\MRT
2015-07-16 11:10 - 2013-02-08 02:14 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 11:10 - 2013-02-08 02:14 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-16 11:10 - 2013-02-08 02:14 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-14 19:44 - 2015-05-07 18:02 - 545949322 _____ C:\Windows\MEMORY.DMP
2015-07-14 19:44 - 2015-05-07 18:02 - 00000000 ____D C:\Windows\Minidump
2015-07-14 19:30 - 2013-02-08 02:14 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-14 19:30 - 2013-02-08 02:14 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-14 19:30 - 2013-02-08 02:14 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-06 09:45 - 2015-04-20 09:41 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-05-29 13:38 - 2015-05-29 13:38 - 0007601 _____ () C:\Users\***\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
C:\Users\***\AppData\Local\Temp\4dly3wc9.dll
C:\Users\***\AppData\Local\Temp\APNStub.exe
C:\Users\***\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprrssfu.dll
C:\Users\***\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\***\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\***\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\***\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\***\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\***\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\***\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\***\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\***\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\***\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\***\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\***\AppData\Local\Temp\MSETUP4.EXE
C:\Users\***\AppData\Local\Temp\oct6337.tmp.exe
C:\Users\***\AppData\Local\Temp\ose00000.exe
C:\Users\***\AppData\Local\Temp\qfpzbu07.dll


==================== Bamital & volsnap Check =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-07-24 15:44

==================== Ende von log ============================
Zitat:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:02-08-2015 01
durchgeführt von *** (2015-08-04 09:42:46)
Gestartet von C:\Users\***\Desktop\Check
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1417037402-2155524456-1377376909-500 - Administrator - Disabled)
Gast (S-1-5-21-1417037402-2155524456-1377376909-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1417037402-2155524456-1377376909-1003 - Limited - Enabled)
*** (S-1-5-21-1417037402-2155524456-1377376909-1002 - Administrator - Enabled) => C:\Users\***
UpdatusUser (S-1-5-21-1417037402-2155524456-1377376909-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Anti-Virus (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.39 - Atheros Communications Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG6400 series Benutzerregistrierung (HKLM-x32\...\Canon MG6400 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MG6400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6400_series) (Version: 1.01 - Canon Inc.)
Canon MG6400 series On-screen Manual (HKLM-x32\...\Canon MG6400 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
ClipGrab 3.4.8 (HKLM-x32\...\{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1) (Version: - Philipp Schmieder Medien)
CloudScout Parental Control version 1.3 (HKLM-x32\...\{E1527582-8509-4011-B922-29E3FB548882}_is1) (Version: 1.3 - www.CloudGuard.me) <==== ACHTUNG
Content Manager (HKLM-x32\...\Content Manager) (Version: 3.18.4.510611 - NNG Llc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DATA BECKER Visitenkarten-Druckerei 12 (HKLM-x32\...\Visitenkarten-Druckerei 12_is1) (Version: 12.10.3.17 - DATA BECKER GmbH & Co. KG)
Dropbox (HKU\S-1-5-21-1417037402-2155524456-1377376909-1002\...\Dropbox) (Version: 3.8.5 - Dropbox, Inc.)
EZ Software Updater version 1.2.0.4 (HKLM-x32\...\EZ Software Updater_is1) (Version: 1.2.0.4 - )
Finger Sensing Pad Driver (HKLM\...\{E86906FF-C63D-4EAF-ACE7-5F8D55FBEA9A}) (Version: 8.8.1.5 - Sentelic)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FRITZ!Box USB-Fernanschluss (HKU\S-1-5-21-1417037402-2155524456-1377376909-1002\...\2db37667170956ee) (Version: 2.3.2.0 - AVM Berlin)
Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.125 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6710.2136 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Hotkey OSD Driver (HKLM-x32\...\HotKeyOSD) (Version: 1.0.13 - Dritek System Inc.)
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{A10B1524-63B5-40F2-B272-D841CF671C16}) (Version: 2.2.0.0266 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1417037402-2155524456-1377376909-1002\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Platform (x32 Version: 1.38 - VIA Technologies, Inc.) Hidden
Protect Disc License Helper 1.0.118 (HKLM-x32\...\Protect Disc License Helper) (Version: 1.0.118 - Protect Disc)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.13 - ProtectDisc Software GmbH)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6316 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30122 - Realtek Semiconductor Corp.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.38 - VIA Technologies, Inc.)
WER WIRD MILLIONÄR SPORT EDITION (HKLM-x32\...\{AE1128AF-0202-49AA-BCF9-39AC4279F9B9}) (Version: 1.0.0.0000 - Eidos)
WER WIRD MILLIONÄR VIERTE EDITION (HKLM-x32\...\{9781A96F-71AC-4738-984B-5AB597DFE678}) (Version: 1.0.0.0000 - Eidos)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-Treiberpaket - Intel (NETwLv64) net (10/07/2010 13.4.0.139) (HKLM\...\EA1C8ECD4E416637C38F0079F98C8C7B0A112265) (Version: 10/07/2010 13.4.0.139 - Intel)
Windows-Treiberpaket - Intel (NETwNs64) net (01/22/2012 14.3.2.1) (HKLM\...\CD88F0FADE1395C9F91302912FD35B13CF75C196) (Version: 01/22/2012 14.3.2.1 - Intel)
Windows-Treiberpaket - Intel (NETwNs64) net (09/30/2012 15.3.1.2) (HKLM\...\C4A0B98BB9B3537BFB45B8BA6177991FD0CADD3A) (Version: 09/30/2012 15.3.1.2 - Intel)
Windows-Treiberpaket - Intel net (01/22/2012 14.3.2.1) (HKLM\...\4795C4A805590BF1276BCED3EB2478E5BF545E83) (Version: 01/22/2012 14.3.2.1 - Intel)
Windows-Treiberpaket - Intel net (09/30/2012 15.3.1.2) (HKLM\...\751A99B9D25B1127E0849AAA30110607FE2C6C32) (Version: 09/30/2012 15.3.1.2 - Intel)
Windows-Treiberpaket - Intel net (10/07/2010 13.4.0.139) (HKLM\...\695CFD288064D5B9D072C610E63BDD3D3E4DE666) (Version: 10/07/2010 13.4.0.139 - Intel)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1417037402-2155524456-1377376909-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1417037402-2155524456-1377376909-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\***\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1417037402-2155524456-1377376909-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\***\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1417037402-2155524456-1377376909-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\***\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1417037402-2155524456-1377376909-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1417037402-2155524456-1377376909-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\***\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1417037402-2155524456-1377376909-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\***\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1417037402-2155524456-1377376909-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1417037402-2155524456-1377376909-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1417037402-2155524456-1377376909-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1417037402-2155524456-1377376909-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1417037402-2155524456-1377376909-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1417037402-2155524456-1377376909-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1417037402-2155524456-1377376909-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1417037402-2155524456-1377376909-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1417037402-2155524456-1377376909-1002_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

17-07-2015 23:32:11 Windows Update
21-07-2015 11:18:18 Windows Update
21-07-2015 23:23:09 Windows Update
27-07-2015 16:13:59 WER WIRD MILLIONÄR DRITTE EDITION wird entfernt
28-07-2015 12:10:54 Windows Update
28-07-2015 23:35:41 Windows Update
01-08-2015 09:17:52 Windows Update
04-08-2015 09:34:39 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {1D07FC00-1FCD-4C93-939D-FCB460CB6B07} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {1F69425E-A749-48F2-B7F8-0BB9740DF936} - System32\Tasks\{80619C1C-B6F5-44BD-99C3-52126F166E86} => C:\Program Files (x86)\iTunes\iTunes.exe
Task: {5A55D5D0-02E4-4B6E-8155-BD5D9F4F0815} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1417037402-2155524456-1377376909-1002Core => C:\Users\***\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-12] (Dropbox, Inc.)
Task: {5D696A01-E46F-45C6-8952-B4E00578FD1B} - System32\Tasks\{DF9B118B-097C-47FB-8FA9-2F3FBEC75CC7} => C:\Program Files (x86)\iTunes\iTunes.exe
Task: {754D99DC-DCBE-4DFF-83E5-D35E1BF192B9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {90389D7D-FE8E-4AB1-ADED-F9C06EF4E1E6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14] (Adobe Systems Incorporated)
Task: {97B0A6AE-A8E1-416F-8D68-DAC3C088FEDB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {A52A3898-72C7-4152-9CB7-CD188D2768AF} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1417037402-2155524456-1377376909-1002UA => C:\Users\***\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-12] (Dropbox, Inc.)
Task: {FDD9AE89-397C-4D8B-B579-15D48AC054F0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1417037402-2155524456-1377376909-1002Core.job => C:\Users\***\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1417037402-2155524456-1377376909-1002UA.job => C:\Users\***\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-01-30 17:28 - 2013-10-23 10:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-01-08 13:33 - 2010-12-27 12:57 - 00044032 _____ () C:\Program Files\FSP\KbdHook.dll
2013-01-08 13:33 - 2010-12-27 12:57 - 00071168 _____ () C:\Program Files\FSP\FspLib.dll
2013-01-08 13:32 - 2015-06-01 21:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-08-30 18:12 - 2014-08-30 18:12 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\kpcengine.2.3.dll
2015-08-04 09:29 - 2015-08-04 09:29 - 00071168 _____ () c:\users\***\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprrssfu.dll
2015-03-04 23:45 - 2015-07-17 02:31 - 00012800 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 23:45 - 2015-07-17 02:31 - 00779776 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-31 09:39 - 2015-07-17 02:31 - 00056320 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 23:45 - 2015-07-17 02:31 - 00012288 _____ () C:\Users\***\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2014-10-16 11:02 - 2014-10-16 11:02 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ba8588c3319d63350220ec2ac3eb2c36\IsdiInterop.ni.dll
2013-01-15 12:41 - 2010-09-13 19:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer trusted/restricted ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1417037402-2155524456-1377376909-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\***\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.189.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{4ED15F43-BCE5-4D02-B0FC-1D74EEB2CDFC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{C37D0F64-8234-4262-BF2A-084D26689820}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{8A3EE509-5C49-4543-A22D-4D13DDC94166}] => (Allow) C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [{81A7DA3D-1831-4D63-8D79-538E994CFF16}] => (Allow) C:\Users\***\AppData\Local\Apps\2.0\KPGV4TR2.86B\YD6P7TLW.DXP\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe
FirewallRules: [{33BC6F29-B619-4BFD-8F4C-76F07D99690B}] => (Allow) C:\Users\***\AppData\Local\Apps\2.0\KPGV4TR2.86B\YD6P7TLW.DXP\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe
FirewallRules: [{32F29C96-F9E4-4F0F-A368-A2617F5FDE65}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4240A067-165F-42A4-8FF0-D3DD11734908}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{54BCC00B-43B3-4FC2-B35D-72BC48730962}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{280CB63D-8040-4C01-B1BD-59D704B47E17}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{A1D7DF6C-96AC-4DA5-91C1-74C8942995BB}C:\users\***\appdata\local\apps\2.0\kpgv4tr2.86b\yd6p7tlw.dxp\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe] => (Allow) C:\users\***\appdata\local\apps\2.0\kpgv4tr2.86b\yd6p7tlw.dxp\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe
FirewallRules: [UDP Query User{BEC1614F-1137-4DE5-B6CD-1562E7273A15}C:\users\***\appdata\local\apps\2.0\kpgv4tr2.86b\yd6p7tlw.dxp\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe] => (Allow) C:\users\***\appdata\local\apps\2.0\kpgv4tr2.86b\yd6p7tlw.dxp\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe
FirewallRules: [{237C6D73-6BAD-4C8B-BDE3-BC1B13B9CC43}] => (Allow) C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{9F919DA4-8535-46A4-8923-BA7C4339D19D}] => (Allow) C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{66C7604F-5DB0-4559-B443-EB6DE8863C35}C:\users\***\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\***\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{4E682023-7952-4D6F-9F04-B4939C928CB1}C:\users\***\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\***\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{7F0B1DBD-8DF7-48B1-958A-B3E5C26B3554}] => (Allow) C:\Users\***\AppData\Local\Apps\2.0\KPGV4TR2.86B\YD6P7TLW.DXP\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
FirewallRules: [{FA8E1D8B-AC90-428B-8357-49C64373785F}] => (Allow) C:\Users\***\AppData\Local\Apps\2.0\KPGV4TR2.86B\YD6P7TLW.DXP\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
FirewallRules: [TCP Query User{26D1A07F-7A2F-4EAE-8296-D1A6348462C4}C:\users\***\appdata\local\apps\2.0\kpgv4tr2.86b\yd6p7tlw.dxp\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe] => (Allow) C:\users\***\appdata\local\apps\2.0\kpgv4tr2.86b\yd6p7tlw.dxp\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
FirewallRules: [UDP Query User{9AFA0A68-9B76-4C47-BCB1-5A91FF7A5011}C:\users\***\appdata\local\apps\2.0\kpgv4tr2.86b\yd6p7tlw.dxp\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe] => (Allow) C:\users\***\appdata\local\apps\2.0\kpgv4tr2.86b\yd6p7tlw.dxp\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
FirewallRules: [{E50B789E-F8DC-40FD-8CB4-6D5F9953FEB4}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C7594893-02BF-4A90-9F8D-14B0839B4014}] => (Allow) LPort=2869
FirewallRules: [{EFF70848-8A12-444D-A67E-36011691A7E5}] => (Allow) LPort=1900
FirewallRules: [{DB03D726-77AE-46E2-B992-6A7A031FEE9D}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{F3609BC2-F7ED-442C-B64E-C3F655BC3ADA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{86BEB873-938C-44E6-905C-1F6E1E130C5B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{BE8C2D24-DE06-4777-A80B-D10DF07C0948}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{CBF64EC9-42E4-4032-B318-7E0489599347}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{576C167A-C4E8-46BA-9D92-56062B093E00}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/04/2015 09:28:44 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/01/2015 08:37:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/01/2015 09:06:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/31/2015 11:09:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4310822

Error: (07/31/2015 11:09:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4310822

Error: (07/31/2015 11:09:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/31/2015 09:26:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/31/2015 06:58:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/31/2015 09:36:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/30/2015 05:51:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


Systemfehler:
=============
Error: (08/04/2015 09:34:57 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (08/04/2015 09:34:57 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (08/04/2015 09:28:40 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (08/01/2015 08:37:06 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (08/01/2015 09:16:43 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (08/01/2015 09:16:43 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (08/01/2015 09:06:00 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (07/31/2015 06:59:03 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (07/31/2015 09:36:43 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (07/30/2015 05:52:12 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)


Microsoft Office:
=========================
Error: (06/30/2014 01:04:29 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 20304 seconds with 1320 seconds of active time. This session ended with a crash.

Error: (11/19/2013 12:21:10 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 37210 seconds with 1320 seconds of active time. This session ended with a crash.

Error: (10/23/2013 07:28:22 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 696 seconds with 0 seconds of active time. This session ended with a crash.

Error: (10/23/2013 07:16:06 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 37 seconds with 0 seconds of active time. This session ended with a crash.


CodeIntegrity:
===================================
Date: 2015-02-12 19:18:56.421
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2015-02-12 19:18:56.390
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2015-02-12 19:16:49.515
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2015-02-12 19:16:49.437
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-12-11 17:17:56.682
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-12-11 17:17:56.667
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-12-11 17:15:58.169
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-12-11 17:15:58.091
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-11-13 10:23:29.176
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-11-13 10:23:29.176
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen ===========================

Processor: Intel(R) Core(TM) i3-2370M CPU @ 2.40GHz
Percentage of memory in use: 74%
Total physical RAM: 4043.84 MB
Available physical RAM: 1031.2 MB
Total Virtual: 8085.89 MB
Available Virtual: 4423.24 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.76 GB) (Free:313.52 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 8C372C6F)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== Ende von log ============================
GMER funktionierte leider nicht. (Meldung von Windows: ... funktioniert nicht mehr)

Ich hoffe, dass ich nichts wichtiges vergessen habe. Vielen Dank für Euer Feedback!

Netzstrolch

Alt 04.08.2015, 09:53   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Win7 PC: Verdacht auf Viren - Standard

Win7 PC: Verdacht auf Viren



Hi,

alle Software in der Addition.txt, hinter der ein ===>ACHTUNG steht, deinstallieren.


So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.




Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________

Alt 04.08.2015, 15:23   #3
netzstrolch
 
Win7 PC: Verdacht auf Viren - Standard

Win7 PC: Verdacht auf Viren



Hallo Schrauber,

Zitat:
alle Software in der Addition.txt, hinter der ein ===>ACHTUNG steht, deinstallieren.
es war nur ein Programm, als ich das deinstallieren wollte, kam die Meldung, es wäre schon deinstalliert.

es ist sehr seltsam. Beide Programme haben nichts gefunden, aber der PC reagiert auf diesen Seiten besonders zäh.

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.08.04.02
  rootkit: v2015.08.03.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17914
*** :: ***-LAPTOP [administrator]

04.08.2015 11:17:28
mbar-log-2015-08-04 (11-17-28).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 411180
Time elapsed: 35 minute(s), 9 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Code:
ATTFilter
16:06:22.0720 0x1b6c  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
16:06:43.0621 0x1b6c  ============================================================
16:06:43.0621 0x1b6c  Current date / time: 2015/08/04 16:06:43.0621
16:06:43.0621 0x1b6c  SystemInfo:
16:06:43.0621 0x1b6c  
16:06:43.0621 0x1b6c  OS Version: 6.1.7601 ServicePack: 1.0
16:06:43.0621 0x1b6c  Product type: Workstation
16:06:43.0621 0x1b6c  ComputerName: ***-LAPTOP
16:06:43.0621 0x1b6c  UserName: ***
16:06:43.0621 0x1b6c  Windows directory: C:\Windows
16:06:43.0621 0x1b6c  System windows directory: C:\Windows
16:06:43.0621 0x1b6c  Running under WOW64
16:06:43.0621 0x1b6c  Processor architecture: Intel x64
16:06:43.0621 0x1b6c  Number of processors: 4
16:06:43.0621 0x1b6c  Page size: 0x1000
16:06:43.0621 0x1b6c  Boot type: Normal boot
16:06:43.0621 0x1b6c  ============================================================
16:06:44.0024 0x1b6c  KLMD registered as C:\Windows\system32\drivers\55034102.sys
16:06:45.0209 0x1b6c  System UUID: {867C1F75-467F-8937-144E-C91C8B0850DA}
16:06:46.0021 0x1b6c  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:06:46.0029 0x1b6c  ============================================================
16:06:46.0029 0x1b6c  \Device\Harddisk0\DR0:
16:06:46.0029 0x1b6c  MBR partitions:
16:06:46.0029 0x1b6c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
16:06:46.0029 0x1b6c  ============================================================
16:06:46.0049 0x1b6c  C: <-> \Device\Harddisk0\DR0\Partition1
16:06:46.0049 0x1b6c  ============================================================
16:06:46.0049 0x1b6c  Initialize success
16:06:46.0049 0x1b6c  ============================================================
16:06:48.0236 0x0360  ============================================================
16:06:48.0236 0x0360  Scan started
16:06:48.0236 0x0360  Mode: Manual; 
16:06:48.0236 0x0360  ============================================================
16:06:48.0236 0x0360  KSN ping started
16:06:51.0052 0x0360  KSN ping finished: true
16:06:55.0924 0x0360  ================ Scan system memory ========================
16:06:55.0924 0x0360  System memory - ok
16:06:55.0924 0x0360  ================ Scan services =============================
16:06:56.0674 0x0360  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:06:56.0674 0x0360  1394ohci - ok
16:06:56.0794 0x0360  [ 894EA27AAADBB8792AB67A767BD5DF62, F3D75F000DA2C9759748B3577A4DD548F6C46FB7FD5C6853B9CC4CAC86930A57 ] acedrv11        C:\Windows\system32\drivers\acedrv11.sys
16:06:56.0804 0x0360  acedrv11 - ok
16:06:56.0904 0x0360  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:06:56.0944 0x0360  ACPI - ok
16:06:57.0014 0x0360  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:06:57.0024 0x0360  AcpiPmi - ok
16:06:57.0444 0x0360  [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:06:57.0444 0x0360  AdobeARMservice - ok
16:06:57.0775 0x0360  [ 9B3355B29942AF67F014EA90CE1EA960, FBB155F72984045BCD99CC2059B9EDAABD3A52104C3864A290D8A355991F94D3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:06:57.0775 0x0360  AdobeFlashPlayerUpdateSvc - ok
16:06:57.0855 0x0360  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
16:06:57.0875 0x0360  adp94xx - ok
16:06:57.0975 0x0360  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
16:06:57.0995 0x0360  adpahci - ok
16:06:58.0025 0x0360  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
16:06:58.0025 0x0360  adpu320 - ok
16:06:58.0105 0x0360  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:06:58.0115 0x0360  AeLookupSvc - ok
16:06:58.0355 0x0360  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
16:06:58.0435 0x0360  AFD - ok
16:06:58.0515 0x0360  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
16:06:58.0515 0x0360  agp440 - ok
16:06:58.0565 0x0360  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
16:06:58.0565 0x0360  ALG - ok
16:06:58.0665 0x0360  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:06:58.0665 0x0360  aliide - ok
16:06:58.0695 0x0360  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
16:06:58.0725 0x0360  amdide - ok
16:06:58.0765 0x0360  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
16:06:58.0765 0x0360  AmdK8 - ok
16:06:58.0785 0x0360  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
16:06:58.0785 0x0360  AmdPPM - ok
16:06:58.0825 0x0360  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:06:58.0835 0x0360  amdsata - ok
16:06:58.0895 0x0360  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
16:06:58.0905 0x0360  amdsbs - ok
16:06:58.0975 0x0360  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:06:58.0985 0x0360  amdxata - ok
16:06:59.0055 0x0360  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
16:06:59.0075 0x0360  AppID - ok
16:06:59.0125 0x0360  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:06:59.0155 0x0360  AppIDSvc - ok
16:06:59.0235 0x0360  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\Windows\System32\appinfo.dll
16:06:59.0235 0x0360  Appinfo - ok
16:06:59.0465 0x0360  [ 6EB87FDB59AABF6D19C927492DEA0D36, 36168F8CC75D16917A30FA1FACF57659BC2ADF870D20DEE93F851D5348E605BB ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:06:59.0465 0x0360  Apple Mobile Device Service - ok
16:06:59.0555 0x0360  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
16:06:59.0565 0x0360  AppMgmt - ok
16:06:59.0625 0x0360  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
16:06:59.0625 0x0360  arc - ok
16:06:59.0645 0x0360  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
16:06:59.0655 0x0360  arcsas - ok
16:06:59.0825 0x0360  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:06:59.0945 0x0360  aspnet_state - ok
16:07:00.0025 0x0360  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:07:00.0025 0x0360  AsyncMac - ok
16:07:00.0105 0x0360  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
16:07:00.0125 0x0360  atapi - ok
16:07:00.0365 0x0360  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:07:00.0375 0x0360  AudioEndpointBuilder - ok
16:07:00.0465 0x0360  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:07:00.0485 0x0360  AudioSrv - ok
16:07:00.0555 0x0360  [ 6A300AD0E23A155B2C3A7FAB0D4AABD1, AD283CC530482C0C155727C3234BFA4773C8C80B4C9912448196F83407C3CFD4 ] avmaura         C:\Windows\system32\DRIVERS\avmaura.sys
16:07:00.0555 0x0360  avmaura - ok
16:07:00.0835 0x0360  [ AB1AF0BA03DCB6A879BC22F472EACEEA, A75B73D0B1FE885F6DC2C7A0B755A6E12F9DC54CE702A1FFC3F283196793627A ] AVP15.0.1       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avp.exe
16:07:00.0875 0x0360  AVP15.0.1 - ok
16:07:00.0925 0x0360  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:07:00.0935 0x0360  AxInstSV - ok
16:07:00.0975 0x0360  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
16:07:00.0985 0x0360  b06bdrv - ok
16:07:01.0035 0x0360  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:07:01.0045 0x0360  b57nd60a - ok
16:07:01.0085 0x0360  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:07:01.0085 0x0360  BDESVC - ok
16:07:01.0105 0x0360  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:07:01.0105 0x0360  Beep - ok
16:07:01.0255 0x0360  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
16:07:01.0275 0x0360  BFE - ok
16:07:01.0335 0x0360  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
16:07:01.0355 0x0360  BITS - ok
16:07:01.0415 0x0360  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
16:07:01.0415 0x0360  blbdrive - ok
16:07:01.0625 0x0360  [ F9786A8C30798EB9FA64D226B08E6BF4, A2D7DF7A27B6B29C637CC87A327E6F6A8EFAF41E6D5FD1EA78B67431E0185C22 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
16:07:01.0655 0x0360  Bluetooth Device Monitor - ok
16:07:01.0815 0x0360  [ 05043E2CD76CCEA2F71F56C2A16C4D85, A2CC2B75D93520B9914F9B771A31E90363FE9AE50824AD5412F5576D5B7BBB32 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
16:07:01.0855 0x0360  Bluetooth Media Service - ok
16:07:01.0935 0x0360  [ 120E270AE4C75459051AA1D56ECBDE49, 917D44384BDA1212884450688EA94712B45D125E5A83AB851456EAD14AECD276 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
16:07:01.0965 0x0360  Bluetooth OBEX Service - ok
16:07:02.0045 0x0360  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:07:02.0055 0x0360  Bonjour Service - ok
16:07:02.0095 0x0360  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:07:02.0105 0x0360  bowser - ok
16:07:02.0165 0x0360  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
16:07:02.0165 0x0360  BrFiltLo - ok
16:07:02.0205 0x0360  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
16:07:02.0205 0x0360  BrFiltUp - ok
16:07:02.0285 0x0360  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
16:07:02.0285 0x0360  Browser - ok
16:07:02.0325 0x0360  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:07:02.0375 0x0360  Brserid - ok
16:07:02.0405 0x0360  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:07:02.0415 0x0360  BrSerWdm - ok
16:07:02.0465 0x0360  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:07:02.0475 0x0360  BrUsbMdm - ok
16:07:02.0545 0x0360  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:07:02.0545 0x0360  BrUsbSer - ok
16:07:02.0585 0x0360  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
16:07:02.0585 0x0360  BthEnum - ok
16:07:02.0665 0x0360  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
16:07:02.0665 0x0360  BTHMODEM - ok
16:07:02.0725 0x0360  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
16:07:02.0745 0x0360  BthPan - ok
16:07:02.0825 0x0360  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
16:07:02.0875 0x0360  BTHPORT - ok
16:07:02.0935 0x0360  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
16:07:02.0945 0x0360  bthserv - ok
16:07:03.0005 0x0360  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
16:07:03.0015 0x0360  BTHUSB - ok
16:07:03.0035 0x0360  [ CDDF1038B9046C6162F29C07A2E552FB, 90E163CFBDE8367C061588F0960C0951CA231D1A39724FCC3132689F6839AE76 ] btmaux          C:\Windows\system32\DRIVERS\btmaux.sys
16:07:03.0045 0x0360  btmaux - ok
16:07:03.0105 0x0360  [ 34E3037D0316CEF153968D17D42CE097, 27CE4AC71E704E8DD11D61328D5A912280512D5E4C75ACE24CA7CB69EB85227D ] btmhsf          C:\Windows\system32\DRIVERS\btmhsf.sys
16:07:03.0155 0x0360  btmhsf - ok
16:07:03.0175 0x0360  [ 986E86DF93E6FCA5D4C14E2709294630, B55EE4CAFF7594322AA993683F759E2B8BD26346426283B85243A2558508E733 ] btmlehid        C:\Windows\system32\drivers\btmlehid.sys
16:07:03.0175 0x0360  btmlehid - ok
16:07:03.0235 0x0360  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:07:03.0245 0x0360  cdfs - ok
16:07:03.0315 0x0360  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:07:03.0355 0x0360  cdrom - ok
16:07:03.0425 0x0360  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
16:07:03.0425 0x0360  CertPropSvc - ok
16:07:03.0455 0x0360  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
16:07:03.0455 0x0360  circlass - ok
16:07:03.0565 0x0360  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
16:07:03.0595 0x0360  CLFS - ok
16:07:03.0675 0x0360  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:07:03.0685 0x0360  clr_optimization_v2.0.50727_32 - ok
16:07:03.0766 0x0360  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:07:03.0816 0x0360  clr_optimization_v2.0.50727_64 - ok
16:07:03.0916 0x0360  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:07:04.0086 0x0360  clr_optimization_v4.0.30319_32 - ok
16:07:04.0116 0x0360  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:07:04.0146 0x0360  clr_optimization_v4.0.30319_64 - ok
16:07:04.0176 0x0360  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
16:07:04.0176 0x0360  CmBatt - ok
16:07:04.0196 0x0360  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:07:04.0196 0x0360  cmdide - ok
16:07:04.0256 0x0360  [ AFA1BFF926592FD0C3AB97D838652EF9, C38BC4BBD4EDF779993B2FECF96C1FD55B085F3FBEB3E1AE3C892DFD369D611D ] cm_km_w         C:\Windows\system32\DRIVERS\cm_km_w.sys
16:07:04.0276 0x0360  cm_km_w - ok
16:07:04.0346 0x0360  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
16:07:04.0386 0x0360  CNG - ok
16:07:04.0436 0x0360  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
16:07:04.0436 0x0360  Compbatt - ok
16:07:04.0476 0x0360  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
16:07:04.0476 0x0360  CompositeBus - ok
16:07:04.0496 0x0360  COMSysApp - ok
16:07:04.0626 0x0360  [ B18D590BC5220FDB4A747BC16D78ABC7, D46F8B43BAC22E55DE9AFC19CF371B1C4E8D3707163598B2F9884BB31D730C09 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
16:07:04.0636 0x0360  cphs - ok
16:07:04.0656 0x0360  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
16:07:04.0686 0x0360  crcdisk - ok
16:07:04.0786 0x0360  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:07:04.0786 0x0360  CryptSvc - ok
16:07:04.0856 0x0360  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
16:07:04.0886 0x0360  CSC - ok
16:07:05.0066 0x0360  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
16:07:05.0076 0x0360  CscService - ok
16:07:05.0276 0x0360  [ 48297BF3339BC56DD7D7524D7A1740AA, A0D750FE7745C7D2A53CB61A6FF33B867675053B56F8DB1F52B01A74FB755190 ] DBService       C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
16:07:05.0276 0x0360  DBService - ok
16:07:05.0406 0x0360  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:07:05.0456 0x0360  DcomLaunch - ok
16:07:05.0526 0x0360  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
16:07:05.0556 0x0360  defragsvc - ok
16:07:05.0596 0x0360  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:07:05.0606 0x0360  DfsC - ok
16:07:05.0666 0x0360  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:07:05.0676 0x0360  Dhcp - ok
16:07:05.0856 0x0360  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack       C:\Windows\system32\diagtrack.dll
16:07:05.0916 0x0360  DiagTrack - ok
16:07:05.0946 0x0360  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
16:07:05.0956 0x0360  discache - ok
16:07:06.0006 0x0360  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
16:07:06.0016 0x0360  Disk - ok
16:07:06.0056 0x0360  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
16:07:06.0056 0x0360  dmvsc - ok
16:07:06.0146 0x0360  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:07:06.0146 0x0360  Dnscache - ok
16:07:06.0236 0x0360  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:07:06.0256 0x0360  dot3svc - ok
16:07:06.0296 0x0360  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
16:07:06.0296 0x0360  DPS - ok
16:07:06.0346 0x0360  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:07:06.0346 0x0360  drmkaud - ok
16:07:06.0476 0x0360  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:07:06.0526 0x0360  DXGKrnl - ok
16:07:06.0566 0x0360  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
16:07:06.0566 0x0360  EapHost - ok
16:07:06.0776 0x0360  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
16:07:06.0926 0x0360  ebdrv - ok
16:07:06.0996 0x0360  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] EFS             C:\Windows\System32\lsass.exe
16:07:07.0006 0x0360  EFS - ok
16:07:07.0136 0x0360  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:07:07.0166 0x0360  ehRecvr - ok
16:07:07.0196 0x0360  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
16:07:07.0196 0x0360  ehSched - ok
16:07:07.0286 0x0360  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
16:07:07.0336 0x0360  elxstor - ok
16:07:07.0356 0x0360  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:07:07.0356 0x0360  ErrDev - ok
16:07:07.0396 0x0360  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
16:07:07.0406 0x0360  EventSystem - ok
16:07:07.0446 0x0360  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
16:07:07.0446 0x0360  exfat - ok
16:07:07.0466 0x0360  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:07:07.0476 0x0360  fastfat - ok
16:07:07.0526 0x0360  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
16:07:07.0546 0x0360  Fax - ok
16:07:07.0606 0x0360  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
16:07:07.0606 0x0360  fdc - ok
16:07:07.0646 0x0360  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
16:07:07.0646 0x0360  fdPHost - ok
16:07:07.0656 0x0360  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:07:07.0666 0x0360  FDResPub - ok
16:07:07.0716 0x0360  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:07:07.0716 0x0360  FileInfo - ok
16:07:07.0766 0x0360  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:07:07.0766 0x0360  Filetrace - ok
16:07:07.0796 0x0360  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
16:07:07.0806 0x0360  flpydisk - ok
16:07:07.0836 0x0360  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:07:07.0856 0x0360  FltMgr - ok
16:07:07.0946 0x0360  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\Windows\system32\FntCache.dll
16:07:07.0966 0x0360  FontCache - ok
16:07:08.0066 0x0360  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:07:08.0076 0x0360  FontCache3.0.0.0 - ok
16:07:08.0096 0x0360  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:07:08.0116 0x0360  FsDepends - ok
16:07:08.0146 0x0360  [ 54F08D0719EF59B81F20FC62ABD1C4F5, A577D23444CF9AD536830D46FD33402E03B9787FDE6D6A720019395329576D2B ] fspad_win764    C:\Windows\system32\drivers\fspad_win764.sys
16:07:08.0156 0x0360  fspad_win764 - ok
16:07:08.0186 0x0360  [ 54F08D0719EF59B81F20FC62ABD1C4F5, A577D23444CF9AD536830D46FD33402E03B9787FDE6D6A720019395329576D2B ] fspad_xp64      C:\Windows\system32\drivers\fspad_xp64.sys
16:07:08.0186 0x0360  fspad_xp64 - ok
16:07:08.0216 0x0360  [ B16B626996C74B564005BA855C5DEE90, B432C669EB610C262B18F3F8308EEE1B910DE7F7BC2A8EB5483419DC52A07AE1 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
16:07:08.0226 0x0360  fssfltr - ok
16:07:08.0366 0x0360  [ 7B4C82899A967A7EB22DAB502770AE8E, 209FB59669070FCAAACB24B0CE81C375362BF1C519B15FDB5AA3EC2C87E2069B ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
16:07:08.0446 0x0360  fsssvc - ok
16:07:08.0496 0x0360  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:07:08.0496 0x0360  Fs_Rec - ok
16:07:08.0546 0x0360  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:07:08.0566 0x0360  fvevol - ok
16:07:08.0626 0x0360  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
16:07:08.0626 0x0360  gagp30kx - ok
16:07:08.0716 0x0360  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:07:08.0716 0x0360  GEARAspiWDM - ok
16:07:08.0806 0x0360  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
16:07:08.0826 0x0360  gpsvc - ok
16:07:08.0986 0x0360  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:07:08.0986 0x0360  gupdate - ok
16:07:09.0026 0x0360  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:07:09.0036 0x0360  gupdatem - ok
16:07:09.0106 0x0360  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:07:09.0146 0x0360  gusvc - ok
16:07:09.0266 0x0360  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:07:09.0266 0x0360  hcw85cir - ok
16:07:09.0306 0x0360  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:07:09.0316 0x0360  HdAudAddService - ok
16:07:09.0376 0x0360  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
16:07:09.0376 0x0360  HDAudBus - ok
16:07:09.0386 0x0360  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
16:07:09.0396 0x0360  HidBatt - ok
16:07:09.0416 0x0360  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
16:07:09.0416 0x0360  HidBth - ok
16:07:09.0436 0x0360  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
16:07:09.0446 0x0360  HidIr - ok
16:07:09.0456 0x0360  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
16:07:09.0466 0x0360  hidserv - ok
16:07:09.0496 0x0360  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:07:09.0496 0x0360  HidUsb - ok
16:07:09.0526 0x0360  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:07:09.0526 0x0360  hkmsvc - ok
16:07:09.0566 0x0360  [ CAA1E2D9AC40610D614CEFFD77A278B8, 2A7BD87248A52290577E56463B8BBE8573F282204F5DA0861521228E40872CFD ] hkosdservice    C:\Program Files (x86)\Hotkey OSD Driver\hkosdsvis.exe
16:07:09.0576 0x0360  hkosdservice - ok
16:07:09.0626 0x0360  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:07:09.0636 0x0360  HomeGroupListener - ok
16:07:09.0726 0x0360  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:07:09.0736 0x0360  HomeGroupProvider - ok
16:07:09.0787 0x0360  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:07:09.0797 0x0360  HpSAMD - ok
16:07:09.0897 0x0360  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:07:09.0917 0x0360  HTTP - ok
16:07:09.0937 0x0360  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:07:09.0937 0x0360  hwpolicy - ok
16:07:09.0997 0x0360  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
16:07:10.0007 0x0360  i8042prt - ok
16:07:10.0057 0x0360  [ F7CE9BE72EDAC499B713ECA6DAE5D26F, AF158C8ADF0815C406435AB051C8D8DD0ECBDBA8644CB75D7611980D70662193 ] iaStor          C:\Windows\system32\drivers\iaStor.sys
16:07:10.0067 0x0360  iaStor - ok
16:07:10.0137 0x0360  [ B25F192EA1F84A316EB7C19EFCCCF33D, 00BACE87CCA40722FF3AD7243439201CDCC23D0BA01E25F928BF63DA12816F8F ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
16:07:10.0137 0x0360  IAStorDataMgrSvc - ok
16:07:10.0187 0x0360  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:07:10.0197 0x0360  iaStorV - ok
16:07:10.0237 0x0360  [ 4DB19292560B697698C50CC1A765E6B1, B859AA58EBCC491C3646EF3FD0AC723AC2C2162E80C0C052412326EA830BC655 ] ibtfltcoex      C:\Windows\system32\DRIVERS\iBtFltCoex.sys
16:07:10.0257 0x0360  ibtfltcoex - ok
16:07:10.0507 0x0360  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:07:10.0597 0x0360  idsvc - ok
16:07:10.0637 0x0360  IEEtwCollectorService - ok
16:07:11.0167 0x0360  [ 79AE3CC82CA1563A4B392207997ACE7C, A1E4A1DA95CA2FA197EF5975657822F0F813F6C33DA38E1FA5A840194034D071 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
16:07:11.0377 0x0360  igfx - ok
16:07:11.0417 0x0360  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
16:07:11.0427 0x0360  iirsp - ok
16:07:11.0517 0x0360  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
16:07:11.0567 0x0360  IKEEXT - ok
16:07:11.0757 0x0360  [ 9297BC7FB61F58670EE176DD18F4DD92, 92B165ACDBF2AC602BBA63FD62D62ABE2E39FA398709C41601D314D36B552D74 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:07:11.0877 0x0360  IntcAzAudAddService - ok
16:07:11.0957 0x0360  [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
16:07:11.0977 0x0360  IntcDAud - ok
16:07:12.0017 0x0360  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
16:07:12.0017 0x0360  intelide - ok
16:07:12.0067 0x0360  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
16:07:12.0077 0x0360  intelppm - ok
16:07:12.0117 0x0360  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:07:12.0117 0x0360  IPBusEnum - ok
16:07:12.0167 0x0360  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:07:12.0167 0x0360  IpFilterDriver - ok
16:07:12.0207 0x0360  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:07:12.0227 0x0360  iphlpsvc - ok
16:07:12.0247 0x0360  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:07:12.0277 0x0360  IPMIDRV - ok
16:07:12.0297 0x0360  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:07:12.0297 0x0360  IPNAT - ok
16:07:12.0447 0x0360  [ 2208D673C5D4B22EB0235EA1EC6269CC, 3E73032D67B3B740E11CEA0748CDFFBE35619CBF1AC1C3D86EF089CA326D7918 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
16:07:12.0467 0x0360  iPod Service - ok
16:07:12.0527 0x0360  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:07:12.0527 0x0360  IRENUM - ok
16:07:12.0557 0x0360  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:07:12.0557 0x0360  isapnp - ok
16:07:12.0617 0x0360  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:07:12.0627 0x0360  iScsiPrt - ok
16:07:12.0707 0x0360  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:07:12.0707 0x0360  kbdclass - ok
16:07:12.0747 0x0360  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
16:07:12.0747 0x0360  kbdhid - ok
16:07:12.0767 0x0360  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] KeyIso          C:\Windows\system32\lsass.exe
16:07:12.0767 0x0360  KeyIso - ok
16:07:12.0848 0x0360  [ D93E72DCC2A99E67931BB79485563146, 7EF496A82E69A53465ED7D45E890275E44C979AD5E9C5E482E0DBE5DC9AD9AD3 ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
16:07:12.0868 0x0360  kl1 - ok
16:07:12.0918 0x0360  [ CEF0410B784E8CEB0175103CDE52E7FA, 729A45D76D1886E5ECDF23F96925CEBB90A31EFA5A798D69D9C5A684380B6E36 ] kldisk          C:\Windows\system32\DRIVERS\kldisk.sys
16:07:12.0918 0x0360  kldisk - ok
16:07:12.0998 0x0360  [ 09F851161CB4B3D92CDE85B3845DCECC, C86EE26F13DB904CD0CB92BEE282188D5E56ECE071F4D6E53F9AAB6D911C5DE0 ] klflt           C:\Windows\system32\DRIVERS\klflt.sys
16:07:12.0998 0x0360  klflt - ok
16:07:13.0078 0x0360  [ 7A64190934B66C17F41D3921353BAEDD, D212A6ECB1CBCC665336DF982B5061A72CD88CB5BF6B2EB14B11B8BE756A670E ] klhk            C:\Windows\system32\DRIVERS\klhk.sys
16:07:13.0088 0x0360  klhk - ok
16:07:13.0288 0x0360  [ B8B20727DD8B9753614E089682473563, CA39E9A517CC8B1E04860E0AFB03B0CD7FBDE66143B6CA26FB9DC0EBF80F8F48 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
16:07:13.0338 0x0360  KLIF - ok
16:07:13.0398 0x0360  [ FEAD1F401CBE9383A642877A6EA1398F, 0529A96D406DAB1C0715692441BDBC1C05123EB62005B806A8EFF5B0B6DCD5DB ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
16:07:13.0398 0x0360  KLIM6 - ok
16:07:13.0468 0x0360  [ 3FAE739F2AFEA18BCBB9C5E7DC6E889D, 5990C074BCB8E2172AE0A2AC0A31E6636B3C3EF0A5BB1F593E62D22D53FC5BF0 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
16:07:13.0478 0x0360  klkbdflt - ok
16:07:13.0508 0x0360  klkbdflt2 - ok
16:07:13.0558 0x0360  [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
16:07:13.0578 0x0360  klmouflt - ok
16:07:13.0598 0x0360  [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd            C:\Windows\system32\DRIVERS\klpd.sys
16:07:13.0608 0x0360  klpd - ok
16:07:13.0688 0x0360  [ 43957361D346A4263873932D572613F2, 719E61CADF6FB49C24370899329BDE198E55DEB175F5701382EE16311D8576D9 ] kltdi           C:\Windows\system32\DRIVERS\kltdi.sys
16:07:13.0698 0x0360  kltdi - ok
16:07:13.0708 0x0360  [ 926BA68DA79545EB6D99BB009B781E5E, EB1DB801044EB4228D38D85A8B6853EFE887B7D4E1EA1F0B8F75DD4886C96467 ] Klwtp           C:\Windows\system32\DRIVERS\klwtp.sys
16:07:13.0718 0x0360  Klwtp - ok
16:07:13.0758 0x0360  [ D4CEEAC11C65F49D0F42E74440E829BF, 7E289BB5E400326BADDD61CBB99CB268A3E99103CF16968E1D9141C205EE309C ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
16:07:13.0758 0x0360  kneps - ok
16:07:13.0798 0x0360  [ C0A6C3D6E02B61B5D100FE17306C276F, F57C7BCC39B30F1DF739D07B76BA18EB68D12D8D1BD13B6AC8DC712C29119495 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:07:13.0808 0x0360  KSecDD - ok
16:07:13.0818 0x0360  [ 7A7328E427694CC7244235C3BC299F80, 7FC2E1F3F93B3334C3A8961CA58B4F38524650F6D8DA9FFA1FB43E1A2B86B710 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:07:13.0818 0x0360  KSecPkg - ok
16:07:13.0858 0x0360  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:07:13.0858 0x0360  ksthunk - ok
16:07:13.0888 0x0360  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:07:13.0908 0x0360  KtmRm - ok
16:07:13.0958 0x0360  [ 6DD5383C9413AAE3113FAF89E345663D, 205760D46BF2B7011B7F32E85206C996D6D018D572BC61ED44671E5810144DCA ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
16:07:13.0958 0x0360  L1C - ok
16:07:13.0998 0x0360  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:07:14.0008 0x0360  LanmanServer - ok
16:07:14.0048 0x0360  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:07:14.0048 0x0360  LanmanWorkstation - ok
16:07:14.0108 0x0360  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:07:14.0108 0x0360  lltdio - ok
16:07:14.0148 0x0360  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:07:14.0188 0x0360  lltdsvc - ok
16:07:14.0198 0x0360  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:07:14.0208 0x0360  lmhosts - ok
16:07:14.0258 0x0360  [ A63B719F4F8657F3FCD84436D09378C8, 770B979204D8A34463880D53BD51CB93B9CC2B37A04B56D2098E879A4922D721 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:07:14.0268 0x0360  LMS - ok
16:07:14.0318 0x0360  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
16:07:14.0318 0x0360  LSI_FC - ok
16:07:14.0328 0x0360  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
16:07:14.0338 0x0360  LSI_SAS - ok
16:07:14.0368 0x0360  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
16:07:14.0368 0x0360  LSI_SAS2 - ok
16:07:14.0408 0x0360  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
16:07:14.0408 0x0360  LSI_SCSI - ok
16:07:14.0468 0x0360  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
16:07:14.0468 0x0360  luafv - ok
16:07:14.0518 0x0360  [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
16:07:14.0518 0x0360  MBAMProtector - ok
16:07:14.0748 0x0360  [ 301E3FDFCF33640BB8763BA444BC5093, 362B069BB9A313A06B376CE27E6F7F8D569F6CA39A8ABC96D9DF231EE462C604 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
16:07:14.0828 0x0360  MBAMScheduler - ok
16:07:14.0988 0x0360  [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
16:07:15.0038 0x0360  MBAMService - ok
16:07:15.0138 0x0360  [ 8F22037D3F5A6BB676525D825A1388B9, 2AAC748D46136DFA1BE45150BF0AB7707D45391CAC1F63B964D341D11B135C91 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
16:07:15.0148 0x0360  MBAMSwissArmy - ok
16:07:15.0188 0x0360  [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
16:07:15.0218 0x0360  MBAMWebAccessControl - ok
16:07:15.0248 0x0360  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:07:15.0258 0x0360  Mcx2Svc - ok
16:07:15.0308 0x0360  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
16:07:15.0308 0x0360  megasas - ok
16:07:15.0368 0x0360  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
16:07:15.0378 0x0360  MegaSR - ok
16:07:15.0428 0x0360  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\drivers\HECIx64.sys
16:07:15.0428 0x0360  MEIx64 - ok
16:07:15.0478 0x0360  [ BA7E071E855D4C502916164A31B05D4D, 11B250AA98EAAB4A15A8796CABAFCFC20B8E049513BF66FFAA0F6C2BEED958A5 ] MHIKEY10        C:\Windows\system32\Drivers\MHIKEY10x64.sys
16:07:15.0488 0x0360  MHIKEY10 - ok
16:07:15.0528 0x0360  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
16:07:15.0528 0x0360  MMCSS - ok
16:07:15.0598 0x0360  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
16:07:15.0608 0x0360  Modem - ok
16:07:15.0648 0x0360  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:07:15.0648 0x0360  monitor - ok
16:07:15.0678 0x0360  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:07:15.0688 0x0360  mouclass - ok
16:07:15.0718 0x0360  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:07:15.0718 0x0360  mouhid - ok
16:07:15.0768 0x0360  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:07:15.0768 0x0360  mountmgr - ok
16:07:15.0798 0x0360  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:07:15.0798 0x0360  mpio - ok
16:07:15.0848 0x0360  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:07:15.0848 0x0360  mpsdrv - ok
16:07:15.0908 0x0360  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:07:15.0948 0x0360  MpsSvc - ok
16:07:16.0008 0x0360  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:07:16.0018 0x0360  MRxDAV - ok
16:07:16.0058 0x0360  [ 1877EB1495CFBDAB27D6A32F6DDF3818, 3818055C66AB12A335A905CFFE5D05347F15AE488861C5C183E62E8E0881DA86 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:07:16.0068 0x0360  mrxsmb - ok
16:07:16.0128 0x0360  [ 21AF322605D8C7F2A627C22634D1C9C9, 6B783F95D093FEFB260EA9568926BBB3CB8ED0783184DB3A18733E211933BADD ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:07:16.0138 0x0360  mrxsmb10 - ok
16:07:16.0158 0x0360  [ 45A03A0B6461EFBEE77E0A6AC2816EDA, CFB0C11387F2EC49FD6B69EF747962114EBA6F8B4B4DEC3627E9E969775C4D7E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:07:16.0158 0x0360  mrxsmb20 - ok
16:07:16.0198 0x0360  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:07:16.0208 0x0360  msahci - ok
16:07:16.0228 0x0360  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:07:16.0228 0x0360  msdsm - ok
16:07:16.0258 0x0360  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
16:07:16.0258 0x0360  MSDTC - ok
16:07:16.0298 0x0360  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:07:16.0298 0x0360  Msfs - ok
16:07:16.0318 0x0360  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:07:16.0318 0x0360  mshidkmdf - ok
16:07:16.0348 0x0360  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:07:16.0358 0x0360  msisadrv - ok
16:07:16.0388 0x0360  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:07:16.0398 0x0360  MSiSCSI - ok
16:07:16.0398 0x0360  msiserver - ok
16:07:16.0428 0x0360  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:07:16.0428 0x0360  MSKSSRV - ok
16:07:16.0448 0x0360  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:07:16.0448 0x0360  MSPCLOCK - ok
16:07:16.0448 0x0360  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:07:16.0448 0x0360  MSPQM - ok
16:07:16.0478 0x0360  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:07:16.0488 0x0360  MsRPC - ok
16:07:16.0508 0x0360  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
16:07:16.0528 0x0360  mssmbios - ok
16:07:16.0548 0x0360  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:07:16.0548 0x0360  MSTEE - ok
16:07:16.0578 0x0360  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
16:07:16.0578 0x0360  MTConfig - ok
16:07:16.0588 0x0360  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
16:07:16.0728 0x0360  Mup - ok
16:07:16.0768 0x0360  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
16:07:16.0778 0x0360  napagent - ok
16:07:16.0888 0x0360  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:07:16.0908 0x0360  NativeWifiP - ok
16:07:17.0058 0x0360  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:07:17.0108 0x0360  NDIS - ok
16:07:17.0148 0x0360  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:07:17.0148 0x0360  NdisCap - ok
16:07:17.0178 0x0360  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:07:17.0178 0x0360  NdisTapi - ok
16:07:17.0188 0x0360  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:07:17.0188 0x0360  Ndisuio - ok
16:07:17.0218 0x0360  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:07:17.0228 0x0360  NdisWan - ok
16:07:17.0268 0x0360  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:07:17.0268 0x0360  NDProxy - ok
16:07:17.0298 0x0360  [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl         C:\Windows\system32\DRIVERS\netaapl64.sys
16:07:17.0298 0x0360  Netaapl - ok
16:07:17.0368 0x0360  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:07:17.0388 0x0360  NetBIOS - ok
16:07:17.0418 0x0360  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:07:17.0448 0x0360  NetBT - ok
16:07:17.0488 0x0360  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] Netlogon        C:\Windows\system32\lsass.exe
16:07:17.0488 0x0360  Netlogon - ok
16:07:17.0568 0x0360  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
16:07:17.0578 0x0360  Netman - ok
16:07:17.0718 0x0360  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:07:17.0778 0x0360  NetMsmqActivator - ok
16:07:17.0799 0x0360  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:07:17.0799 0x0360  NetPipeActivator - ok
16:07:17.0919 0x0360  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
16:07:17.0929 0x0360  netprofm - ok
16:07:17.0939 0x0360  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:07:17.0939 0x0360  NetTcpActivator - ok
16:07:17.0949 0x0360  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:07:17.0959 0x0360  NetTcpPortSharing - ok
16:07:19.0049 0x0360  [ 62A8A81674F71B76289E460615A0AC73, 18EC13F46360DB819200F7B77E0F952D43C25FEE91D6CB44C42502F4E3042D74 ] NETwNs64        C:\Windows\system32\DRIVERS\Netwsw00.sys
16:07:19.0449 0x0360  NETwNs64 - ok
16:07:19.0529 0x0360  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
16:07:19.0539 0x0360  nfrd960 - ok
16:07:19.0599 0x0360  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:07:19.0619 0x0360  NlaSvc - ok
16:07:19.0669 0x0360  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:07:19.0669 0x0360  Npfs - ok
16:07:19.0689 0x0360  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
16:07:19.0699 0x0360  nsi - ok
16:07:19.0719 0x0360  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:07:19.0719 0x0360  nsiproxy - ok
16:07:19.0989 0x0360  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:07:20.0059 0x0360  Ntfs - ok
16:07:20.0139 0x0360  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
16:07:20.0139 0x0360  Null - ok
16:07:21.0649 0x0360  [ E71E299FF15390E585BACF2C18F55078, 7A51D989DA55349B1761839DEAFD593B6E6F88C433B132E7B027467E050FBA67 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:07:22.0069 0x0360  nvlddmkm - ok
16:07:22.0179 0x0360  [ FCC3A3F875C8CF258F71BE2F2CAA2355, BD174C47329F0A15D821E51997E4CDAA68FB9BFD72A89A2F2A85A8603625EB18 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
16:07:22.0179 0x0360  nvpciflt - ok
16:07:22.0299 0x0360  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:07:22.0309 0x0360  nvraid - ok
16:07:22.0439 0x0360  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:07:22.0469 0x0360  nvstor - ok
16:07:22.0749 0x0360  [ 415695F5A54E91E869EEBFEA261361A6, 1829C15E07D902686171C8A66EB03040A037CAC1E00E24BF598030D9DA795CEC ] NVSvc           C:\Windows\system32\nvvsvc.exe
16:07:22.0769 0x0360  NVSvc - ok
16:07:22.0909 0x0360  [ AA130938A27BB80A8B6438EF83232275, 7C5A4863CD22413723C9F7658855E34088A2F89DF740531ED7986F67A30935E0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
16:07:22.0929 0x0360  nvUpdatusService - ok
16:07:22.0979 0x0360  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:07:22.0979 0x0360  nv_agp - ok
16:07:23.0149 0x0360  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:07:23.0169 0x0360  odserv - ok
16:07:23.0219 0x0360  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:07:23.0219 0x0360  ohci1394 - ok
16:07:23.0299 0x0360  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:07:23.0319 0x0360  ose - ok
16:07:23.0379 0x0360  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:07:23.0389 0x0360  p2pimsvc - ok
16:07:23.0449 0x0360  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
16:07:23.0469 0x0360  p2psvc - ok
16:07:23.0589 0x0360  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
16:07:23.0599 0x0360  Parport - ok
16:07:23.0639 0x0360  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:07:23.0639 0x0360  partmgr - ok
16:07:23.0699 0x0360  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:07:23.0709 0x0360  PcaSvc - ok
16:07:23.0739 0x0360  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
16:07:23.0759 0x0360  pci - ok
16:07:23.0799 0x0360  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
16:07:23.0809 0x0360  pciide - ok
16:07:23.0849 0x0360  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
16:07:23.0849 0x0360  pcmcia - ok
16:07:23.0879 0x0360  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:07:23.0879 0x0360  pcw - ok
16:07:23.0999 0x0360  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:07:24.0059 0x0360  PEAUTH - ok
16:07:24.0159 0x0360  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
16:07:24.0189 0x0360  PeerDistSvc - ok
16:07:24.0359 0x0360  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:07:24.0359 0x0360  PerfHost - ok
16:07:24.0499 0x0360  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
16:07:24.0569 0x0360  pla - ok
16:07:24.0649 0x0360  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:07:24.0659 0x0360  PlugPlay - ok
16:07:24.0719 0x0360  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:07:24.0719 0x0360  PNRPAutoReg - ok
16:07:24.0749 0x0360  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:07:24.0759 0x0360  PNRPsvc - ok
16:07:24.0819 0x0360  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:07:24.0839 0x0360  PolicyAgent - ok
16:07:24.0879 0x0360  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
16:07:24.0879 0x0360  Power - ok
16:07:24.0949 0x0360  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:07:24.0959 0x0360  PptpMiniport - ok
16:07:25.0029 0x0360  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
16:07:25.0029 0x0360  Processor - ok
16:07:25.0259 0x0360  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:07:25.0279 0x0360  ProfSvc - ok
16:07:25.0299 0x0360  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] ProtectedStorage C:\Windows\system32\lsass.exe
16:07:25.0299 0x0360  ProtectedStorage - ok
16:07:25.0399 0x0360  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:07:25.0409 0x0360  Psched - ok
16:07:25.0609 0x0360  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
16:07:25.0689 0x0360  ql2300 - ok
16:07:25.0769 0x0360  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
16:07:25.0769 0x0360  ql40xx - ok
16:07:25.0810 0x0360  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
16:07:25.0860 0x0360  QWAVE - ok
16:07:25.0900 0x0360  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:07:25.0900 0x0360  QWAVEdrv - ok
16:07:25.0920 0x0360  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:07:25.0920 0x0360  RasAcd - ok
16:07:25.0980 0x0360  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:07:25.0980 0x0360  RasAgileVpn - ok
16:07:26.0020 0x0360  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
16:07:26.0020 0x0360  RasAuto - ok
16:07:26.0060 0x0360  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:07:26.0070 0x0360  Rasl2tp - ok
16:07:26.0100 0x0360  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
16:07:26.0130 0x0360  RasMan - ok
16:07:26.0170 0x0360  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:07:26.0170 0x0360  RasPppoe - ok
16:07:26.0180 0x0360  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:07:26.0190 0x0360  RasSstp - ok
16:07:26.0210 0x0360  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:07:26.0210 0x0360  rdbss - ok
16:07:26.0240 0x0360  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
16:07:26.0250 0x0360  rdpbus - ok
16:07:26.0270 0x0360  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:07:26.0270 0x0360  RDPCDD - ok
16:07:26.0320 0x0360  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
16:07:26.0330 0x0360  RDPDR - ok
16:07:26.0380 0x0360  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:07:26.0380 0x0360  RDPENCDD - ok
16:07:26.0410 0x0360  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:07:26.0410 0x0360  RDPREFMP - ok
16:07:26.0530 0x0360  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:07:26.0530 0x0360  RdpVideoMiniport - ok
16:07:26.0640 0x0360  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:07:26.0650 0x0360  RDPWD - ok
16:07:26.0700 0x0360  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:07:26.0710 0x0360  rdyboost - ok
16:07:26.0750 0x0360  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:07:26.0760 0x0360  RemoteAccess - ok
16:07:26.0810 0x0360  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:07:26.0810 0x0360  RemoteRegistry - ok
16:07:26.0860 0x0360  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
16:07:26.0870 0x0360  RFCOMM - ok
16:07:26.0900 0x0360  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:07:26.0900 0x0360  RpcEptMapper - ok
16:07:26.0920 0x0360  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
16:07:26.0930 0x0360  RpcLocator - ok
16:07:26.0950 0x0360  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
16:07:26.0960 0x0360  RpcSs - ok
16:07:27.0000 0x0360  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:07:27.0000 0x0360  rspndr - ok
16:07:27.0060 0x0360  [ 763AE0C6D9DF4C24B7E2C26036A8188A, 1728D9BDF910324988B3D28459AB0A15C57CBBA79D2DFE377342DF3486BA9D48 ] RSUSBSTOR       C:\Windows\System32\Drivers\RtsUStor.sys
16:07:27.0070 0x0360  RSUSBSTOR - ok
16:07:27.0080 0x0360  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
16:07:27.0080 0x0360  s3cap - ok
16:07:27.0130 0x0360  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] SamSs           C:\Windows\system32\lsass.exe
16:07:27.0130 0x0360  SamSs - ok
16:07:27.0200 0x0360  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:07:27.0200 0x0360  sbp2port - ok
16:07:27.0250 0x0360  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:07:27.0260 0x0360  SCardSvr - ok
16:07:27.0290 0x0360  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:07:27.0290 0x0360  scfilter - ok
16:07:27.0330 0x0360  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
16:07:27.0350 0x0360  Schedule - ok
16:07:27.0400 0x0360  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:07:27.0400 0x0360  SCPolicySvc - ok
16:07:27.0430 0x0360  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:07:27.0440 0x0360  SDRSVC - ok
16:07:27.0490 0x0360  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:07:27.0490 0x0360  secdrv - ok
16:07:27.0510 0x0360  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
16:07:27.0520 0x0360  seclogon - ok
16:07:27.0530 0x0360  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
16:07:27.0540 0x0360  SENS - ok
16:07:27.0550 0x0360  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:07:27.0590 0x0360  SensrSvc - ok
16:07:27.0620 0x0360  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
16:07:27.0620 0x0360  Serenum - ok
16:07:27.0640 0x0360  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
16:07:27.0640 0x0360  Serial - ok
16:07:27.0700 0x0360  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
16:07:27.0700 0x0360  sermouse - ok
16:07:27.0750 0x0360  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
16:07:27.0750 0x0360  SessionEnv - ok
16:07:27.0780 0x0360  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:07:27.0790 0x0360  sffdisk - ok
16:07:27.0840 0x0360  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:07:27.0840 0x0360  sffp_mmc - ok
16:07:27.0860 0x0360  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:07:27.0860 0x0360  sffp_sd - ok
16:07:27.0880 0x0360  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
16:07:27.0880 0x0360  sfloppy - ok
16:07:27.0950 0x0360  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:07:27.0960 0x0360  SharedAccess - ok
16:07:27.0990 0x0360  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:07:28.0010 0x0360  ShellHWDetection - ok
16:07:28.0030 0x0360  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
16:07:28.0030 0x0360  SiSRaid2 - ok
16:07:28.0060 0x0360  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
16:07:28.0070 0x0360  SiSRaid4 - ok
16:07:28.0160 0x0360  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
16:07:28.0170 0x0360  SkypeUpdate - ok
16:07:28.0230 0x0360  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:07:28.0230 0x0360  Smb - ok
16:07:28.0300 0x0360  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:07:28.0310 0x0360  SNMPTRAP - ok
16:07:28.0320 0x0360  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:07:28.0340 0x0360  spldr - ok
16:07:28.0400 0x0360  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
16:07:28.0430 0x0360  Spooler - ok
16:07:28.0600 0x0360  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
16:07:28.0670 0x0360  sppsvc - ok
16:07:28.0700 0x0360  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:07:28.0700 0x0360  sppuinotify - ok
16:07:28.0770 0x0360  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:07:28.0780 0x0360  srv - ok
16:07:28.0820 0x0360  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:07:28.0840 0x0360  srv2 - ok
16:07:28.0870 0x0360  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:07:28.0880 0x0360  srvnet - ok
16:07:28.0940 0x0360  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:07:28.0950 0x0360  SSDPSRV - ok
16:07:28.0970 0x0360  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:07:28.0980 0x0360  SstpSvc - ok
16:07:29.0030 0x0360  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
16:07:29.0030 0x0360  stexstor - ok
16:07:29.0090 0x0360  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
16:07:29.0100 0x0360  stisvc - ok
16:07:29.0190 0x0360  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
16:07:29.0190 0x0360  storflt - ok
16:07:29.0240 0x0360  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
16:07:29.0240 0x0360  StorSvc - ok
16:07:29.0270 0x0360  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
16:07:29.0270 0x0360  storvsc - ok
16:07:29.0290 0x0360  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
16:07:29.0290 0x0360  swenum - ok
16:07:29.0340 0x0360  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
16:07:29.0390 0x0360  swprv - ok
16:07:29.0460 0x0360  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
16:07:29.0500 0x0360  SysMain - ok
16:07:29.0560 0x0360  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:07:29.0560 0x0360  TabletInputService - ok
16:07:29.0610 0x0360  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:07:29.0630 0x0360  TapiSrv - ok
16:07:29.0640 0x0360  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
16:07:29.0640 0x0360  TBS - ok
16:07:29.0790 0x0360  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:07:29.0881 0x0360  Tcpip - ok
16:07:30.0001 0x0360  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:07:30.0041 0x0360  TCPIP6 - ok
16:07:30.0071 0x0360  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:07:30.0071 0x0360  tcpipreg - ok
16:07:30.0151 0x0360  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:07:30.0151 0x0360  TDPIPE - ok
16:07:30.0211 0x0360  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:07:30.0211 0x0360  TDTCP - ok
16:07:30.0281 0x0360  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:07:30.0281 0x0360  tdx - ok
16:07:30.0311 0x0360  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
16:07:30.0311 0x0360  TermDD - ok
16:07:30.0371 0x0360  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
16:07:30.0411 0x0360  TermService - ok
16:07:30.0451 0x0360  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
16:07:30.0451 0x0360  Themes - ok
16:07:30.0491 0x0360  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
16:07:30.0491 0x0360  THREADORDER - ok
16:07:30.0531 0x0360  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
16:07:30.0541 0x0360  TrkWks - ok
16:07:30.0721 0x0360  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:07:30.0731 0x0360  TrustedInstaller - ok
16:07:30.0761 0x0360  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:07:30.0781 0x0360  tssecsrv - ok
16:07:30.0821 0x0360  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:07:30.0821 0x0360  TsUsbFlt - ok
16:07:30.0861 0x0360  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
16:07:30.0861 0x0360  TsUsbGD - ok
16:07:30.0911 0x0360  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:07:30.0921 0x0360  tunnel - ok
16:07:30.0941 0x0360  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
16:07:30.0981 0x0360  uagp35 - ok
16:07:31.0021 0x0360  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:07:31.0031 0x0360  udfs - ok
16:07:31.0081 0x0360  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:07:31.0081 0x0360  UI0Detect - ok
16:07:31.0101 0x0360  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:07:31.0111 0x0360  uliagpkx - ok
16:07:31.0141 0x0360  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:07:31.0141 0x0360  umbus - ok
16:07:31.0171 0x0360  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
16:07:31.0171 0x0360  UmPass - ok
16:07:31.0221 0x0360  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
16:07:31.0231 0x0360  UmRdpService - ok
16:07:31.0431 0x0360  [ E419566C7918A4C8E9497AFBD502FB2A, 3A206F603A46E8B536032942E78D1026A22B64FC84FFD4677A387763354E3321 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:07:31.0491 0x0360  UNS - ok
16:07:31.0531 0x0360  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
16:07:31.0541 0x0360  upnphost - ok
16:07:31.0611 0x0360  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
16:07:31.0621 0x0360  USBAAPL64 - ok
16:07:31.0641 0x0360  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:07:31.0641 0x0360  usbccgp - ok
16:07:31.0711 0x0360  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:07:31.0711 0x0360  usbcir - ok
16:07:31.0741 0x0360  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
16:07:31.0741 0x0360  usbehci - ok
16:07:31.0801 0x0360  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:07:31.0811 0x0360  usbhub - ok
16:07:31.0861 0x0360  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
16:07:31.0861 0x0360  usbohci - ok
16:07:31.0901 0x0360  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
16:07:31.0901 0x0360  usbprint - ok
16:07:31.0941 0x0360  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
16:07:31.0961 0x0360  usbscan - ok
16:07:32.0011 0x0360  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:07:32.0011 0x0360  USBSTOR - ok
16:07:32.0041 0x0360  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
16:07:32.0041 0x0360  usbuhci - ok
16:07:32.0071 0x0360  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
16:07:32.0071 0x0360  usbvideo - ok
16:07:32.0121 0x0360  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
16:07:32.0131 0x0360  UxSms - ok
16:07:32.0171 0x0360  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] VaultSvc        C:\Windows\system32\lsass.exe
16:07:32.0181 0x0360  VaultSvc - ok
16:07:32.0251 0x0360  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:07:32.0261 0x0360  vdrvroot - ok
16:07:32.0341 0x0360  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
16:07:32.0371 0x0360  vds - ok
16:07:32.0511 0x0360  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:07:32.0521 0x0360  vga - ok
16:07:32.0541 0x0360  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:07:32.0541 0x0360  VgaSave - ok
16:07:32.0601 0x0360  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:07:32.0601 0x0360  vhdmp - ok
16:07:32.0711 0x0360  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:07:32.0721 0x0360  viaide - ok
16:07:32.0751 0x0360  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
16:07:32.0751 0x0360  vmbus - ok
16:07:32.0781 0x0360  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
16:07:32.0801 0x0360  VMBusHID - ok
16:07:32.0831 0x0360  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:07:32.0841 0x0360  volmgr - ok
16:07:32.0861 0x0360  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:07:32.0871 0x0360  volmgrx - ok
16:07:32.0961 0x0360  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:07:32.0981 0x0360  volsnap - ok
16:07:33.0031 0x0360  [ ABD9B4A7E2D0AE51A3B8DF1AF3152D61, 1EAA4D8D35008E4D5C4AEA91C3ABD3D5BB5F8DF2D95D35792B3F3BB31EABB7CF ] vpcbus          C:\Windows\system32\drivers\vpchbus.sys
16:07:33.0041 0x0360  vpcbus - ok
16:07:33.0091 0x0360  [ 8ACDA395841538CE9713A67FE8B2A3EB, D74D6AF8059C1CD59A5DDB03095BC46FF7808DA358FB64D71B53940DEE6356D9 ] vpcnfltr        C:\Windows\system32\DRIVERS\vpcnfltr.sys
16:07:33.0121 0x0360  vpcnfltr - ok
16:07:33.0141 0x0360  [ 31924E31BC315773E6D149B157DB46D5, 8E2A8785D2D7327F9DE046E6245F233280395AA42D5BAD1048021109628840C2 ] vpcusb          C:\Windows\system32\DRIVERS\vpcusb.sys
16:07:33.0141 0x0360  vpcusb - ok
16:07:33.0471 0x0360  [ 510D250A08C09850F5C78CA2011B3B62, 99A4FD465B721D6E262A4BB7F9476BBE154195C5666B9BDBC8BD769D51893A5C ] vpcvmm          C:\Windows\system32\drivers\vpcvmm.sys
16:07:33.0491 0x0360  vpcvmm - ok
16:07:33.0561 0x0360  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
16:07:33.0571 0x0360  vsmraid - ok
16:07:33.0691 0x0360  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
16:07:33.0791 0x0360  VSS - ok
16:07:33.0841 0x0360  [ 85EB3594B640D16235D91833B747D827, BED00DBE8E850242029DA4DF4D03CF214228561364BB43F2DF5C783366FDC1A6 ] VUSB3HUB        C:\Windows\system32\drivers\ViaHub3.sys
16:07:33.0871 0x0360  VUSB3HUB - ok
16:07:33.0901 0x0360  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
16:07:33.0901 0x0360  vwifibus - ok
16:07:33.0921 0x0360  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
16:07:33.0961 0x0360  vwififlt - ok
16:07:33.0981 0x0360  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
16:07:33.0981 0x0360  vwifimp - ok
16:07:34.0021 0x0360  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
16:07:34.0031 0x0360  W32Time - ok
16:07:34.0051 0x0360  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
16:07:34.0061 0x0360  WacomPen - ok
16:07:34.0121 0x0360  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:07:34.0131 0x0360  WANARP - ok
16:07:34.0141 0x0360  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:07:34.0141 0x0360  Wanarpv6 - ok
16:07:34.0231 0x0360  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
16:07:34.0291 0x0360  WatAdminSvc - ok
16:07:34.0661 0x0360  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
16:07:34.0781 0x0360  wbengine - ok
16:07:34.0832 0x0360  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:07:34.0832 0x0360  WbioSrvc - ok
16:07:34.0862 0x0360  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:07:34.0872 0x0360  wcncsvc - ok
16:07:34.0882 0x0360  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:07:34.0882 0x0360  WcsPlugInService - ok
16:07:34.0902 0x0360  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
16:07:34.0902 0x0360  Wd - ok
16:07:35.0042 0x0360  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:07:35.0082 0x0360  Wdf01000 - ok
16:07:35.0132 0x0360  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:07:35.0132 0x0360  WdiServiceHost - ok
16:07:35.0152 0x0360  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:07:35.0162 0x0360  WdiSystemHost - ok
16:07:35.0272 0x0360  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
16:07:35.0292 0x0360  WebClient - ok
16:07:35.0482 0x0360  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:07:35.0502 0x0360  Wecsvc - ok
16:07:35.0522 0x0360  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:07:35.0532 0x0360  wercplsupport - ok
16:07:35.0552 0x0360  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:07:35.0552 0x0360  WerSvc - ok
16:07:35.0572 0x0360  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:07:35.0572 0x0360  WfpLwf - ok
16:07:35.0592 0x0360  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:07:35.0602 0x0360  WIMMount - ok
16:07:35.0622 0x0360  WinDefend - ok
16:07:35.0672 0x0360  WinHttpAutoProxySvc - ok
16:07:35.0862 0x0360  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:07:35.0872 0x0360  Winmgmt - ok
16:07:36.0112 0x0360  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
16:07:36.0212 0x0360  WinRM - ok
16:07:36.0272 0x0360  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
16:07:36.0272 0x0360  WinUsb - ok
16:07:36.0342 0x0360  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:07:36.0392 0x0360  Wlansvc - ok
16:07:36.0632 0x0360  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:07:36.0682 0x0360  wlidsvc - ok
16:07:36.0742 0x0360  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
16:07:36.0742 0x0360  WmiAcpi - ok
16:07:36.0802 0x0360  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:07:36.0812 0x0360  wmiApSrv - ok
16:07:36.0852 0x0360  WMPNetworkSvc - ok
16:07:36.0932 0x0360  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:07:36.0932 0x0360  WPCSvc - ok
16:07:36.0982 0x0360  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:07:36.0982 0x0360  WPDBusEnum - ok
16:07:37.0022 0x0360  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:07:37.0022 0x0360  ws2ifsl - ok
16:07:37.0072 0x0360  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
16:07:37.0082 0x0360  wscsvc - ok
16:07:37.0142 0x0360  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
16:07:37.0162 0x0360  WSDPrintDevice - ok
16:07:37.0202 0x0360  [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
16:07:37.0202 0x0360  WSDScan - ok
16:07:37.0212 0x0360  WSearch - ok
16:07:37.0442 0x0360  [ AA3E844A2595B1AA5825C70CA50D963E, F9C7D64D9563CA5167EC9B0D957473B55C02E9456E041AE2CDA6ABFA9641D176 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:07:37.0502 0x0360  wuauserv - ok
16:07:37.0592 0x0360  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:07:37.0592 0x0360  WudfPf - ok
16:07:37.0672 0x0360  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:07:37.0682 0x0360  WUDFRd - ok
16:07:37.0712 0x0360  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:07:37.0712 0x0360  wudfsvc - ok
16:07:37.0772 0x0360  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:07:37.0782 0x0360  WwanSvc - ok
16:07:37.0843 0x0360  [ FAEBB90D71CF8B410112AFB7C144C854, 8D0C6134FBDF82821C4E32C7E4111DFDBC8E5D5ACE6BC14DE25E143A18A71F15 ] xhcdrv          C:\Windows\system32\drivers\xhcdrv.sys
16:07:37.0893 0x0360  xhcdrv - ok
16:07:37.0923 0x0360  ================ Scan global ===============================
16:07:37.0953 0x0360  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:07:37.0993 0x0360  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
16:07:38.0023 0x0360  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
16:07:38.0073 0x0360  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:07:38.0163 0x0360  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
16:07:38.0173 0x0360  [ Global ] - ok
16:07:38.0173 0x0360  ================ Scan MBR ==================================
16:07:38.0203 0x0360  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:07:39.0093 0x0360  \Device\Harddisk0\DR0 - ok
16:07:39.0093 0x0360  ================ Scan VBR ==================================
16:07:39.0113 0x0360  [ 342EA5E108BD738A1A01BE1FDC13E0F6 ] \Device\Harddisk0\DR0\Partition1
16:07:39.0123 0x0360  \Device\Harddisk0\DR0\Partition1 - ok
16:07:39.0123 0x0360  ================ Scan generic autorun ======================
16:07:40.0283 0x0360  [ BFC46E17C6C818C5E62D32D8B700144D, A4C63AC390AEFAB78434344EDF3873EFE6B718CA49F30ED0804F8DB8C94AA559 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
16:07:40.0543 0x0360  RtHDVCpl - ok
16:07:40.0553 0x0360  fspuip - ok
16:07:40.0753 0x0360  [ 968EDA6EA6E00DFAE78586BFA6322B74, 8F3A01704E67D2F9212A08F0D5B4FF15DEE4791E1BB303DF4C9CF7DD3871E6E5 ] C:\VIA_XHCI\usb3Monitor.exe
16:07:40.0793 0x0360  VIAxHCUtl - ok
16:07:40.0913 0x0360  [ 3DA1189B0E1A02D5A4A2500A988AFBD0, 11F04A1AB259315C01E74A95AF4A58D2A35F1CFAF8E1A753445F75FE93E7C68B ] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
16:07:40.0923 0x0360  BLEServicesCtrl - ok
16:07:40.0923 0x0360  BTMTrayAgent - ok
16:07:40.0993 0x0360  [ 0C3154D0620F974AD5C4E8D87626C8CF, 4E6B751F9C0D5D4833A12166BC5142E0A7402E98D00F570926ED9CA0936A8007 ] C:\Windows\system32\igfxtray.exe
16:07:41.0003 0x0360  IgfxTray - ok
16:07:41.0053 0x0360  [ E4AA3D28753EF9DB333FE40079993B09, ECC60BAA7D21EF97CDA17F45277FBFE52B2169155DDB157E34A7AE2EC1BEC185 ] C:\Windows\system32\hkcmd.exe
16:07:41.0063 0x0360  HotKeysCmds - ok
16:07:41.0103 0x0360  [ CF40080765D6F66FA93318C0DB6C7D1F, 015EE5BE439DAC6D3F7C7471EEF554C11F28947492E3F7AA14BB72622C327DCD ] C:\Windows\system32\igfxpers.exe
16:07:41.0103 0x0360  Persistence - ok
16:07:41.0233 0x0360  [ 02A27FC0972181EF743160BE9F62F2B4, 0E5B5684E892B1CE83C8A50A23F8478E8D01E2DD283337B5B263FDA4C2654E9F ] C:\Program Files\iTunes\iTunesHelper.exe
16:07:41.0243 0x0360  iTunesHelper - ok
16:07:41.0323 0x0360  [ C0B97E53A0E39A48EEA2DCD500EEA07A, 111FBD91850E52E61E6A4D8065BF56C9C6B89C55BA6312F726125F1CE4B09EE1 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
16:07:41.0333 0x0360  IAStorIcon - ok
16:07:41.0433 0x0360  [ 9E116760D3CBDDE9796843D02D18EEDC, E241C946800615451CC9E925120B821040A6E00D80E0945F8229BE0B2A729F75 ] C:\Program Files (x86)\Hotkey OSD Driver\HotKeyOSD.exe
16:07:41.0453 0x0360  HotKeyOSD - ok
16:07:41.0643 0x0360  [ 0080EB1CDD83F14C01534B1DC754234D, D0FC9B95A12D0C92730F8031B3DB287D1309008CF15EA0C02FC14B56FAE8C320 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
16:07:41.0643 0x0360  APSDaemon - ok
16:07:41.0843 0x0360  [ 6B53177248AC5327FFB5CB2D5C500C94, 2F03DA955BF63BDCA979B76B263FBE4EB1BA2A76476EF0D9145E66CAB781C67C ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
16:07:41.0873 0x0360  IJNetworkScannerSelectorEX - ok
16:07:42.0013 0x0360  [ 34084D25BE6F48D072AA54DE630438FD, 522C96429FC679C2D07E9254E8D1793FEC018D65CD43D88FE9851CC8CEB61A07 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
16:07:42.0033 0x0360  SunJavaUpdateSched - ok
16:07:42.0143 0x0360  [ C2CE42005E3381A95460876020518440, 562EB30DA9A1DB58DB221423177C0680E69A4C38EEE2D5FD936633B2EB8A616E ] C:\Program Files (x86)\QuickTime\QTTask.exe
16:07:42.0163 0x0360  QuickTime Task - ok
16:07:42.0363 0x0360  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:07:42.0473 0x0360  Sidebar - ok
16:07:42.0533 0x0360  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:07:42.0543 0x0360  mctadmin - ok
16:07:42.0743 0x0360  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:07:42.0773 0x0360  Sidebar - ok
16:07:42.0883 0x0360  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:07:42.0893 0x0360  mctadmin - ok
16:07:43.0093 0x0360  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:07:43.0123 0x0360  Sidebar - ok
16:07:43.0153 0x0360  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:07:43.0163 0x0360  mctadmin - ok
16:07:43.0393 0x0360  [ 40F7401928355A1515199676A5D00CDC, 4F16DE77F0BD7D1F9F61AE5712B3FD7BD53D19DCCEF88925E10180EF040A8E0B ] C:\Users\***\AppData\Local\Apps\2.0\KPGV4TR2.86B\YD6P7TLW.DXP\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe
16:07:43.0403 0x0360  AVMUSBFernanschluss - ok
16:07:43.0483 0x0360  [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\***\AppData\Local\Dropbox\Update\DropboxUpdate.exe
16:07:43.0483 0x0360  Dropbox Update - ok
16:07:43.0483 0x0360  Waiting for KSN requests completion. In queue: 121
16:07:44.0483 0x0360  Waiting for KSN requests completion. In queue: 121
16:07:45.0483 0x0360  Waiting for KSN requests completion. In queue: 121
16:07:46.0713 0x0360  AV detected via SS2: Kaspersky Anti-Virus, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\wmiav.exe ( 15.0.1.415 ), 0x40000 ( disabled : updated )
16:07:46.0723 0x0360  Win FW state via NFP2: enabled ( trusted )
16:07:49.0104 0x0360  ============================================================
16:07:49.0104 0x0360  Scan finished
16:07:49.0104 0x0360  ============================================================
16:07:49.0114 0x14b0  Detected object count: 0
16:07:49.0114 0x14b0  Actual detected object count: 0
16:08:05.0277 0x0d8c  Deinitialize success
         
Netzstrolch
__________________

Alt 05.08.2015, 06:07   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Win7 PC: Verdacht auf Viren - Standard

Win7 PC: Verdacht auf Viren



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 05.08.2015, 15:59   #5
netzstrolch
 
Win7 PC: Verdacht auf Viren - Standard

Win7 PC: Verdacht auf Viren



Hallo Schrauber,

hier das Ergebnis:

Code:
ATTFilter
ComboFix 15-08-03.01 - *** 05.08.2015  14:52:52.1.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.4044.2169 [GMT 2:00]
ausgeführt von:: c:\users\***\Desktop\Check\ComboFix.exe
AV: Kaspersky Anti-Virus *Disabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
SP: Kaspersky Anti-Virus *Disabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744BA0000000010\11.0.0\eula.ini
c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744BA0000000010\11.0.0\eula.ini2
c:\windows\SysWow64\DEBUG.log
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ACEDRV11
-------\Service_acedrv11
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-07-05 bis 2015-08-05  ))))))))))))))))))))))))))))))
.
.
2015-08-05 13:10 . 2015-08-05 13:27	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2015-08-05 13:10 . 2015-08-05 13:10	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-08-04 10:31 . 2015-08-04 10:31	--------	d-----w-	C:\$Windows.~BT
2015-08-04 09:17 . 2015-08-04 09:53	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-08-04 07:40 . 2015-08-04 07:44	--------	d-----w-	C:\FRST
2015-08-01 07:19 . 2015-08-05 13:28	113880	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-08-01 07:19 . 2015-08-04 09:16	107736	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-08-01 07:19 . 2015-06-18 06:41	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2015-08-01 07:19 . 2015-06-18 06:41	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2015-08-01 07:19 . 2015-08-01 07:19	--------	d-----w-	c:\program files (x86)\ Malwarebytes Anti-Malware 
2015-08-01 07:19 . 2015-08-01 07:19	--------	d-----w-	c:\programdata\Malwarebytes
2015-07-28 14:40 . 2015-07-28 14:40	--------	d-----w-	c:\users\***\Kreiskirchenamt-Jugendreferat
2015-07-28 10:10 . 2015-07-25 18:07	17856	----a-w-	c:\windows\system32\CompatTelRunner.exe
2015-07-28 10:10 . 2015-07-25 18:04	726528	----a-w-	c:\windows\system32\generaltel.dll
2015-07-28 10:10 . 2015-07-25 18:04	765440	----a-w-	c:\windows\system32\invagent.dll
2015-07-28 10:10 . 2015-07-25 18:03	433664	----a-w-	c:\windows\system32\devinv.dll
2015-07-28 10:10 . 2015-07-25 18:03	1085440	----a-w-	c:\windows\system32\appraiser.dll
2015-07-28 10:10 . 2015-07-25 18:03	67584	----a-w-	c:\windows\system32\acmigration.dll
2015-07-28 10:10 . 2015-07-25 18:03	227328	----a-w-	c:\windows\system32\aepdu.dll
2015-07-28 10:10 . 2015-07-25 17:55	1145856	----a-w-	c:\windows\system32\aeinv.dll
2015-07-21 09:22 . 2015-07-15 01:59	372224	----a-w-	c:\windows\system32\atmfd.dll
2015-07-21 09:22 . 2015-07-15 01:52	299008	----a-w-	c:\windows\SysWow64\atmfd.dll
2015-07-21 09:22 . 2015-07-15 03:19	41984	----a-w-	c:\windows\system32\lpk.dll
2015-07-21 09:22 . 2015-07-15 03:19	100864	----a-w-	c:\windows\system32\fontsub.dll
2015-07-21 09:22 . 2015-07-15 03:19	14336	----a-w-	c:\windows\system32\dciman32.dll
2015-07-21 09:22 . 2015-07-15 03:19	46080	----a-w-	c:\windows\system32\atmlib.dll
2015-07-21 09:22 . 2015-07-15 02:55	70656	----a-w-	c:\windows\SysWow64\fontsub.dll
2015-07-21 09:22 . 2015-07-15 02:55	10240	----a-w-	c:\windows\SysWow64\dciman32.dll
2015-07-21 09:22 . 2015-07-15 02:55	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2015-07-21 09:22 . 2015-07-15 02:54	25600	----a-w-	c:\windows\SysWow64\lpk.dll
2015-07-19 21:40 . 2015-07-19 21:40	--------	d-----w-	c:\program files (x86)\iTunes
2015-07-19 21:40 . 2015-07-19 21:40	--------	d-----w-	c:\program files\iPod
2015-07-19 21:40 . 2015-07-19 21:41	--------	d-----w-	c:\program files\iTunes
2015-07-17 11:00 . 2015-06-11 17:57	6131200	----a-w-	c:\windows\SysWow64\mstscax.dll
2015-07-17 11:00 . 2015-06-11 17:56	7077376	----a-w-	c:\windows\system32\mstscax.dll
2015-07-17 11:00 . 2015-06-11 13:15	429568	----a-w-	c:\windows\system32\wksprt.exe
2015-07-17 11:00 . 2015-06-11 17:57	53248	----a-w-	c:\windows\SysWow64\tsgqec.dll
2015-07-17 11:00 . 2015-06-11 17:57	856064	----a-w-	c:\windows\SysWow64\rdvidcrl.dll
2015-07-17 11:00 . 2015-06-11 17:56	62976	----a-w-	c:\windows\system32\tsgqec.dll
2015-07-17 11:00 . 2015-06-11 17:56	1057792	----a-w-	c:\windows\system32\rdvidcrl.dll
2015-07-17 11:00 . 2014-12-11 17:47	87040	----a-w-	c:\windows\system32\TSWbPrxy.exe
2015-07-16 15:20 . 2015-07-16 15:20	--------	d-----w-	c:\windows\SysWow64\NV
2015-07-16 15:20 . 2015-07-16 15:20	--------	d-----w-	c:\windows\system32\NV
2015-07-16 15:10 . 2013-10-02 04:51	3584	----a-w-	c:\windows\system32\drivers\de-DE\tsusbflt.sys.mui
2015-07-16 15:10 . 2013-10-02 01:10	44544	----a-w-	c:\windows\system32\TsUsbGDCoInstaller.dll
2015-07-16 15:09 . 2013-10-02 02:22	56832	----a-w-	c:\windows\system32\drivers\TsUsbFlt.sys
2015-07-16 15:09 . 2013-10-02 02:11	13824	----a-w-	c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-07-16 15:09 . 2013-10-02 02:08	12800	----a-w-	c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-07-16 15:09 . 2013-10-02 01:48	56832	----a-w-	c:\windows\system32\MsRdpWebAccess.dll
2015-07-16 15:09 . 2013-10-02 01:48	18944	----a-w-	c:\windows\system32\wksprtPS.dll
2015-07-16 15:09 . 2013-10-02 00:14	50176	----a-w-	c:\windows\SysWow64\MsRdpWebAccess.dll
2015-07-16 15:09 . 2013-10-02 00:14	17920	----a-w-	c:\windows\SysWow64\wksprtPS.dll
2015-07-16 15:09 . 2013-10-01 23:31	1147392	----a-w-	c:\windows\system32\mstsc.exe
2015-07-16 15:09 . 2013-10-01 22:34	1068544	----a-w-	c:\windows\SysWow64\mstsc.exe
2015-07-16 14:59 . 2015-03-14 03:21	82944	----a-w-	c:\windows\system32\dwmapi.dll
2015-07-16 14:59 . 2015-03-14 03:21	1632768	----a-w-	c:\windows\system32\dwmcore.dll
2015-07-16 14:59 . 2015-03-14 03:04	67584	----a-w-	c:\windows\SysWow64\dwmapi.dll
2015-07-16 14:59 . 2015-03-14 03:04	1372160	----a-w-	c:\windows\SysWow64\dwmcore.dll
2015-07-16 14:58 . 2015-05-09 18:26	493504	----a-w-	c:\windows\system32\mcupdate_GenuineIntel.dll
2015-07-15 11:07 . 2015-07-04 18:07	2087424	----a-w-	c:\windows\system32\ole32.dll
2015-07-15 11:07 . 2015-07-04 17:48	1414656	----a-w-	c:\windows\SysWow64\ole32.dll
2015-07-15 11:07 . 2015-04-27 19:23	188416	----a-w-	c:\windows\system32\cryptsvc.dll
2015-07-15 11:07 . 2015-04-27 19:04	143872	----a-w-	c:\windows\SysWow64\cryptsvc.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-08-05 13:35 . 2015-08-05 13:35	75888	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{37895775-2C09-41EC-8BCC-D5C5FF46D28C}\offreg.2224.dll
2015-07-15 01:12 . 2015-08-04 07:36	12222168	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{37895775-2C09-41EC-8BCC-D5C5FF46D28C}\mpengine.dll
2015-07-14 17:30 . 2013-02-08 00:14	778416	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-07-14 17:30 . 2013-02-08 00:14	142512	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-03 06:43 . 2013-01-30 14:42	130333168	----a-w-	c:\windows\system32\MRT.exe
2015-06-23 11:30 . 2010-11-21 03:27	300704	------w-	c:\windows\system32\MpSigStub.exe
2015-06-16 23:01 . 2015-06-16 23:01	1202856	----a-w-	c:\windows\SysWow64\FM20.DLL
2015-06-16 22:23 . 2015-06-16 22:23	94208	----a-w-	c:\windows\SysWow64\QuickTimeVR.qtx
2015-06-16 22:23 . 2015-06-16 22:23	69632	----a-w-	c:\windows\SysWow64\QuickTime.qts
2015-06-01 19:01 . 2015-06-01 19:01	544552	----a-w-	c:\windows\system32\iglhsip64.dll
2015-06-01 19:01 . 2012-12-14 01:42	11223896	----a-w-	c:\windows\SysWow64\igdumd32.dll
2015-06-01 19:01 . 2015-06-01 19:01	231312	----a-w-	c:\windows\system32\iglhcp64.dll
2015-06-01 19:01 . 2015-06-01 19:01	194880	----a-w-	c:\windows\SysWow64\iglhcp32.dll
2015-06-01 19:01 . 2015-06-01 19:01	12814752	----a-w-	c:\windows\system32\igdumd64.dll
2015-06-01 19:01 . 2015-06-01 19:01	11352688	----a-w-	c:\windows\SysWow64\igd10umd32.dll
2015-06-01 19:01 . 2015-06-01 19:01	1067696	----a-w-	c:\windows\system32\igfxcmrt64.dll
2015-06-01 19:01 . 2013-01-08 11:32	13059896	----a-w-	c:\windows\system32\igd10umd64.dll
2015-06-01 19:01 . 2015-06-01 19:01	957472	----a-w-	c:\windows\SysWow64\igfxcmrt32.dll
2015-06-01 19:01 . 2015-06-01 19:01	539312	----a-w-	c:\windows\SysWow64\iglhsip32.dll
2015-06-01 19:01 . 2015-06-01 19:01	41288	----a-w-	c:\windows\system32\igfxexps.dll
2015-06-01 19:00 . 2015-06-01 19:00	418816	----a-w-	c:\windows\system32\igfxTMM.dll
2015-06-01 19:00 . 2015-06-01 19:00	523184	----a-w-	c:\windows\system32\igfxsrvc.exe
2015-06-01 19:00 . 2015-06-01 19:00	447488	----a-w-	c:\windows\system32\igfxrsky.lrc
2015-06-01 19:00 . 2015-06-01 19:00	440832	----a-w-	c:\windows\system32\igfxrjpn.lrc
2015-06-01 19:00 . 2015-06-01 19:00	294912	----a-w-	c:\windows\system32\igfxrenu.lrc
2015-06-01 19:00 . 2015-06-01 19:00	290224	----a-w-	c:\windows\SysWow64\IntelCpHeciSvc.exe
2015-06-01 19:00 . 2015-06-01 19:00	183216	----a-w-	c:\windows\system32\igfxtray.exe
2015-06-01 19:00 . 2013-01-08 11:32	72704	----a-w-	c:\windows\system32\igfxsrvc.dll
2015-06-01 19:00 . 2015-06-01 19:00	448000	----a-w-	c:\windows\system32\igfxrrus.lrc
2015-06-01 19:00 . 2015-06-01 19:00	448000	----a-w-	c:\windows\system32\igfxrrom.lrc
2015-06-01 19:00 . 2015-06-01 19:00	447488	----a-w-	c:\windows\system32\igfxrptg.lrc
2015-06-01 19:00 . 2015-06-01 19:00	446464	----a-w-	c:\windows\system32\igfxrtrk.lrc
2015-06-01 19:00 . 2015-06-01 19:00	446464	----a-w-	c:\windows\system32\igfxrsve.lrc
2015-06-01 19:00 . 2015-06-01 19:00	446464	----a-w-	c:\windows\system32\igfxrslv.lrc
2015-06-01 19:00 . 2015-06-01 19:00	446464	----a-w-	c:\windows\system32\igfxrnor.lrc
2015-06-01 19:00 . 2015-06-01 19:00	445952	----a-w-	c:\windows\system32\igfxrtha.lrc
2015-06-01 19:00 . 2015-06-01 19:00	439808	----a-w-	c:\windows\system32\igfxrkor.lrc
2015-06-01 19:00 . 2015-06-01 19:00	124928	----a-w-	c:\windows\system32\igfxCoIn_v4229.dll
2015-06-01 19:00 . 2015-06-01 19:00	447488	----a-w-	c:\windows\system32\igfxrplk.lrc
2015-06-01 19:00 . 2015-06-01 19:00	447488	----a-w-	c:\windows\system32\igfxrnld.lrc
2015-06-01 19:00 . 2015-06-01 19:00	447488	----a-w-	c:\windows\system32\igfxrita.lrc
2015-06-01 19:00 . 2015-06-01 19:00	447488	----a-w-	c:\windows\system32\igfxrdeu.lrc
2015-06-01 19:00 . 2015-06-01 19:00	446464	----a-w-	c:\windows\system32\igfxrptb.lrc
2015-06-01 19:00 . 2015-06-01 19:00	437760	----a-w-	c:\windows\system32\igfxrcht.lrc
2015-06-01 19:00 . 2013-01-08 11:32	9016320	----a-w-	c:\windows\system32\igfxress.dll
2015-06-01 19:00 . 2015-06-01 19:00	449024	----a-w-	c:\windows\system32\igfxrell.lrc
2015-06-01 19:00 . 2015-06-01 19:00	448512	----a-w-	c:\windows\system32\igfxrfra.lrc
2015-06-01 19:00 . 2015-06-01 19:00	447488	----a-w-	c:\windows\system32\igfxrhrv.lrc
2015-06-01 19:00 . 2015-06-01 19:00	446976	----a-w-	c:\windows\system32\igfxrhun.lrc
2015-06-01 19:00 . 2015-06-01 19:00	444416	----a-w-	c:\windows\system32\igfxrheb.lrc
2015-06-01 19:00 . 2015-06-01 19:00	584192	----a-w-	c:\windows\system32\igfx11cmrt64.dll
2015-06-01 19:00 . 2015-06-01 19:00	453552	----a-w-	c:\windows\system32\igfxpers.exe
2015-06-01 19:00 . 2015-06-01 19:00	448512	----a-w-	c:\windows\system32\igfxresn.lrc
2015-06-01 19:00 . 2015-06-01 19:00	446976	----a-w-	c:\windows\system32\igfxrfin.lrc
2015-06-01 19:00 . 2015-06-01 19:00	446976	----a-w-	c:\windows\system32\igfxrcsy.lrc
2015-06-01 19:00 . 2015-06-01 19:00	445952	----a-w-	c:\windows\system32\igfxrdan.lrc
2015-06-01 19:00 . 2015-06-01 19:00	437248	----a-w-	c:\windows\system32\igfxrchs.lrc
2015-06-01 19:00 . 2015-06-01 19:00	393216	----a-w-	c:\windows\system32\igfxpph.dll
2015-06-01 19:00 . 2015-06-01 19:00	151040	----a-w-	c:\windows\system32\igfxdo.dll
2015-06-01 19:00 . 2015-06-01 19:00	444416	----a-w-	c:\windows\system32\igfxrara.lrc
2015-06-01 19:00 . 2015-06-01 19:00	3129856	----a-w-	c:\windows\SysWow64\igfxcmjit32.dll
2015-06-01 19:00 . 2015-06-01 19:00	266152	----a-w-	c:\windows\system32\igfxext.exe
2015-06-01 19:00 . 2015-06-01 19:00	10820096	----a-w-	c:\windows\SysWow64\ig4icd32.dll
2015-06-01 19:00 . 2015-06-01 19:00	339456	----a-w-	c:\windows\SysWow64\igfxdv32.dll
2015-06-01 19:00 . 2015-06-01 19:00	33792	----a-w-	c:\windows\SysWow64\igfxexps32.dll
2015-06-01 19:00 . 2015-06-01 19:00	135680	----a-w-	c:\windows\system32\igfxcpl.cpl
2015-06-01 19:00 . 2015-06-01 19:00	451584	----a-w-	c:\windows\system32\igfxdev.dll
2015-06-01 19:00 . 2015-06-01 19:00	18432	----a-w-	c:\windows\system32\IGFXDEVLib.dll
2015-06-01 19:00 . 2015-06-01 19:00	13037568	----a-w-	c:\windows\system32\ig4icd64.dll
2015-06-01 19:00 . 2015-06-01 19:00	551424	----a-w-	c:\windows\SysWow64\igfx11cmrt32.dll
2015-06-01 19:00 . 2015-06-01 19:00	3520000	----a-w-	c:\windows\system32\igfxcmjit64.dll
2015-06-01 19:00 . 2015-06-01 19:00	90112	----a-w-	c:\windows\SysWow64\igdde32.dll
2015-06-01 19:00 . 2015-06-01 19:00	5384176	----a-w-	c:\windows\system32\drivers\igdkmd64.sys
2015-06-01 19:00 . 2015-06-01 19:00	5916080	----a-w-	c:\windows\system32\GfxUI.exe
2015-06-01 19:00 . 2015-06-01 19:00	110080	----a-w-	c:\windows\system32\igdde64.dll
2015-06-01 19:00 . 2013-01-08 11:32	102912	----a-w-	c:\windows\system32\IccLibDll_x64.dll
2015-06-01 19:00 . 2015-06-01 19:00	411056	----a-w-	c:\windows\system32\hkcmd.exe
2015-06-01 19:00 . 2015-06-01 19:00	197040	----a-w-	c:\windows\system32\difx64.exe
2015-06-01 19:00 . 2015-06-01 19:00	183808	----a-w-	c:\windows\system32\gfxSrvc.dll
2015-06-01 19:00 . 2013-01-08 11:32	119296	----a-w-	c:\windows\system32\hccutils.dll
2015-05-28 08:06 . 2014-10-21 07:54	97888	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-05-25 18:24 . 2015-06-10 12:31	5569984	----a-w-	c:\windows\system32\ntoskrnl.exe
2015-05-25 18:21 . 2015-06-10 12:31	1728960	----a-w-	c:\windows\system32\ntdll.dll
2015-05-25 18:19 . 2015-06-10 12:31	243712	----a-w-	c:\windows\system32\wow64.dll
2015-05-25 18:19 . 2015-06-10 12:31	362496	----a-w-	c:\windows\system32\wow64win.dll
2015-05-25 18:19 . 2015-06-10 12:31	13312	----a-w-	c:\windows\system32\wow64cpu.dll
2015-05-25 18:19 . 2015-06-10 12:31	215040	----a-w-	c:\windows\system32\winsrv.dll
2015-05-25 18:19 . 2015-06-10 12:31	1255424	----a-w-	c:\windows\system32\diagtrack.dll
2015-05-25 18:19 . 2015-06-10 12:31	879104	----a-w-	c:\windows\system32\tdh.dll
2015-05-25 18:19 . 2015-06-10 12:31	503808	----a-w-	c:\windows\system32\srcore.dll
2015-05-25 18:19 . 2015-06-10 12:31	50176	----a-w-	c:\windows\system32\srclient.dll
2015-05-25 18:19 . 2015-06-10 12:31	113664	----a-w-	c:\windows\system32\sechost.dll
2015-05-25 18:19 . 2015-06-10 12:31	16384	----a-w-	c:\windows\system32\ntvdm64.dll
2015-05-25 18:19 . 2015-06-10 12:31	424960	----a-w-	c:\windows\system32\KernelBase.dll
2015-05-25 18:19 . 2015-06-10 12:31	1162752	----a-w-	c:\windows\system32\kernel32.dll
2015-05-25 18:18 . 2015-06-10 12:31	43520	----a-w-	c:\windows\system32\csrsrv.dll
2015-05-25 18:18 . 2015-06-10 12:31	879104	----a-w-	c:\windows\system32\advapi32.dll
2015-05-25 18:18 . 2015-06-10 12:31	47104	----a-w-	c:\windows\system32\typeperf.exe
2015-05-25 18:18 . 2015-06-10 12:31	404992	----a-w-	c:\windows\system32\tracerpt.exe
2015-05-25 18:18 . 2015-06-10 12:31	112640	----a-w-	c:\windows\system32\smss.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-09-01 22:04	223432	----a-w-	c:\users\***\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-09-01 22:04	223432	----a-w-	c:\users\***\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-09-01 22:04	223432	----a-w-	c:\users\***\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-24 01:44	189464	----a-w-	c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-24 01:44	189464	----a-w-	c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-24 01:44	189464	----a-w-	c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVMUSBFernanschluss"="c:\users\***\AppData\Local\Apps\2.0\KPGV4TR2.86B\YD6P7TLW.DXP\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe" [2014-02-13 139264]
"Dropbox Update"="c:\users\***\AppData\Local\Dropbox\Update\DropboxUpdate.exe" [2015-06-12 134512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]
"HotKeyOSD"="c:\program files (x86)\Hotkey OSD Driver\HotKeyOSD.exe" [2011-02-17 345680]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2015-05-15 60712]
"IJNetworkScannerSelectorEX"="c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2013-02-19 453736]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-04-30 334896]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2015-06-16 421888]
.
c:\users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-5-5 39179912]
OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 btmlehid;Intel Bluetooth Low Energy HID Service;c:\windows\system32\drivers\btmlehid.sys;c:\windows\SYSNATIVE\drivers\btmlehid.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 fspad_xp64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_xp64;c:\windows\system32\drivers\fspad_xp64.sys;c:\windows\SYSNATIVE\drivers\fspad_xp64.sys [x]
R3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MHIKEY10;MHIKEY10;c:\windows\system32\Drivers\MHIKEY10x64.sys;c:\windows\SYSNATIVE\Drivers\MHIKEY10x64.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
S0 cm_km_w;Kaspersky Lab Crypto Module (FDE PDK);c:\windows\system32\DRIVERS\cm_km_w.sys;c:\windows\SYSNATIVE\DRIVERS\cm_km_w.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 klhk;klhk;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 Klwtp;Klwtp;c:\windows\system32\DRIVERS\klwtp.sys;c:\windows\SYSNATIVE\DRIVERS\klwtp.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 AVP15.0.1;Kaspersky Anti-Virus Service 15.0.1;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avp.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avp.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 DBService;DATA BECKER Update Service;c:\program files (x86)\Common Files\DATA BECKER Shared\DBService.exe;c:\program files (x86)\Common Files\DATA BECKER Shared\DBService.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 hkosdservice;Hotkey OSD Service;c:\program files (x86)\Hotkey OSD Driver\hkosdsvis.exe;c:\program files (x86)\Hotkey OSD Driver\hkosdsvis.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 kldisk;kldisk;c:\windows\system32\DRIVERS\kldisk.sys;c:\windows\SYSNATIVE\DRIVERS\kldisk.sys [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 avmaura;AVM USB-Fernanschluss;c:\windows\system32\DRIVERS\avmaura.sys;c:\windows\SYSNATIVE\DRIVERS\avmaura.sys [x]
S3 fspad_win764;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_win764;c:\windows\system32\drivers\fspad_win764.sys;c:\windows\SYSNATIVE\drivers\fspad_win764.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 VUSB3HUB;VIA USB 3 Root Hub Service;c:\windows\system32\drivers\ViaHub3.sys;c:\windows\SYSNATIVE\drivers\ViaHub3.sys [x]
S3 xhcdrv;VIA USB eXtensible Host Controller Service;c:\windows\system32\drivers\xhcdrv.sys;c:\windows\SYSNATIVE\drivers\xhcdrv.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-08-01 07:18	995144	----a-w-	c:\program files (x86)\Google\Chrome\Application\44.0.2403.125\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-08-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-08 17:30]
.
2015-07-28 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1417037402-2155524456-1377376909-1002Core.job
- c:\users\***\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-12 21:04]
.
2015-08-05 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1417037402-2155524456-1377376909-1002UA.job
- c:\users\***\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-12 21:04]
.
2015-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08 21:46]
.
2015-08-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08 21:46]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-09-01 22:04	262344	----a-w-	c:\users\***\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-09-01 22:04	262344	----a-w-	c:\users\***\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-09-01 22:04	262344	----a-w-	c:\users\***\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-24 01:50	226328	----a-w-	c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-24 01:50	226328	----a-w-	c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-24 01:50	226328	----a-w-	c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-24 01:50	226328	----a-w-	c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-03-18 11780712]
"VIAxHCUtl"="c:\via_xhci\usb3Monitor.exe" [2011-07-12 331776]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-05-31 184112]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2012-06-18 11586944]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2015-06-01 183216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2015-06-01 411056]
"Persistence"="c:\windows\system32\igfxpers.exe" [2015-06-01 453552]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-07-11 170280]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: An Bluetooth senden - c:\program files (x86)\Intel\Bluetooth\btSendToObject.htm
IE: {{09A10376-994C-4BBF-9121-F50CF7BA237E} - {F2A56BFE-7911-451A-BC74-A9C3C2E95126} - c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\IEExt\ie_plugin.dll
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -
TCP: DhcpNameServer = 192.168.189.1
TCP: Interfaces\{C9A84B3C-17D2-4EEB-8312-9B1B358B0227}\943575D2A474D213131323: NameServer = 31.168.235.109,82.166.96.254
TCP: Interfaces\{C9A84B3C-17D2-4EEB-8312-9B1B358B0227}\A4574747163702960586F6E656: NameServer = 31.168.235.109,82.166.96.254
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)
Toolbar-Locked - (no file)
HKLM-Run-fspuip - c:\program files (x86)\FSP\fspuip.exe
AddRemove-EZ Software Updater_is1 - c:\program files (x86)\EZ Software Updater\unins000.exe
AddRemove-{3108C217-BE83-42E4-AE9E-A56A2A92E549} - c:\program files\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_209_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_209_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_209_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_209_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.18"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avpui.exe
c:\program files (x86)\Hotkey OSD Driver\NButilps.exe
c:\program files (x86)\ Malwarebytes Anti-Malware \mbam.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-08-05  15:45:48 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-08-05 13:45
.
Vor Suchlauf: 12 Verzeichnis(se), 332.808.142.848 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 335.455.518.720 Bytes frei
.
- - End Of File - - B4FB0B1C3440214BB622B915BF82A2FD
         
Grüße, Netzstrolch


Alt 06.08.2015, 05:54   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Win7 PC: Verdacht auf Viren - Standard

Win7 PC: Verdacht auf Viren



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
--> Win7 PC: Verdacht auf Viren

Alt 06.08.2015, 14:38   #7
netzstrolch
 
Win7 PC: Verdacht auf Viren - Standard

Win7 PC: Verdacht auf Viren



Hallo Schrauber!

das System ist mittlerweile wieder viel schneller :-)

Hier die Logs:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 06.08.2015
Suchlaufzeit: 14:45
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.08.06.04
Rootkit-Datenbank: v2015.08.04.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: ***

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 413022
Abgelaufene Zeit: 27 Min., 17 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Code:
ATTFilter
# AdwCleaner v4.208 - Bericht erstellt 06/08/2015 um 15:21:08
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-08-01.1 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)
# Benutzername : *** - ***-LAPTOP
# Gestarted von : C:\Users\***\Desktop\Check\AdwCleaner_4.208.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\Users\***\AppData\Local\iac
Ordner Gelöscht : C:\Users\***\AppData\LocalLow\iac

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Classes\pokki
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MapsGalaxy_39.ToolbarProtector
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MapsGalaxy_39.ToolbarProtector.1
Schlüssel Gelöscht : HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77154BAE-941B-4850-B7ED-1F8685EB0AB1}
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\EZ Software Updater_is1
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\hamburg-tourism.de
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.hamburg-tourism.de
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17909


-\\ Google Chrome v44.0.2403.130

[C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=7B52A895-1780-4B1C-960A-894EB8E64564&apn_ptnrs=U3&apn_sauid=110C82EA-FAF0-401F-A55E-B2272C64FAA0&apn_dtid=OSJ000YYDE&q={searchTerms}

*************************

AdwCleaner[R0].txt - [5008 Bytes] - [06/08/2015 15:17:04]
AdwCleaner[R1].txt - [5067 Bytes] - [06/08/2015 15:20:13]
AdwCleaner[S0].txt - [4710 Bytes] - [06/08/2015 15:21:08]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4769  Bytes] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.5 (08.05.2015:1)
OS: Windows 7 Professional x64
Ran by *** on 06.08.2015 at 15:28:31,87
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer



~~~ Files

Successfully deleted: [File] C:\Users\Public\Desktop\clipgrab.lnk



~~~ Folders

Successfully deleted: [Folder] C:\Program Files (x86)\clipgrab
Successfully deleted: [Folder] C:\ProgramData\google
Successfully deleted: [Folder] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\clipgrab



~~~ Chrome


[C:\Users\***\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\***\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\***\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\***\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06.08.2015 at 15:33:21,95
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015 01
durchgeführt von *** (Administrator) auf ***-LAPTOP (06-08-2015 15:34:09)
Gestartet von C:\Users\***\Desktop\Check
Geladene Profile: *** (Verfügbare Profile: UpdatusUser & ***)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11780712 2011-03-18] (Realtek Semiconductor)
HKLM\...\Run: [fspuip] => C:\Program Files\FSP\fspuip.exe [4058112 2010-12-27] (Sentelic Corporation)
HKLM\...\Run: [VIAxHCUtl] => C:\VIA_XHCI\usb3Monitor.exe [331776 2011-07-12] (VIA Technologies, Inc.)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184112 2012-06-01] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [HotKeyOSD] => C:\Program Files (x86)\Hotkey OSD Driver\HotKeyOSD.exe [345680 2011-02-17] (Dritek System Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1417037402-2155524456-1377376909-1002\...\Run: [AVMUSBFernanschluss] => C:\Users\***\AppData\Local\Apps\2.0\P94XA3JY.XH8\W1M0X5PE.MZ9\frit..tion_1acae14e4778b8d2_0002.0003_5f032dee73df1479\AVMAutoStart.exe [139264 2015-08-06] (AVM Berlin)
HKU\S-1-5-21-1417037402-2155524456-1377376909-1002\...\Run: [Dropbox Update] => C:\Users\***\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-12] (Dropbox, Inc.)
Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-06-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2013-02-07]
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1417037402-2155524456-1377376909-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1417037402-2155524456-1377376909-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1417037402-2155524456-1377376909-1002 -> {44356F6D-F790-4CED-97B7-C8BA0C48D600} URL = https://www.google.com/search?q={searchTerms}
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\x64\IEExt\ie_plugin.dll [2015-01-07] (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll Keine Datei
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-21] (Google Inc.)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\x64\IEExt\ie_plugin.dll [2015-01-07] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\x64\IEExt\ie_plugin.dll [2015-01-07] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\IEExt\ie_plugin.dll [2015-01-07] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-28] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\OnlineBanking\online_banking_bho.dll Keine Datei
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-21] (Google Inc.)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\IEExt\ie_plugin.dll [2015-01-07] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-28] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\IEExt\ie_plugin.dll [2015-01-07] (Kaspersky Lab ZAO)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-21] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-21] (Google Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.189.1
Tcpip\..\Interfaces\{5D6192CE-5612-4B22-8671-CB3A73ACCA57}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{C9A84B3C-17D2-4EEB-8312-9B1B358B0227}: [DhcpNameServer] 192.168.189.1

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-28] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\content_blocker@kaspersky.com [2015-01-07] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-01-07] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @protectdisc.com/NPPDLicenseHelper -> C:\Program Files (x86)\ProtectDisc\License Helper\NPPDLicenseHelper.dll [2008-02-22] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\content_blocker@kaspersky.com [2015-01-07]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-01-07]

Chrome: 
=======
CHR Profile: C:\Users\***\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Kaspersky Protection) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-05-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-25]
CHR Extension: (Google Wallet) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-13]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
S2 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [187456 2009-01-08] (DATA BECKER GmbH & Co KG) [Datei ist nicht signiert]
S2 hkosdservice; C:\Program Files (x86)\Hotkey OSD Driver\hkosdsvis.exe [240208 2011-02-17] (Dritek System Inc.)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2013-02-07] (AVM Berlin)
S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [111104 2012-05-21] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [849408 2012-06-09] (Motorola Solutions, Inc.)
S3 btmlehid; C:\Windows\system32\drivers\btmlehid.sys [66560 2012-06-21] (Motorola Solutions, Inc.)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
R3 fspad_win764; C:\Windows\system32\drivers\fspad_win764.sys [32256 2010-12-28] (Sentelic Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [150536 2015-01-07] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [246456 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [819896 2015-03-10] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55872 2014-06-05] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77512 2015-01-07] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-06] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 MHIKEY10; C:\Windows\System32\Drivers\MHIKEY10x64.sys [60288 2010-09-15] (Generic USB smartcard reader)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [Datei ist nicht signiert]
R3 VUSB3HUB; C:\Windows\system32\drivers\ViaHub3.sys [177152 2011-05-28] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\system32\drivers\xhcdrv.sys [226816 2011-05-28] (VIA Technologies, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-06 15:33 - 2015-08-06 15:33 - 00001450 _____ C:\Users\***\Desktop\JRT.txt
2015-08-06 15:16 - 2015-08-06 15:21 - 00000000 ____D C:\AdwCleaner
2015-08-05 16:05 - 2015-08-06 14:33 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\2D3555B9.sys
2015-08-05 15:45 - 2015-08-05 15:45 - 00038377 _____ C:\ComboFix.txt
2015-08-05 14:50 - 2015-08-05 15:46 - 00000000 ____D C:\Qoobox
2015-08-05 14:50 - 2015-08-05 15:39 - 00000000 ____D C:\Windows\erdnt
2015-08-05 14:50 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-08-05 14:50 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-08-05 14:50 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-08-05 14:50 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-08-05 14:50 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-08-05 14:50 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-08-05 14:50 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-08-05 14:50 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-08-04 12:31 - 2015-08-04 12:31 - 00000000 ____D C:\$Windows.~BT
2015-08-04 11:17 - 2015-08-04 11:53 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-08-04 11:15 - 2015-08-04 11:53 - 00000000 ____D C:\Users\***\Desktop\mbar
2015-08-04 09:40 - 2015-08-06 15:34 - 00000000 ____D C:\FRST
2015-08-04 09:38 - 2015-08-04 09:38 - 00000472 _____ C:\Users\***\Desktop\defogger_disable.log
2015-08-04 09:38 - 2015-08-04 09:38 - 00000000 _____ C:\Users\***\defogger_reenable
2015-08-01 09:19 - 2015-08-06 15:23 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-01 09:19 - 2015-08-04 11:16 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-08-01 09:19 - 2015-08-01 09:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-08-01 09:19 - 2015-08-01 09:19 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-01 09:19 - 2015-08-01 09:19 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-08-01 09:19 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-08-01 09:19 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-08-01 09:18 - 2015-08-06 15:33 - 00000000 ____D C:\Users\***\Desktop\Check
2015-07-31 09:39 - 2015-07-31 09:40 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-28 17:09 - 2015-07-28 17:11 - 00000000 ___RD C:\Users\***\Documents\Kirchengemeinde-Burbach
2015-07-28 16:40 - 2015-07-28 16:40 - 00000000 ____D C:\Users\***\Kreiskirchenamt-Jugendreferat
2015-07-28 12:10 - 2015-07-25 20:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-28 12:10 - 2015-07-25 20:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-28 12:10 - 2015-07-25 20:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-28 12:10 - 2015-07-25 20:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-28 12:10 - 2015-07-25 20:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-28 12:10 - 2015-07-25 20:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-28 12:10 - 2015-07-25 20:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-28 12:10 - 2015-07-25 19:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-25 12:36 - 2015-07-25 12:36 - 00009369 _____ C:\Users\***\Desktop\Predigt    Lichtblick   1 - Verknüpfung.lnk
2015-07-25 12:12 - 2015-07-25 12:12 - 00004918 _____ C:\Users\***\Desktop\Männerchor Burbach Jubiläum August 2015 - Verknüpfung.lnk
2015-07-22 12:20 - 2015-07-22 12:20 - 00004846 _____ C:\Users\***\Desktop\Matthäus 13 - Verknüpfung.lnk
2015-07-21 11:22 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 11:22 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 11:22 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 11:22 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 11:22 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 11:22 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 11:22 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 11:22 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 11:22 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 11:22 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-19 23:41 - 2015-07-19 23:41 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-07-19 23:41 - 2015-07-19 23:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-19 23:40 - 2015-07-19 23:41 - 00000000 ____D C:\Program Files\iTunes
2015-07-19 23:40 - 2015-07-19 23:40 - 00000000 ____D C:\Program Files\iPod
2015-07-19 23:40 - 2015-07-19 23:40 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-07-17 13:00 - 2015-06-11 19:57 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-07-17 13:00 - 2015-06-11 19:57 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-07-17 13:00 - 2015-06-11 19:57 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-07-17 13:00 - 2015-06-11 19:56 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-07-17 13:00 - 2015-06-11 19:56 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-07-17 13:00 - 2015-06-11 19:56 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-07-17 13:00 - 2015-06-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-07-17 13:00 - 2014-12-11 19:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-07-16 17:20 - 2015-07-16 17:20 - 00000000 ____D C:\Windows\SysWOW64\NV
2015-07-16 17:20 - 2015-07-16 17:20 - 00000000 ____D C:\Windows\system32\NV
2015-07-16 17:10 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-07-16 17:09 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-07-16 17:09 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-07-16 17:09 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-07-16 17:09 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2015-07-16 17:09 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2015-07-16 17:09 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2015-07-16 17:09 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2015-07-16 17:09 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-07-16 17:09 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-07-16 16:59 - 2015-03-14 05:21 - 01632768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-07-16 16:59 - 2015-03-14 05:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-07-16 16:59 - 2015-03-14 05:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-07-16 16:59 - 2015-03-14 05:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-07-16 16:58 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-15 13:13 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 13:13 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 13:13 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 13:13 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 13:13 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 13:13 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 13:13 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 13:13 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 13:13 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 13:13 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 13:13 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 13:13 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 13:13 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 13:13 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 13:13 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 13:13 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 13:13 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 13:13 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 13:13 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 13:13 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 13:13 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 13:13 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 13:13 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 13:13 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 13:13 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 13:13 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 13:13 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 13:13 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 13:13 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 13:13 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 13:13 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 13:13 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 13:13 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 13:13 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 13:13 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 13:13 - 2015-06-09 20:03 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-15 13:13 - 2015-06-09 20:03 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 13:13 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 13:13 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 13:10 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 13:10 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 13:10 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 13:10 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 13:10 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 13:10 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 13:10 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 13:10 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 13:10 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 13:10 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 13:10 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 13:10 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 13:10 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 13:10 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 13:10 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 13:10 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 13:10 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 13:10 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 13:10 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 13:10 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 13:10 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 13:10 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 13:10 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 13:10 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 13:10 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 13:10 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 13:10 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 13:10 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 13:10 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 13:10 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 13:10 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 13:10 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 13:10 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 13:10 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 13:10 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 13:10 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 13:10 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 13:10 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 13:10 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 13:10 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 13:10 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 13:10 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 13:10 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 13:10 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 13:07 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 13:07 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 13:07 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 13:07 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 13:06 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 13:06 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 13:06 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 13:06 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 13:06 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 13:06 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 13:06 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 13:06 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 13:06 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 13:06 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 13:06 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 13:06 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 13:06 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 13:06 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 13:06 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 13:06 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 13:06 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 13:06 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 13:06 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 13:06 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 13:06 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 13:06 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 13:06 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 13:06 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 13:06 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 13:06 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 13:06 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 13:06 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 13:06 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 13:06 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 13:06 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 13:06 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 13:06 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 13:06 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 13:06 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 13:06 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 13:06 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 13:06 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 13:06 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 13:06 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 13:06 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 13:06 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 13:06 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 13:06 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 13:06 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 13:06 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 13:06 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 13:06 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 13:06 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 13:06 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-15 13:06 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 13:06 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 13:06 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 13:06 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-15 13:06 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-15 13:06 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-14 19:44 - 2015-07-14 19:44 - 00299088 _____ C:\Windows\Minidump\071415-23602-01.dmp

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-06 15:30 - 2013-02-08 02:14 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-06 15:30 - 2009-07-14 06:45 - 00027568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-06 15:30 - 2009-07-14 06:45 - 00027568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-06 15:24 - 2013-06-13 12:45 - 00000000 ___RD C:\Users\***\Dropbox
2015-08-06 15:24 - 2013-06-13 12:35 - 00000000 ____D C:\Users\***\AppData\Roaming\Dropbox
2015-08-06 15:23 - 2015-01-07 13:55 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-08-06 15:22 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-06 15:22 - 2009-07-14 06:51 - 00146807 _____ C:\Windows\setupact.log
2015-08-06 15:21 - 2013-01-18 14:56 - 01891727 _____ C:\Windows\WindowsUpdate.log
2015-08-06 15:15 - 2015-06-12 23:04 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1417037402-2155524456-1377376909-1002UA.job
2015-08-06 15:15 - 2013-02-08 02:14 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-06 14:36 - 2013-02-07 14:13 - 00005597 _____ C:\Windows\avmacc.log
2015-08-06 14:36 - 2013-02-07 14:12 - 00000000 ____D C:\Users\***\AppData\Local\Deployment
2015-08-06 14:33 - 2013-02-07 14:12 - 00000000 ____D C:\Users\***\AppData\Local\Apps\2.0
2015-08-05 16:33 - 2011-02-23 14:59 - 00701560 _____ C:\Windows\system32\perfh007.dat
2015-08-05 16:33 - 2011-02-23 14:59 - 00150428 _____ C:\Windows\system32\perfc007.dat
2015-08-05 16:33 - 2009-07-14 07:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-05 16:32 - 2013-02-08 02:15 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-05 15:46 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-08-05 15:28 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-08-05 15:24 - 2010-11-21 05:47 - 00173756 _____ C:\Windows\PFRO.log
2015-08-05 15:24 - 2009-07-14 04:34 - 79167488 _____ C:\Windows\system32\config\SOFTWARE.bak
2015-08-05 15:24 - 2009-07-14 04:34 - 20709376 _____ C:\Windows\system32\config\SYSTEM.bak
2015-08-05 15:24 - 2009-07-14 04:34 - 00524288 _____ C:\Windows\system32\config\DEFAULT.bak
2015-08-05 15:24 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2015-08-05 15:24 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2015-08-04 12:31 - 2013-01-15 12:21 - 00000000 ____D C:\Windows\Panther
2015-08-04 09:38 - 2013-01-30 16:03 - 00000000 ____D C:\Users\***
2015-08-01 20:35 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\security
2015-07-30 13:03 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-28 23:37 - 2014-05-06 22:43 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-28 23:15 - 2015-06-12 23:04 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1417037402-2155524456-1377376909-1002Core.job
2015-07-28 17:10 - 2013-02-07 15:17 - 00000000 ____D C:\Users\***\Documents\Ordner ***
2015-07-25 11:57 - 2015-04-06 23:52 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-22 06:52 - 2009-07-14 06:45 - 00471616 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-20 13:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-19 23:40 - 2013-02-07 15:30 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-07-19 23:10 - 2015-06-12 23:04 - 00004194 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1417037402-2155524456-1377376909-1002UA
2015-07-19 23:10 - 2015-06-12 23:04 - 00003798 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1417037402-2155524456-1377376909-1002Core
2015-07-17 16:36 - 2013-01-15 12:49 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-17 16:33 - 2014-12-26 00:48 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-16 17:20 - 2013-01-15 12:43 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-16 17:19 - 2009-07-14 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-16 17:18 - 2015-04-06 23:52 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-16 17:17 - 2013-01-15 12:38 - 01598636 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-07-16 17:12 - 2013-01-15 12:42 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-07-16 13:32 - 2014-12-11 01:16 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-16 13:32 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-16 11:18 - 2013-02-07 14:02 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-16 11:11 - 2013-08-15 22:38 - 00000000 ____D C:\Windows\system32\MRT
2015-07-16 11:10 - 2013-02-08 02:14 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 11:10 - 2013-02-08 02:14 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-16 11:10 - 2013-02-08 02:14 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-14 19:44 - 2015-05-07 18:02 - 545949322 _____ C:\Windows\MEMORY.DMP
2015-07-14 19:44 - 2015-05-07 18:02 - 00000000 ____D C:\Windows\Minidump
2015-07-14 19:30 - 2013-02-08 02:14 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-14 19:30 - 2013-02-08 02:14 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-14 19:30 - 2013-02-08 02:14 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-05-29 13:38 - 2015-05-29 13:38 - 0007601 _____ () C:\Users\***\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
C:\Users\***\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzmfufo.dll
C:\Users\***\AppData\Local\Temp\Quarantine.exe
C:\Users\***\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-04 12:17

==================== Ende von log ============================
         
Gruß,

Netzstrolch

Alt 07.08.2015, 09:42   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Win7 PC: Verdacht auf Viren - Standard

Win7 PC: Verdacht auf Viren




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 11.08.2015, 07:48   #9
netzstrolch
 
Win7 PC: Verdacht auf Viren - Standard

Win7 PC: Verdacht auf Viren



Hallo Schrauber,

der Eset-Online-Scanner lief, hatte einen Fund (ein Browser-Plugin), aber den Log finde ich nicht. Den Ordner Eset gibt es bei mir an den beschriebenen Stellen leider nicht.

Code:
ATTFilter
 Results of screen317's Security Check version 1.006  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Kaspersky Anti-Virus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java 8 Update 51  
 Adobe Reader XI  
 Google Chrome (44.0.2403.125) 
 Google Chrome (44.0.2403.130) 
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Kaspersky Lab Kaspersky Anti-Virus 15.0.1 avp.exe  
 Kaspersky Lab Kaspersky Anti-Virus 15.0.1 avpui.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:09-08-2015
durchgeführt von *** (Administrator) auf ***-LAPTOP (11-08-2015 08:28:56)
Gestartet von C:\Users\***\Desktop\Check
Geladene Profile: UpdatusUser & *** (Verfügbare Profile: UpdatusUser & ***)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(DATA BECKER GmbH & Co KG) C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
(Dritek System Inc.) C:\Program Files (x86)\Hotkey OSD Driver\hkosdsvis.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Dritek System Inc.) C:\Program Files (x86)\Hotkey OSD Driver\NButilps.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Sentelic Corporation) C:\Program Files\FSP\FspUip.exe
(VIA Technologies, Inc.) C:\VIA_XHCI\usb3Monitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(AVM Berlin) C:\Users\***\AppData\Local\Apps\2.0\P94XA3JY.XH8\W1M0X5PE.MZ9\frit..tion_1acae14e4778b8d2_0002.0003_5f032dee73df1479\fritzbox-usb-fernanschluss.exe
(Dritek System Inc.) C:\Program Files (x86)\Hotkey OSD Driver\HotKeyOSD.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_18_0_0_209_ActiveX.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avpui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Dropbox, Inc.) C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11780712 2011-03-18] (Realtek Semiconductor)
HKLM\...\Run: [fspuip] => C:\Program Files\FSP\fspuip.exe [4058112 2010-12-27] (Sentelic Corporation)
HKLM\...\Run: [VIAxHCUtl] => C:\VIA_XHCI\usb3Monitor.exe [331776 2011-07-12] (VIA Technologies, Inc.)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184112 2012-06-01] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [HotKeyOSD] => C:\Program Files (x86)\Hotkey OSD Driver\HotKeyOSD.exe [345680 2011-02-17] (Dritek System Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1417037402-2155524456-1377376909-1002\...\Run: [AVMUSBFernanschluss] => C:\Users\***\AppData\Local\Apps\2.0\P94XA3JY.XH8\W1M0X5PE.MZ9\frit..tion_1acae14e4778b8d2_0002.0003_5f032dee73df1479\AVMAutoStart.exe [139264 2015-08-06] (AVM Berlin)
HKU\S-1-5-21-1417037402-2155524456-1377376909-1002\...\Run: [Dropbox Update] => C:\Users\***\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-12] (Dropbox, Inc.)
Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-06-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2013-02-07]
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\***\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-06] (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1417037402-2155524456-1377376909-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1417037402-2155524456-1377376909-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1417037402-2155524456-1377376909-1002 -> {44356F6D-F790-4CED-97B7-C8BA0C48D600} URL = https://www.google.com/search?q={searchTerms}
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\x64\IEExt\ie_plugin.dll [2015-01-07] (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll Keine Datei
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-21] (Google Inc.)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\x64\IEExt\ie_plugin.dll [2015-01-07] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\x64\IEExt\ie_plugin.dll [2015-01-07] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\IEExt\ie_plugin.dll [2015-01-07] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-08-10] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\OnlineBanking\online_banking_bho.dll Keine Datei
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-21] (Google Inc.)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\IEExt\ie_plugin.dll [2015-01-07] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-10] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\IEExt\ie_plugin.dll [2015-01-07] (Kaspersky Lab ZAO)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-21] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-21] (Google Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.10.1
Tcpip\..\Interfaces\{5D6192CE-5612-4B22-8671-CB3A73ACCA57}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{C9A84B3C-17D2-4EEB-8312-9B1B358B0227}: [DhcpNameServer] 192.168.10.1

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-10] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\content_blocker@kaspersky.com [2015-01-07] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-01-07] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @protectdisc.com/NPPDLicenseHelper -> C:\Program Files (x86)\ProtectDisc\License Helper\NPPDLicenseHelper.dll [2008-02-22] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\content_blocker@kaspersky.com [2015-01-07]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-01-07]

Chrome: 
=======
CHR Profile: C:\Users\***\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Kaspersky Protection) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-05-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-25]
CHR Extension: (Google Wallet) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-13]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
R2 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [187456 2009-01-08] (DATA BECKER GmbH & Co KG) [Datei ist nicht signiert]
R2 hkosdservice; C:\Program Files (x86)\Hotkey OSD Driver\hkosdsvis.exe [240208 2011-02-17] (Dritek System Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2013-02-07] (AVM Berlin)
S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [111104 2012-05-21] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [849408 2012-06-09] (Motorola Solutions, Inc.)
S3 btmlehid; C:\Windows\system32\drivers\btmlehid.sys [66560 2012-06-21] (Motorola Solutions, Inc.)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
R3 fspad_win764; C:\Windows\system32\drivers\fspad_win764.sys [32256 2010-12-28] (Sentelic Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [150536 2015-01-07] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [246456 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [819896 2015-03-10] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55872 2014-06-05] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77512 2015-01-07] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-11] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 MHIKEY10; C:\Windows\System32\Drivers\MHIKEY10x64.sys [60288 2010-09-15] (Generic USB smartcard reader)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [Datei ist nicht signiert]
R3 VUSB3HUB; C:\Windows\system32\drivers\ViaHub3.sys [177152 2011-05-28] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\system32\drivers\xhcdrv.sys [226816 2011-05-28] (VIA Technologies, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-11 08:17 - 2015-08-11 08:17 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-10 18:26 - 2015-08-10 18:27 - 02870984 _____ (ESET) C:\Users\***\Downloads\esetsmartinstaller_deu.exe
2015-08-06 15:33 - 2015-08-06 15:33 - 00001450 _____ C:\Users\***\Desktop\JRT.txt
2015-08-06 15:16 - 2015-08-06 15:21 - 00000000 ____D C:\AdwCleaner
2015-08-05 16:05 - 2015-08-06 14:33 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\2D3555B9.sys
2015-08-05 15:45 - 2015-08-05 15:45 - 00038377 _____ C:\ComboFix.txt
2015-08-05 14:50 - 2015-08-05 15:46 - 00000000 ____D C:\Qoobox
2015-08-05 14:50 - 2015-08-05 15:39 - 00000000 ____D C:\Windows\erdnt
2015-08-05 14:50 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-08-05 14:50 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-08-05 14:50 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-08-05 14:50 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-08-05 14:50 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-08-05 14:50 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-08-05 14:50 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-08-05 14:50 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-08-04 12:31 - 2015-08-04 12:31 - 00000000 ____D C:\$Windows.~BT
2015-08-04 11:17 - 2015-08-04 11:53 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-08-04 11:15 - 2015-08-04 11:53 - 00000000 ____D C:\Users\***\Desktop\mbar
2015-08-04 09:40 - 2015-08-11 08:29 - 00000000 ____D C:\FRST
2015-08-04 09:38 - 2015-08-04 09:38 - 00000472 _____ C:\Users\***\Desktop\defogger_disable.log
2015-08-04 09:38 - 2015-08-04 09:38 - 00000000 _____ C:\Users\***\defogger_reenable
2015-08-01 09:19 - 2015-08-11 08:13 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-01 09:19 - 2015-08-04 11:16 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-08-01 09:19 - 2015-08-01 09:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-08-01 09:19 - 2015-08-01 09:19 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-01 09:19 - 2015-08-01 09:19 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-08-01 09:19 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-08-01 09:19 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-08-01 09:18 - 2015-08-11 08:28 - 00000000 ____D C:\Users\***\Desktop\Check
2015-07-28 17:09 - 2015-07-28 17:11 - 00000000 ___RD C:\Users\***\Documents\Kirchengemeinde-Burbach
2015-07-28 16:40 - 2015-07-28 16:40 - 00000000 ____D C:\Users\***\Kreiskirchenamt-Jugendreferat
2015-07-28 12:10 - 2015-07-25 20:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-28 12:10 - 2015-07-25 20:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-28 12:10 - 2015-07-25 20:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-28 12:10 - 2015-07-25 20:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-28 12:10 - 2015-07-25 20:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-28 12:10 - 2015-07-25 20:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-28 12:10 - 2015-07-25 20:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-28 12:10 - 2015-07-25 19:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-25 12:36 - 2015-07-25 12:36 - 00009369 _____ C:\Users\***\Desktop\Predigt    Lichtblick   1 - Verknüpfung.lnk
2015-07-25 12:12 - 2015-07-25 12:12 - 00004918 _____ C:\Users\***\Desktop\Männerchor Burbach Jubiläum August 2015 - Verknüpfung.lnk
2015-07-22 12:20 - 2015-07-22 12:20 - 00004846 _____ C:\Users\***\Desktop\Matthäus 13 - Verknüpfung.lnk
2015-07-21 11:22 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 11:22 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 11:22 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 11:22 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 11:22 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 11:22 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 11:22 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 11:22 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 11:22 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 11:22 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-19 23:41 - 2015-07-19 23:41 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-07-19 23:41 - 2015-07-19 23:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-19 23:40 - 2015-07-19 23:41 - 00000000 ____D C:\Program Files\iTunes
2015-07-19 23:40 - 2015-07-19 23:40 - 00000000 ____D C:\Program Files\iPod
2015-07-19 23:40 - 2015-07-19 23:40 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-07-17 13:00 - 2015-06-11 19:57 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-07-17 13:00 - 2015-06-11 19:57 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-07-17 13:00 - 2015-06-11 19:57 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-07-17 13:00 - 2015-06-11 19:56 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-07-17 13:00 - 2015-06-11 19:56 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-07-17 13:00 - 2015-06-11 19:56 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-07-17 13:00 - 2015-06-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-07-17 13:00 - 2014-12-11 19:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-07-16 17:20 - 2015-07-16 17:20 - 00000000 ____D C:\Windows\SysWOW64\NV
2015-07-16 17:20 - 2015-07-16 17:20 - 00000000 ____D C:\Windows\system32\NV
2015-07-16 17:10 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-07-16 17:09 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-07-16 17:09 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-07-16 17:09 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-07-16 17:09 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2015-07-16 17:09 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2015-07-16 17:09 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2015-07-16 17:09 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2015-07-16 17:09 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-07-16 17:09 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-07-16 16:59 - 2015-03-14 05:21 - 01632768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-07-16 16:59 - 2015-03-14 05:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-07-16 16:59 - 2015-03-14 05:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-07-16 16:59 - 2015-03-14 05:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-07-16 16:58 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-15 13:13 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 13:13 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 13:13 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 13:13 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 13:13 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 13:13 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 13:13 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 13:13 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 13:13 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 13:13 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 13:13 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 13:13 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 13:13 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 13:13 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 13:13 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 13:13 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 13:13 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 13:13 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 13:13 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 13:13 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 13:13 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 13:13 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 13:13 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 13:13 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 13:13 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 13:13 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 13:13 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 13:13 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 13:13 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 13:13 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 13:13 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 13:13 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 13:13 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 13:13 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 13:13 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 13:13 - 2015-06-09 20:03 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-15 13:13 - 2015-06-09 20:03 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 13:13 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 13:13 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 13:10 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 13:10 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 13:10 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 13:10 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 13:10 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 13:10 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 13:10 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 13:10 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 13:10 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 13:10 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 13:10 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 13:10 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 13:10 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 13:10 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 13:10 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 13:10 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 13:10 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 13:10 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 13:10 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 13:10 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 13:10 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 13:10 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 13:10 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 13:10 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 13:10 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 13:10 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 13:10 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 13:10 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 13:10 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 13:10 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 13:10 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 13:10 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 13:10 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 13:10 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 13:10 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 13:10 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 13:10 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 13:10 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 13:10 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 13:10 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 13:10 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 13:10 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 13:10 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 13:10 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 13:07 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 13:07 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 13:07 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 13:07 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 13:06 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 13:06 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 13:06 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 13:06 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 13:06 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 13:06 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 13:06 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 13:06 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 13:06 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 13:06 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 13:06 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 13:06 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 13:06 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 13:06 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 13:06 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 13:06 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 13:06 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 13:06 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 13:06 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 13:06 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 13:06 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 13:06 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 13:06 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 13:06 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 13:06 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 13:06 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 13:06 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 13:06 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 13:06 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 13:06 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 13:06 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 13:06 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 13:06 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 13:06 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 13:06 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 13:06 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 13:06 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 13:06 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 13:06 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 13:06 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 13:06 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 13:06 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 13:06 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 13:06 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 13:06 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 13:06 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 13:06 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 13:06 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 13:06 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 13:06 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-15 13:06 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 13:06 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 13:06 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 13:06 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-15 13:06 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-15 13:06 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-14 19:44 - 2015-07-14 19:44 - 00299088 _____ C:\Windows\Minidump\071415-23602-01.dmp

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-11 08:17 - 2015-06-12 23:04 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1417037402-2155524456-1377376909-1002UA.job
2015-08-11 08:17 - 2013-06-13 12:45 - 00000000 ___RD C:\Users\***\Dropbox
2015-08-11 08:17 - 2013-06-13 12:35 - 00000000 ____D C:\Users\***\AppData\Roaming\Dropbox
2015-08-11 08:15 - 2013-02-08 02:14 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-11 08:12 - 2009-07-14 06:45 - 00027568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-11 08:12 - 2009-07-14 06:45 - 00027568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-11 08:08 - 2013-01-18 14:56 - 01939633 _____ C:\Windows\WindowsUpdate.log
2015-08-11 08:05 - 2015-01-07 13:55 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-08-11 08:02 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-11 08:02 - 2009-07-14 06:51 - 00146919 _____ C:\Windows\setupact.log
2015-08-10 20:30 - 2013-02-08 02:14 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-10 19:23 - 2011-02-23 14:59 - 00701560 _____ C:\Windows\system32\perfh007.dat
2015-08-10 19:23 - 2011-02-23 14:59 - 00150428 _____ C:\Windows\system32\perfc007.dat
2015-08-10 19:23 - 2009-07-14 07:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-10 18:19 - 2014-10-21 09:54 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-10 18:16 - 2014-10-21 09:54 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-08-10 18:09 - 2013-02-07 14:13 - 00006410 _____ C:\Windows\avmacc.log
2015-08-06 14:36 - 2013-02-07 14:12 - 00000000 ____D C:\Users\***\AppData\Local\Deployment
2015-08-06 14:33 - 2013-02-07 14:12 - 00000000 ____D C:\Users\***\AppData\Local\Apps\2.0
2015-08-05 16:32 - 2013-02-08 02:15 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-05 15:46 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-08-05 15:28 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-08-05 15:24 - 2010-11-21 05:47 - 00173756 _____ C:\Windows\PFRO.log
2015-08-05 15:24 - 2009-07-14 04:34 - 79167488 _____ C:\Windows\system32\config\SOFTWARE.bak
2015-08-05 15:24 - 2009-07-14 04:34 - 20709376 _____ C:\Windows\system32\config\SYSTEM.bak
2015-08-05 15:24 - 2009-07-14 04:34 - 00524288 _____ C:\Windows\system32\config\DEFAULT.bak
2015-08-05 15:24 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2015-08-05 15:24 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2015-08-04 12:31 - 2013-01-15 12:21 - 00000000 ____D C:\Windows\Panther
2015-08-04 09:38 - 2013-01-30 16:03 - 00000000 ____D C:\Users\***
2015-08-01 20:35 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\security
2015-07-30 13:03 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-28 23:37 - 2014-05-06 22:43 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-28 23:15 - 2015-06-12 23:04 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1417037402-2155524456-1377376909-1002Core.job
2015-07-28 17:10 - 2013-02-07 15:17 - 00000000 ____D C:\Users\***\Documents\Ordner ***
2015-07-25 11:57 - 2015-04-06 23:52 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-22 06:52 - 2009-07-14 06:45 - 00471616 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-20 13:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-19 23:40 - 2013-02-07 15:30 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-07-19 23:10 - 2015-06-12 23:04 - 00004194 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1417037402-2155524456-1377376909-1002UA
2015-07-19 23:10 - 2015-06-12 23:04 - 00003798 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1417037402-2155524456-1377376909-1002Core
2015-07-17 16:36 - 2013-01-15 12:49 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-17 16:33 - 2014-12-26 00:48 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-16 17:20 - 2013-01-15 12:43 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-16 17:19 - 2009-07-14 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-16 17:18 - 2015-04-06 23:52 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-16 17:17 - 2013-01-15 12:38 - 01598636 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-07-16 17:12 - 2013-01-15 12:42 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-07-16 13:32 - 2014-12-11 01:16 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-16 13:32 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-16 11:18 - 2013-02-07 14:02 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-16 11:11 - 2013-08-15 22:38 - 00000000 ____D C:\Windows\system32\MRT
2015-07-16 11:10 - 2013-02-08 02:14 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 11:10 - 2013-02-08 02:14 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-16 11:10 - 2013-02-08 02:14 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-14 19:44 - 2015-05-07 18:02 - 545949322 _____ C:\Windows\MEMORY.DMP
2015-07-14 19:44 - 2015-05-07 18:02 - 00000000 ____D C:\Windows\Minidump
2015-07-14 19:30 - 2013-02-08 02:14 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-14 19:30 - 2013-02-08 02:14 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-14 19:30 - 2013-02-08 02:14 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-05-29 13:38 - 2015-05-29 13:38 - 0007601 _____ () C:\Users\***\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
C:\Users\***\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbeorg9.dll
C:\Users\***\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\***\AppData\Local\Temp\Quarantine.exe
C:\Users\***\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-04 12:17

==================== Ende von log ============================
         
Ich habe nun, insbesondere nach dem Eset-Check, ein besseres Gefühl. Bis dahin wurde ich noch regelmäßig auf andere Seiten geleitet und manchmal dauerte es ewig, bis ein Download abgeschlossen war. Aber nun ist das System wieder flinker.

Netzstrolch

Alt 11.08.2015, 16:42   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Win7 PC: Verdacht auf Viren - Standard

Win7 PC: Verdacht auf Viren



Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren .
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:

Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie .
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Win7 PC: Verdacht auf Viren
antivirus, bonjour, browser, canon, defender, desktop, dnsapi.dll, ebanking, excel, flash player, google, homepage, karte, kaspersky, mozilla, onedrive, prozesse, realtek, registry, rundll, scan, services.exe, software, svchost.exe, system, usb, verdacht auf viren, viren, warnung, windows



Ähnliche Themen: Win7 PC: Verdacht auf Viren


  1. Rootkit verdacht unter win7 64bit ultimate
    Log-Analyse und Auswertung - 30.11.2015 (35)
  2. Verdacht auf Viren
    Plagegeister aller Art und deren Bekämpfung - 30.10.2015 (23)
  3. Win7: Verdacht auf Hijacking, dubiose Nutzereinträge
    Log-Analyse und Auswertung - 12.05.2015 (24)
  4. Verdacht auf Viren/Trojaner
    Plagegeister aller Art und deren Bekämpfung - 27.09.2014 (7)
  5. Win7: Online-Banking, Verdacht auf Tatanga Trojaner
    Plagegeister aller Art und deren Bekämpfung - 24.05.2014 (21)
  6. Verdacht auf Befall mit Schadsoftware Win7
    Log-Analyse und Auswertung - 04.02.2014 (13)
  7. Verdacht auf Malware (Win7, nicht dringend)
    Plagegeister aller Art und deren Bekämpfung - 14.12.2013 (9)
  8. Verdacht auf Viren
    Plagegeister aller Art und deren Bekämpfung - 19.08.2012 (19)
  9. Verdacht auf Viren
    Log-Analyse und Auswertung - 20.05.2011 (16)
  10. Verdacht auf Viren
    Log-Analyse und Auswertung - 11.04.2010 (9)
  11. Verdacht auf Viren
    Log-Analyse und Auswertung - 06.01.2010 (1)
  12. Verdacht auf Viren
    Log-Analyse und Auswertung - 11.12.2009 (4)
  13. Verdacht auf Viren
    Plagegeister aller Art und deren Bekämpfung - 28.09.2009 (10)
  14. Verdacht auf Viren
    Log-Analyse und Auswertung - 04.10.2008 (10)
  15. Verdacht auf weitere Viren
    Log-Analyse und Auswertung - 03.09.2008 (7)
  16. Verdacht auf Viren/Trojaner
    Plagegeister aller Art und deren Bekämpfung - 31.10.2007 (6)
  17. Verdacht auf Viren
    Plagegeister aller Art und deren Bekämpfung - 14.08.2005 (1)

Zum Thema Win7 PC: Verdacht auf Viren - Hallo zusammen, mein PC macht in letzter Zeit komische Sachen: - im Browser erscheinen fast permanent Werbeeinblendungen - oft dreht sich der CPU-Lüfter extrem hoch, der PC wird sehr warm - Win7 PC: Verdacht auf Viren...
Archiv
Du betrachtest: Win7 PC: Verdacht auf Viren auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.