| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows 7 bootet nicht mehr, nur Sperrbildschirm! FRST-Scan ist erfolgt.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
13.08.2015, 12:30
| #1 |
 |  Windows 7 bootet nicht mehr, nur Sperrbildschirm! FRST-Scan ist erfolgt. Hallo! Gestern ließ sich mein Laptop nicht mehr ordnungsgemäß starten.Nach einigerZeit erschien ein schwarzer Sperrbildschirm und es gab keine weitere Reaktion. Ein Windows-Start im gesicherten Modus war nicht möglich, eine Systemherstellung zu einem früherern Zeitpunkt leider auch nicht. Ich habe nun ein Scan mit FRST64 durchgeführt. Dies ist das Logfile. Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:12-08-2015
Ran by SYSTEM on MININT-3PNA93P (13-08-2015 12:39:59)
Running from H:\
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Englisch (USA)
Internet Explorer Version 11
Boot Mode: Recovery
Default: ControlSet002
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-12-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [589176 2011-12-20] (Alps Electric Co., Ltd.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [LoadFUJ02E3] => C:\Program Files\Fujitsu\FUJ02E3\fuj02e3.exe [76104 2011-11-23] (FUJITSU LIMITED)
HKLM\...\Run: [PSUTility] => C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [205168 2011-10-03] (FUJITSU LIMITED)
HKLM\...\Run: [LoadFujitsuQuickTouch] => C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [158024 2011-09-30] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [23368 2011-09-30] (FUJITSU LIMITED)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-29] (Microsoft Corporation)
HKLM\...\Run: [VDownloader] => C:\Program Files\VDownloader\VDownloader4.exe [1753600 2015-02-26] (Vitzo)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-05] (Intel Corporation)
HKLM-x32\...\Run: [IndicatorUtility] => C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [48752 2010-09-29] (FUJITSU LIMITED)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DeskUpdateNotifier] => c:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe [100120 2011-11-10] (Fujitsu Technology Solutions)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [255208 2012-03-20] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-14] (Apple Inc.)
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe [1020536 2015-07-08] ()
HKLM\...\RunOnce: [*Restore] => C:\Windows\system32\rstrui.exe [296960 2015-07-15] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\Susanne Ludewig\...\Run: [Amazon Music] => C:\Users\Susanne Ludewig\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-11-18] ()
HKU\Susanne Ludewig\...\Run: [VDownloader] => C:\Program Files\VDownloader\VDownloader4.exe [1753600 2015-02-26] (Vitzo)
HKU\Susanne Ludewig\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_Plugin.exe -update plugin
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [260928 2012-02-03] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [215360 2012-02-03] (NVIDIA Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk [2013-01-04]
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\lcStarter.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk [2013-01-04]
ShortcutTarget: newreminderdialog.lnk -> C:\Program Files\Fujitsu\FujitsuRecovery\NewReminderDialog.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk [2013-01-04]
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\lcStarter.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk [2013-01-04]
ShortcutTarget: newreminderdialog.lnk -> C:\Program Files\Fujitsu\FujitsuRecovery\NewReminderDialog.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Susanne Ludewig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2013-01-04]
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [225280 2011-08-05] (DTS, Inc)
S2 FUJ02E3Service; C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [76104 2011-11-23] (FUJITSU LIMITED)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-15] (Intel Corporation)
S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-29] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-29] (Microsoft Corporation)
S2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2213376 2011-12-22] (FUJITSU LIMITED)
S2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63856 2011-10-03] (FUJITSU LIMITED)
S2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [839792 2015-07-08] (QIHU 360 SOFTWARE CO. LIMITED)
S2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-12] (DEVGURU Co., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [100424 2015-07-08] (360.cn)
S3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [77896 2015-07-08] (360.cn)
S1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [305736 2015-07-08] (360.cn)
S1 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2015-07-08] (360.cn)
S1 360fsflt; C:\Windows\System32\DRIVERS\360FsFlt.sys [314448 2015-07-08] (Qihu 360 Software Co., Ltd.)
S1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [180816 2015-07-08] (Qihu 360 Software Co., Ltd.)
S0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [21104 2009-06-23] (FUJITSU LIMITED)
S3 FUJ02B1; C:\Windows\system32\drivers\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)
S3 FUJ02E3; C:\Windows\system32\drivers\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
S2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S2 npf; C:\Windows\System32\drivers\npf.sys [47632 2010-01-26] (CACE Technologies, Inc.)
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1812608 2011-12-27] ()
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-10-15] (Anchorfree Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-13 12:39 - 2015-08-13 12:39 - 00000000 ____D C:\FRST
2015-08-12 07:03 - 2015-08-12 07:03 - 00006512 ____N C:\bootsqm.dat
2015-08-12 06:29 - 2015-07-30 05:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 06:29 - 2015-07-30 05:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 04:43 - 2015-08-12 04:43 - 09284296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-08-12 04:28 - 2015-07-28 12:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
2015-08-12 04:28 - 2015-07-28 12:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\System32\appraiser.dll
2015-08-12 04:28 - 2015-07-28 12:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\System32\invagent.dll
2015-08-12 04:28 - 2015-07-28 12:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\System32\generaltel.dll
2015-08-12 04:28 - 2015-07-28 12:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\System32\devinv.dll
2015-08-12 04:28 - 2015-07-28 12:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2015-08-12 04:28 - 2015-07-28 12:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\System32\acmigration.dll
2015-08-12 04:28 - 2015-07-28 11:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2015-08-12 03:42 - 2015-07-15 10:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2015-08-12 03:42 - 2015-07-15 10:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2015-08-12 03:42 - 2015-07-15 10:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2015-08-12 03:42 - 2015-07-15 10:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mountmgr.sys
2015-08-12 03:42 - 2015-07-15 10:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2015-08-12 03:42 - 2015-07-15 10:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2015-08-12 03:42 - 2015-07-15 10:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll
2015-08-12 03:42 - 2015-07-15 10:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2015-08-12 03:42 - 2015-07-15 10:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\System32\wdigest.dll
2015-08-12 03:42 - 2015-07-15 10:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\System32\sysmain.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\System32\srcore.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\System32\msv1_0.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\rstrui.exe
2015-08-12 03:42 - 2015-07-15 10:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\System32\smss.exe
2015-08-12 03:42 - 2015-07-15 10:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\System32\TSpkg.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\System32\srclient.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\System32\cryptbase.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\System32\lsass.exe
2015-08-12 03:42 - 2015-07-15 10:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\System32\secur32.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\System32\credssp.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\System32\msmmsp.dll
2015-08-12 03:42 - 2015-07-15 10:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\System32\conhost.exe
2015-08-12 03:42 - 2015-07-15 10:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\System32\auditpol.exe
2015-08-12 03:42 - 2015-07-15 10:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\System32\msaudite.dll
2015-08-12 03:42 - 2015-07-15 10:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\msobjs.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\System32\adtschema.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\apisetschema.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-12 03:42 - 2015-07-15 09:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-12 03:42 - 2015-07-15 09:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 03:42 - 2015-07-15 09:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-12 03:42 - 2015-07-15 09:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-12 03:42 - 2015-07-15 09:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-12 03:42 - 2015-07-15 09:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-12 03:42 - 2015-07-15 09:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-12 03:42 - 2015-07-15 09:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-12 03:42 - 2015-07-15 09:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-12 03:42 - 2015-07-15 09:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-12 03:42 - 2015-07-15 09:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-12 03:42 - 2015-07-15 09:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-12 03:42 - 2015-07-15 09:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-12 03:42 - 2015-07-15 09:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-12 03:42 - 2015-07-15 09:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-12 03:42 - 2015-07-15 09:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-12 03:42 - 2015-07-15 09:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-12 03:42 - 2015-07-15 09:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-12 03:42 - 2015-07-15 09:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-12 03:42 - 2015-07-15 09:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-12 03:42 - 2015-07-15 09:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-12 03:42 - 2015-07-15 09:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 08:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2015-08-12 03:42 - 2015-07-15 08:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2015-08-12 03:42 - 2015-07-15 08:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2015-08-12 03:42 - 2015-07-15 08:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-12 03:42 - 2015-07-15 08:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-12 03:42 - 2015-07-15 08:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 08:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 08:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 08:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-12 03:42 - 2015-07-10 09:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2015-08-12 03:42 - 2015-07-10 09:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2015-08-12 03:42 - 2015-07-10 09:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2015-08-12 03:42 - 2015-07-10 09:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 03:42 - 2015-07-10 09:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-12 03:42 - 2015-07-10 09:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-12 03:41 - 2015-07-20 16:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2015-08-12 03:41 - 2015-07-20 16:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-12 03:41 - 2015-07-16 13:14 - 25192448 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2015-08-12 03:41 - 2015-07-16 12:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2015-08-12 03:41 - 2015-07-16 12:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2015-08-12 03:41 - 2015-07-16 12:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2015-08-12 03:41 - 2015-07-16 12:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2015-08-12 03:41 - 2015-07-16 12:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2015-08-12 03:41 - 2015-07-16 12:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2015-08-12 03:41 - 2015-07-16 12:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2015-08-12 03:41 - 2015-07-16 12:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2015-08-12 03:41 - 2015-07-16 12:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2015-08-12 03:41 - 2015-07-16 12:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2015-08-12 03:41 - 2015-07-16 12:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2015-08-12 03:41 - 2015-07-16 12:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2015-08-12 03:41 - 2015-07-16 12:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2015-08-12 03:41 - 2015-07-16 12:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2015-08-12 03:41 - 2015-07-16 12:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2015-08-12 03:41 - 2015-07-16 12:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2015-08-12 03:41 - 2015-07-16 12:20 - 19870208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-12 03:41 - 2015-07-16 12:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2015-08-12 03:41 - 2015-07-16 12:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2015-08-12 03:41 - 2015-07-16 12:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-12 03:41 - 2015-07-16 12:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-08-12 03:41 - 2015-07-16 11:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2015-08-12 03:41 - 2015-07-16 11:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2015-08-12 03:41 - 2015-07-16 11:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 03:41 - 2015-07-16 11:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2015-08-12 03:41 - 2015-07-16 11:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-12 03:41 - 2015-07-16 11:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 03:41 - 2015-07-16 11:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-12 03:41 - 2015-07-16 11:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-12 03:41 - 2015-07-16 11:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 03:41 - 2015-07-16 11:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 03:41 - 2015-07-16 11:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-12 03:41 - 2015-07-16 11:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 03:41 - 2015-07-16 11:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 03:41 - 2015-07-16 11:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 03:41 - 2015-07-16 11:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-12 03:41 - 2015-07-16 11:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2015-08-12 03:41 - 2015-07-16 11:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2015-08-12 03:41 - 2015-07-16 11:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2015-08-12 03:41 - 2015-07-16 11:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2015-08-12 03:41 - 2015-07-16 11:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2015-08-12 03:41 - 2015-07-16 11:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 03:41 - 2015-07-16 11:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-12 03:41 - 2015-07-16 11:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-12 03:41 - 2015-07-16 11:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 03:41 - 2015-07-16 11:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 03:41 - 2015-07-16 11:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 03:41 - 2015-07-16 11:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2015-08-12 03:41 - 2015-07-16 11:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 03:41 - 2015-07-16 11:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 03:41 - 2015-07-16 11:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 03:41 - 2015-07-16 11:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-12 03:41 - 2015-07-16 11:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2015-08-12 03:41 - 2015-07-16 10:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2015-08-12 03:41 - 2015-07-16 10:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 03:41 - 2015-07-16 10:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 03:41 - 2015-07-16 10:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 03:41 - 2015-07-14 19:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\System32\basesrv.dll
2015-08-12 03:39 - 2015-07-30 10:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2015-08-12 03:39 - 2015-07-30 10:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2015-08-12 03:39 - 2015-07-30 10:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2015-08-12 03:39 - 2015-07-30 10:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\System32\fontsub.dll
2015-08-12 03:39 - 2015-07-30 10:06 - 00046080 _____ (Adobe Systems) C:\Windows\System32\atmlib.dll
2015-08-12 03:39 - 2015-07-30 10:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\System32\lpk.dll
2015-08-12 03:39 - 2015-07-30 10:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\System32\dciman32.dll
2015-08-12 03:39 - 2015-07-30 09:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 03:39 - 2015-07-30 09:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 03:39 - 2015-07-30 09:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-12 03:39 - 2015-07-30 09:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 03:39 - 2015-07-30 09:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-12 03:39 - 2015-07-30 09:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-12 03:39 - 2015-07-30 08:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2015-08-12 03:39 - 2015-07-30 08:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2015-08-12 03:39 - 2015-07-30 08:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 03:39 - 2015-07-20 10:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2015-08-12 03:39 - 2015-07-20 10:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2015-08-12 03:39 - 2015-07-20 10:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2015-08-12 03:39 - 2015-07-20 10:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2015-08-12 03:39 - 2015-07-20 10:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2015-08-12 03:39 - 2015-07-20 10:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2015-08-12 03:39 - 2015-07-20 10:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\System32\WinSetupUI.dll
2015-08-12 03:39 - 2015-07-20 10:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\System32\wups2.dll
2015-08-12 03:39 - 2015-07-20 10:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2015-08-12 03:39 - 2015-07-20 10:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\System32\wups.dll
2015-08-12 03:39 - 2015-07-20 10:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\System32\wu.upgrade.ps.dll
2015-08-12 03:39 - 2015-07-20 09:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 03:39 - 2015-07-20 09:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 03:39 - 2015-07-20 09:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 03:39 - 2015-07-20 09:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 03:39 - 2015-07-20 09:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-12 03:39 - 2015-07-14 19:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2015-08-12 03:39 - 2015-07-14 19:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2015-08-12 03:39 - 2015-07-14 19:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\msxml6r.dll
2015-08-12 03:39 - 2015-07-14 19:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\msxml3r.dll
2015-08-12 03:39 - 2015-07-14 18:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 03:39 - 2015-07-14 18:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 03:39 - 2015-07-14 18:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-12 03:39 - 2015-07-14 18:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-12 03:39 - 2015-07-10 09:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2015-08-12 03:39 - 2015-07-10 09:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-12 03:39 - 2015-07-09 09:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\System32\notepad.exe
2015-08-12 03:39 - 2015-07-09 09:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 03:39 - 2015-07-09 09:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 03:39 - 2015-07-01 12:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\System32\WebClnt.dll
2015-08-12 03:39 - 2015-07-01 12:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\System32\davclnt.dll
2015-08-12 03:39 - 2015-07-01 12:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 03:39 - 2015-07-01 12:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 03:39 - 2015-05-09 10:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\System32\mcupdate_GenuineIntel.dll
2015-08-08 11:20 - 2015-08-07 15:44 - 05291341 ____N C:\Users\Susanne Ludewig\Desktop\9712343.gpx
2015-08-08 10:46 - 2015-08-12 21:05 - 00000000 ____D C:\Users\Susanne Ludewig\Desktop\Gefundene
2015-08-08 01:20 - 2015-08-09 00:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-04 00:03 - 2015-08-04 00:03 - 00285664 _____ C:\Windows\Minidump\080415-26192-01.dmp
2015-08-03 22:36 - 2015-08-03 22:38 - 00204760 _____ C:\Users\Susanne Ludewig\Downloads\googleearthinstall.log
2015-08-03 22:29 - 2015-08-03 22:30 - 36182856 _____ C:\Users\Susanne Ludewig\Downloads\GoogleEarthWin.exe
2015-07-26 06:44 - 2015-08-04 00:03 - 00000000 _RSHD C:\360SANDBOX
2015-07-25 00:02 - 2015-07-25 00:02 - 00000000 ____D C:\ProgramData\360TotalSecurity
2015-07-25 00:01 - 2015-07-25 00:07 - 00000000 ____D C:\ProgramData\360safe
2015-07-24 10:49 - 2015-07-08 19:45 - 00314448 _____ (Qihu 360 Software Co., Ltd.) C:\Windows\System32\Drivers\360fsflt.sys
2015-07-24 10:48 - 2015-07-24 10:48 - 00001159 _____ C:\Users\Public\Desktop\360 Total Security.lnk
2015-07-24 10:48 - 2015-07-24 10:48 - 00000000 ____D C:\Program Files (x86)\360
2015-07-24 10:48 - 2015-07-08 19:45 - 00305736 _____ (360.cn) C:\Windows\System32\Drivers\360Box64.sys
2015-07-24 10:48 - 2015-07-08 19:45 - 00180816 _____ (Qihu 360 Software Co., Ltd.) C:\Windows\System32\Drivers\BAPIDRV64.SYS
2015-07-24 10:48 - 2015-07-08 19:45 - 00100424 _____ (360.cn) C:\Windows\System32\Drivers\360AntiHacker64.sys
2015-07-24 10:48 - 2015-07-08 19:45 - 00077896 _____ (360.cn) C:\Windows\System32\Drivers\360AvFlt.sys
2015-07-24 10:48 - 2015-07-08 19:45 - 00040520 _____ (360.cn) C:\Windows\System32\Drivers\360Camera64.sys
2015-07-19 11:10 - 2015-07-19 11:10 - 00362373 _____ C:\Users\Susanne Ludewig\Downloads\exifr300_e.zip
2015-07-19 11:09 - 2015-07-19 11:09 - 01259808 _____ C:\Users\Susanne Ludewig\Downloads\Exif Reader - CHIP-Installer.exe
2015-07-16 22:39 - 2015-06-17 09:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2015-07-16 22:39 - 2015-06-17 09:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-16 22:39 - 2015-06-01 16:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\System32\cewmdm.dll
2015-07-16 22:39 - 2015-06-01 15:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-16 22:37 - 2015-07-04 10:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\System32\ole32.dll
2015-07-16 22:37 - 2015-07-04 09:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-16 22:37 - 2015-04-27 11:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2015-07-16 22:37 - 2015-04-27 11:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2015-07-16 22:37 - 2015-04-27 11:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2015-07-16 22:37 - 2015-04-27 11:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2015-07-16 22:37 - 2015-04-27 11:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-16 22:37 - 2015-04-27 11:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-16 22:37 - 2015-04-27 11:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-16 22:37 - 2015-04-27 11:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-16 22:36 - 2015-06-15 13:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\System32\consent.exe
2015-07-16 22:36 - 2015-06-15 13:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\System32\msi.dll
2015-07-16 22:36 - 2015-06-15 13:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\System32\authui.dll
2015-07-16 22:36 - 2015-06-15 13:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\System32\msihnd.dll
2015-07-16 22:36 - 2015-06-15 13:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2015-07-16 22:36 - 2015-06-15 13:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\System32\msiexec.exe
2015-07-16 22:36 - 2015-06-15 13:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-16 22:36 - 2015-06-15 13:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-16 22:36 - 2015-06-15 13:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-16 22:36 - 2015-06-15 13:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-16 22:36 - 2015-06-15 13:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\System32\msimsg.dll
2015-07-16 22:36 - 2015-06-15 13:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-13 02:34 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-13 02:34 - 2009-07-13 20:51 - 00144862 _____ C:\Windows\setupact.log
2015-08-12 21:05 - 2015-06-24 06:29 - 00000000 ____D C:\Users\Susanne Ludewig\Desktop\Bodensee
2015-08-12 21:05 - 2015-05-21 04:59 - 00000000 ____D C:\Users\Susanne Ludewig\Desktop\Cevennen
2015-08-12 21:05 - 2015-04-08 07:27 - 00000000 ___SD C:\Windows\System32\GWX
2015-08-12 21:05 - 2015-01-04 01:28 - 00000000 ____D C:\Users\Susanne Ludewig\Desktop\Markgräflerland
2015-08-12 21:05 - 2014-12-13 00:43 - 00000000 ____D C:\Windows\System32\appraiser
2015-08-12 21:05 - 2014-05-01 00:26 - 00000000 ___SD C:\Windows\System32\CompatTel
2015-08-12 21:05 - 2014-04-06 04:43 - 00000000 ____D C:\Users\Susanne Ludewig\AppData\Roaming\gsak
2015-08-12 21:05 - 2013-03-13 22:45 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-12 21:05 - 2013-03-13 22:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-12 21:05 - 2013-01-04 02:57 - 00000000 ____D C:\users\Susanne Ludewig
2015-08-12 21:05 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-08-12 11:28 - 2013-01-04 12:40 - 01513201 _____ C:\Windows\WindowsUpdate.log
2015-08-12 10:48 - 2009-07-13 20:45 - 00024400 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-12 10:48 - 2009-07-13 20:45 - 00024400 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-12 10:44 - 2012-01-06 09:54 - 00699666 _____ C:\Windows\System32\perfh007.dat
2015-08-12 10:44 - 2012-01-06 09:54 - 00149774 _____ C:\Windows\System32\perfc007.dat
2015-08-12 10:44 - 2009-07-13 21:13 - 01620612 _____ C:\Windows\System32\PerfStringBackup.INI
2015-08-12 10:43 - 2013-01-04 11:33 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-12 06:42 - 2009-07-13 20:45 - 00329328 _____ C:\Windows\System32\FNTCACHE.DAT
2015-08-12 04:43 - 2013-01-04 11:33 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-12 04:43 - 2013-01-04 11:33 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-12 04:43 - 2013-01-04 11:33 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-12 03:41 - 2013-01-04 03:05 - 00000000 ____D C:\Users\Susanne Ludewig\Documents\Youcam
2015-08-09 04:53 - 2015-06-20 09:33 - 00000000 ____D C:\Users\Susanne Ludewig\Downloads\ONLEIHE
2015-08-09 00:44 - 2013-01-07 12:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-09 00:44 - 2010-11-20 19:47 - 01025292 _____ C:\Windows\PFRO.log
2015-08-08 12:29 - 2015-04-30 12:10 - 00000000 ____D C:\Users\Susanne Ludewig\Desktop\Freiburg
2015-08-06 11:56 - 2014-12-17 22:47 - 00000000 ____D C:\Users\Susanne Ludewig\Documents\Dies&Das
2015-08-06 08:11 - 2013-11-16 18:07 - 00000000 ____D C:\Users\Susanne Ludewig\Documents\EigeneGeocaches
2015-08-06 06:30 - 2013-01-05 01:46 - 00000432 _____ C:\Windows\BRWMARK.INI
2015-08-06 03:26 - 2013-01-04 02:57 - 00078536 _____ C:\Users\Susanne Ludewig\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-04 02:53 - 2013-01-04 03:03 - 00000000 ____D C:\Windows\System32\Tasks\Fujitsu
2015-08-04 00:03 - 2014-05-26 09:39 - 00000000 ____D C:\Windows\Minidump
2015-08-04 00:03 - 2014-05-26 09:38 - 537477520 _____ C:\Windows\MEMORY.DMP
2015-08-03 23:18 - 2013-01-04 02:57 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-31 07:51 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2015-07-26 12:16 - 2013-01-04 05:23 - 00000000 ____D C:\Users\Susanne Ludewig\AppData\Roaming\vlc
2015-07-26 11:32 - 2013-01-24 12:06 - 00000000 ____D C:\Users\Susanne Ludewig\AppData\Local\CrashDumps
2015-07-19 11:08 - 2015-02-04 01:11 - 00000000 ____D C:\Users\Susanne Ludewig\AppData\Roaming\360safe
2015-07-19 01:15 - 2015-03-25 10:23 - 00000000 __SHD C:\360Rec
2015-07-18 10:01 - 2015-04-08 07:27 - 00000000 ___SD C:\Windows\SysWOW64\GWX
Some files in TEMP:
====================
C:\Users\Susanne Ludewig\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Susanne Ludewig\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Susanne Ludewig\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\Susanne Ludewig\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Susanne Ludewig\AppData\Local\Temp\FreeYouTubeToMP3Converter.exe
C:\Users\Susanne Ludewig\AppData\Local\Temp\nsfCD03.exe
C:\Users\Susanne Ludewig\AppData\Local\Temp\nsgD149.exe
C:\Users\Susanne Ludewig\AppData\Local\Temp\nsk3EDC.exe
C:\Users\Susanne Ludewig\AppData\Local\Temp\nsq2E5.exe
C:\Users\Susanne Ludewig\AppData\Local\Temp\nsvFEBF.exe
C:\Users\Susanne Ludewig\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Susanne Ludewig\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Susanne Ludewig\AppData\Local\Temp\SPSetup.exe
C:\Users\Susanne Ludewig\AppData\Local\Temp\uninst1.exe
C:\Users\Susanne Ludewig\AppData\Local\Temp\utt8ABB.tmp.exe
C:\Users\Susanne Ludewig\AppData\Local\Temp\uttD21D.tmp.exe
==================== Known DLLs (Whitelisted) =========================
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== Restore Points =========================
Restore point made on: 2015-07-24 02:35:33
Restore point made on: 2015-07-31 06:25:59
Restore point made on: 2015-07-31 08:52:31
Restore point made on: 2015-08-03 22:33:03
Restore point made on: 2015-08-08 10:28:08
Restore point made on: 2015-08-12 03:42:29
Restore point made on: 2015-08-12 05:31:11
==================== Memory info ===========================
Percentage of memory in use: 12%
Total physical RAM: 8052.3 MB
Available physical RAM: 7081.19 MB
Total Virtual: 8050.5 MB
Available Virtual: 7061.41 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:681.63 GB) (Free:305.86 GB) NTFS
Drive d: (WINRE) (Fixed) (Total:2 GB) (Free:1 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive e: (HDBR_DRIVER) (Fixed) (Total:1 GB) (Free:0.61 GB) NTFS
Drive f: (HDBR_OS) (Fixed) (Total:14 GB) (Free:3.16 GB) NTFS
Drive h: (USB_DISK) (Removable) (Total:0.96 GB) (Free:0.95 GB) FAT
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: B8755606)
Partition 1: (Active) - (Size=2 GB) - (Type=27)
Partition 2: (Not Active) - (Size=696.6 GB) - (Type=OF Extended)
========================================================
Disk: 1 (Size: 981 MB) (Disk ID: 49E2A461)
Partition 1: (Not Active) - (Size=981 MB) - (Type=06)
LastRegBack: 2015-08-02 00:35
==================== End of log ============================
Gruß und Dank, splitterbox |
|
13.08.2015, 13:15
| #2 |
| /// the machine /// TB-Ausbilder    | Windows 7 bootet nicht mehr, nur Sperrbildschirm! FRST-Scan ist erfolgt. Hi,
__________________der Rechner ist direkt gesperrt und bootet nicht in Windows? Bitte FRST nochmal aus der Recovery, aber alle Haken raus unter Whitelist.
__________________ |
|
13.08.2015, 17:02
| #3 |
| | Windows 7 bootet nicht mehr, nur Sperrbildschirm! FRST-Scan ist erfolgt. Hier der neue Log:
__________________Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:12-08-2015
Ran by SYSTEM on MININT-UMF73UP (13-08-2015 17:47:17)
Running from H:\
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Englisch (USA)
Internet Explorer Version 11
Boot Mode: Recovery
Default: ControlSet002
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Registry (All) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-12-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [589176 2011-12-20] (Alps Electric Co., Ltd.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [LoadFUJ02E3] => C:\Program Files\Fujitsu\FUJ02E3\fuj02e3.exe [76104 2011-11-23] (FUJITSU LIMITED)
HKLM\...\Run: [PSUTility] => C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [205168 2011-10-03] (FUJITSU LIMITED)
HKLM\...\Run: [LoadFujitsuQuickTouch] => C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [158024 2011-09-30] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [23368 2011-09-30] (FUJITSU LIMITED)
HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [170264 2012-01-29] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] => C:\WINDOWS\system32\hkcmd.exe [398616 2012-01-29] (Intel Corporation)
HKLM\...\Run: [Persistence] => C:\WINDOWS\system32\igfxpers.exe [440600 2012-01-29] (Intel Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-29] (Microsoft Corporation)
HKLM\...\Run: [VDownloader] => C:\Program Files\VDownloader\VDownloader4.exe [1753600 2015-02-26] (Vitzo)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-05] (Intel Corporation)
HKLM-x32\...\Run: [IndicatorUtility] => C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [48752 2010-09-29] (FUJITSU LIMITED)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DeskUpdateNotifier] => c:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe [100120 2011-11-10] (Fujitsu Technology Solutions)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [255208 2012-03-20] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-14] (Apple Inc.)
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe [1020536 2015-07-08] ()
HKLM\...\RunOnce: [*Restore] => C:\Windows\system32\rstrui.exe [296960 2015-07-15] (Microsoft Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe, [30720 2010-11-20] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [26624 2010-11-20] (Microsoft Corporation)
HKLM\...\Winlogon: [Shell] explorer.exe [2871808 2012-01-06] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Shell] explorer.exe [2616320 2012-01-06] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKLM\...\Policies\Explorer: [ForceActiveDesktopOn] 0
HKU\Susanne Ludewig\...\Run: [Amazon Music] => C:\Users\Susanne Ludewig\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-11-18] ()
HKU\Susanne Ludewig\...\Run: [VDownloader] => C:\Program Files\VDownloader\VDownloader4.exe [1753600 2015-02-26] (Vitzo)
HKU\Susanne Ludewig\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_Plugin.exe -update plugin
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [260928 2012-02-03] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [215360 2012-02-03] (NVIDIA Corporation)
Lsa: [Authentication Packages] msv1_0
Lsa: [Notification Packages] scecli
SecurityProviders: credssp.dll
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk [2013-01-04]
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\lcStarter.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk [2013-01-04]
ShortcutTarget: newreminderdialog.lnk -> C:\Program Files\Fujitsu\FujitsuRecovery\NewReminderDialog.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk [2013-01-04]
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\lcStarter.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk [2013-01-04]
ShortcutTarget: newreminderdialog.lnk -> C:\Program Files\Fujitsu\FujitsuRecovery\NewReminderDialog.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Susanne Ludewig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2013-01-04]
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No File
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No File
BootExecute: autocheck autochk *
AlternateShell: cmd.exe
==================== Services (All) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [64704 2014-09-04] (Adobe Systems Incorporated)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [269000 2015-08-12] (Adobe Systems Incorporated)
S3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [72192 2015-03-03] (Microsoft Corporation)
S3 ALG; C:\Windows\System32\alg.exe [79360 2009-07-13] (Microsoft Corporation)
S2 AMPPALR3; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [659968 2011-12-05] (Intel Corporation)
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [32256 2015-02-02] (Microsoft Corporation)
S3 Appinfo; C:\Windows\System32\appinfo.dll [70656 2015-06-15] (Microsoft Corporation)
S2 Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [60744 2014-10-07] (Apple Inc.)
S3 aspnet_state; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [51808 2013-09-11] (Microsoft Corporation)
S2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [680960 2015-02-02] (Microsoft Corporation)
S2 AudioSrv; C:\Windows\System32\Audiosrv.dll [680960 2015-02-02] (Microsoft Corporation)
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [114688 2010-11-20] (Microsoft Corporation)
S3 BDESVC; C:\Windows\System32\bdesvc.dll [100864 2009-07-13] (Microsoft Corporation)
S2 BFE; C:\Windows\System32\bfe.dll [705024 2010-11-20] (Microsoft Corporation)
S2 BITS; C:\Windows\System32\qmgr.dll [849920 2010-11-20] (Microsoft Corporation)
S2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [1014096 2011-12-19] (Intel Corporation)
S3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1304912 2011-12-19] (Intel Corporation)
S2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [1104208 2011-12-19] (Intel Corporation)
S2 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [462184 2011-08-30] (Apple Inc.)
S3 Browser; C:\Windows\System32\browser.dll [136704 2012-07-04] (Microsoft Corporation)
S3 bthserv; C:\Windows\system32\bthserv.dll [83968 2009-07-13] (Microsoft Corporation)
S2 BTHSSecurityMgr; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [135952 2011-12-05] (Intel(R) Corporation)
S3 CertPropSvc; C:\Windows\System32\certprop.dll [80384 2010-11-20] (Microsoft Corporation)
S4 clr_optimization_v2.0.50727_32; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [67224 2014-03-20] (Microsoft Corporation)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-20] (Microsoft Corporation)
S2 clr_optimization_v4.0.30319_32; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [105144 2013-09-11] (Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [124088 2013-09-11] (Microsoft Corporation)
S3 cphs; C:\Windows\SysWow64\IntelCpHeciSvc.exe [276248 2012-01-29] (Intel Corporation)
S2 CryptSvc; C:\Windows\system32\cryptsvc.dll [188416 2015-04-27] (Microsoft Corporation)
S2 CryptSvc; C:\Windows\SysWOW64\cryptsvc.dll [143872 2015-04-27] (Microsoft Corporation)
S2 DcomLaunch; C:\Windows\system32\rpcss.dll [512000 2010-11-20] (Microsoft Corporation)
S3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-13] (Microsoft Corporation)
S2 Dhcp; C:\Windows\system32\dhcpcore.dll [317952 2010-11-20] (Microsoft Corporation)
S2 Dhcp; C:\Windows\SysWOW64\dhcpcore.dll [254464 2010-11-20] (Microsoft Corporation)
S2 DiagTrack; C:\Windows\system32\diagtrack.dll [1255424 2015-05-25] (Microsoft Corporation)
S2 Dnscache; C:\Windows\System32\dnsrslvr.dll [183296 2012-01-06] (Microsoft Corporation)
S3 dot3svc; C:\Windows\System32\dot3svc.dll [252416 2010-11-20] (Microsoft Corporation)
S2 DPS; C:\Windows\system32\dps.dll [162816 2010-11-20] (Microsoft Corporation)
S2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [225280 2011-08-05] (DTS, Inc)
S3 EapHost; C:\Windows\System32\eapsvc.dll [111104 2009-07-13] (Microsoft Corporation)
S2 EFS; C:\Windows\System32\lsass.exe [31232 2015-07-15] (Microsoft Corporation)
S3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [696832 2010-11-20] (Microsoft Corporation)
S3 ehSched; C:\Windows\ehome\ehsched.exe [127488 2009-07-13] (Microsoft Corporation)
S2 eventlog; C:\Windows\System32\wevtsvc.dll [1646080 2010-11-20] (Microsoft Corporation)
S2 EventSystem; C:\Windows\system32\es.dll [402944 2009-07-13] (Microsoft Corporation)
S2 EventSystem; C:\Windows\SysWOW64\es.dll [271360 2009-07-13] (Microsoft Corporation)
S2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [618256 2011-12-08] (Intel(R) Corporation)
S3 Fax; C:\Windows\system32\fxssvc.exe [689152 2010-11-20] (Microsoft Corporation)
S3 fdPHost; C:\Windows\system32\fdPHost.dll [16384 2009-07-13] (Microsoft Corporation)
S2 FDResPub; C:\Windows\system32\fdrespub.dll [34816 2009-07-13] (Microsoft Corporation)
S2 FontCache; C:\Windows\system32\FntCache.dll [1180160 2015-07-30] (Microsoft Corporation)
S3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-20] (Microsoft Corporation)
S2 FUJ02E3Service; C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [76104 2011-11-23] (FUJITSU LIMITED)
S2 gpsvc; C:\Windows\System32\gpsvc.dll [777728 2010-11-20] (Microsoft Corporation)
S3 gusvc; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [136120 2011-05-09] (Google)
S3 hidserv; C:\Windows\system32\hidserv.dll [38912 2009-07-13] (Microsoft Corporation)
S3 hidserv; C:\Windows\SysWOW64\hidserv.dll [49152 2009-07-13] (Microsoft Corporation)
S3 hkmsvc; C:\Windows\system32\kmsvc.dll [90624 2010-11-20] (Microsoft Corporation)
S3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [232448 2010-11-20] (Microsoft Corporation)
S3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [187904 2010-11-20] (Microsoft Corporation)
S3 HomeGroupProvider; C:\Windows\SysWOW64\provsvc.dll [165376 2010-11-20] (Microsoft Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-21] (Macrovision Corporation)
S3 idsvc; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe [859280 2014-06-30] (Microsoft Corporation)
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [114688 2015-07-16] (Microsoft Corporation)
S2 IKEEXT; C:\Windows\System32\ikeext.dll [859648 2013-10-11] (Microsoft Corporation)
S2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [607456 2011-12-08] (Intel(R) Corporation)
S3 IPBusEnum; C:\Windows\system32\ipbusenum.dll [101888 2009-07-13] (Microsoft Corporation)
S2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [569344 2012-10-03] (Microsoft Corporation)
S3 iPod Service; C:\Program Files\iPod\bin\iPodService.exe [643880 2014-10-14] (Apple Inc.)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-15] (Intel Corporation)
S3 KeyIso; C:\Windows\system32\lsass.exe [31232 2015-07-15] (Microsoft Corporation)
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [368640 2009-07-13] (Microsoft Corporation)
S2 LanmanServer; C:\Windows\system32\srvsvc.dll [236032 2010-11-20] (Microsoft Corporation)
S2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [118784 2010-11-20] (Microsoft Corporation)
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [300032 2009-07-13] (Microsoft Corporation)
S2 lmhosts; C:\Windows\System32\lmhsvc.dll [23552 2009-07-13] (Microsoft Corporation)
S2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [277784 2011-12-15] (Intel Corporation)
S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [84992 2010-11-20] (Microsoft Corporation)
S2 MMCSS; C:\Windows\system32\mmcss.dll [67584 2009-07-13] (Microsoft Corporation)
S3 MozillaMaintenance; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [148136 2015-08-08] (Mozilla Foundation)
S2 MpsSvc; C:\Windows\system32\mpssvc.dll [828416 2010-11-20] (Microsoft Corporation)
S3 MSDTC; C:\Windows\System32\msdtc.exe [141824 2009-07-13] (Microsoft Corporation)
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [156672 2009-07-13] (Microsoft Corporation)
S3 msiserver; C:\Windows\System32\msiexec.exe [128000 2015-06-15] (Microsoft Corporation)
S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [73216 2015-06-15] (Microsoft Corporation)
S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-29] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
S3 napagent; C:\Windows\system32\qagentRT.dll [476160 2010-11-20] (Microsoft Corporation)
S3 Netlogon; C:\Windows\system32\lsass.exe [31232 2015-07-15] (Microsoft Corporation)
S3 Netman; C:\Windows\System32\netman.dll [360448 2009-07-13] (Microsoft Corporation)
S4 NetMsmqActivator; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139856 2013-09-11] (Microsoft Corporation)
S4 NetPipeActivator; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139856 2013-09-11] (Microsoft Corporation)
S3 netprofm; C:\Windows\System32\netprofm.dll [459776 2009-07-13] (Microsoft Corporation)
S3 netprofm; C:\Windows\SysWOW64\netprofm.dll [360448 2009-07-13] (Microsoft Corporation)
S4 NetTcpActivator; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139856 2013-09-11] (Microsoft Corporation)
S4 NetTcpPortSharing; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139856 2013-09-11] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-29] (Microsoft Corporation)
S2 NlaSvc; C:\Windows\System32\nlasvc.dll [303616 2014-12-05] (Microsoft Corporation)
S2 nsi; C:\Windows\system32\nsisvc.dll [25600 2009-07-13] (Microsoft Corporation)
S2 nvsvc; C:\Windows\system32\nvvsvc.exe [889664 2012-02-03] (NVIDIA Corporation)
S3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-13] (Microsoft Corporation)
S3 p2psvc; C:\Windows\system32\p2psvc.dll [438784 2009-07-13] (Microsoft Corporation)
S2 PcaSvc; C:\Windows\System32\pcasvc.dll [188416 2015-02-02] (Microsoft Corporation)
S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [20992 2009-07-13] (Microsoft Corporation)
S2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2213376 2011-12-22] (FUJITSU LIMITED)
S3 pla; C:\Windows\system32\pla.dll [1389056 2010-11-20] (Microsoft Corporation)
S3 pla; C:\Windows\SysWOW64\pla.dll [1508864 2010-11-20] (Microsoft Corporation)
S2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [404480 2012-01-06] (Microsoft Corporation)
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [25088 2009-07-13] (Microsoft Corporation)
S3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-13] (Microsoft Corporation)
S3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [501248 2010-11-20] (Microsoft Corporation)
S2 Power; C:\Windows\system32\umpo.dll [163840 2012-01-06] (Microsoft Corporation)
S2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63856 2011-10-03] (FUJITSU LIMITED)
S2 ProfSvc; C:\Windows\system32\profsvc.dll [210432 2014-12-18] (Microsoft Corporation)
S3 ProtectedStorage; C:\Windows\system32\lsass.exe [31232 2015-07-15] (Microsoft Corporation)
S2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [839792 2015-07-08] (QIHU 360 SOFTWARE CO. LIMITED)
S3 QWAVE; C:\Windows\system32\qwave.dll [242688 2009-07-13] (Microsoft Corporation)
S3 RasAuto; C:\Windows\System32\rasauto.dll [99328 2009-07-13] (Microsoft Corporation)
S3 RasMan; C:\Windows\System32\rasmans.dll [344064 2010-11-20] (Microsoft Corporation)
S2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [148752 2011-12-08] (Intel(R) Corporation)
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [97792 2009-07-13] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [75264 2009-07-13] (Microsoft Corporation)
S3 RemoteRegistry; C:\Windows\system32\regsvc.dll [159232 2009-07-13] (Microsoft Corporation)
S2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [67072 2009-07-13] (Microsoft Corporation)
S3 RpcLocator; C:\Windows\system32\locator.exe [10240 2009-07-13] (Microsoft Corporation)
S2 RpcSs; C:\Windows\system32\rpcss.dll [512000 2010-11-20] (Microsoft Corporation)
S2 SamSs; C:\Windows\system32\lsass.exe [31232 2015-07-15] (Microsoft Corporation)
S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [190976 2009-07-13] (Microsoft Corporation)
S2 Schedule; C:\Windows\system32\schedsvc.dll [1110016 2010-11-20] (Microsoft Corporation)
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [80384 2010-11-20] (Microsoft Corporation)
S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [170496 2010-11-20] (Microsoft Corporation)
S3 seclogon; C:\Windows\system32\seclogon.dll [30720 2010-11-20] (Microsoft Corporation)
S2 SENS; C:\Windows\System32\sens.dll [64512 2009-07-13] (Microsoft Corporation)
S2 SENS; C:\Windows\SysWOW64\sens.dll [49664 2009-07-13] (Microsoft Corporation)
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [29184 2009-07-13] (Microsoft Corporation)
S3 SessionEnv; C:\Windows\system32\sessenv.dll [121856 2010-11-20] (Microsoft Corporation)
S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [113664 2010-11-20] (Microsoft Corporation)
S4 SharedAccess; C:\Windows\System32\ipnathlp.dll [359424 2009-07-13] (Microsoft Corporation)
S2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [370688 2010-11-20] (Microsoft Corporation)
S2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [328192 2010-11-20] (Microsoft Corporation)
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14336 2009-07-13] (Microsoft Corporation)
S2 Spooler; C:\Windows\System32\spoolsv.exe [559104 2012-02-10] (Microsoft Corporation)
S2 sppsvc; C:\Windows\system32\sppsvc.exe [3524608 2010-11-20] (Microsoft Corporation)
S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [65536 2009-07-13] (Microsoft Corporation)
S3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [193024 2009-07-13] (Microsoft Corporation)
S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [75264 2009-07-13] (Microsoft Corporation)
S2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-12] (DEVGURU Co., LTD.)
S2 stisvc; C:\Windows\System32\wiaservc.dll [580096 2010-11-20] (Microsoft Corporation)
S3 swprv; C:\Windows\System32\swprv.dll [524288 2009-07-13] (Microsoft Corporation)
S2 SysMain; C:\Windows\system32\sysmain.dll [1743360 2015-07-15] (Microsoft Corporation)
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [92672 2010-11-20] (Microsoft Corporation)
S3 TapiSrv; C:\Windows\System32\tapisrv.dll [316928 2010-11-20] (Microsoft Corporation)
S3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [242176 2010-11-20] (Microsoft Corporation)
S3 TBS; C:\Windows\System32\tbssvc.dll [65536 2009-07-13] (Microsoft Corporation)
S3 TermService; C:\Windows\System32\termsrv.dll [683520 2014-10-13] (Microsoft Corporation)
S2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-13] (Microsoft Corporation)
S3 THREADORDER; C:\Windows\system32\mmcss.dll [67584 2009-07-13] (Microsoft Corporation)
S2 TrkWks; C:\Windows\System32\trkwks.dll [119808 2009-07-13] (Microsoft Corporation)
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [194048 2010-11-20] (Microsoft Corporation)
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [40960 2009-07-13] (Microsoft Corporation)
S2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [363800 2011-12-15] (Intel Corporation)
S3 upnphost; C:\Windows\System32\upnphost.dll [353792 2009-07-13] (Microsoft Corporation)
S3 upnphost; C:\Windows\SysWOW64\upnphost.dll [266752 2009-07-13] (Microsoft Corporation)
S2 UxSms; C:\Windows\System32\uxsms.dll [38912 2009-07-13] (Microsoft Corporation)
S3 VaultSvc; C:\Windows\system32\lsass.exe [31232 2015-07-15] (Microsoft Corporation)
S3 vds; C:\Windows\System32\vds.exe [533504 2010-11-20] (Microsoft Corporation)
S3 VSS; C:\Windows\system32\vssvc.exe [1600512 2010-11-20] (Microsoft Corporation)
S3 W32Time; C:\Windows\system32\w32time.dll [381952 2009-07-13] (Microsoft Corporation)
S3 wbengine; C:\Windows\system32\wbengine.exe [1504256 2010-11-20] (Microsoft Corporation)
S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [202240 2009-07-13] (Microsoft Corporation)
S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [367104 2010-11-20] (Microsoft Corporation)
S3 wcncsvc; C:\Windows\SysWOW64\wcncsvc.dll [276992 2010-11-20] (Microsoft Corporation)
S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [40960 2009-07-13] (Microsoft Corporation)
S3 WcsPlugInService; C:\Windows\SysWOW64\WcsPlugInService.dll [32768 2009-07-13] (Microsoft Corporation)
S3 WdiServiceHost; C:\Windows\system32\wdi.dll [91136 2015-01-08] (Microsoft Corporation)
S3 WdiServiceHost; C:\Windows\SysWOW64\wdi.dll [76800 2015-01-08] (Microsoft Corporation)
S3 WdiSystemHost; C:\Windows\system32\wdi.dll [91136 2015-01-08] (Microsoft Corporation)
S3 WdiSystemHost; C:\Windows\SysWOW64\wdi.dll [76800 2015-01-08] (Microsoft Corporation)
S3 WebClient; C:\Windows\System32\webclnt.dll [260096 2015-07-01] (Microsoft Corporation)
S3 WebClient; C:\Windows\SysWOW64\webclnt.dll [206848 2015-07-01] (Microsoft Corporation)
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [237568 2009-07-13] (Microsoft Corporation)
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84480 2009-07-13] (Microsoft Corporation)
S3 WerSvc; C:\Windows\System32\WerSvc.dll [76800 2009-07-13] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [444416 2010-11-20] (Microsoft Corporation)
S3 WinHttpAutoProxySvc; C:\Windows\SysWOW64\winhttp.dll [351232 2010-11-20] (Microsoft Corporation)
S2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [242688 2009-07-13] (Microsoft Corporation)
S3 WinRM; C:\Windows\system32\WsmSvc.dll [2020352 2014-10-02] (Microsoft Corporation)
S3 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [1177088 2014-10-02] (Microsoft Corporation)
S2 Wlansvc; C:\Windows\System32\wlansvc.dll [886784 2009-07-13] (Microsoft Corporation)
S4 wlcrasvc; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [57184 2010-09-22] (Microsoft Corporation)
S2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2286976 2010-09-21] (Microsoft Corp.)
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [203264 2009-07-13] (Microsoft Corporation)
S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1525248 2010-11-20] (Microsoft Corporation)
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-13] (Microsoft Corporation)
S3 WPCSvc; C:\Windows\SysWOW64\wpcsvc.dll [10752 2009-07-13] (Microsoft Corporation)
S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [117248 2010-11-20] (Microsoft Corporation)
S2 wscsvc; C:\Windows\System32\wscsvc.dll [97280 2009-07-13] (Microsoft Corporation)
S2 WSearch; C:\Windows\system32\SearchIndexer.exe [591872 2012-01-06] (Microsoft Corporation)
S2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [427520 2012-01-06] (Microsoft Corporation)
S2 wuauserv; C:\Windows\system32\wuaueng.dll [2606080 2015-07-20] (Microsoft Corporation)
S3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [84992 2012-07-25] (Microsoft Corporation)
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [228864 2014-01-27] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
==================== Drivers (All) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 1394ohci; C:\Windows\system32\drivers\1394ohci.sys [229888 2010-11-20] (Microsoft Corporation)
S3 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [100424 2015-07-08] (360.cn)
S3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [77896 2015-07-08] (360.cn)
S1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [305736 2015-07-08] (360.cn)
S1 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2015-07-08] (360.cn)
S1 360fsflt; C:\Windows\System32\DRIVERS\360FsFlt.sys [314448 2015-07-08] (Qihu 360 Software Co., Ltd.)
S0 ACPI; C:\Windows\System32\drivers\ACPI.sys [334208 2010-11-20] (Microsoft Corporation)
S3 AcpiPmi; C:\Windows\system32\drivers\acpipmi.sys [12800 2010-11-20] (Microsoft Corporation)
S3 adp94xx; C:\Windows\system32\drivers\adp94xx.sys [491088 2009-07-13] (Adaptec, Inc.)
S3 adpahci; C:\Windows\system32\drivers\adpahci.sys [339536 2009-07-13] (Adaptec, Inc.)
S3 adpu320; C:\Windows\system32\drivers\adpu320.sys [182864 2009-07-13] (Adaptec, Inc.)
S1 AFD; C:\Windows\system32\drivers\afd.sys [497152 2014-05-29] (Microsoft Corporation)
S3 AgereSoftModem; C:\Windows\System32\DRIVERS\agrsm64.sys [1146880 2009-06-10] (LSI Corp)
S3 agp440; C:\Windows\system32\drivers\agp440.sys [61008 2009-07-13] (Microsoft Corporation)
S3 aliide; C:\Windows\system32\drivers\aliide.sys [15440 2009-07-13] (Acer Laboratories Inc.)
S3 amdide; C:\Windows\system32\drivers\amdide.sys [15440 2009-07-13] (Microsoft Corporation)
S3 AmdK8; C:\Windows\system32\drivers\amdk8.sys [64512 2009-07-13] (Microsoft Corporation)
S3 AmdPPM; C:\Windows\system32\drivers\amdppm.sys [60928 2009-07-13] (Microsoft Corporation)
S3 amdsata; C:\Windows\system32\drivers\amdsata.sys [107904 2012-01-06] (Advanced Micro Devices)
S3 amdsbs; C:\Windows\system32\drivers\amdsbs.sys [194128 2009-07-13] (AMD Technologies Inc.)
S0 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2012-01-06] (Advanced Micro Devices)
S3 AMPPAL; C:\Windows\System32\DRIVERS\AMPPAL.sys [195584 2011-12-05] (Windows (R) Win 7 DDK provider)
S3 AMPPALP; C:\Windows\System32\DRIVERS\amppal.sys [195584 2011-12-05] (Windows (R) Win 7 DDK provider)
S3 ApfiltrService; C:\Windows\System32\DRIVERS\Apfiltr.sys [414032 2011-12-20] (Alps Electric Co., Ltd.)
S3 AppID; C:\Windows\system32\drivers\appid.sys [61440 2015-02-02] (Microsoft Corporation)
S3 arc; C:\Windows\system32\drivers\arc.sys [87632 2009-07-13] (Adaptec, Inc.)
S3 arcsas; C:\Windows\system32\drivers\arcsas.sys [97856 2009-07-13] (Adaptec, Inc.)
S3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-13] (Microsoft Corporation)
S0 atapi; C:\Windows\System32\drivers\atapi.sys [24128 2009-07-13] (Microsoft Corporation)
S3 b06bdrv; C:\Windows\system32\drivers\bxvbda.sys [468480 2009-06-10] (Broadcom Corporation)
S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] (Broadcom Corporation)
S1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [180816 2015-07-08] (Qihu 360 Software Co., Ltd.)
S5 BattC; C:\Windows\System32\Drivers\BattC.sys [28240 2009-07-13] (Microsoft Corporation)
S1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-13] (Microsoft Corporation)
S1 blbdrive; C:\Windows\system32\drivers\blbdrive.sys [45056 2009-07-13] (Microsoft Corporation)
S3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2012-01-06] (Microsoft Corporation)
S3 BrFiltLo; C:\Windows\system32\drivers\BrFiltLo.sys [18432 2009-06-10] (Brother Industries, Ltd.)
S3 BrFiltUp; C:\Windows\system32\drivers\BrFiltUp.sys [8704 2009-06-10] (Brother Industries, Ltd.)
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-13] (Brother Industries Ltd.)
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Brother Industries Ltd.)
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Brother Industries Ltd.)
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Brother Industries Ltd.)
S3 BthEnum; C:\Windows\system32\drivers\BthEnum.sys [41984 2009-07-13] (Microsoft Corporation)
S3 BTHMODEM; C:\Windows\system32\drivers\bthmodem.sys [72192 2009-07-13] (Microsoft Corporation)
S3 BthPan; C:\Windows\System32\DRIVERS\bthpan.sys [118784 2009-07-13] (Microsoft Corporation)
S3 BTHPORT; C:\Windows\System32\Drivers\BTHport.sys [552960 2012-07-06] (Microsoft Corporation)
S3 BTHUSB; C:\Windows\System32\Drivers\BTHUSB.sys [80384 2012-01-06] (Microsoft Corporation)
S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [94720 2011-12-13] (Intel Corporation)
S3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [747008 2011-12-13] (Intel Corporation)
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-13] (Microsoft Corporation)
S1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [147456 2010-11-20] (Microsoft Corporation)
S3 circlass; C:\Windows\system32\drivers\circlass.sys [45568 2009-07-13] (Microsoft Corporation)
S0 CLFS; C:\Windows\System32\CLFS.sys [367552 2015-03-03] (Microsoft Corporation)
S3 clwvd; C:\Windows\System32\DRIVERS\clwvd.sys [31216 2011-04-13] (CyberLink Corporation)
S3 CmBatt; C:\Windows\system32\drivers\CmBatt.sys [17664 2009-07-13] (Microsoft Corporation)
S3 cmdide; C:\Windows\system32\drivers\cmdide.sys [17488 2009-07-13] (CMD Technology, Inc.)
S0 CNG; C:\Windows\System32\Drivers\cng.sys [459336 2015-01-30] (Microsoft Corporation)
S0 Compbatt; C:\Windows\System32\drivers\compbatt.sys [21584 2009-07-13] (Microsoft Corporation)
S3 CompositeBus; C:\Windows\system32\drivers\CompositeBus.sys [38912 2010-11-20] (Microsoft Corporation)
S4 crcdisk; C:\Windows\system32\drivers\crcdisk.sys [24144 2009-07-13] (Microsoft Corporation)
S1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2010-11-20] (Microsoft Corporation)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [110336 2014-10-12] (DEVGURU Co., LTD.(www.devguru.co.kr))
S1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-13] (Microsoft Corporation)
S0 Disk; C:\Windows\System32\drivers\disk.sys [73280 2009-07-13] (Microsoft Corporation)
S3 drmkaud; C:\Windows\system32\drivers\drmkaud.sys [5632 2009-07-13] (Microsoft Corporation)
S3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [985536 2014-06-15] (Microsoft Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 elxstor; C:\Windows\system32\drivers\elxstor.sys [530496 2009-07-13] (Emulex)
S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [9728 2009-07-13] (Microsoft Corporation)
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-13] (Microsoft Corporation)
S3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-13] (Microsoft Corporation)
S0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [21104 2009-06-23] (FUJITSU LIMITED)
S3 fdc; C:\Windows\system32\drivers\fdc.sys [29696 2009-07-13] (Microsoft Corporation)
S0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-13] (Microsoft Corporation)
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-13] (Microsoft Corporation)
S3 flpydisk; C:\Windows\system32\drivers\flpydisk.sys [24576 2009-07-13] (Microsoft Corporation)
S0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-20] (Microsoft Corporation)
S3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [55376 2009-07-13] (Microsoft Corporation)
S0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2012-02-29] (Microsoft Corporation)
S3 FUJ02B1; C:\Windows\system32\drivers\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)
S3 FUJ02E3; C:\Windows\system32\drivers\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
S0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223752 2013-01-23] (Microsoft Corporation)
S3 gagp30kx; C:\Windows\system32\drivers\gagp30kx.sys [65088 2009-07-13] (Microsoft Corporation)
S3 GEARAspiWDM; C:\Windows\System32\DRIVERS\GEARAspiWDM.sys [33240 2012-08-21] (GEAR Software Inc.)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.)
S3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [350208 2010-11-20] (Microsoft Corporation)
S3 HDAudBus; C:\Windows\system32\drivers\HDAudBus.sys [122368 2010-11-20] (Microsoft Corporation)
S3 HidBatt; C:\Windows\system32\drivers\HidBatt.sys [26624 2009-07-13] (Microsoft Corporation)
S3 HidBth; C:\Windows\system32\drivers\hidbth.sys [100864 2009-07-13] (Microsoft Corporation)
S3 HidIr; C:\Windows\system32\drivers\hidir.sys [46592 2009-07-13] (Microsoft Corporation)
S3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [30208 2010-11-20] (Microsoft Corporation)
S3 HpSAMD; C:\Windows\system32\drivers\HpSAMD.sys [78720 2010-11-20] (Hewlett-Packard Company)
S3 HTTP; C:\Windows\System32\drivers\HTTP.sys [754688 2015-02-24] (Microsoft Corporation)
S0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-20] (Microsoft Corporation)
S3 i8042prt; C:\Windows\System32\DRIVERS\i8042prt.sys [105472 2009-07-13] (Microsoft Corporation)
S0 iaStor; C:\Windows\System32\drivers\iaStor.sys [568600 2011-11-29] (Intel Corporation)
S3 iaStorV; C:\Windows\system32\drivers\iaStorV.sys [410496 2012-01-06] (Intel Corporation)
S3 ibtfltcoex; C:\Windows\System32\DRIVERS\iBtFltCoex.sys [60416 2011-12-14] (Intel Corporation)
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [14658688 2012-01-18] (Intel Corporation)
S3 iirsp; C:\Windows\system32\drivers\iirsp.sys [44112 2009-07-13] (Intel Corp./ICP vortex GmbH)
S3 IntcAzAudAddService; C:\Windows\System32\drivers\RTKVHD64.sys [4718952 2011-12-13] (Realtek Semiconductor Corp.)
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [331264 2011-12-05] (Intel(R) Corporation)
S3 intelide; C:\Windows\system32\drivers\intelide.sys [16960 2009-07-13] (Microsoft Corporation)
S3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [62464 2009-07-13] (Microsoft Corporation)
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2010-11-20] (Microsoft Corporation)
S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [78848 2010-11-20] (Microsoft Corporation)
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-13] (Microsoft Corporation)
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-13] (Microsoft Corporation)
S3 isapnp; C:\Windows\system32\drivers\isapnp.sys [20544 2009-07-13] (Microsoft Corporation)
S3 iScsiPrt; C:\Windows\system32\drivers\msiscsi.sys [274880 2014-02-03] (Microsoft Corporation)
S0 iusb3hcs; C:\Windows\System32\drivers\iusb3hcs.sys [16152 2012-02-05] (Intel Corporation)
S3 iusb3hub; C:\Windows\system32\drivers\iusb3hub.sys [356120 2012-02-05] (Intel Corporation)
S3 iusb3xhc; C:\Windows\system32\drivers\iusb3xhc.sys [787736 2012-02-05] (Intel Corporation)
S3 kbdclass; C:\Windows\system32\drivers\kbdclass.sys [50768 2009-07-13] (Microsoft Corporation)
S3 kbdhid; C:\Windows\system32\drivers\kbdhid.sys [33280 2010-11-20] (Microsoft Corporation)
S0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95680 2015-07-15] (Microsoft Corporation)
S0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [155584 2015-07-15] (Microsoft Corporation)
S3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20992 2009-07-13] (Microsoft Corporation)
S2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-13] (Microsoft Corporation)
S3 LSI_FC; C:\Windows\system32\drivers\lsi_fc.sys [114752 2009-07-13] (LSI Corporation)
S3 LSI_SAS; C:\Windows\system32\drivers\lsi_sas.sys [106560 2009-07-13] (LSI Corporation)
S3 LSI_SAS2; C:\Windows\system32\drivers\lsi_sas2.sys [65600 2009-07-13] (LSI Corporation)
S3 LSI_SCSI; C:\Windows\system32\drivers\lsi_scsi.sys [115776 2009-07-13] (LSI Corporation)
S2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2009-07-13] (Microsoft Corporation)
S3 megasas; C:\Windows\system32\drivers\megasas.sys [35392 2009-07-13] (LSI Corporation)
S3 MegaSR; C:\Windows\system32\drivers\MegaSR.sys [284736 2009-07-13] (LSI Corporation, Inc.)
S3 MEIx64; C:\Windows\System32\DRIVERS\HECIx64.sys [60184 2011-11-09] (Intel Corporation)
S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-13] (Microsoft Corporation)
S3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-13] (Microsoft Corporation)
S3 mouclass; C:\Windows\System32\DRIVERS\mouclass.sys [49216 2009-07-13] (Microsoft Corporation)
S3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [31232 2009-07-13] (Microsoft Corporation)
S0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94656 2015-07-15] (Microsoft Corporation)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
S3 mpio; C:\Windows\system32\drivers\mpio.sys [155008 2010-11-20] (Microsoft Corporation)
S3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-13] (Microsoft Corporation)
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [141312 2014-12-18] (Microsoft Corporation)
S3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [159232 2015-07-15] (Microsoft Corporation)
S3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [290816 2015-07-15] (Microsoft Corporation)
S3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [129024 2015-07-15] (Microsoft Corporation)
S3 msahci; C:\Windows\system32\drivers\msahci.sys [31104 2010-11-20] (Microsoft Corporation)
S3 msdsm; C:\Windows\system32\drivers\msdsm.sys [140672 2010-11-20] (Microsoft Corporation)
S1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-13] (Microsoft Corporation)
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-13] (Microsoft Corporation)
S0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-13] (Microsoft Corporation)
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-13] (Microsoft Corporation)
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-13] (Microsoft Corporation)
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-13] (Microsoft Corporation)
S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [366976 2010-11-20] (Microsoft Corporation)
S1 mssmbios; C:\Windows\system32\drivers\mssmbios.sys [32320 2009-07-13] (Microsoft Corporation)
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-13] (Microsoft Corporation)
S3 MTConfig; C:\Windows\system32\drivers\MTConfig.sys [15360 2009-07-13] (Microsoft Corporation)
S0 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-13] (Microsoft Corporation)
S3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-13] (Microsoft Corporation)
S0 NDIS; C:\Windows\System32\drivers\ndis.sys [950128 2012-08-22] (Microsoft Corporation)
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-13] (Microsoft Corporation)
S3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-13] (Microsoft Corporation)
S3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56832 2010-11-20] (Microsoft Corporation)
S3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2010-11-20] (Microsoft Corporation)
S3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2010-11-20] (Microsoft Corporation)
S1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-13] (Microsoft Corporation)
S1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [261632 2010-11-20] (Microsoft Corporation)
S3 NETwNs64; C:\Windows\System32\DRIVERS\NETwNs64.sys [11417088 2011-12-01] (Intel Corporation)
S3 nfrd960; C:\Windows\system32\drivers\nfrd960.sys [51264 2009-07-13] (IBM Corporation)
S2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S2 npf; C:\Windows\System32\drivers\npf.sys [47632 2010-01-26] (CACE Technologies, Inc.)
S1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-13] (Microsoft Corporation)
S1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-13] (Microsoft Corporation)
S3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1684928 2014-01-23] (Microsoft Corporation)
S1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-13] (Microsoft Corporation)
S3 nvlddmkm; C:\Windows\System32\DRIVERS\nvlddmkm.sys [14328640 2012-02-03] (NVIDIA Corporation)
S0 nvpciflt; C:\Windows\System32\DRIVERS\nvpciflt.sys [28992 2012-02-03] (NVIDIA Corporation)
S3 nvraid; C:\Windows\system32\drivers\nvraid.sys [148352 2012-01-06] (NVIDIA Corporation)
S3 nvstor; C:\Windows\system32\drivers\nvstor.sys [166272 2012-01-06] (NVIDIA Corporation)
S3 nv_agp; C:\Windows\system32\drivers\nv_agp.sys [122960 2009-07-13] (Microsoft Corporation)
S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [72832 2009-07-13] (Microsoft Corporation)
S3 Parport; C:\Windows\system32\drivers\parport.sys [97280 2009-07-13] (Microsoft Corporation)
S0 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2012-03-16] (Microsoft Corporation)
S0 pci; C:\Windows\System32\drivers\pci.sys [185216 2012-01-06] (Microsoft Corporation)
S3 pciide; C:\Windows\system32\drivers\pciide.sys [12352 2009-07-13] (Microsoft Corporation)
S3 pcmcia; C:\Windows\system32\drivers\pcmcia.sys [220752 2009-07-13] (Microsoft Corporation)
S0 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-13] (Microsoft Corporation)
S2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [663552 2015-02-02] (Microsoft Corporation)
S3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111104 2010-11-20] (Microsoft Corporation)
S3 Processor; C:\Windows\system32\drivers\processr.sys [60416 2009-07-13] (Microsoft Corporation)
S1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2010-11-20] (Microsoft Corporation)
S3 ql2300; C:\Windows\system32\drivers\ql2300.sys [1524816 2009-07-13] (QLogic Corporation)
S3 ql40xx; C:\Windows\system32\drivers\ql40xx.sys [128592 2009-07-13] (QLogic Corporation)
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-13] (Microsoft Corporation)
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-13] (Microsoft Corporation)
S3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-13] (Microsoft Corporation)
S3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [129536 2010-11-20] (Microsoft Corporation)
S3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-13] (Microsoft Corporation)
S3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-13] (Microsoft Corporation)
S1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2010-11-20] (Microsoft Corporation)
S3 rdpbus; C:\Windows\system32\drivers\rdpbus.sys [24064 2009-07-13] (Microsoft Corporation)
S1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-13] (Microsoft Corporation)
S1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-13] (Microsoft Corporation)
S1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-13] (Microsoft Corporation)
S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [212480 2014-07-16] (Microsoft Corporation)
S0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2012-01-06] (Microsoft Corporation)
S3 RFCOMM; C:\Windows\System32\DRIVERS\rfcomm.sys [158720 2009-07-13] (Microsoft Corporation)
S2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-13] (Microsoft Corporation)
S3 RSUSBSTOR; C:\Windows\System32\Drivers\RtsUStor.sys [251496 2011-07-21] (Realtek Semiconductor Corp.)
S3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [646248 2011-09-29] (Realtek )
S3 sbp2port; C:\Windows\system32\drivers\sbp2port.sys [103808 2010-11-20] (Microsoft Corporation)
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2010-11-20] (Microsoft Corporation)
S3 sdbus; C:\Windows\System32\DRIVERS\sdbus.sys [109056 2010-11-20] (Microsoft Corporation)
S2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S3 Serenum; C:\Windows\system32\drivers\serenum.sys [23552 2009-07-13] (Microsoft Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Microsoft Corporation)
S3 sermouse; C:\Windows\system32\drivers\sermouse.sys [26624 2009-07-13] (Microsoft Corporation)
S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [14336 2009-07-13] (Microsoft Corporation)
S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [13824 2009-07-13] (Microsoft Corporation)
S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [14336 2010-11-20] (Microsoft Corporation)
S3 sfloppy; C:\Windows\system32\drivers\sfloppy.sys [16896 2009-07-13] (Microsoft Corporation)
S3 SiSRaid2; C:\Windows\system32\drivers\SiSRaid2.sys [43584 2009-07-13] (Silicon Integrated Systems Corp.)
S3 SiSRaid4; C:\Windows\system32\drivers\sisraid4.sys [80464 2009-07-13] (Silicon Integrated Systems)
S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-13] (Microsoft Corporation)
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1812608 2011-12-27] ()
S0 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-13] (Microsoft Corporation)
S3 srv; C:\Windows\System32\DRIVERS\srv.sys [467456 2012-01-06] (Microsoft Corporation)
S3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [410112 2012-01-06] (Microsoft Corporation)
S3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [168448 2012-01-06] (Microsoft Corporation)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [206080 2014-10-12] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 stexstor; C:\Windows\system32\drivers\stexstor.sys [24656 2009-07-13] (Promise Technology)
S3 swenum; C:\Windows\system32\drivers\swenum.sys [12496 2009-07-13] (Microsoft Corporation)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-10-15] (Anchorfree Inc.)
S0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1903552 2014-04-04] (Microsoft Corporation)
S3 TCPIP6; C:\Windows\System32\DRIVERS\tcpip.sys [1903552 2014-04-04] (Microsoft Corporation)
S2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [45568 2012-10-03] (Microsoft Corporation)
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-13] (Microsoft Corporation)
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2012-02-16] (Microsoft Corporation)
S1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [119296 2014-11-10] (Microsoft Corporation)
S1 TermDD; C:\Windows\system32\drivers\termdd.sys [63360 2010-11-20] (Microsoft Corporation)
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [39936 2014-07-16] (Microsoft Corporation)
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [59392 2010-11-20] (Microsoft Corporation)
S3 TsUsbGD; C:\Windows\system32\drivers\TsUsbGD.sys [31232 2010-11-20] (Microsoft Corporation)
S3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2010-11-20] (Microsoft Corporation)
S3 uagp35; C:\Windows\system32\drivers\uagp35.sys [64080 2009-07-13] (Microsoft Corporation)
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [328192 2010-11-20] (Microsoft Corporation)
S3 uliagpkx; C:\Windows\system32\drivers\uliagpkx.sys [64592 2009-07-13] (Microsoft Corporation)
S3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2010-11-20] (Microsoft Corporation)
S3 UmPass; C:\Windows\system32\drivers\umpass.sys [9728 2009-07-13] (Microsoft Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.)
S3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [99840 2013-11-26] (Microsoft Corporation)
S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [100864 2013-07-12] (Microsoft Corporation)
S3 usbehci; C:\Windows\system32\drivers\usbehci.sys [53248 2013-11-26] (Microsoft Corporation)
S3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2013-11-26] (Microsoft Corporation)
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2013-11-26] (Microsoft Corporation)
S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [25088 2009-07-13] (Microsoft Corporation)
S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91648 2012-01-06] (Microsoft Corporation)
S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [30720 2013-11-26] (Microsoft Corporation)
S3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [185344 2013-07-12] (Microsoft Corporation)
S0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-13] (Microsoft Corporation)
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-13] (Microsoft Corporation)
S1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-13] (Microsoft Corporation)
S3 vhdmp; C:\Windows\system32\drivers\vhdmp.sys [215936 2010-11-20] (Microsoft Corporation)
S3 viaide; C:\Windows\system32\drivers\viaide.sys [17488 2009-07-13] (VIA Technologies, Inc.)
S0 volmgr; C:\Windows\System32\drivers\volmgr.sys [70528 2012-01-06] (Microsoft Corporation)
S0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-20] (Microsoft Corporation)
S0 volsnap; C:\Windows\System32\drivers\volsnap.sys [296320 2012-01-06] (Microsoft Corporation)
S3 vsmraid; C:\Windows\system32\drivers\vsmraid.sys [161872 2009-07-13] (VIA Technologies Inc.,Ltd)
S3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [24576 2009-07-13] (Microsoft Corporation)
S1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [59904 2009-07-13] (Microsoft Corporation)
S3 vwifimp; C:\Windows\System32\DRIVERS\vwifimp.sys [17920 2009-07-13] (Microsoft Corporation)
S3 WacomPen; C:\Windows\system32\drivers\wacompen.sys [27776 2009-07-13] (Microsoft Corporation)
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-20] (Microsoft Corporation)
S1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-20] (Microsoft Corporation)
S3 Wd; C:\Windows\system32\drivers\wd.sys [21056 2009-07-13] (Microsoft Corporation)
S0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2013-06-25] (Microsoft Corporation)
S1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-13] (Microsoft Corporation)
S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [22096 2009-07-13] (Microsoft Corporation)
S3 WIMMount; C:\Windows\SysWOW64\drivers\wimmount.sys [19008 2009-07-13] (Microsoft Corporation)
S3 Winsock; no ImagePath
S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [41984 2010-11-20] (Microsoft Corporation)
S3 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [14336 2009-07-13] (Microsoft Corporation)
S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2009-07-13] (Microsoft Corporation)
S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [87040 2012-07-25] (Microsoft Corporation)
S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [198656 2012-07-25] (Microsoft Corporation)
S3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [389120 2009-06-10] (Marvell)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-13 12:39 - 2015-08-13 17:47 - 00000000 ____D C:\FRST
2015-08-12 07:03 - 2015-08-12 07:03 - 00006512 ____N C:\bootsqm.dat
2015-08-12 06:29 - 2015-07-30 05:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 06:29 - 2015-07-30 05:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 04:43 - 2015-08-12 04:43 - 09284296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-08-12 04:28 - 2015-07-28 12:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
2015-08-12 04:28 - 2015-07-28 12:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\System32\appraiser.dll
2015-08-12 04:28 - 2015-07-28 12:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\System32\invagent.dll
2015-08-12 04:28 - 2015-07-28 12:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\System32\generaltel.dll
2015-08-12 04:28 - 2015-07-28 12:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\System32\devinv.dll
2015-08-12 04:28 - 2015-07-28 12:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2015-08-12 04:28 - 2015-07-28 12:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\System32\acmigration.dll
2015-08-12 04:28 - 2015-07-28 11:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2015-08-12 03:42 - 2015-07-15 10:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2015-08-12 03:42 - 2015-07-15 10:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2015-08-12 03:42 - 2015-07-15 10:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2015-08-12 03:42 - 2015-07-15 10:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mountmgr.sys
2015-08-12 03:42 - 2015-07-15 10:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2015-08-12 03:42 - 2015-07-15 10:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2015-08-12 03:42 - 2015-07-15 10:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll
2015-08-12 03:42 - 2015-07-15 10:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2015-08-12 03:42 - 2015-07-15 10:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\System32\wdigest.dll
2015-08-12 03:42 - 2015-07-15 10:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\System32\sysmain.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\System32\srcore.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\System32\msv1_0.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\rstrui.exe
2015-08-12 03:42 - 2015-07-15 10:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\System32\smss.exe
2015-08-12 03:42 - 2015-07-15 10:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\System32\TSpkg.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\System32\srclient.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\System32\cryptbase.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\System32\lsass.exe
2015-08-12 03:42 - 2015-07-15 10:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\System32\secur32.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\System32\credssp.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2015-08-12 03:42 - 2015-07-15 10:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\System32\msmmsp.dll
2015-08-12 03:42 - 2015-07-15 10:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\System32\conhost.exe
2015-08-12 03:42 - 2015-07-15 10:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\System32\auditpol.exe
2015-08-12 03:42 - 2015-07-15 10:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\System32\msaudite.dll
2015-08-12 03:42 - 2015-07-15 10:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\msobjs.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\System32\adtschema.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\apisetschema.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 10:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-12 03:42 - 2015-07-15 09:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-12 03:42 - 2015-07-15 09:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 03:42 - 2015-07-15 09:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-12 03:42 - 2015-07-15 09:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-12 03:42 - 2015-07-15 09:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-12 03:42 - 2015-07-15 09:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-12 03:42 - 2015-07-15 09:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-12 03:42 - 2015-07-15 09:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-12 03:42 - 2015-07-15 09:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-12 03:42 - 2015-07-15 09:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-12 03:42 - 2015-07-15 09:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-12 03:42 - 2015-07-15 09:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-12 03:42 - 2015-07-15 09:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-12 03:42 - 2015-07-15 09:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-12 03:42 - 2015-07-15 09:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-12 03:42 - 2015-07-15 09:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-12 03:42 - 2015-07-15 09:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-12 03:42 - 2015-07-15 09:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-12 03:42 - 2015-07-15 09:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-12 03:42 - 2015-07-15 09:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-12 03:42 - 2015-07-15 09:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-12 03:42 - 2015-07-15 09:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 09:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 08:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2015-08-12 03:42 - 2015-07-15 08:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2015-08-12 03:42 - 2015-07-15 08:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2015-08-12 03:42 - 2015-07-15 08:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-12 03:42 - 2015-07-15 08:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-12 03:42 - 2015-07-15 08:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 08:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 08:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 03:42 - 2015-07-15 08:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-12 03:42 - 2015-07-10 09:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2015-08-12 03:42 - 2015-07-10 09:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2015-08-12 03:42 - 2015-07-10 09:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2015-08-12 03:42 - 2015-07-10 09:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 03:42 - 2015-07-10 09:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-12 03:42 - 2015-07-10 09:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-12 03:41 - 2015-07-20 16:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2015-08-12 03:41 - 2015-07-20 16:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-12 03:41 - 2015-07-16 13:14 - 25192448 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2015-08-12 03:41 - 2015-07-16 12:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2015-08-12 03:41 - 2015-07-16 12:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2015-08-12 03:41 - 2015-07-16 12:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2015-08-12 03:41 - 2015-07-16 12:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2015-08-12 03:41 - 2015-07-16 12:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2015-08-12 03:41 - 2015-07-16 12:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2015-08-12 03:41 - 2015-07-16 12:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2015-08-12 03:41 - 2015-07-16 12:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2015-08-12 03:41 - 2015-07-16 12:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2015-08-12 03:41 - 2015-07-16 12:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2015-08-12 03:41 - 2015-07-16 12:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2015-08-12 03:41 - 2015-07-16 12:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2015-08-12 03:41 - 2015-07-16 12:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2015-08-12 03:41 - 2015-07-16 12:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2015-08-12 03:41 - 2015-07-16 12:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2015-08-12 03:41 - 2015-07-16 12:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2015-08-12 03:41 - 2015-07-16 12:20 - 19870208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-12 03:41 - 2015-07-16 12:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2015-08-12 03:41 - 2015-07-16 12:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2015-08-12 03:41 - 2015-07-16 12:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-12 03:41 - 2015-07-16 12:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-08-12 03:41 - 2015-07-16 11:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2015-08-12 03:41 - 2015-07-16 11:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2015-08-12 03:41 - 2015-07-16 11:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 03:41 - 2015-07-16 11:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2015-08-12 03:41 - 2015-07-16 11:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-12 03:41 - 2015-07-16 11:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 03:41 - 2015-07-16 11:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-12 03:41 - 2015-07-16 11:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-12 03:41 - 2015-07-16 11:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 03:41 - 2015-07-16 11:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 03:41 - 2015-07-16 11:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-12 03:41 - 2015-07-16 11:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 03:41 - 2015-07-16 11:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 03:41 - 2015-07-16 11:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 03:41 - 2015-07-16 11:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-12 03:41 - 2015-07-16 11:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2015-08-12 03:41 - 2015-07-16 11:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2015-08-12 03:41 - 2015-07-16 11:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2015-08-12 03:41 - 2015-07-16 11:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2015-08-12 03:41 - 2015-07-16 11:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2015-08-12 03:41 - 2015-07-16 11:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 03:41 - 2015-07-16 11:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-12 03:41 - 2015-07-16 11:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-12 03:41 - 2015-07-16 11:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 03:41 - 2015-07-16 11:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 03:41 - 2015-07-16 11:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 03:41 - 2015-07-16 11:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2015-08-12 03:41 - 2015-07-16 11:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 03:41 - 2015-07-16 11:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 03:41 - 2015-07-16 11:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 03:41 - 2015-07-16 11:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-12 03:41 - 2015-07-16 11:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2015-08-12 03:41 - 2015-07-16 10:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2015-08-12 03:41 - 2015-07-16 10:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 03:41 - 2015-07-16 10:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 03:41 - 2015-07-16 10:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 03:41 - 2015-07-14 19:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\System32\basesrv.dll
2015-08-12 03:39 - 2015-07-30 10:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2015-08-12 03:39 - 2015-07-30 10:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2015-08-12 03:39 - 2015-07-30 10:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2015-08-12 03:39 - 2015-07-30 10:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\System32\fontsub.dll
2015-08-12 03:39 - 2015-07-30 10:06 - 00046080 _____ (Adobe Systems) C:\Windows\System32\atmlib.dll
2015-08-12 03:39 - 2015-07-30 10:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\System32\lpk.dll
2015-08-12 03:39 - 2015-07-30 10:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\System32\dciman32.dll
2015-08-12 03:39 - 2015-07-30 09:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 03:39 - 2015-07-30 09:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 03:39 - 2015-07-30 09:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-12 03:39 - 2015-07-30 09:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 03:39 - 2015-07-30 09:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-12 03:39 - 2015-07-30 09:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-12 03:39 - 2015-07-30 08:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2015-08-12 03:39 - 2015-07-30 08:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2015-08-12 03:39 - 2015-07-30 08:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 03:39 - 2015-07-20 10:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2015-08-12 03:39 - 2015-07-20 10:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2015-08-12 03:39 - 2015-07-20 10:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2015-08-12 03:39 - 2015-07-20 10:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2015-08-12 03:39 - 2015-07-20 10:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2015-08-12 03:39 - 2015-07-20 10:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2015-08-12 03:39 - 2015-07-20 10:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\System32\WinSetupUI.dll
2015-08-12 03:39 - 2015-07-20 10:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\System32\wups2.dll
2015-08-12 03:39 - 2015-07-20 10:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2015-08-12 03:39 - 2015-07-20 10:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\System32\wups.dll
2015-08-12 03:39 - 2015-07-20 10:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\System32\wu.upgrade.ps.dll
2015-08-12 03:39 - 2015-07-20 09:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 03:39 - 2015-07-20 09:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 03:39 - 2015-07-20 09:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 03:39 - 2015-07-20 09:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 03:39 - 2015-07-20 09:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-12 03:39 - 2015-07-14 19:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2015-08-12 03:39 - 2015-07-14 19:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2015-08-12 03:39 - 2015-07-14 19:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\msxml6r.dll
2015-08-12 03:39 - 2015-07-14 19:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\msxml3r.dll
2015-08-12 03:39 - 2015-07-14 18:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 03:39 - 2015-07-14 18:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 03:39 - 2015-07-14 18:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-12 03:39 - 2015-07-14 18:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-12 03:39 - 2015-07-10 09:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2015-08-12 03:39 - 2015-07-10 09:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-12 03:39 - 2015-07-09 09:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\System32\notepad.exe
2015-08-12 03:39 - 2015-07-09 09:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 03:39 - 2015-07-09 09:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 03:39 - 2015-07-01 12:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\System32\WebClnt.dll
2015-08-12 03:39 - 2015-07-01 12:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\System32\davclnt.dll
2015-08-12 03:39 - 2015-07-01 12:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 03:39 - 2015-07-01 12:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 03:39 - 2015-05-09 10:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\System32\mcupdate_GenuineIntel.dll
2015-08-08 11:20 - 2015-08-07 15:44 - 05291341 ____N C:\Users\Susanne Ludewig\Desktop\9712343.gpx
2015-08-08 10:46 - 2015-08-12 21:05 - 00000000 ____D C:\Users\Susanne Ludewig\Desktop\Gefundene
2015-08-08 01:20 - 2015-08-09 00:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-04 00:03 - 2015-08-04 00:03 - 00285664 _____ C:\Windows\Minidump\080415-26192-01.dmp
2015-08-03 22:36 - 2015-08-03 22:38 - 00204760 _____ C:\Users\Susanne Ludewig\Downloads\googleearthinstall.log
2015-08-03 22:29 - 2015-08-03 22:30 - 36182856 _____ C:\Users\Susanne Ludewig\Downloads\GoogleEarthWin.exe
2015-07-26 06:44 - 2015-08-04 00:03 - 00000000 _RSHD C:\360SANDBOX
2015-07-25 00:02 - 2015-07-25 00:02 - 00000000 ____D C:\ProgramData\360TotalSecurity
2015-07-25 00:01 - 2015-07-25 00:07 - 00000000 ____D C:\ProgramData\360safe
2015-07-24 10:49 - 2015-07-08 19:45 - 00314448 _____ (Qihu 360 Software Co., Ltd.) C:\Windows\System32\Drivers\360fsflt.sys
2015-07-24 10:48 - 2015-07-24 10:48 - 00001159 _____ C:\Users\Public\Desktop\360 Total Security.lnk
2015-07-24 10:48 - 2015-07-24 10:48 - 00000000 ____D C:\Program Files (x86)\360
2015-07-24 10:48 - 2015-07-08 19:45 - 00305736 _____ (360.cn) C:\Windows\System32\Drivers\360Box64.sys
2015-07-24 10:48 - 2015-07-08 19:45 - 00180816 _____ (Qihu 360 Software Co., Ltd.) C:\Windows\System32\Drivers\BAPIDRV64.SYS
2015-07-24 10:48 - 2015-07-08 19:45 - 00100424 _____ (360.cn) C:\Windows\System32\Drivers\360AntiHacker64.sys
2015-07-24 10:48 - 2015-07-08 19:45 - 00077896 _____ (360.cn) C:\Windows\System32\Drivers\360AvFlt.sys
2015-07-24 10:48 - 2015-07-08 19:45 - 00040520 _____ (360.cn) C:\Windows\System32\Drivers\360Camera64.sys
2015-07-19 11:10 - 2015-07-19 11:10 - 00362373 _____ C:\Users\Susanne Ludewig\Downloads\exifr300_e.zip
2015-07-19 11:09 - 2015-07-19 11:09 - 01259808 _____ C:\Users\Susanne Ludewig\Downloads\Exif Reader - CHIP-Installer.exe
2015-07-16 22:39 - 2015-06-17 09:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2015-07-16 22:39 - 2015-06-17 09:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-16 22:39 - 2015-06-01 16:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\System32\cewmdm.dll
2015-07-16 22:39 - 2015-06-01 15:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-16 22:37 - 2015-07-04 10:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\System32\ole32.dll
2015-07-16 22:37 - 2015-07-04 09:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-16 22:37 - 2015-04-27 11:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2015-07-16 22:37 - 2015-04-27 11:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2015-07-16 22:37 - 2015-04-27 11:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2015-07-16 22:37 - 2015-04-27 11:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2015-07-16 22:37 - 2015-04-27 11:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-16 22:37 - 2015-04-27 11:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-16 22:37 - 2015-04-27 11:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-16 22:37 - 2015-04-27 11:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-16 22:36 - 2015-06-15 13:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\System32\consent.exe
2015-07-16 22:36 - 2015-06-15 13:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\System32\msi.dll
2015-07-16 22:36 - 2015-06-15 13:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\System32\authui.dll
2015-07-16 22:36 - 2015-06-15 13:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\System32\msihnd.dll
2015-07-16 22:36 - 2015-06-15 13:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2015-07-16 22:36 - 2015-06-15 13:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\System32\msiexec.exe
2015-07-16 22:36 - 2015-06-15 13:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-16 22:36 - 2015-06-15 13:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-16 22:36 - 2015-06-15 13:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-16 22:36 - 2015-06-15 13:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-16 22:36 - 2015-06-15 13:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\System32\msimsg.dll
2015-07-16 22:36 - 2015-06-15 13:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-13 02:34 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-13 02:34 - 2009-07-13 20:51 - 00144862 _____ C:\Windows\setupact.log
2015-08-12 21:05 - 2015-06-24 06:29 - 00000000 ____D C:\Users\Susanne Ludewig\Desktop\Bodensee
2015-08-12 21:05 - 2015-05-21 04:59 - 00000000 ____D C:\Users\Susanne Ludewig\Desktop\Cevennen
2015-08-12 21:05 - 2015-04-08 07:27 - 00000000 ___SD C:\Windows\System32\GWX
2015-08-12 21:05 - 2015-01-04 01:28 - 00000000 ____D C:\Users\Susanne Ludewig\Desktop\Markgräflerland
2015-08-12 21:05 - 2014-12-13 00:43 - 00000000 ____D C:\Windows\System32\appraiser
2015-08-12 21:05 - 2014-05-01 00:26 - 00000000 ___SD C:\Windows\System32\CompatTel
2015-08-12 21:05 - 2014-04-06 04:43 - 00000000 ____D C:\Users\Susanne Ludewig\AppData\Roaming\gsak
2015-08-12 21:05 - 2013-03-13 22:45 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-12 21:05 - 2013-03-13 22:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-12 21:05 - 2013-01-04 02:57 - 00000000 ____D C:\users\Susanne Ludewig
2015-08-12 21:05 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-08-12 11:28 - 2013-01-04 12:40 - 01513201 _____ C:\Windows\WindowsUpdate.log
2015-08-12 10:48 - 2009-07-13 20:45 - 00024400 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-12 10:48 - 2009-07-13 20:45 - 00024400 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-12 10:44 - 2012-01-06 09:54 - 00699666 _____ C:\Windows\System32\perfh007.dat
2015-08-12 10:44 - 2012-01-06 09:54 - 00149774 _____ C:\Windows\System32\perfc007.dat
2015-08-12 10:44 - 2009-07-13 21:13 - 01620612 _____ C:\Windows\System32\PerfStringBackup.INI
2015-08-12 10:43 - 2013-01-04 11:33 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-12 06:42 - 2009-07-13 20:45 - 00329328 _____ C:\Windows\System32\FNTCACHE.DAT
2015-08-12 04:43 - 2013-01-04 11:33 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-12 04:43 - 2013-01-04 11:33 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-12 04:43 - 2013-01-04 11:33 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-12 03:41 - 2013-01-04 03:05 - 00000000 ____D C:\Users\Susanne Ludewig\Documents\Youcam
2015-08-09 04:53 - 2015-06-20 09:33 - 00000000 ____D C:\Users\Susanne Ludewig\Downloads\ONLEIHE
2015-08-09 00:44 - 2013-01-07 12:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-09 00:44 - 2010-11-20 19:47 - 01025292 _____ C:\Windows\PFRO.log
2015-08-08 12:29 - 2015-04-30 12:10 - 00000000 ____D C:\Users\Susanne Ludewig\Desktop\Freiburg
2015-08-06 11:56 - 2014-12-17 22:47 - 00000000 ____D C:\Users\Susanne Ludewig\Documents\Dies&Das
2015-08-06 08:11 - 2013-11-16 18:07 - 00000000 ____D C:\Users\Susanne Ludewig\Documents\EigeneGeocaches
2015-08-06 06:30 - 2013-01-05 01:46 - 00000432 _____ C:\Windows\BRWMARK.INI
2015-08-06 03:26 - 2013-01-04 02:57 - 00078536 _____ C:\Users\Susanne Ludewig\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-04 02:53 - 2013-01-04 03:03 - 00000000 ____D C:\Windows\System32\Tasks\Fujitsu
2015-08-04 00:03 - 2014-05-26 09:39 - 00000000 ____D C:\Windows\Minidump
2015-08-04 00:03 - 2014-05-26 09:38 - 537477520 _____ C:\Windows\MEMORY.DMP
2015-08-03 23:18 - 2013-01-04 02:57 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-31 07:51 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2015-07-26 12:16 - 2013-01-04 05:23 - 00000000 ____D C:\Users\Susanne Ludewig\AppData\Roaming\vlc
2015-07-26 11:32 - 2013-01-24 12:06 - 00000000 ____D C:\Users\Susanne Ludewig\AppData\Local\CrashDumps
2015-07-19 11:08 - 2015-02-04 01:11 - 00000000 ____D C:\Users\Susanne Ludewig\AppData\Roaming\360safe
2015-07-19 01:15 - 2015-03-25 10:23 - 00000000 __SHD C:\360Rec
2015-07-18 10:01 - 2015-04-08 07:27 - 00000000 ___SD C:\Windows\SysWOW64\GWX
Some files in TEMP:
====================
C:\Users\Susanne Ludewig\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Susanne Ludewig\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Susanne Ludewig\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\Susanne Ludewig\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Susanne Ludewig\AppData\Local\Temp\FreeYouTubeToMP3Converter.exe
C:\Users\Susanne Ludewig\AppData\Local\Temp\nsfCD03.exe
C:\Users\Susanne Ludewig\AppData\Local\Temp\nsgD149.exe
C:\Users\Susanne Ludewig\AppData\Local\Temp\nsk3EDC.exe
C:\Users\Susanne Ludewig\AppData\Local\Temp\nsq2E5.exe
C:\Users\Susanne Ludewig\AppData\Local\Temp\nsvFEBF.exe
C:\Users\Susanne Ludewig\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Susanne Ludewig\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Susanne Ludewig\AppData\Local\Temp\SPSetup.exe
C:\Users\Susanne Ludewig\AppData\Local\Temp\uninst1.exe
C:\Users\Susanne Ludewig\AppData\Local\Temp\utt8ABB.tmp.exe
C:\Users\Susanne Ludewig\AppData\Local\Temp\uttD21D.tmp.exe
==================== Known DLLs (All) =========================
[2009-07-13 16:00] - [2009-07-13 17:40] - 0607744 ____A (Microsoft Corporation) C:\Windows\System32\clbcatq.dll
[2009-07-13 15:44] - [2009-07-13 17:15] - 0522240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\clbcatq.dll
[2015-07-16 22:37] - [2015-07-04 10:07] - 2087424 ____A (Microsoft Corporation) C:\Windows\System32\ole32.dll
[2015-07-16 22:37] - [2015-07-04 09:48] - 1414656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
[2015-06-09 11:01] - [2015-05-25 10:18] - 0879104 ____A (Microsoft Corporation) C:\Windows\System32\advapi32.dll
[2015-06-09 11:00] - [2015-05-25 10:01] - 0641536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
[2010-11-20 19:24] - [2010-11-20 19:24] - 0594432 ____A (Microsoft Corporation) C:\Windows\System32\COMDLG32.dll
[2010-11-20 19:23] - [2010-11-20 19:23] - 0485888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\COMDLG32.dll
[2015-07-16 22:39] - [2015-06-17 09:47] - 0404992 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
[2015-07-16 22:39] - [2015-06-17 09:37] - 0312320 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
[2015-08-12 03:41] - [2015-07-16 12:35] - 2885632 ____A (Microsoft Corporation) C:\Windows\System32\IERTUTIL.dll
[2015-08-12 03:41] - [2015-07-16 11:45] - 2279424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IERTUTIL.dll
[2013-12-13 07:26] - [2013-10-18 18:18] - 0081408 ____A (Microsoft Corporation) C:\Windows\System32\IMAGEHLP.dll
[2013-12-13 07:26] - [2013-10-18 17:36] - 0159232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IMAGEHLP.dll
[2009-07-13 15:38] - [2009-07-13 17:41] - 0167424 ____A (Microsoft Corporation) C:\Windows\System32\IMM32.dll
[2010-11-20 19:24] - [2010-11-20 19:24] - 0119808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IMM32.dll
[2015-08-12 03:42] - [2015-07-15 10:10] - 1163264 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
[2015-08-12 03:42] - [2015-07-15 09:53] - 1114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
[2015-08-12 03:39] - [2015-07-30 10:06] - 0041984 ____A (Microsoft Corporation) C:\Windows\System32\LPK.dll
[2015-08-12 03:39] - [2015-07-30 09:55] - 0025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\LPK.dll
[2015-03-10 22:33] - [2015-01-16 18:48] - 1067520 ____A (Microsoft Corporation) C:\Windows\System32\MSCTF.dll
[2015-03-10 22:33] - [2015-01-16 18:30] - 0828928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSCTF.dll
[2013-01-05 10:54] - [2011-12-16 00:46] - 0634880 ____A (Microsoft Corporation) C:\Windows\System32\MSVCRT.dll
[2013-01-05 10:54] - [2011-12-15 23:52] - 0690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSVCRT.dll
[2009-07-13 15:26] - [2009-07-13 17:31] - 0002560 ____A (Microsoft Corporation) C:\Windows\System32\NORMALIZ.dll
[2009-07-13 15:15] - [2009-07-13 17:09] - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\NORMALIZ.dll
[2009-07-13 15:21] - [2009-07-13 17:41] - 0013824 ____A (Microsoft Corporation) C:\Windows\System32\NSI.dll
[2009-07-13 15:12] - [2009-07-13 17:16] - 0008704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\NSI.dll
[2015-02-10 13:25] - [2014-11-25 19:53] - 0861696 ____A (Microsoft Corporation) C:\Windows\System32\OLEAUT32.dll
[2015-02-10 13:25] - [2014-11-25 19:32] - 0571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\OLEAUT32.dll
[2009-07-13 15:26] - [2009-07-13 17:41] - 0009216 ____A (Microsoft Corporation) C:\Windows\System32\PSAPI.dll
[2009-07-13 15:15] - [2009-07-13 17:16] - 0006144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PSAPI.dll
[2015-08-12 03:42] - [2015-07-15 10:10] - 1216512 ____A (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
[2015-08-12 03:42] - [2015-07-15 09:53] - 0665088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
[2015-06-09 11:00] - [2015-05-25 10:19] - 0113664 ____A (Microsoft Corporation) C:\Windows\System32\sechost.dll
[2015-06-09 11:00] - [2015-05-25 10:01] - 0092160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
[2010-11-20 19:24] - [2010-11-20 19:24] - 1900544 ____A (Microsoft Corporation) C:\Windows\System32\Setupapi.dll
[2010-11-20 19:23] - [2010-11-20 19:23] - 1667584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Setupapi.dll
[2015-08-12 03:39] - [2015-07-10 09:51] - 14177280 ____A (Microsoft Corporation) C:\Windows\System32\SHELL32.dll
[2015-08-12 03:39] - [2015-07-10 09:34] - 12875776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SHELL32.dll
[2010-11-20 19:24] - [2010-11-20 19:24] - 0448512 ____A (Microsoft Corporation) C:\Windows\System32\SHLWAPI.dll
[2010-11-20 19:23] - [2010-11-20 19:23] - 0350208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SHLWAPI.dll
[2015-08-12 03:41] - [2015-07-16 11:01] - 1545728 ____A (Microsoft Corporation) C:\Windows\System32\URLMON.dll
[2015-08-12 03:41] - [2015-07-16 10:38] - 1310720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\URLMON.dll
[2010-11-20 19:24] - [2010-11-20 19:24] - 1008128 ____A (Microsoft Corporation) C:\Windows\System32\user32.dll
[2010-11-20 19:24] - [2010-11-20 19:24] - 0833024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
[2014-06-21 08:59] - [2014-04-24 18:34] - 0801280 ____A (Microsoft Corporation) C:\Windows\System32\USP10.dll
[2014-06-21 08:59] - [2014-04-24 18:06] - 0626688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\USP10.dll
[2015-08-12 03:41] - [2015-07-16 11:12] - 2427904 ____A (Microsoft Corporation) C:\Windows\System32\WININET.dll
[2015-08-12 03:41] - [2015-07-16 10:42] - 1951232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WININET.dll
[2010-11-20 19:24] - [2010-11-20 19:24] - 0312832 ____A (Microsoft Corporation) C:\Windows\System32\WLDAP32.dll
[2010-11-20 19:24] - [2010-11-20 19:24] - 0269824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WLDAP32.dll
[2010-11-20 19:24] - [2010-11-20 19:24] - 0297984 ____A (Microsoft Corporation) C:\Windows\System32\WS2_32.dll
[2010-11-20 19:23] - [2010-11-20 19:23] - 0206848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WS2_32.dll
[2009-07-13 15:27] - [2009-07-13 17:40] - 0504320 ____A (Microsoft Corporation) C:\Windows\System32\DifxApi.dll
[2009-07-13 15:16] - [2009-07-13 17:15] - 0315904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DifxApi.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== Restore Points =========================
Restore point made on: 2015-07-24 02:35:33
Restore point made on: 2015-07-31 06:25:59
Restore point made on: 2015-07-31 08:52:31
Restore point made on: 2015-08-03 22:33:03
Restore point made on: 2015-08-08 10:28:08
Restore point made on: 2015-08-12 03:42:29
Restore point made on: 2015-08-12 05:31:11
==================== Memory info ===========================
Percentage of memory in use: 11%
Total physical RAM: 8052.3 MB
Available physical RAM: 7086.27 MB
Total Virtual: 8050.5 MB
Available Virtual: 7055.62 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:681.63 GB) (Free:305.86 GB) NTFS
Drive d: (WINRE) (Fixed) (Total:2 GB) (Free:1 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive e: (HDBR_DRIVER) (Fixed) (Total:1 GB) (Free:0.61 GB) NTFS
Drive f: (HDBR_OS) (Fixed) (Total:14 GB) (Free:3.16 GB) NTFS
Drive h: (USB_DISK) (Removable) (Total:0.96 GB) (Free:0.95 GB) FAT
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: B8755606)
Partition 1: (Active) - (Size=2 GB) - (Type=27)
Partition 2: (Not Active) - (Size=696.6 GB) - (Type=OF Extended)
========================================================
Disk: 1 (Size: 981 MB) (Disk ID: 49E2A461)
Partition 1: (Not Active) - (Size=981 MB) - (Type=06)
LastRegBack: 2015-08-02 00:35
==================== End of log ============================
 Seither fähert er nicht mehr hoch. Vielen Dank für die Hilfe! |
|
14.08.2015, 08:50
| #4 | |
| /// the machine /// TB-Ausbilder | Windows 7 bootet nicht mehr, nur Sperrbildschirm! FRST-Scan ist erfolgt.Zitat:
Drücke bitte die  + R Taste und schreibe notepad in das Ausführen Fenster.Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter LastRegBack: 2015-08-02 00:35
Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
14.08.2015, 16:30
| #5 |
| | Windows 7 bootet nicht mehr, nur Sperrbildschirm! FRST-Scan ist erfolgt. Hier der Fixlog: Code:
ATTFilter Fix result of Farbar Recovery Scan Tool (x64) Version:12-08-2015
Ran by SYSTEM (2015-08-14 17:24:07) Run:1
Running from H:\
Boot Mode: Recovery
==============================================
fixlist content:
*****************
LastRegBack: 2015-08-02 00:35
*****************
DEFAULT hive copied successfully to System32\config\HiveBackup
DEFAULT hive restored successfully from registry back up.
SAM hive copied successfully to System32\config\HiveBackup
SAM hive restored successfully from registry back up.
SECURITY hive copied successfully to System32\config\HiveBackup
SECURITY hive restored successfully from registry back up.
SOFTWARE hive copied successfully to System32\config\HiveBackup
SOFTWARE hive restored successfully from registry back up.
SYSTEM hive copied successfully to System32\config\HiveBackup
SYSTEM hive restored successfully from registry back up.
==== End of Fixlog 17:24:14 ====
Vielen Dank für die Hilfe (mal wieder)! |
|
15.08.2015, 09:45
| #6 |
| /// the machine /// TB-Ausbilder | Windows 7 bootet nicht mehr, nur Sperrbildschirm! FRST-Scan ist erfolgt. Also nach dem Fix immer noch nicht? Systemwiederherstellung auf einen alten Punkt schon versucht?
__________________ --> Windows 7 bootet nicht mehr, nur Sperrbildschirm! FRST-Scan ist erfolgt. |
|
16.08.2015, 12:53
| #7 |
| | Windows 7 bootet nicht mehr, nur Sperrbildschirm! FRST-Scan ist erfolgt. Windows lässt sich jetzt wieder auf normalem Weg starten!  Dafür schon mal vielen Dank. Gerne spende ich auch für die schnelle Hilfe. Nun noch zwei Fragen: muss ich nun noch irgendwelche Vorkehrungen unter Windows treffen? Frage zwei: wol lag denn das Problem?Auf alle Fälle schon mal ein ganz herzliches Dankeschön!!!  |
|
17.08.2015, 07:13
| #8 |
| /// the machine /// TB-Ausbilder | Windows 7 bootet nicht mehr, nur Sperrbildschirm! FRST-Scan ist erfolgt. Ich denke in Windows Update war da schuld. Bitte vom Desktop aus zur Kontrolle: Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
17.08.2015, 10:46
| #9 |
| | Windows 7 bootet nicht mehr, nur Sperrbildschirm! FRST-Scan ist erfolgt. Hier nun die zwei Logs. Hoffe, es ist alles okay... Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:16-08-2015
durchgeführt von Susanne Ludewig (Administrator) auf SUSANNELUDEWIG (17-08-2015 11:39:35)
Gestartet von C:\Users\Susanne Ludewig\Desktop
Geladene Profile: Susanne Ludewig (Verfügbare Profile: Susanne Ludewig)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Qihu Software Co. Limited) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
() C:\Users\Susanne Ludewig\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Fujitsu Technology Solutions) C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
() C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
(Audible, Inc.) C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNAutoCon.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-12-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [589176 2011-12-20] (Alps Electric Co., Ltd.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [LoadFUJ02E3] => C:\Program Files\Fujitsu\FUJ02E3\fuj02e3.exe [76104 2011-11-24] (FUJITSU LIMITED)
HKLM\...\Run: [PSUTility] => C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [205168 2011-10-03] (FUJITSU LIMITED)
HKLM\...\Run: [LoadFujitsuQuickTouch] => C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [158024 2011-10-01] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [23368 2011-10-01] (FUJITSU LIMITED)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [VDownloader] => C:\Program Files\VDownloader\VDownloader4.exe [1753600 2015-02-26] (Vitzo)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-06] (Intel Corporation)
HKLM-x32\...\Run: [IndicatorUtility] => C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [48752 2010-09-30] (FUJITSU LIMITED)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DeskUpdateNotifier] => c:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe [100120 2011-11-10] (Fujitsu Technology Solutions)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [255208 2012-03-21] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe [1020536 2015-07-09] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2454520521-1313131367-1046456688-1001\...\Run: [Amazon Music] => C:\Users\Susanne Ludewig\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-11-19] ()
HKU\S-1-5-21-2454520521-1313131367-1046456688-1001\...\Run: [VDownloader] => C:\Program Files\VDownloader\VDownloader4.exe [1753600 2015-02-26] (Vitzo)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [260928 2012-02-04] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [215360 2012-02-04] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk [2013-01-30]
ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk [2013-01-04]
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\lcStarter.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk [2013-01-04]
ShortcutTarget: newreminderdialog.lnk -> C:\Program Files\Fujitsu\FujitsuRecovery\NewReminderDialog.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk [2013-01-04]
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\lcStarter.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk [2013-01-04]
ShortcutTarget: newreminderdialog.lnk -> C:\Program Files\Fujitsu\FujitsuRecovery\NewReminderDialog.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Susanne Ludewig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2013-01-04]
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
ProxyServer: [S-1-5-21-2454520521-1313131367-1046456688-1001] => http=127.0.0.1:8555;https=127.0.0.1:8555
HKU\S-1-5-21-2454520521-1313131367-1046456688-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.fujitsu.com/fts
HKU\S-1-5-21-2454520521-1313131367-1046456688-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=FTSH&bmod=FTSH;
HKU\S-1-5-21-2454520521-1313131367-1046456688-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP3212F6EE-41F4-47C4-964D-B87B6B4ECC55&SSPV=
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2454520521-1313131367-1046456688-1001 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP3212F6EE-41F4-47C4-964D-B87B6B4ECC55&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-2454520521-1313131367-1046456688-1001 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP3212F6EE-41F4-47C4-964D-B87B6B4ECC55&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-2454520521-1313131367-1046456688-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=DE00685D43BBB468&affID=121564&tsp=4945
SearchScopes: HKU\S-1-5-21-2454520521-1313131367-1046456688-1001 -> {3CAFAB09-ABB3-416B-A800-5087EF117D22} URL =
SearchScopes: HKU\S-1-5-21-2454520521-1313131367-1046456688-1001 -> {C4764E4A-23D2-4910-8CB0-58F4F762F23F} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=de00786b000000000000685d43bbb468&r=964
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22] (Microsoft Corp.)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll Keine Datei
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22] (Microsoft Corp.)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll Keine Datei
Toolbar: HKU\S-1-5-21-2454520521-1313131367-1046456688-1001 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei
Toolbar: HKU\S-1-5-21-2454520521-1313131367-1046456688-1001 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{E2750DDA-6CD9-4CB2-AD28-C438761BEEDF}: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\vdejzphz.default-1391699856713
FF Homepage: hxxp://ecosia.org/?sc=de
FF NetworkProxy: "backup.ftp", "184.172.117.120"
FF NetworkProxy: "backup.ftp_port", 3
FF NetworkProxy: "backup.socks", "184.172.117.120"
FF NetworkProxy: "backup.socks_port", 3
FF NetworkProxy: "backup.ssl", "184.172.117.120"
FF NetworkProxy: "backup.ssl_port", 3
FF NetworkProxy: "ftp", "199.200.120.37"
FF NetworkProxy: "ftp_port", 7808
FF NetworkProxy: "http", "199.200.120.37"
FF NetworkProxy: "http_port", 7808
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "199.200.120.37"
FF NetworkProxy: "socks_port", 7808
FF NetworkProxy: "ssl", "199.200.120.37"
FF NetworkProxy: "ssl_port", 7808
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-16] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-16] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-09-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2454520521-1313131367-1046456688-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll [2013-01-23] (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-2454520521-1313131367-1046456688-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2014-07-10] (Sony Network Entertainment International LLC)
FF SearchPlugin: C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\vdejzphz.default-1391699856713\searchplugins\google-images.xml [2014-12-19]
FF SearchPlugin: C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\vdejzphz.default-1391699856713\searchplugins\google-maps.xml [2014-12-19]
FF Extension: FoxyProxy Standard - C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\vdejzphz.default-1391699856713\Extensions\foxyproxy@eric.h.jung [2015-06-05]
FF Extension: Garmin Communicator - C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\vdejzphz.default-1391699856713\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2015-07-25]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF HKLM-x32\...\Firefox\Extensions: [WebProtection@360safe.com] - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox
FF Extension: 360 Internet Protection - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox [2015-07-24]
FF HKU\S-1-5-21-2454520521-1313131367-1046456688-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
Chrome:
=======
CHR Profile: C:\Users\Susanne Ludewig\AppData\Local\Google\Chrome\User Data\default
CHR Extension: (Softonic Chrome Toolbar) - C:\Users\Susanne Ludewig\AppData\Local\Google\Chrome\User Data\default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf [2013-12-10]
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <nicht gefunden>
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [225280 2011-08-05] (DTS, Inc)
R2 FUJ02E3Service; C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [76104 2011-11-24] (FUJITSU LIMITED)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2213376 2011-12-22] (FUJITSU LIMITED) [Datei ist nicht signiert]
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63856 2011-10-03] (FUJITSU LIMITED)
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [839792 2015-07-09] (QIHU 360 SOFTWARE CO. LIMITED)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [100424 2015-07-09] (360.cn)
R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [77896 2015-07-09] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [305736 2015-07-09] (360.cn)
R1 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2015-07-09] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [314448 2015-07-09] (Qihu 360 Software Co., Ltd.)
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [180816 2015-07-09] (Qihu 360 Software Co., Ltd.)
R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [21104 2009-06-24] (FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\system32\drivers\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\system32\drivers\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [47632 2010-01-27] (CACE Technologies, Inc.)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1812608 2011-12-28] ()
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-10-16] (Anchorfree Inc.)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-17 11:39 - 2015-08-17 11:40 - 00022924 _____ C:\Users\Susanne Ludewig\Desktop\FRST.txt
2015-08-17 11:38 - 2015-08-17 11:38 - 02173440 _____ (Farbar) C:\Users\Susanne Ludewig\Desktop\FRST64.exe
2015-08-16 23:41 - 2015-08-16 23:46 - 00000000 ____D C:\Windows\system32\MRT
2015-08-16 23:41 - 2015-07-28 10:59 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-16 15:22 - 2015-08-16 15:22 - 00000000 __SHD C:\$360Section
2015-08-16 14:54 - 2015-08-16 14:54 - 00000000 ____D C:\Users\Susanne Ludewig\Desktop\GrabbedImages
2015-08-16 13:44 - 2015-08-16 15:22 - 00000000 ____D C:\ProgramData\360Quarant
2015-08-15 03:24 - 2015-08-15 03:24 - 00000000 ____D C:\Windows\system32\config\HiveBackup
2015-08-13 22:39 - 2015-08-17 11:39 - 00000000 ____D C:\FRST
2015-08-12 16:29 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 16:29 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 14:28 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 14:28 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 14:28 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 14:28 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 14:28 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 14:28 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-12 14:28 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 14:28 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 13:42 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 13:42 - 2015-07-15 20:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-12 13:42 - 2015-07-15 20:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-12 13:42 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 13:42 - 2015-07-15 20:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 13:42 - 2015-07-15 20:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-12 13:42 - 2015-07-15 20:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-12 13:42 - 2015-07-15 20:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-12 13:42 - 2015-07-15 20:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-12 13:42 - 2015-07-15 20:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-12 13:42 - 2015-07-15 20:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-12 13:42 - 2015-07-15 20:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-12 13:42 - 2015-07-15 20:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 13:42 - 2015-07-15 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-12 13:42 - 2015-07-15 20:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-12 13:42 - 2015-07-15 20:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-12 13:42 - 2015-07-15 20:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-12 13:42 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-12 13:42 - 2015-07-15 19:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 13:42 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-12 13:42 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-12 13:42 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-12 13:42 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-12 13:42 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-12 13:42 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-12 13:42 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-12 13:42 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-12 13:42 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-12 13:42 - 2015-07-15 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-12 13:42 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-12 13:42 - 2015-07-15 19:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-12 13:42 - 2015-07-15 19:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-12 13:42 - 2015-07-15 19:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-12 13:42 - 2015-07-15 19:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-12 13:42 - 2015-07-15 19:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-12 13:42 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-12 13:42 - 2015-07-15 19:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-12 13:42 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-12 13:42 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-12 13:42 - 2015-07-15 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-12 13:42 - 2015-07-15 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-12 13:42 - 2015-07-15 18:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-12 13:42 - 2015-07-15 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-12 13:42 - 2015-07-15 18:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 18:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 18:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 18:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-12 13:42 - 2015-07-10 19:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 13:42 - 2015-07-10 19:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-12 13:42 - 2015-07-10 19:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-12 13:42 - 2015-07-10 19:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 13:42 - 2015-07-10 19:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-12 13:42 - 2015-07-10 19:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-12 13:41 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-12 13:41 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-12 13:41 - 2015-07-16 23:14 - 25192448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-12 13:41 - 2015-07-16 22:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-12 13:41 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-12 13:41 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-12 13:41 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 13:41 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 13:41 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-12 13:41 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 13:41 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-12 13:41 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 13:41 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 13:41 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-12 13:41 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 13:41 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 13:41 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-12 13:41 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 13:41 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-12 13:41 - 2015-07-16 22:20 - 19870208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-12 13:41 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-12 13:41 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 13:41 - 2015-07-16 22:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-12 13:41 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 13:41 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-12 13:41 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 13:41 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 13:41 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 13:41 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-12 13:41 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 13:41 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-12 13:41 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-12 13:41 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 13:41 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 13:41 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-12 13:41 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 13:41 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 13:41 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 13:41 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-12 13:41 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 13:41 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-12 13:41 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 13:41 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-12 13:41 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 13:41 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 13:41 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-12 13:41 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-12 13:41 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 13:41 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 13:41 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 13:41 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 13:41 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 13:41 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 13:41 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 13:41 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-12 13:41 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 13:41 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 13:41 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 13:41 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 13:41 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 13:41 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 13:39 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 13:39 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 13:39 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 13:39 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-12 13:39 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 13:39 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-12 13:39 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-12 13:39 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 13:39 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 13:39 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-12 13:39 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 13:39 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-12 13:39 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-12 13:39 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 13:39 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 13:39 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 13:39 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 13:39 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 13:39 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 13:39 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 13:39 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 13:39 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 13:39 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-12 13:39 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-12 13:39 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 13:39 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-12 13:39 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-12 13:39 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 13:39 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 13:39 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 13:39 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 13:39 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-12 13:39 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 13:39 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 13:39 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-12 13:39 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-12 13:39 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 13:39 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 13:39 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-12 13:39 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-12 13:39 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 13:39 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-12 13:39 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 13:39 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 13:39 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 13:39 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 13:39 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 13:39 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 13:39 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 13:39 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-08 11:20 - 2015-08-09 10:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-04 10:03 - 2015-08-04 10:03 - 00285664 _____ C:\Windows\Minidump\080415-26192-01.dmp
2015-08-04 08:37 - 2015-08-04 08:37 - 00002162 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2015-08-04 08:36 - 2015-08-04 08:38 - 00204760 _____ C:\Users\Susanne Ludewig\Downloads\googleearthinstall.log
2015-08-04 08:29 - 2015-08-04 08:30 - 36182856 _____ C:\Users\Susanne Ludewig\Downloads\GoogleEarthWin.exe
2015-07-26 16:44 - 2015-08-16 23:32 - 00000000 _RSHD C:\360SANDBOX
2015-07-25 10:02 - 2015-07-25 10:02 - 00000000 ____D C:\ProgramData\360TotalSecurity
2015-07-25 10:01 - 2015-07-25 10:07 - 00000000 ____D C:\ProgramData\360safe
2015-07-24 20:49 - 2015-07-09 05:45 - 00314448 _____ (Qihu 360 Software Co., Ltd.) C:\Windows\system32\Drivers\360fsflt.sys
2015-07-24 20:48 - 2015-07-24 20:48 - 00001159 _____ C:\Users\Public\Desktop\360 Total Security.lnk
2015-07-24 20:48 - 2015-07-24 20:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center
2015-07-24 20:48 - 2015-07-24 20:48 - 00000000 ____D C:\Program Files (x86)\360
2015-07-24 20:48 - 2015-07-09 05:45 - 00305736 _____ (360.cn) C:\Windows\system32\Drivers\360Box64.sys
2015-07-24 20:48 - 2015-07-09 05:45 - 00180816 _____ (Qihu 360 Software Co., Ltd.) C:\Windows\system32\Drivers\BAPIDRV64.SYS
2015-07-24 20:48 - 2015-07-09 05:45 - 00100424 _____ (360.cn) C:\Windows\system32\Drivers\360AntiHacker64.sys
2015-07-24 20:48 - 2015-07-09 05:45 - 00077896 _____ (360.cn) C:\Windows\system32\Drivers\360AvFlt.sys
2015-07-24 20:48 - 2015-07-09 05:45 - 00040520 _____ (360.cn) C:\Windows\system32\Drivers\360Camera64.sys
2015-07-19 21:10 - 2015-07-19 21:10 - 00362373 _____ C:\Users\Susanne Ludewig\Downloads\exifr300_e.zip
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-17 11:36 - 2013-01-04 22:40 - 01137905 _____ C:\Windows\WindowsUpdate.log
2015-08-17 11:32 - 2013-01-04 21:33 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-17 11:32 - 2009-07-14 06:45 - 00024400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-17 11:32 - 2009-07-14 06:45 - 00024400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-16 23:36 - 2013-01-04 13:05 - 00000000 ____D C:\Users\Susanne Ludewig\Documents\Youcam
2015-08-16 23:32 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-16 23:32 - 2009-07-14 06:51 - 00145198 _____ C:\Windows\setupact.log
2015-08-16 23:18 - 2015-07-10 19:28 - 00000000 ___HD C:\$Windows.~BT
2015-08-16 22:37 - 2012-01-06 02:30 - 00000000 ____D C:\Windows\Panther
2015-08-16 17:36 - 2013-03-14 08:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-16 17:04 - 2010-11-21 05:47 - 01025902 _____ C:\Windows\PFRO.log
2015-08-16 15:23 - 2014-08-10 20:33 - 00000000 ____D C:\Users\Susanne Ludewig\Downloads\EmergencyRoom
2015-08-16 15:22 - 2015-02-03 23:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GrabIt
2015-08-16 15:12 - 2015-02-22 15:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LEGO MINDSTORMS NXT 2.0
2015-08-16 15:04 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-08-16 14:54 - 2014-04-06 14:43 - 00000000 ____D C:\Users\Susanne Ludewig\AppData\Roaming\gsak
2015-08-16 14:51 - 2015-01-11 14:58 - 00000000 ____D C:\Users\Susanne Ludewig\Downloads\Parenthood
2015-08-16 14:51 - 2013-02-01 20:01 - 00000000 ____D C:\Users\Susanne Ludewig\Downloads\HIMYM
2015-08-16 13:44 - 2015-02-04 11:11 - 00000000 ____D C:\Users\Susanne Ludewig\AppData\Roaming\360safe
2015-08-16 13:44 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-08-16 13:44 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2015-08-16 12:43 - 2013-01-04 21:33 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-16 12:43 - 2013-01-04 21:33 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-16 11:12 - 2012-01-06 19:54 - 00699666 _____ C:\Windows\system32\perfh007.dat
2015-08-16 11:12 - 2012-01-06 19:54 - 00149774 _____ C:\Windows\system32\perfc007.dat
2015-08-16 11:12 - 2009-07-14 07:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-16 11:08 - 2013-01-04 12:57 - 00078136 _____ C:\Users\Susanne Ludewig\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-16 11:06 - 2009-07-14 06:45 - 00328616 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-13 07:05 - 2015-04-08 17:27 - 00000000 ___SD C:\Windows\system32\GWX
2015-08-13 07:05 - 2014-12-13 10:43 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-13 07:05 - 2014-05-01 10:26 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-13 07:05 - 2013-03-14 08:45 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-13 07:05 - 2013-03-14 08:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-13 07:05 - 2013-01-30 12:01 - 00000000 ____D C:\Users\Susanne Ludewig\Documents\Audible
2015-08-13 07:05 - 2013-01-04 21:33 - 00000000 ____D C:\Windows\system32\Macromed
2015-08-13 07:05 - 2013-01-04 12:57 - 00000000 ____D C:\Users\Susanne Ludewig
2015-08-13 07:05 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-08-13 07:05 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-08-12 14:43 - 2013-01-04 21:33 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-09 14:53 - 2015-06-20 19:33 - 00000000 ____D C:\Users\Susanne Ludewig\Downloads\ONLEIHE
2015-08-09 10:44 - 2013-01-07 22:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-06 21:56 - 2014-12-18 08:47 - 00000000 ____D C:\Users\Susanne Ludewig\Documents\Dies&Das
2015-08-06 18:11 - 2013-11-17 04:07 - 00000000 ____D C:\Users\Susanne Ludewig\Documents\EigeneGeocaches
2015-08-06 16:30 - 2013-01-05 11:46 - 00000432 _____ C:\Windows\BRWMARK.INI
2015-08-04 12:53 - 2013-01-04 13:03 - 00000000 ____D C:\Windows\System32\Tasks\Fujitsu
2015-08-04 10:03 - 2014-05-26 19:39 - 00000000 ____D C:\Windows\Minidump
2015-08-04 10:03 - 2014-05-26 19:38 - 537477520 _____ C:\Windows\MEMORY.DMP
2015-08-04 09:18 - 2013-01-04 12:57 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-31 17:51 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-26 22:16 - 2013-01-04 15:23 - 00000000 ____D C:\Users\Susanne Ludewig\AppData\Roaming\vlc
2015-07-26 21:32 - 2013-01-24 22:06 - 00000000 ____D C:\Users\Susanne Ludewig\AppData\Local\CrashDumps
2015-07-19 11:15 - 2015-03-25 20:23 - 00000000 __SHD C:\360Rec
2015-07-18 20:01 - 2015-04-08 17:27 - 00000000 ___SD C:\Windows\SysWOW64\GWX
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-05-22 16:39 - 2010-01-26 11:11 - 0444283 _____ () C:\Program Files\Common Files\WinPcapNmap.exe
2006-12-11 19:13 - 2006-12-11 19:13 - 0097336 _____ (Un4seen Developments) C:\Users\Susanne Ludewig\AppData\Local\bass.dll
2006-12-11 19:13 - 2006-12-11 19:13 - 0013872 _____ (Un4seen Developments) C:\Users\Susanne Ludewig\AppData\Local\basscd.dll
2007-08-13 17:46 - 2007-08-13 17:46 - 0102912 _____ (Albert L Faber) C:\Users\Susanne Ludewig\AppData\Local\CDRip.dll
2007-08-13 17:46 - 2007-08-13 17:46 - 0155136 _____ () C:\Users\Susanne Ludewig\AppData\Local\lame_enc.dll
2007-01-18 21:09 - 2007-01-18 21:09 - 0623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\Susanne Ludewig\AppData\Local\No23 Recorder.exe
2005-08-23 22:34 - 2005-08-23 22:34 - 0029184 _____ () C:\Users\Susanne Ludewig\AppData\Local\no23xwrapper.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 0015872 _____ () C:\Users\Susanne Ludewig\AppData\Local\ogg.dll
2015-06-21 19:41 - 2015-06-21 19:41 - 0001429 _____ () C:\Users\Susanne Ludewig\AppData\Local\RecConfig.xml
2015-04-24 12:52 - 2015-04-24 12:52 - 0032852 _____ () C:\Users\Susanne Ludewig\AppData\Local\recently-used.xbel
2006-10-26 01:06 - 2006-10-26 01:06 - 0143872 _____ () C:\Users\Susanne Ludewig\AppData\Local\vorbis.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 0064000 _____ () C:\Users\Susanne Ludewig\AppData\Local\vorbisenc.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 0019456 _____ () C:\Users\Susanne Ludewig\AppData\Local\vorbisfile.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-08-16 11:50
==================== Ende von Ergebnis ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:16-08-2015
durchgeführt von Susanne Ludewig (2015-08-17 11:40:34)
Gestartet von C:\Users\Susanne Ludewig\Desktop
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2454520521-1313131367-1046456688-500 - Administrator - Disabled)
Gast (S-1-5-21-2454520521-1313131367-1046456688-501 - Limited - Disabled)
Susanne Ludewig (S-1-5-21-2454520521-1313131367-1046456688-1001 - Administrator - Enabled) => C:\Users\Susanne Ludewig
UpdatusUser (S-1-5-21-2454520521-1313131367-1046456688-1000 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AV: 360 Total Security (Enabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
AS: 360 Total Security (Enabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 6.6.1.1016 - 360 Security Center)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Digital Editions 4.0 (HKLM-x32\...\Adobe Digital Editions 4.0) (Version: 4.0.3 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - ALPS ELECTRIC CO., LTD.)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-2454520521-1313131367-1046456688-1001\...\Amazon Amazon Music) (Version: 3.7.0.693 - Amazon Services LLC)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.15 - Audible, Inc.)
BackUp Maker (HKLM-x32\...\BackUp Maker_is1) (Version: 7.0.0.5 - ASCOMP Software GmbH)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.75.0.2014 - Georgy Berdyshev)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink YouCam 5 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.1521 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DeskUpdate 4.12 (HKLM-x32\...\DeskUpdate_is1) (Version: 4.12.0088 - Fujitsu Technology Solutions)
FJ Camera (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.52032.0_WHQL - Sonix)
Free YouTube to MP3 Converter version 3.12.54.128 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.54.128 - DVDVideoSoft Ltd.)
Fujitsu Hotkey Utility (HKLM-x32\...\InstallShield_{C8E4B31D-337C-483D-822D-16F11441669B}) (Version: 3.70.0.0 - FUJITSU LIMITED)
Fujitsu Hotkey Utility (x32 Version: 3.70.0.0 - FUJITSU LIMITED) Hidden
Fujitsu MobilityCenter Extension Utility (HKLM-x32\...\InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}) (Version: 3.01.00.002 - FUJITSU LIMITED)
Fujitsu MobilityCenter Extension Utility (Version: 3.01.00.002 - FUJITSU LIMITED) Hidden
Fujitsu System Extension Utility (HKLM-x32\...\InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}) (Version: 3.4.4.0 - FUJITSU LIMITED)
Fujitsu System Extension Utility (Version: 3.4.4.0 - FUJITSU LIMITED) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GrabIt 1.7.3 Beta (build 1010) (HKLM-x32\...\GrabIt_is1) (Version: - Ilan Shemes)
GSAK 8.4.1.29 (HKLM-x32\...\GSAK_is1) (Version: - CWE computer services)
HandBrake 0.10.2 (HKLM-x32\...\HandBrake) (Version: 0.10.2 - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2626 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed (HKLM\...\{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}) (Version: 15.0.0.0059 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{F0932859-AA60-459E-B843-0BDECA34E2C7}) (Version: 2.0.0.0086 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0642 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LEGO MINDSTORMS NXT - (Deutsch) Sprachenpaket (HKLM-x32\...\{611ED207-22E5-4543-B9D3-E73096759A4F}) (Version: 2.0.100.0 - The LEGO Group)
LEGO MINDSTORMS NXT Driver for x64 (HKLM\...\{74E85F31-573F-45BF-8939-4D2BCDCC2083}) (Version: 1.17.770 - LEGO)
LEGO MINDSTORMS NXT Migration Package (HKLM-x32\...\{6C1D47CC-682C-4673-8CA8-DEE659628599}) (Version: 1.2.8.0 - LEGO)
LIFEBOOK Application Panel (HKLM-x32\...\InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}) (Version: 8.3.2.0 - FUJITSU LIMITED)
LIFEBOOK Application Panel (Version: 8.3.2.0 - FUJITSU LIMITED) Hidden
Media Go (HKLM-x32\...\{AF06B8FA-B916-4001-AE51-6645488DEF09}) (Version: 2.8.303 - Sony)
Media Go Network Downloader (HKLM-x32\...\{5562F05F-908C-4F15-9B3C-98D5FD32DCAB}) (Version: 1.5.19.0 - Sony)
Media Go Video Playback Engine 2.12.112.07010 (HKLM-x32\...\{2AC62059-C1F3-3332-14F7-BD4F8231FED9}) (Version: 2.12.112.07010 - Sony)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MyFreeCodec (HKU\S-1-5-21-2454520521-1313131367-1046456688-1001\...\MyFreeCodec) (Version: - )
NAVIGON Fresh 1.4.6 (HKLM-x32\...\NAVIGON Fresh) (Version: 1.4.6 - NAVIGON)
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
NVIDIA Graphics Driver 295.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 295.62 - NVIDIA Corporation)
Nvu 1.0 (HKLM-x32\...\Nvu_is1) (Version: 1.0 - Thorsten Fritz)
NWZ-E380 WALKMAN Guide (HKLM-x32\...\{D98ED583-338D-4425-B2EF-A4C7FB93CE88}) (Version: 2.2.0.05230 - Sony Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Plugfree NETWORK (HKLM\...\{7BA64D21-EE46-4a9a-8145-52B0175C3F86}) (Version: 6.2.0.1 - FUJITSU LIMITED)
Plugfree NETWORK (Version: 6.2.001 - FUJITSU LIMITED) Hidden
Power Saving Utility (HKLM-x32\...\{49A588CF-5FD4-4774-BFBF-0764287DE82B}) (Version: 32.01.10.038 - FUJITSU LIMITED)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6526 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7601.30129 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
VDownloader 4.0.1163 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version: - Vitzo Limited)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Willi wills wissen - Notruf - Retter im Einsatz (HKLM-x32\...\{2A8651D3-6385-4A43-A05B-F3FE94E2EAE0}) (Version: 1.00.000 - )
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
16-08-2015 17:34:47 Windows Update
16-08-2015 22:26:28 Konfiguriert Willi wills wissen - Notruf - Retter im Einsatz
16-08-2015 23:40:39 Windows Update
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {1419DD6B-0F12-4F51-8B12-728A2573BDA6} - System32\Tasks\BackUp_Maker-Susanne_Ludewig => C:\Program Files (x86)\ASCOMP Software\BackUp Maker\bkmaker.exe
Task: {7602F2F4-D138-4177-BD5F-0ECAC4FD687C} - \GoogleUpdateTaskMachineUA -> Keine Datei <==== ACHTUNG
Task: {95CCD9FD-4191-4D0B-8179-CB8A95E5F635} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {BBF2FAE7-476E-4CEB-B539-0ED863E56AFF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-16] (Adobe Systems Incorporated)
Task: {D35C8504-E265-46BC-B076-BC43AF276D95} - System32\Tasks\Fujitsu\DeskUpdate => c:\Fujitsu\Programs\DeskUpdate\ducmd.exe [2011-11-10] (Fujitsu Technology Solutions)
Task: {E3CCC28D-34A7-4967-BBF7-1C410A1F3466} - \GoogleUpdateTaskMachineCore -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2012-02-08 02:59 - 2012-01-18 08:48 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-09-16 12:07 - 2014-11-19 02:55 - 06277952 _____ () C:\Users\Susanne Ludewig\AppData\Local\Amazon Music\Amazon Music Helper.exe
2015-07-24 20:48 - 2015-07-09 05:45 - 01020536 _____ () C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-01-04 13:00 - 2011-12-16 03:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-07-24 20:48 - 2015-07-09 05:45 - 00559224 _____ () C:\Program Files (x86)\360\Total Security\safemon\wdui2.dll
2012-08-10 17:51 - 2012-08-10 17:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2015-08-12 14:43 - 2015-08-16 12:43 - 17482952 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2454520521-1313131367-1046456688-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Susanne Ludewig\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{5A973C04-8A01-444A-9F62-4D661732E8C9}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{85B8AFFC-FDBE-47F1-89AB-A327D757ED9F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{138880AE-4B88-40CE-B48D-EDD4DF3981B7}] => (Allow) LPort=2869
FirewallRules: [{EFA81EDC-3389-454E-AA74-F78F1BA27D4B}] => (Allow) LPort=1900
FirewallRules: [{7BF651F7-68D9-44DC-84A9-3EC9698B7E2E}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{711C483B-EF22-4CDF-A9A4-936823FA522B}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{AB78AF93-C707-438C-B39D-D373DFF942F8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9A83D8DB-FC1E-4290-BCC4-A043847EF42C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D8360459-C02C-41F7-8825-D0357EDBAA5B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B9D0DD23-217B-42BA-8C33-829B2537C879}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9E3F8869-D1CA-416E-979E-0061E9E210B8}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{487091B5-24A5-446A-AE16-1DA33F3C964C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E50B70E9-643D-4BAC-928A-88FA1BAA0A40}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B11D2C85-A252-407E-B36A-06527906C95F}] => (Allow) C:\Program Files\360\360 Internet Security\safemon\360Tray.exe
FirewallRules: [{6C2C9ECB-9E7D-4D4B-847C-F15AFC727D48}] => (Allow) C:\Program Files\360\360 Internet Security\safemon\360Tray.exe
FirewallRules: [{238BFC44-9EF7-4C0E-9771-C05E868D2F71}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{027A6FAF-AAAF-45A7-BF1C-3201C3DC738F}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{B1E60322-10BB-414F-A86C-8265D94CF5F9}] => (Allow) C:\Program Files\360\360 Internet Security\UpTip.exe
FirewallRules: [{BCB5B658-DCC5-47F7-B12D-3C5BF269246A}] => (Allow) C:\Program Files\360\360 Internet Security\UpTip.exe
FirewallRules: [{9CCB52BC-D5F9-4DE7-8164-6C5441698749}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{4F229E37-3CDC-4928-B243-898A6BC5DD6C}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/16/2015 11:32:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/16/2015 09:18:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/16/2015 08:09:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/16/2015 05:26:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 694423
Error: (08/16/2015 05:26:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 694423
Error: (08/16/2015 05:26:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/16/2015 05:14:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5226
Error: (08/16/2015 05:14:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5226
Error: (08/16/2015 05:14:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/16/2015 05:14:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4150
Systemfehler:
=============
Error: (08/17/2015 11:41:02 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "C:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Error: (08/17/2015 11:40:57 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "C:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Error: (08/17/2015 11:40:52 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "C:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Error: (08/17/2015 11:40:47 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "C:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Error: (08/17/2015 11:40:42 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "C:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Error: (08/17/2015 11:40:37 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "C:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Error: (08/17/2015 11:40:31 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "C:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Error: (08/17/2015 11:40:26 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "C:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Error: (08/17/2015 11:40:21 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "C:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Error: (08/17/2015 11:40:16 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "C:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Microsoft Office:
=========================
Error: (08/16/2015 11:32:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/16/2015 09:18:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/16/2015 08:09:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/16/2015 05:26:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 694423
Error: (08/16/2015 05:26:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 694423
Error: (08/16/2015 05:26:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/16/2015 05:14:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5226
Error: (08/16/2015 05:14:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5226
Error: (08/16/2015 05:14:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/16/2015 05:14:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4150
CodeIntegrity:
===================================
Date: 2015-08-17 11:36:32.113
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-16 23:33:31.251
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-16 22:43:54.678
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-16 22:19:44.179
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-16 21:20:21.551
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-16 21:15:24.258
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-16 20:47:03.026
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-16 20:11:30.348
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-16 17:33:30.580
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-16 17:08:59.878
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 29%
Installierter physikalischer RAM: 8052.3 MB
Verfügbarer physikalischer RAM: 5692.21 MB
Summe virtueller Speicher: 16102.8 MB
Verfügbarer virtueller Speicher: 13633.52 MB
==================== Laufwerke ================================
Drive c: (System) (Fixed) (Total:681.63 GB) (Free:336.55 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: B8755606)
Partition 1: (Active) - (Size=2 GB) - (Type=27)
Partition 2: (Not Active) - (Size=696.6 GB) - (Type=OF Extended)
==================== Ende von Ergebnis ============================
|
|
17.08.2015, 16:12
| #10 |
| /// the machine /// TB-Ausbilder | Windows 7 bootet nicht mehr, nur Sperrbildschirm! FRST-Scan ist erfolgt. Da ist noch Arbeit. Qihoo Antivirus würde ich schleunigst entsorgen. Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
17.08.2015, 16:54
| #11 |
| | Windows 7 bootet nicht mehr, nur Sperrbildschirm! FRST-Scan ist erfolgt. Hier der neue Log: Code:
ATTFilter ComboFix 15-08-17.01 - Susanne Ludewig 17.08.2015 17:25:34.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8052.5242 [GMT 2:00]
ausgeführt von:: c:\users\Susanne Ludewig\Desktop\ComboFix.exe
AV: 360 Total Security *Disabled/Updated* {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
AV: Microsoft Security Essentials *Disabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: 360 Total Security *Disabled/Updated* {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
SP: Microsoft Security Essentials *Disabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\360Rec
c:\360rec\20150325\1922673.vir
c:\programdata\Roaming
c:\users\Susanne Ludewig\AppData\Local\lame_enc.dll
c:\users\Susanne Ludewig\AppData\Local\no23xwrapper.dll
c:\users\Susanne Ludewig\AppData\Local\ogg.dll
c:\users\Susanne Ludewig\AppData\Local\vorbis.dll
c:\users\Susanne Ludewig\AppData\Local\vorbisenc.dll
c:\users\Susanne Ludewig\AppData\Local\vorbisfile.dll
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_npf
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-07-17 bis 2015-08-17 ))))))))))))))))))))))))))))))
.
.
2015-08-17 09:53 . 2015-07-15 01:12 12222168 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A3BA442A-69BB-49FA-9EF6-6E10187BD6C4}\mpengine.dll
2015-08-16 21:41 . 2015-08-16 21:46 -------- d-----w- c:\windows\system32\MRT
2015-08-16 13:22 . 2015-08-16 13:22 -------- d-----w- C:\$360Section
2015-08-16 11:44 . 2015-08-16 13:22 -------- d-----w- c:\programdata\360Quarant
2015-08-16 09:21 . 2015-08-16 09:20 1190000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E151B8D0-4A2E-4F8F-8ED1-1753A887B3C3}\gapaengine.dll
2015-08-16 09:20 . 2015-07-15 01:12 12222168 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-08-13 20:39 . 2015-08-17 09:41 -------- d-----w- C:\FRST
2015-08-12 14:29 . 2015-07-30 13:13 103120 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 14:29 . 2015-07-30 13:13 124624 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 12:28 . 2015-07-28 20:05 774656 ----a-w- c:\windows\system32\invagent.dll
2015-08-12 12:28 . 2015-07-28 20:05 743424 ----a-w- c:\windows\system32\generaltel.dll
2015-08-12 12:28 . 2015-07-28 20:05 437760 ----a-w- c:\windows\system32\devinv.dll
2015-08-12 12:28 . 2015-07-28 20:05 1116672 ----a-w- c:\windows\system32\appraiser.dll
2015-08-12 12:28 . 2015-07-28 20:05 69120 ----a-w- c:\windows\system32\acmigration.dll
2015-08-12 12:28 . 2015-07-28 20:05 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-08-12 12:28 . 2015-07-28 19:55 1148416 ----a-w- c:\windows\system32\aeinv.dll
2015-08-12 12:28 . 2015-07-28 20:09 17344 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-08-12 11:41 . 2015-07-15 03:19 52736 ----a-w- c:\windows\system32\basesrv.dll
2015-08-12 11:39 . 2015-07-01 20:49 260096 ----a-w- c:\windows\system32\WebClnt.dll
2015-07-26 14:44 . 2015-08-16 21:32 -------- d-----r- C:\360SANDBOX
2015-07-25 08:02 . 2015-07-25 08:02 -------- d-----w- c:\programdata\360TotalSecurity
2015-07-25 08:01 . 2015-07-25 08:07 -------- d-----w- c:\programdata\360safe
2015-07-24 18:49 . 2015-07-09 03:45 314448 ----a-w- c:\windows\system32\drivers\360fsflt.sys
2015-07-24 18:48 . 2015-07-09 03:45 40520 ----a-w- c:\windows\system32\drivers\360Camera64.sys
2015-07-24 18:48 . 2015-07-09 03:45 305736 ----a-w- c:\windows\system32\drivers\360Box64.sys
2015-07-24 18:48 . 2015-07-09 03:45 100424 ----a-w- c:\windows\system32\drivers\360AntiHacker64.sys
2015-07-24 18:48 . 2015-07-09 03:45 180816 ----a-w- c:\windows\system32\drivers\BAPIDRV64.SYS
2015-07-24 18:48 . 2015-07-09 03:45 77896 ----a-w- c:\windows\system32\drivers\360AvFlt.sys
2015-07-24 18:48 . 2015-07-24 18:48 -------- d-----w- c:\program files (x86)\Common Files\AV
2015-07-24 18:48 . 2015-07-24 18:48 -------- d-----w- c:\program files (x86)\360
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-08-16 10:43 . 2013-01-04 19:33 778440 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-08-16 10:43 . 2013-01-04 19:33 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-15 17:54 . 2015-08-12 11:42 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-07-05 10:08 . 2010-11-21 03:27 300704 ------w- c:\windows\system32\MpSigStub.exe
2015-07-04 18:07 . 2015-07-17 06:37 2087424 ----a-w- c:\windows\system32\ole32.dll
2015-07-04 17:48 . 2015-07-17 06:37 1414656 ----a-w- c:\windows\SysWow64\ole32.dll
2015-07-02 07:31 . 2013-03-13 19:46 1190000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2015-06-17 17:47 . 2015-07-17 06:39 404992 ----a-w- c:\windows\system32\gdi32.dll
2015-06-17 17:37 . 2015-07-17 06:39 312320 ----a-w- c:\windows\SysWow64\gdi32.dll
2015-06-15 21:50 . 2015-07-17 06:36 112064 ----a-w- c:\windows\system32\consent.exe
2015-06-15 21:45 . 2015-07-17 06:36 3242496 ----a-w- c:\windows\system32\msi.dll
2015-06-15 21:45 . 2015-07-17 06:36 504320 ----a-w- c:\windows\system32\msihnd.dll
2015-06-15 21:45 . 2015-07-17 06:36 70656 ----a-w- c:\windows\system32\appinfo.dll
2015-06-15 21:45 . 2015-07-17 06:36 1941504 ----a-w- c:\windows\system32\authui.dll
2015-06-15 21:44 . 2015-07-17 06:36 128000 ----a-w- c:\windows\system32\msiexec.exe
2015-06-15 21:43 . 2015-07-17 06:36 337408 ----a-w- c:\windows\SysWow64\msihnd.dll
2015-06-15 21:43 . 2015-07-17 06:36 2364416 ----a-w- c:\windows\SysWow64\msi.dll
2015-06-15 21:43 . 2015-07-17 06:36 1805824 ----a-w- c:\windows\SysWow64\authui.dll
2015-06-15 21:42 . 2015-07-17 06:36 73216 ----a-w- c:\windows\SysWow64\msiexec.exe
2015-06-15 21:42 . 2015-07-17 06:36 25088 ----a-w- c:\windows\system32\msimsg.dll
2015-06-15 21:37 . 2015-07-17 06:36 25088 ----a-w- c:\windows\SysWow64\msimsg.dll
2015-06-02 00:07 . 2015-07-17 06:39 254976 ----a-w- c:\windows\system32\cewmdm.dll
2015-06-01 23:47 . 2015-07-17 06:39 210432 ----a-w- c:\windows\SysWow64\cewmdm.dll
2015-05-25 18:19 . 2015-06-09 19:01 1255424 ----a-w- c:\windows\system32\diagtrack.dll
2015-05-25 18:19 . 2015-06-09 19:00 879104 ----a-w- c:\windows\system32\tdh.dll
2015-05-25 18:19 . 2015-06-09 19:00 113664 ----a-w- c:\windows\system32\sechost.dll
2015-05-25 18:18 . 2015-06-09 19:01 879104 ----a-w- c:\windows\system32\advapi32.dll
2015-05-25 18:18 . 2015-06-09 19:00 404992 ----a-w- c:\windows\system32\tracerpt.exe
2015-05-25 18:18 . 2015-06-09 19:00 47104 ----a-w- c:\windows\system32\typeperf.exe
2015-05-25 18:18 . 2015-06-09 19:00 43008 ----a-w- c:\windows\system32\relog.exe
2015-05-25 18:18 . 2015-06-09 19:00 104448 ----a-w- c:\windows\system32\logman.exe
2015-05-25 18:18 . 2015-06-09 19:00 19456 ----a-w- c:\windows\system32\diskperf.exe
2015-05-25 18:01 . 2015-06-09 19:00 635392 ----a-w- c:\windows\SysWow64\tdh.dll
2015-05-25 18:01 . 2015-06-09 19:00 92160 ----a-w- c:\windows\SysWow64\sechost.dll
2015-05-25 18:01 . 2015-06-09 19:00 641536 ----a-w- c:\windows\SysWow64\advapi32.dll
2015-05-25 18:00 . 2015-06-09 19:00 40448 ----a-w- c:\windows\SysWow64\typeperf.exe
2015-05-25 18:00 . 2015-06-09 19:00 364544 ----a-w- c:\windows\SysWow64\tracerpt.exe
2015-05-25 18:00 . 2015-06-09 19:00 37888 ----a-w- c:\windows\SysWow64\relog.exe
2015-05-25 18:00 . 2015-06-09 19:00 82944 ----a-w- c:\windows\SysWow64\logman.exe
2015-05-25 18:00 . 2015-06-09 19:00 17408 ----a-w- c:\windows\SysWow64\diskperf.exe
2015-05-25 17:00 . 2015-06-09 19:00 36864 ----a-w- c:\windows\system32\UtcResources.dll
2015-05-21 13:19 . 2015-06-05 19:21 193536 ----a-w- c:\windows\system32\aepic.dll
2010-01-26 09:11 . 2015-05-22 14:39 444283 ----a-w- c:\program files\Common Files\WinPcapNmap.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Amazon Music"="c:\users\Susanne Ludewig\AppData\Local\Amazon Music\Amazon Music Helper.exe" [2014-11-19 6277952]
"VDownloader"="c:\program files\VDownloader\VDownloader4.exe" [2015-02-26 1753600]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-06 291608]
"IndicatorUtility"="c:\program files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe" [2010-09-30 48752]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"DeskUpdateNotifier"="c:\fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe" [2011-11-10 100120]
"YouCam Service"="c:\program files (x86)\CyberLink\YouCam\YouCamService.exe" [2012-03-21 255208]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-10-11 60712]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-10-15 157480]
"QHSafeTray"="c:\program files (x86)\360\Total Security\safemon\QHSafeTray.exe" [2015-07-09 1020536]
.
c:\users\Susanne Ludewig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.4.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2012-8-13 1199104]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Audible Download Manager.lnk - c:\program files (x86)\Audible\Bin\AudibleDownloadHelper.exe /Startup [2011-3-14 2125472]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
LaunchCenter.lnk - c:\program files\Fujitsu\LaunchCenter\lcStarter.exe [2012-1-19 21504]
newreminderdialog.lnk - c:\program files\Fujitsu\FujitsuRecovery\NewReminderDialog.exe [2012-1-25 931096]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 360AntiHacker;360Safe Anti Hacker Service;c:\windows\system32\Drivers\360AntiHacker64.sys;c:\windows\SYSNATIVE\Drivers\360AntiHacker64.sys [x]
R3 360AvFlt;360AvFlt mini-filter driver;c:\windows\system32\DRIVERS\360AvFlt.sys;c:\windows\SYSNATIVE\DRIVERS\360AvFlt.sys [x]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 FBIOSDRV;Fujitsu BIOS Driver;c:\windows\System32\Drivers\FBIOSDRV.sys;c:\windows\SYSNATIVE\Drivers\FBIOSDRV.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 360Box64;360Box mini-filter driver;c:\windows\system32\DRIVERS\360Box64.sys;c:\windows\SYSNATIVE\DRIVERS\360Box64.sys [x]
S1 360Camera;360Safe Camera Filter Service;c:\windows\system32\Drivers\360Camera64.sys;c:\windows\SYSNATIVE\Drivers\360Camera64.sys [x]
S1 360FsFlt;360FsFlt mini-filter driver;c:\windows\system32\DRIVERS\360FsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\360FsFlt.sys [x]
S1 BAPIDRV;BAPIDRV;c:\windows\system32\DRIVERS\BAPIDRV64.sys;c:\windows\SYSNATIVE\DRIVERS\BAPIDRV64.sys [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DTSAudioSvc;DTSAudioSvc;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [x]
S2 FUJ02E3Service;FUJ02E3Service;c:\program files\Fujitsu\FUJ02E3\FUJ02E3.exe;c:\program files\Fujitsu\FUJ02E3\FUJ02E3.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 PFNService;PFNService;c:\program files\Fujitsu\Plugfree NETWORK\PFNService.exe;c:\program files\Fujitsu\Plugfree NETWORK\PFNService.exe [x]
S2 PowerSavingUtilityService;PowerSavingUtilityService;c:\program files\Fujitsu\PSUtility\PSUService.exe;c:\program files\Fujitsu\PSUtility\PSUService.exe [x]
S2 QHActiveDefense;360 Total Security;c:\program files (x86)\360\Total Security\safemon\QHActiveDefense.exe;c:\program files (x86)\360\Total Security\safemon\QHActiveDefense.exe [x]
S2 ss_conn_service;SAMSUNG Mobile Connectivity Service;c:\program files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe;c:\program files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;c:\windows\system32\drivers\FUJ02E3.sys;c:\windows\SYSNATIVE\drivers\FUJ02E3.sys [x]
S3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\drivers\iusb3hub.sys;c:\windows\SYSNATIVE\drivers\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\drivers\iusb3xhc.sys;c:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2015-08-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-04 10:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-13 13374568]
"RtHDVBg_DTS"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 2277992]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2011-12-20 589176]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-12-20 11406608]
"LoadFUJ02E3"="c:\program files\Fujitsu\FUJ02E3\fuj02e3.exe" [2011-11-24 76104]
"PSUTility"="c:\program files\Fujitsu\PSUtility\TrayManager.exe" [2011-10-03 205168]
"LoadFujitsuQuickTouch"="c:\program files\Fujitsu\Application Panel\QuickTouch.exe" [2011-10-01 158024]
"LoadBtnHnd"="c:\program files\Fujitsu\Application Panel\BtnHnd.exe" [2011-10-01 23368]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-30 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-30 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-30 440600]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2015-04-29 1337000]
"VDownloader"="c:\program files\VDownloader\VDownloader4.exe" [2015-02-26 1753600]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.conduit.com/?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP3212F6EE-41F4-47C4-964D-B87B6B4ECC55&SSPV=
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = 127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896;<local>
uInternet Settings,ProxyServer = http=127.0.0.1:8555;https=127.0.0.1:8555
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\vdejzphz.default-1391699856713\
FF - prefs.js: browser.startup.homepage - hxxp://ecosia.org/?sc=de
FF - prefs.js: network.proxy.ftp - 199.200.120.37
FF - prefs.js: network.proxy.ftp_port - 7808
FF - prefs.js: network.proxy.http - 199.200.120.37
FF - prefs.js: network.proxy.http_port - 7808
FF - prefs.js: network.proxy.socks - 199.200.120.37
FF - prefs.js: network.proxy.socks_port - 7808
FF - prefs.js: network.proxy.ssl - 199.200.120.37
FF - prefs.js: network.proxy.ssl_port - 7808
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-BrowserChoice - c:\windows\System32\browserchoice.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll
Toolbar-Locked - (no file)
AddRemove-BackUp Maker_is1 - c:\program files (x86)\ASCOMP Software\BackUp Maker\unins000.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_232_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_232_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.18"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\360\Total Security\safemon\QHWatchdog.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-08-17 17:39:04 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2015-08-17 15:39
.
Vor Suchlauf: 10 Verzeichnis(se), 361.049.165.824 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 362.019.704.832 Bytes frei
.
- - End Of File - - 9442EBAE646D2A3BFECA9D88ED5F8017
Error saving file C:\Windows\erdnt\subs\users\00000004\FILECA~1.DAT ! Soweit der Scan. Gruß! |
|
18.08.2015, 09:58
| #12 |
| /// the machine /// TB-Ausbilder | Windows 7 bootet nicht mehr, nur Sperrbildschirm! FRST-Scan ist erfolgt. Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
18.08.2015, 12:54
| #13 |
| | Windows 7 bootet nicht mehr, nur Sperrbildschirm! FRST-Scan ist erfolgt. Hier der MbamLog: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 18.08.2015 Suchlaufzeit: 12:14 Protokolldatei: mbam.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.08.18.03 Rootkit-Datenbank: v2015.08.16.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Susanne Ludewig Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 380735 Abgelaufene Zeit: 23 Min., 14 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 10 PUP.Optional.Delta.ShrtCln, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, In Quarantäne, [1c2ffc0e6c1f1f17bd8a735dde241fe1], PUP.Optional.Delta.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, In Quarantäne, [1c2ffc0e6c1f1f17bd8a735dde241fe1], PUP.Optional.Delta.ShrtCln, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, In Quarantäne, [1c2ffc0e6c1f1f17bd8a735dde241fe1], PUP.Optional.Softonic.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68}, In Quarantäne, [d279b05a6427f54111e9a2f845bdfd03], PUP.Optional.Softonic.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68}, In Quarantäne, [d279b05a6427f54111e9a2f845bdfd03], PUP.Optional.SearchProtect.A, HKU\S-1-5-21-2454520521-1313131367-1046456688-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, In Quarantäne, [cc7fd337cfbc023401c428701de5be42], PUP.Optional.Babylon.A, HKU\S-1-5-21-2454520521-1313131367-1046456688-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, In Quarantäne, [5fec50ba5c2fef478f100f89ec16d828], PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\DataMngr, In Quarantäne, [9caf7892464557df140e81d024df4cb4], PUP.Optional.DataMngr.A, HKU\S-1-5-21-2454520521-1313131367-1046456688-1001\SOFTWARE\DataMngr_Toolbar, In Quarantäne, [99b2af5ba5e6043208ac91e6f4107987], PUP.Optional.Softonic.A, HKU\S-1-5-21-2454520521-1313131367-1046456688-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C4764E4A-23D2-4910-8CB0-58F4F762F23F}, In Quarantäne, [87c4f317bfccf442d4fbb4642ed549b7], Registrierungswerte: 6 PUP.Optional.Conduit.A, HKU\S-1-5-21-2454520521-1313131367-1046456688-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|URL, hxxp://search.conduit.com/Results.aspx?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP3212F6EE-41F4-47C4-964D-B87B6B4ECC55&q={searchTerms}&SSPV=, In Quarantäne, [98b36f9beaa1280e557af92942c1dd23] PUP.Optional.Conduit.A, HKU\S-1-5-21-2454520521-1313131367-1046456688-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|SuggestionsURL_JSON, hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}, In Quarantäne, [98b316f490fb4de99c332af8cb3815eb] PUP.Optional.Delta.ShrtCln, HKU\S-1-5-21-2454520521-1313131367-1046456688-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|URL, hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=DE00685D43BBB468&affID=121564&tsp=4945, In Quarantäne, [1d2e7793afdc78be53531d82956f6799] PUP.Optional.Babylon.A, HKU\S-1-5-21-2454520521-1313131367-1046456688-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|FaviconURL, search.babylon.com/favicon.ico, In Quarantäne, [cc7fa664b4d721150683e33bf013da26] PUP.Optional.Softonic.A, HKU\S-1-5-21-2454520521-1313131367-1046456688-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C4764E4A-23D2-4910-8CB0-58F4F762F23F}|URL, hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=de00786b000000000000685d43bbb468&r=964, In Quarantäne, [87c4f317bfccf442d4fbb4642ed549b7] PUP.Optional.Softonic.A, HKU\S-1-5-21-2454520521-1313131367-1046456688-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C4764E4A-23D2-4910-8CB0-58F4F762F23F}|FaviconURL, hxxp://search.softonic.com/favicon.ico, In Quarantäne, [5eed6c9e42495dd9fcd377a1b3505ba5] Registrierungsdaten: 1 PUP.Optional.Conduit.A, HKU\S-1-5-21-2454520521-1313131367-1046456688-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://search.conduit.com/?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP3212F6EE-41F4-47C4-964D-B87B6B4ECC55&SSPV=, Gut: (www.google.com), Schlecht: (hxxp://search.conduit.com/?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP3212F6EE-41F4-47C4-964D-B87B6B4ECC55&SSPV=),Ersetzt,[74d7d733404b3ef8f7a69caec93cb14f] Ordner: 8 PUP.Optional.OpenCandy, C:\Users\Susanne Ludewig\AppData\Roaming\OpenCandy, In Quarantäne, [9fac63a76625ae886b06994c8181827e], PUP.Optional.OpenCandy, C:\Users\Susanne Ludewig\AppData\Roaming\OpenCandy\329F07D55C594D4EAC9080CE97614B55, In Quarantäne, [9fac63a76625ae886b06994c8181827e], PUP.Optional.OpenCandy, C:\Users\Susanne Ludewig\AppData\Roaming\OpenCandy\4908C17B2534404E8B751B53DA31D3DD, In Quarantäne, [9fac63a76625ae886b06994c8181827e], PUP.Optional.OpenCandy, C:\Users\Susanne Ludewig\AppData\Roaming\OpenCandy\5BD9D63296F54CE7A2779FE4D168D58B, In Quarantäne, [9fac63a76625ae886b06994c8181827e], PUP.Optional.OpenCandy, C:\Users\Susanne Ludewig\AppData\Roaming\OpenCandy\8B88565E43D741AB8ABF92A25990362E, In Quarantäne, [9fac63a76625ae886b06994c8181827e], PUP.Optional.OpenCandy, C:\Users\Susanne Ludewig\AppData\Roaming\OpenCandy\A74B21FB14A74F20BE29C6BACE1A6B64, In Quarantäne, [9fac63a76625ae886b06994c8181827e], PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf, In Quarantäne, [1c2f0efcf9929c9a87019b5032d036ca], PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0, In Quarantäne, [1c2f0efcf9929c9a87019b5032d036ca], Dateien: 52 PUP.Optional.OpenCandy.A, C:\Users\Susanne Ludewig\AppData\Roaming\OpenCandy\4908C17B2534404E8B751B53DA31D3DD\Setupsft_chr_p1v7.exe, In Quarantäne, [ce7d5daddbb0989eb38d37de3ec753ad], PUP.Optional.Babylon.A, C:\Users\Susanne Ludewig\AppData\Roaming\OpenCandy\5BD9D63296F54CE7A2779FE4D168D58B\DeltaTB.exe, In Quarantäne, [8cbfb951aae1b87e9f18c81e3bc52cd4], PUP.Optional.Conduit.A, C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\searchplugins\conduit-search.xml, In Quarantäne, [351668a29eedee486c93e25c9b683bc5], PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\searchplugins\softonic.xml, In Quarantäne, [3e0dca40bdceca6cc63ffb60bf44fe02], PUP.Optional.Babylon.A, C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\searchplugins\babylon.xml, In Quarantäne, [9fac50ba602b55e1082c70ed04ffc937], PUP.Optional.Delta.ShrtCln, C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\searchplugins\delta.xml, In Quarantäne, [f05b8c7e96f541f53b203e1f28dbbe42], PUP.Optional.OpenCandy, C:\Users\Susanne Ludewig\AppData\Roaming\OpenCandy\8B88565E43D741AB8ABF92A25990362E\SkypeSetupFulltrackable-6.16.0.105.exe, In Quarantäne, [9fac63a76625ae886b06994c8181827e], PUP.Optional.OpenCandy, C:\Users\Susanne Ludewig\AppData\Roaming\OpenCandy\A74B21FB14A74F20BE29C6BACE1A6B64\TuneUpUtilities2013-2200217_de-DE.exe, In Quarantäne, [9fac63a76625ae886b06994c8181827e], PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\appCntrl.js, In Quarantäne, [1c2f0efcf9929c9a87019b5032d036ca], PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\bg.html, In Quarantäne, [1c2f0efcf9929c9a87019b5032d036ca], PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\bg.js, In Quarantäne, [1c2f0efcf9929c9a87019b5032d036ca], PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\chMntz.dll, In Quarantäne, [1c2f0efcf9929c9a87019b5032d036ca], PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\CrmAdpt.dll, In Quarantäne, [1c2f0efcf9929c9a87019b5032d036ca], PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\ct.js, In Quarantäne, [1c2f0efcf9929c9a87019b5032d036ca], PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\CTB.dll, In Quarantäne, [1c2f0efcf9929c9a87019b5032d036ca], PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\dpk.js, In Quarantäne, [1c2f0efcf9929c9a87019b5032d036ca], PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\hprtkMsg.htm, In Quarantäne, [1c2f0efcf9929c9a87019b5032d036ca], PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\hprtkMsg.js, In Quarantäne, [1c2f0efcf9929c9a87019b5032d036ca], PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\json2.min.js, In Quarantäne, [1c2f0efcf9929c9a87019b5032d036ca], PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\logo.png, In Quarantäne, [1c2f0efcf9929c9a87019b5032d036ca], PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\manifest.json, In Quarantäne, [1c2f0efcf9929c9a87019b5032d036ca], PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\pref.json, In Quarantäne, [1c2f0efcf9929c9a87019b5032d036ca], PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.admin", false);), Ersetzt,[b39874968407e35365ef236b41c4cc34] PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js, Gut: (), Schlecht: (ferences /* Do not edit this file. * ), Ersetzt,[6fdc6f9bccbffa3c4a0ac7c75da8e51b] PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js, Gut: (), Schlecht: (references /* Do not edit this file. * * If you make changes to this file ), Ersetzt,[a0abda30d9b2ed49f361ccc24db81be5] PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js, Gut: (), Schlecht: (e. * * If you make changes to this file while t), Ersetzt,[85c6f6145b30e94d66eeafdf16ef8a76] PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js, Gut: (), Schlecht: (ces /* Do not edit this file. * * If you), Ersetzt,[37140802315a4de9e66e6e206a9bc43c] PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js, Gut: (), Schlecht: (erences /* Do not edit this file. * * If ), Ersetzt,[fb5020ead3b83501db791d71bb4a20e0] PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js, Gut: (), Schlecht: (rences /* Do not edit this file. * * If), Ersetzt,[4ffcc8427318df57134190febd483fc1] PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js, Gut: (), Schlecht: (ferences /* Do not edit this file. * * If), Ersetzt,[81cac149c2c9b87e2034f09e7194ff01] PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js, Gut: (), Schlecht: (rences /* Do not edit this file. * * If you m), Ersetzt,[a6a556b4e8a35adc351f3856dc2911ef] PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js, Gut: (), Schlecht: (es /* Do not edit this file. * * If y), Ersetzt,[3a11808a8cff092d3321c3cb3fc6cd33] PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js, Gut: (), Schlecht: (references /* Do not edit this file. * * If you make changes to this file while the application is running, * the changes will be ove), Ersetzt,[54f78189a0eb9d998cc80787ad58b64a] PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js, Gut: (), Schlecht: (tion is running, * the changes will be overwritten when the applicatio), Ersetzt,[2e1dbc4ef09bc96d65ef2767c441639d] PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js, Gut: (), Schlecht: ( this file. * * If you make changes to this fil), Ersetzt,[08431eec69225fd7ee662d6136cf5da3] PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js, Gut: (), Schlecht: (ces /* Do not edit this file. * * If you make c), Ersetzt,[b59645c5d7b4191d460e236b84815ba5] PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js, Gut: (), Schlecht: ( /* Do not edit this file. * * If you m), Ersetzt,[4a019179305ba294272d7618fc0951af] PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js, Gut: (), Schlecht: (ferences /* Do not edit this file. * * If you make changes to this file while the application is running, * the changes will be overwrit), Ersetzt,[e2699971d9b296a0460e6a2428ddbb45] PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js, Gut: (), Schlecht: (n is running, * the changes will be overwritten w), Ersetzt,[1338ac5e3b5001352430434bbf46ff01] PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js, Gut: (), Schlecht: (ces /* Do not edit this file. * * If you make ), Ersetzt,[69e269a1d5b6bf77a5afb7d79b6af50b] PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js, Gut: (), Schlecht: (s /* Do not edit this file. * * If you m), Ersetzt,[b19a11f94d3e7fb799bb444a5fa6b14f] PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js, Gut: (), Schlecht: (erences /* Do not edit this file. * * If y), Ersetzt,[8ac1dc2e5635f3433321cbc39a6b6e92] PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js, Gut: (), Schlecht: (ences /* Do not edit this file. * * If you make changes to this f), Ersetzt,[2a21b951a6e5cd698dc7642a6c99b14f] PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js, Gut: (), Schlecht: ( this file. * * If you make changes to this file whil), Ersetzt,[202bf2183a511f176aea4f3f02033ec2] PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js, Gut: (), Schlecht: ( /* Do not edit this file. * * If you make changes to this file while the application is running, * the changes will be overwritten when the a), Ersetzt,[69e20604cdbe2c0a9bb9b8d624e1c13f] PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js, Gut: (), Schlecht: (s running, * the changes will be overwritten when), Ersetzt,[fb508f7b573488aeed67c8c6f312f40c] PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js, Gut: (), Schlecht: (ces /* Do not edit this file. * * If you make changes), Ersetzt,[252667a35a31a69075df731be91c20e0] PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js, Gut: (), Schlecht: ( Do not edit this file. * * If you make changes ), Ersetzt,[bf8c40ca2a617abc361eb7d7cb3a956b] PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=13&cc=&mi=de00786b000000000000685d43bbb468");), Ersetzt,[58f37f8bbccfcf67fa625b3325e09769] PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js, Gut: (), Schlecht: (ity.browsewithcaret", true); user_pref("accessibility.typeaheadfind.flashBar", 0); user_pref("app.update.lastUpdateTime.addon-background-update), Ersetzt,[7ad19476ee9d9a9c6eeebcd2887da15f] PUP.Optional.Softonic.A, C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js, Gut: (), Schlecht: (UpdateTime.addon-background-update-timer", 1391591508); user_pref("app.update.lastUpdateTime.background-update-timer", 1391591988); user_pref("app), Ersetzt,[8bc0a36715769f975507107e8d7807f9] PUP.Optional.Conduit.A, C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "hxxp://search.conduit.com/?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=69&CUI=&SSPV=&Lay=1&UM=4&UP=SP3212F6EE-41F4-47C4-964D-B87B6B4ECC55");), Ersetzt,[14378882850644f28ed4f698c63f3fc1] Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v5.001 - Bericht erstellt 18/08/2015 um 13:24:13
# Aktualisiert 17/08/2015 von Xplode
# Datenbank : 2015-08-16.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Susanne Ludewig - SUSANNELUDEWIG
# Gestarted von : C:\Users\Susanne Ludewig\Desktop\AdwCleaner_5.001.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner Gelöscht : C:\ProgramData\Babylon
[-] Ordner Gelöscht : C:\ProgramData\Partner
[-] Ordner Gelöscht : C:\Users\Susanne Ludewig\AppData\LocalLow\Softonic
[-] Ordner Gelöscht : C:\Users\Susanne Ludewig\AppData\Roaming\Babylon
[-] Ordner Gelöscht : C:\Users\Susanne Ludewig\AppData\Roaming\dvdvideosoftiehelpers
[-] Ordner Gelöscht : C:\Windows\SysWOW64\SearchProtect
***** [ Dateien ] *****
[-] Datei Gelöscht : C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\foxydeal.sqlite
[-] Datei Gelöscht : C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\invalidprefs.js
[-] Datei Gelöscht : C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\user.js
***** [ Verknüpfungen ] *****
***** [ Geplante Tasks ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\f53ded9b334ea13
[-] Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Schlüssel Gelöscht : HKCU\Software\Myfree Codec
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Myfree Codec
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Myfree Codec
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\OCS
***** [ Internetbrowser ] *****
[-] [C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.Softonic.aflt", "OC");
[-] [C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}");
[-] [C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.Softonic.autoRvrt", "false");
[-] [C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.Softonic.dfltLng", "de");
[-] [C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.Softonic.dfltSrch", true);
[-] [C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.Softonic.dnsErr", true);
[-] [C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.Softonic.excTlbr", false);
[-] [C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.Softonic.ffxUnstlRst", false);
[-] [C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.Softonic.hmpg", true);
[-] [C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.Softonic.id", "de00786b000000000000685d43bbb468");
[-] [C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.Softonic.instlDay", "16049");
[-] [C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.Softonic.instlRef", "MOY00621");
[-] [C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.Softonic.newTab", true);
[-] [C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/MOY00621/tb_v1/?SearchSource=15&cc=&mi=de00786b000000000000685d43bbb468");
[-] [C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.Softonic.prdct", "Softonic");
[-] [C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.Softonic.prtnrId", "softonic");
[-] [C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.Softonic.rvrt", "false");
[-] [C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.Softonic.smplGrp", "none");
[-] [C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
[-] [C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.Softonic.tlbrId", "opencandy2013");
[-] [C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=1&cc=&mi=de00786b000000000000685d43bbb468&q=");
[-] [C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.Softonic.vrsn", "1.8.21.14");
[-] [C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.Softonic.vrsnTs", "1.8.21.148:51:36");
[-] [C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.Softonic.vrsni", "1.8.21.14");
*************************
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
*************************
C:\AdwCleaner[C1].txt - [7680 Bytes] - [18/08/2015 13:24:13]
C:\AdwCleaner[S1].txt - [7447 Bytes] - [18/08/2015 13:21:15]
########## EOF - C:\AdwCleaner[C1].txt - [7804 Bytes] ##########
Code:
ATTFilter # AdwCleaner v5.001 - Bericht erstellt 18/08/2015 um 13:21:15
# Aktualisiert 17/08/2015 von Xplode
# Datenbank : 2015-08-16.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Susanne Ludewig - SUSANNELUDEWIG
# Gestarted von : C:\Users\Susanne Ludewig\Desktop\AdwCleaner_5.001.exe
# Option : Suchlauf
***** [ Dienste ] *****
***** [ Ordner ] *****
Ordner Gefunden : C:\ProgramData\Babylon
Ordner Gefunden : C:\ProgramData\Partner
Ordner Gefunden : C:\Users\Susanne Ludewig\AppData\LocalLow\Softonic
Ordner Gefunden : C:\Users\Susanne Ludewig\AppData\Roaming\Babylon
Ordner Gefunden : C:\Users\Susanne Ludewig\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gefunden : C:\Windows\SysWOW64\SearchProtect
***** [ Dateien ] *****
Datei Gefunden : C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\foxydeal.sqlite
Datei Gefunden : C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\invalidprefs.js
Datei Gefunden : C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\user.js
***** [ Verknüpfungen ] *****
***** [ Geplante Tasks ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\f53ded9b334ea13
Wert Gefunden : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gefunden : HKCU\Software\Myfree Codec
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKLM\SOFTWARE\Myfree Codec
Schlüssel Gefunden : [x64] HKCU\Software\Myfree Codec
Schlüssel Gefunden : [x64] HKCU\Software\OCS
***** [ Internetbrowser ] *****
[C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gefunden : user_pref("extensions.Softonic.aflt", "OC");
[C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gefunden : user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}");
[C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gefunden : user_pref("extensions.Softonic.autoRvrt", "false");
[C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gefunden : user_pref("extensions.Softonic.dfltLng", "de");
[C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gefunden : user_pref("extensions.Softonic.dfltSrch", true);
[C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gefunden : user_pref("extensions.Softonic.dnsErr", true);
[C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gefunden : user_pref("extensions.Softonic.excTlbr", false);
[C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gefunden : user_pref("extensions.Softonic.ffxUnstlRst", false);
[C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gefunden : user_pref("extensions.Softonic.hmpg", true);
[C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gefunden : user_pref("extensions.Softonic.id", "de00786b000000000000685d43bbb468");
[C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gefunden : user_pref("extensions.Softonic.instlDay", "16049");
[C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gefunden : user_pref("extensions.Softonic.instlRef", "MOY00621");
[C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gefunden : user_pref("extensions.Softonic.newTab", true);
[C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gefunden : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/MOY00621/tb_v1/?SearchSource=15&cc=&mi=de00786b000000000000685d43bbb468");
[C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gefunden : user_pref("extensions.Softonic.prdct", "Softonic");
[C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gefunden : user_pref("extensions.Softonic.prtnrId", "softonic");
[C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gefunden : user_pref("extensions.Softonic.rvrt", "false");
[C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gefunden : user_pref("extensions.Softonic.smplGrp", "none");
[C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gefunden : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
[C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gefunden : user_pref("extensions.Softonic.tlbrId", "opencandy2013");
[C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gefunden : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=1&cc=&mi=de00786b000000000000685d43bbb468&q=");
[C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gefunden : user_pref("extensions.Softonic.vrsn", "1.8.21.14");
[C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gefunden : user_pref("extensions.Softonic.vrsnTs", "1.8.21.148:51:36");
[C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\r5gk67rj.default\prefs.js] [Preference] Gefunden : user_pref("extensions.Softonic.vrsni", "1.8.21.14");
*************************
C:\AdwCleaner[S1].txt - [7301 Bytes] - [18/08/2015 13:21:15]
########## EOF - C:\AdwCleaner[S1].txt - [7363 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.6 (08.10.2015:1)
OS: Windows 7 Home Premium x64
Ran by Susanne Ludewig on 18.08.2015 at 13:28:55,43
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
~~~ Files
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\Susanne Ludewig\Appdata\Local\{20549133-13FD-43EA-90BE-42788FE251F6}
Successfully deleted: [Empty Folder] C:\Users\Susanne Ludewig\Appdata\Local\{37BBE699-0E82-49F6-94F9-470333F86277}
Successfully deleted: [Empty Folder] C:\Users\Susanne Ludewig\Appdata\Local\{450E5132-1F3B-455C-8ED9-BB0ECA91CC89}
Successfully deleted: [Empty Folder] C:\Users\Susanne Ludewig\Appdata\Local\{4993A35F-DD09-4F5F-91AC-8E2B7E5A3C22}
Successfully deleted: [Empty Folder] C:\Users\Susanne Ludewig\Appdata\Local\{512D0C65-DBD2-4813-A459-FB7ABE2E194E}
Successfully deleted: [Empty Folder] C:\Users\Susanne Ludewig\Appdata\Local\{8F94F2DF-7717-4DBC-955D-342DA929E389}
Successfully deleted: [Empty Folder] C:\Users\Susanne Ludewig\Appdata\Local\{97FA8FF1-9E3F-4A82-A680-A15748CB0353}
Successfully deleted: [Empty Folder] C:\Users\Susanne Ludewig\Appdata\Local\{A16D57E9-B8F6-41BF-9D24-606ECEA5C90E}
Successfully deleted: [Empty Folder] C:\Users\Susanne Ludewig\Appdata\Local\{D2B1C44F-5FA5-459D-B236-784A6F64D584}
Successfully deleted: [Empty Folder] C:\Users\Susanne Ludewig\Appdata\Local\{FDD30F09-5467-4B0F-ADB5-7048114C2A24}
Successfully deleted: [Folder] C:\Program Files (x86)\myfree codec
Successfully deleted: [Folder] C:\Users\Susanne Ludewig\Documents\add-in express
~~~ FireFox
Emptied folder: C:\Users\Susanne Ludewig\AppData\Roaming\mozilla\firefox\profiles\vdejzphz.default-1391699856713\minidumps [85 files]
~~~ Chrome
[C:\Users\Susanne Ludewig\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Susanne Ludewig\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\Susanne Ludewig\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Susanne Ludewig\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18.08.2015 at 13:31:48,67
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
18.08.2015, 12:57
| #14 |
| | Windows 7 bootet nicht mehr, nur Sperrbildschirm! FRST-Scan ist erfolgt. Und noch FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:16-08-2015
durchgeführt von Susanne Ludewig (Administrator) auf SUSANNELUDEWIG (18-08-2015 13:41:36)
Gestartet von C:\Users\Susanne Ludewig\Desktop
Geladene Profile: Susanne Ludewig (Verfügbare Profile: Susanne Ludewig)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Qihu Software Co. Limited) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
() C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-12-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [589176 2011-12-20] (Alps Electric Co., Ltd.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [LoadFUJ02E3] => C:\Program Files\Fujitsu\FUJ02E3\fuj02e3.exe [76104 2011-11-24] (FUJITSU LIMITED)
HKLM\...\Run: [PSUTility] => C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [205168 2011-10-03] (FUJITSU LIMITED)
HKLM\...\Run: [LoadFujitsuQuickTouch] => C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [158024 2011-10-01] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [23368 2011-10-01] (FUJITSU LIMITED)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [VDownloader] => C:\Program Files\VDownloader\VDownloader4.exe [1753600 2015-02-26] (Vitzo)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-06] (Intel Corporation)
HKLM-x32\...\Run: [IndicatorUtility] => C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [48752 2010-09-30] (FUJITSU LIMITED)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DeskUpdateNotifier] => c:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe [100120 2011-11-10] (Fujitsu Technology Solutions)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [255208 2012-03-21] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe [1020536 2015-07-09] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2454520521-1313131367-1046456688-1001\...\Run: [Amazon Music] => C:\Users\Susanne Ludewig\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-11-19] ()
HKU\S-1-5-21-2454520521-1313131367-1046456688-1001\...\Run: [VDownloader] => C:\Program Files\VDownloader\VDownloader4.exe [1753600 2015-02-26] (Vitzo)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [260928 2012-02-04] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [215360 2012-02-04] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk [2013-01-30]
ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk [2013-01-04]
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\lcStarter.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk [2013-01-04]
ShortcutTarget: newreminderdialog.lnk -> C:\Program Files\Fujitsu\FujitsuRecovery\NewReminderDialog.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk [2013-01-04]
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\lcStarter.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk [2013-01-04]
ShortcutTarget: newreminderdialog.lnk -> C:\Program Files\Fujitsu\FujitsuRecovery\NewReminderDialog.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Susanne Ludewig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2013-01-04]
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2454520521-1313131367-1046456688-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2454520521-1313131367-1046456688-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=FTSH&bmod=FTSH;
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2454520521-1313131367-1046456688-1001 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKU\S-1-5-21-2454520521-1313131367-1046456688-1001 -> {3CAFAB09-ABB3-416B-A800-5087EF117D22} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22] (Microsoft Corp.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22] (Microsoft Corp.)
Toolbar: HKU\S-1-5-21-2454520521-1313131367-1046456688-1001 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei
Toolbar: HKU\S-1-5-21-2454520521-1313131367-1046456688-1001 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{E2750DDA-6CD9-4CB2-AD28-C438761BEEDF}: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\vdejzphz.default-1391699856713
FF Homepage: hxxp://ecosia.org/?sc=de
FF NetworkProxy: "backup.ftp", "184.172.117.120"
FF NetworkProxy: "backup.ftp_port", 3
FF NetworkProxy: "backup.socks", "184.172.117.120"
FF NetworkProxy: "backup.socks_port", 3
FF NetworkProxy: "backup.ssl", "184.172.117.120"
FF NetworkProxy: "backup.ssl_port", 3
FF NetworkProxy: "ftp", "199.200.120.37"
FF NetworkProxy: "ftp_port", 7808
FF NetworkProxy: "http", "199.200.120.37"
FF NetworkProxy: "http_port", 7808
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "199.200.120.37"
FF NetworkProxy: "socks_port", 7808
FF NetworkProxy: "ssl", "199.200.120.37"
FF NetworkProxy: "ssl_port", 7808
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-16] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-16] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-09-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2454520521-1313131367-1046456688-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll [2013-01-23] (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-2454520521-1313131367-1046456688-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2014-07-10] (Sony Network Entertainment International LLC)
FF SearchPlugin: C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\vdejzphz.default-1391699856713\searchplugins\google-images.xml [2014-12-19]
FF SearchPlugin: C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\vdejzphz.default-1391699856713\searchplugins\google-maps.xml [2014-12-19]
FF Extension: FoxyProxy Standard - C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\vdejzphz.default-1391699856713\Extensions\foxyproxy@eric.h.jung [2015-06-05]
FF Extension: Garmin Communicator - C:\Users\Susanne Ludewig\AppData\Roaming\Mozilla\Firefox\Profiles\vdejzphz.default-1391699856713\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2015-07-25]
FF HKLM-x32\...\Firefox\Extensions: [WebProtection@360safe.com] - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox
FF Extension: 360 Internet Protection - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox [2015-07-24]
FF HKU\S-1-5-21-2454520521-1313131367-1046456688-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
Chrome:
=======
CHR Profile: C:\Users\Susanne Ludewig\AppData\Local\Google\Chrome\User Data\default
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <nicht gefunden>
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [225280 2011-08-05] (DTS, Inc)
S2 FUJ02E3Service; C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [76104 2011-11-24] (FUJITSU LIMITED)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2213376 2011-12-22] (FUJITSU LIMITED) [Datei ist nicht signiert]
S2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63856 2011-10-03] (FUJITSU LIMITED)
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [839792 2015-07-09] (QIHU 360 SOFTWARE CO. LIMITED)
S2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [100424 2015-07-09] (360.cn)
R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [77896 2015-07-09] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [305736 2015-07-09] (360.cn)
R1 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2015-07-09] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [314448 2015-07-09] (Qihu 360 Software Co., Ltd.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2012-01-06] (Microsoft Corporation)
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [180816 2015-07-09] (Qihu 360 Software Co., Ltd.)
R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [21104 2009-06-24] (FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\system32\drivers\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\system32\drivers\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-18] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1812608 2011-12-28] ()
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-10-16] (Anchorfree Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-18 13:41 - 2015-08-18 13:41 - 00018330 _____ C:\Users\Susanne Ludewig\Desktop\FRST.txt
2015-08-18 13:31 - 2015-08-18 13:31 - 00002681 _____ C:\Users\Susanne Ludewig\Desktop\JRT.txt
2015-08-18 13:28 - 2015-08-18 13:28 - 01791580 _____ (Malwarebytes Corporation) C:\Users\Susanne Ludewig\Desktop\JRT.exe
2015-08-18 13:24 - 2015-08-18 13:24 - 00007888 _____ C:\Users\Susanne Ludewig\Desktop\AdwCleaner[C1].txt
2015-08-18 13:21 - 2015-08-18 13:24 - 00000000 ____D C:\AdwCleaner
2015-08-18 13:21 - 2015-08-18 13:21 - 00007447 _____ C:\Users\Susanne Ludewig\Desktop\AdwCleaner[S1].txt
2015-08-18 13:20 - 2015-08-18 13:20 - 01573888 _____ C:\Users\Susanne Ludewig\Desktop\AdwCleaner_5.001.exe
2015-08-18 13:20 - 2015-08-18 13:20 - 00018744 _____ C:\Users\Susanne Ludewig\Desktop\mbam.txt
2015-08-18 12:13 - 2015-08-18 12:58 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-18 12:13 - 2015-08-18 12:13 - 00001112 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-08-18 12:13 - 2015-08-18 12:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-08-18 12:13 - 2015-08-18 12:13 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-18 12:13 - 2015-08-18 12:13 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-08-18 12:13 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-08-18 12:13 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-08-18 12:13 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-08-17 17:39 - 2015-08-17 17:39 - 00028348 _____ C:\ComboFix.txt
2015-08-17 17:24 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-08-17 17:24 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-08-17 17:24 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-08-17 17:24 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-08-17 17:24 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-08-17 17:24 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-08-17 17:24 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-08-17 17:24 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-08-17 17:20 - 2015-08-17 17:39 - 00000000 ____D C:\Qoobox
2015-08-17 17:20 - 2015-08-17 17:37 - 00000000 ____D C:\Windows\erdnt
2015-08-17 17:14 - 2015-08-17 17:14 - 05635195 ____R (Swearware) C:\Users\Susanne Ludewig\Desktop\ComboFix.exe
2015-08-17 11:38 - 2015-08-17 11:38 - 02173440 _____ (Farbar) C:\Users\Susanne Ludewig\Desktop\FRST64.exe
2015-08-16 23:41 - 2015-08-16 23:46 - 00000000 ____D C:\Windows\system32\MRT
2015-08-16 23:41 - 2015-07-28 10:59 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-16 15:22 - 2015-08-16 15:22 - 00000000 ____D C:\$360Section
2015-08-16 14:54 - 2015-08-16 14:54 - 00000000 ____D C:\Users\Susanne Ludewig\Desktop\GrabbedImages
2015-08-16 13:44 - 2015-08-16 15:22 - 00000000 ____D C:\ProgramData\360Quarant
2015-08-15 03:24 - 2015-08-15 03:24 - 00000000 ____D C:\Windows\system32\config\HiveBackup
2015-08-13 22:39 - 2015-08-18 13:41 - 00000000 ____D C:\FRST
2015-08-12 16:29 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 16:29 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 14:28 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 14:28 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 14:28 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 14:28 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 14:28 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 14:28 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-12 14:28 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 14:28 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 13:42 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 13:42 - 2015-07-15 20:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-12 13:42 - 2015-07-15 20:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-12 13:42 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 13:42 - 2015-07-15 20:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 13:42 - 2015-07-15 20:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-12 13:42 - 2015-07-15 20:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-12 13:42 - 2015-07-15 20:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-12 13:42 - 2015-07-15 20:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-12 13:42 - 2015-07-15 20:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-12 13:42 - 2015-07-15 20:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-12 13:42 - 2015-07-15 20:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-12 13:42 - 2015-07-15 20:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-12 13:42 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 13:42 - 2015-07-15 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-12 13:42 - 2015-07-15 20:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-12 13:42 - 2015-07-15 20:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-12 13:42 - 2015-07-15 20:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-12 13:42 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-12 13:42 - 2015-07-15 19:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 13:42 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-12 13:42 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-12 13:42 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-12 13:42 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-12 13:42 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-12 13:42 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-12 13:42 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-12 13:42 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-12 13:42 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-12 13:42 - 2015-07-15 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-12 13:42 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-12 13:42 - 2015-07-15 19:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-12 13:42 - 2015-07-15 19:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-12 13:42 - 2015-07-15 19:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-12 13:42 - 2015-07-15 19:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-12 13:42 - 2015-07-15 19:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-12 13:42 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-12 13:42 - 2015-07-15 19:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-12 13:42 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-12 13:42 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-12 13:42 - 2015-07-15 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-12 13:42 - 2015-07-15 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-12 13:42 - 2015-07-15 18:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-12 13:42 - 2015-07-15 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-12 13:42 - 2015-07-15 18:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 18:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 18:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 13:42 - 2015-07-15 18:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-12 13:42 - 2015-07-10 19:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 13:42 - 2015-07-10 19:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-12 13:42 - 2015-07-10 19:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-12 13:42 - 2015-07-10 19:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 13:42 - 2015-07-10 19:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-12 13:42 - 2015-07-10 19:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-12 13:41 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-12 13:41 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-12 13:41 - 2015-07-16 23:14 - 25192448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-12 13:41 - 2015-07-16 22:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-12 13:41 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-12 13:41 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-12 13:41 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 13:41 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 13:41 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-12 13:41 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 13:41 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-12 13:41 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 13:41 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 13:41 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-12 13:41 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 13:41 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 13:41 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-12 13:41 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 13:41 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-12 13:41 - 2015-07-16 22:20 - 19870208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-12 13:41 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-12 13:41 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 13:41 - 2015-07-16 22:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-12 13:41 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 13:41 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-12 13:41 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 13:41 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 13:41 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 13:41 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-12 13:41 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 13:41 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-12 13:41 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-12 13:41 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 13:41 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 13:41 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-12 13:41 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 13:41 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 13:41 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 13:41 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-12 13:41 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 13:41 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-12 13:41 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 13:41 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-12 13:41 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 13:41 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 13:41 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-12 13:41 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-12 13:41 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 13:41 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 13:41 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 13:41 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 13:41 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 13:41 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 13:41 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 13:41 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-12 13:41 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 13:41 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 13:41 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 13:41 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 13:41 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 13:41 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 13:39 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 13:39 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 13:39 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 13:39 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-12 13:39 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 13:39 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-12 13:39 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-12 13:39 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 13:39 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 13:39 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-12 13:39 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 13:39 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-12 13:39 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-12 13:39 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 13:39 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 13:39 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 13:39 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 13:39 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 13:39 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 13:39 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 13:39 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 13:39 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 13:39 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-12 13:39 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-12 13:39 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 13:39 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-12 13:39 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-12 13:39 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 13:39 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 13:39 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 13:39 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 13:39 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-12 13:39 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 13:39 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 13:39 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-12 13:39 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-12 13:39 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 13:39 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 13:39 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-12 13:39 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-12 13:39 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 13:39 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-12 13:39 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 13:39 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 13:39 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 13:39 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 13:39 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 13:39 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 13:39 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 13:39 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-08 11:20 - 2015-08-09 10:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-04 10:03 - 2015-08-04 10:03 - 00285664 _____ C:\Windows\Minidump\080415-26192-01.dmp
2015-08-04 08:37 - 2015-08-04 08:37 - 00002162 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2015-08-04 08:36 - 2015-08-04 08:38 - 00204760 _____ C:\Users\Susanne Ludewig\Downloads\googleearthinstall.log
2015-08-04 08:29 - 2015-08-04 08:30 - 36182856 _____ C:\Users\Susanne Ludewig\Downloads\GoogleEarthWin.exe
2015-07-26 16:44 - 2015-08-16 23:32 - 00000000 _RSHD C:\360SANDBOX
2015-07-25 10:02 - 2015-07-25 10:02 - 00000000 ____D C:\ProgramData\360TotalSecurity
2015-07-25 10:01 - 2015-07-25 10:07 - 00000000 ____D C:\ProgramData\360safe
2015-07-24 20:49 - 2015-07-09 05:45 - 00314448 _____ (Qihu 360 Software Co., Ltd.) C:\Windows\system32\Drivers\360fsflt.sys
2015-07-24 20:48 - 2015-07-24 20:48 - 00001159 _____ C:\Users\Public\Desktop\360 Total Security.lnk
2015-07-24 20:48 - 2015-07-24 20:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center
2015-07-24 20:48 - 2015-07-24 20:48 - 00000000 ____D C:\Program Files (x86)\360
2015-07-24 20:48 - 2015-07-09 05:45 - 00305736 _____ (360.cn) C:\Windows\system32\Drivers\360Box64.sys
2015-07-24 20:48 - 2015-07-09 05:45 - 00180816 _____ (Qihu 360 Software Co., Ltd.) C:\Windows\system32\Drivers\BAPIDRV64.SYS
2015-07-24 20:48 - 2015-07-09 05:45 - 00100424 _____ (360.cn) C:\Windows\system32\Drivers\360AntiHacker64.sys
2015-07-24 20:48 - 2015-07-09 05:45 - 00077896 _____ (360.cn) C:\Windows\system32\Drivers\360AvFlt.sys
2015-07-24 20:48 - 2015-07-09 05:45 - 00040520 _____ (360.cn) C:\Windows\system32\Drivers\360Camera64.sys
2015-07-19 21:10 - 2015-07-19 21:10 - 00362373 _____ C:\Users\Susanne Ludewig\Downloads\exifr300_e.zip
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-18 13:02 - 2013-01-04 22:40 - 01361612 _____ C:\Windows\WindowsUpdate.log
2015-08-18 12:51 - 2009-07-14 06:45 - 00024400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-18 12:51 - 2009-07-14 06:45 - 00024400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-18 12:44 - 2013-01-04 13:05 - 00000000 ____D C:\Users\Susanne Ludewig\Documents\Youcam
2015-08-18 12:43 - 2013-01-04 21:33 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-18 12:42 - 2010-11-21 05:47 - 01037886 _____ C:\Windows\PFRO.log
2015-08-18 12:42 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-18 12:42 - 2009-07-14 06:51 - 00145422 _____ C:\Windows\setupact.log
2015-08-18 12:41 - 2013-01-07 22:58 - 00001157 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-08-17 21:07 - 2012-01-06 19:54 - 00699666 _____ C:\Windows\system32\perfh007.dat
2015-08-17 21:07 - 2012-01-06 19:54 - 00149774 _____ C:\Windows\system32\perfc007.dat
2015-08-17 21:07 - 2009-07-14 07:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-17 21:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-08-17 17:50 - 2015-05-22 16:39 - 00001783 _____ C:\Users\Public\Desktop\VDownloader.lnk
2015-08-17 17:50 - 2015-04-19 10:00 - 00001081 _____ C:\Users\Public\Desktop\Mein CEWE FOTOBUCH.lnk
2015-08-17 17:50 - 2015-04-19 10:00 - 00001061 _____ C:\Users\Public\Desktop\CEWE FOTOSCHAU.lnk
2015-08-17 17:39 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-08-17 17:34 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-08-17 17:32 - 2009-07-14 04:34 - 77856768 _____ C:\Windows\system32\config\SOFTWARE.bak
2015-08-17 17:32 - 2009-07-14 04:34 - 72089600 _____ C:\Windows\system32\config\COMPONENTS.bak
2015-08-17 17:32 - 2009-07-14 04:34 - 19136512 _____ C:\Windows\system32\config\SYSTEM.bak
2015-08-17 17:32 - 2009-07-14 04:34 - 00339968 _____ C:\Windows\system32\config\DEFAULT.bak
2015-08-17 17:32 - 2009-07-14 04:34 - 00024576 _____ C:\Windows\system32\config\SECURITY.bak
2015-08-17 17:32 - 2009-07-14 04:34 - 00024576 _____ C:\Windows\system32\config\SAM.bak
2015-08-16 23:18 - 2015-07-10 19:28 - 00000000 ____D C:\$Windows.~BT
2015-08-16 22:37 - 2012-01-06 02:30 - 00000000 ____D C:\Windows\Panther
2015-08-16 17:36 - 2013-03-14 08:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-16 15:23 - 2014-08-10 20:33 - 00000000 ____D C:\Users\Susanne Ludewig\Downloads\EmergencyRoom
2015-08-16 15:22 - 2015-02-03 23:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GrabIt
2015-08-16 15:12 - 2015-02-22 15:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LEGO MINDSTORMS NXT 2.0
2015-08-16 15:04 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-08-16 14:54 - 2014-04-06 14:43 - 00000000 ____D C:\Users\Susanne Ludewig\AppData\Roaming\gsak
2015-08-16 14:51 - 2015-01-11 14:58 - 00000000 ____D C:\Users\Susanne Ludewig\Downloads\Parenthood
2015-08-16 14:51 - 2013-02-01 20:01 - 00000000 ____D C:\Users\Susanne Ludewig\Downloads\HIMYM
2015-08-16 13:44 - 2015-02-04 11:11 - 00000000 ____D C:\Users\Susanne Ludewig\AppData\Roaming\360safe
2015-08-16 13:44 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-08-16 13:44 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2015-08-16 12:43 - 2013-01-04 21:33 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-16 12:43 - 2013-01-04 21:33 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-16 11:08 - 2013-01-04 12:57 - 00078136 _____ C:\Users\Susanne Ludewig\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-16 11:06 - 2009-07-14 06:45 - 00328616 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-13 07:05 - 2015-04-08 17:27 - 00000000 ___SD C:\Windows\system32\GWX
2015-08-13 07:05 - 2014-12-13 10:43 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-13 07:05 - 2014-05-01 10:26 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-13 07:05 - 2013-03-14 08:45 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-13 07:05 - 2013-03-14 08:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-13 07:05 - 2013-01-30 12:01 - 00000000 ____D C:\Users\Susanne Ludewig\Documents\Audible
2015-08-13 07:05 - 2013-01-04 21:33 - 00000000 ____D C:\Windows\system32\Macromed
2015-08-13 07:05 - 2013-01-04 12:57 - 00000000 ____D C:\Users\Susanne Ludewig
2015-08-13 07:05 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-08-13 07:05 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-08-12 14:43 - 2013-01-04 21:33 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-09 14:53 - 2015-06-20 19:33 - 00000000 ____D C:\Users\Susanne Ludewig\Downloads\ONLEIHE
2015-08-09 10:44 - 2013-01-07 22:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-06 21:56 - 2014-12-18 08:47 - 00000000 ____D C:\Users\Susanne Ludewig\Documents\Dies&Das
2015-08-06 18:11 - 2013-11-17 04:07 - 00000000 ____D C:\Users\Susanne Ludewig\Documents\EigeneGeocaches
2015-08-06 16:30 - 2013-01-05 11:46 - 00000432 _____ C:\Windows\BRWMARK.INI
2015-08-04 12:53 - 2013-01-04 13:03 - 00000000 ____D C:\Windows\System32\Tasks\Fujitsu
2015-08-04 10:03 - 2014-05-26 19:39 - 00000000 ____D C:\Windows\Minidump
2015-08-04 10:03 - 2014-05-26 19:38 - 537477520 _____ C:\Windows\MEMORY.DMP
2015-08-04 09:18 - 2013-01-04 12:57 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-31 17:51 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-26 22:16 - 2013-01-04 15:23 - 00000000 ____D C:\Users\Susanne Ludewig\AppData\Roaming\vlc
2015-07-26 21:32 - 2013-01-24 22:06 - 00000000 ____D C:\Users\Susanne Ludewig\AppData\Local\CrashDumps
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-05-22 16:39 - 2010-01-26 11:11 - 0444283 _____ () C:\Program Files\Common Files\WinPcapNmap.exe
2006-12-11 19:13 - 2006-12-11 19:13 - 0097336 _____ (Un4seen Developments) C:\Users\Susanne Ludewig\AppData\Local\bass.dll
2006-12-11 19:13 - 2006-12-11 19:13 - 0013872 _____ (Un4seen Developments) C:\Users\Susanne Ludewig\AppData\Local\basscd.dll
2007-08-13 17:46 - 2007-08-13 17:46 - 0102912 _____ (Albert L Faber) C:\Users\Susanne Ludewig\AppData\Local\CDRip.dll
2007-01-18 21:09 - 2007-01-18 21:09 - 0623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\Susanne Ludewig\AppData\Local\No23 Recorder.exe
2015-06-21 19:41 - 2015-06-21 19:41 - 0001429 _____ () C:\Users\Susanne Ludewig\AppData\Local\RecConfig.xml
2015-04-24 12:52 - 2015-04-24 12:52 - 0032852 _____ () C:\Users\Susanne Ludewig\AppData\Local\recently-used.xbel
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-08-16 11:50
==================== Ende von Ergebnis ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:16-08-2015
durchgeführt von Susanne Ludewig (2015-08-18 13:42:17)
Gestartet von C:\Users\Susanne Ludewig\Desktop
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2454520521-1313131367-1046456688-500 - Administrator - Disabled)
Gast (S-1-5-21-2454520521-1313131367-1046456688-501 - Limited - Disabled)
Susanne Ludewig (S-1-5-21-2454520521-1313131367-1046456688-1001 - Administrator - Enabled) => C:\Users\Susanne Ludewig
UpdatusUser (S-1-5-21-2454520521-1313131367-1046456688-1000 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Microsoft Security Essentials (Disabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AV: 360 Total Security (Disabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
AS: 360 Total Security (Disabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
AS: Microsoft Security Essentials (Disabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 6.6.1.1016 - 360 Security Center)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Digital Editions 4.0 (HKLM-x32\...\Adobe Digital Editions 4.0) (Version: 4.0.3 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - ALPS ELECTRIC CO., LTD.)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-2454520521-1313131367-1046456688-1001\...\Amazon Amazon Music) (Version: 3.7.0.693 - Amazon Services LLC)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.15 - Audible, Inc.)
BackUp Maker (HKLM-x32\...\BackUp Maker_is1) (Version: 7.0.0.5 - ASCOMP Software GmbH)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.75.0.2014 - Georgy Berdyshev)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink YouCam 5 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.1521 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DeskUpdate 4.12 (HKLM-x32\...\DeskUpdate_is1) (Version: 4.12.0088 - Fujitsu Technology Solutions)
FJ Camera (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.52032.0_WHQL - Sonix)
Free YouTube to MP3 Converter version 3.12.54.128 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.54.128 - DVDVideoSoft Ltd.)
Fujitsu Hotkey Utility (HKLM-x32\...\InstallShield_{C8E4B31D-337C-483D-822D-16F11441669B}) (Version: 3.70.0.0 - FUJITSU LIMITED)
Fujitsu Hotkey Utility (x32 Version: 3.70.0.0 - FUJITSU LIMITED) Hidden
Fujitsu MobilityCenter Extension Utility (HKLM-x32\...\InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}) (Version: 3.01.00.002 - FUJITSU LIMITED)
Fujitsu MobilityCenter Extension Utility (Version: 3.01.00.002 - FUJITSU LIMITED) Hidden
Fujitsu System Extension Utility (HKLM-x32\...\InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}) (Version: 3.4.4.0 - FUJITSU LIMITED)
Fujitsu System Extension Utility (Version: 3.4.4.0 - FUJITSU LIMITED) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GrabIt 1.7.3 Beta (build 1010) (HKLM-x32\...\GrabIt_is1) (Version: - Ilan Shemes)
GSAK 8.4.1.29 (HKLM-x32\...\GSAK_is1) (Version: - CWE computer services)
HandBrake 0.10.2 (HKLM-x32\...\HandBrake) (Version: 0.10.2 - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2626 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed (HKLM\...\{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}) (Version: 15.0.0.0059 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{F0932859-AA60-459E-B843-0BDECA34E2C7}) (Version: 2.0.0.0086 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0642 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LEGO MINDSTORMS NXT - (Deutsch) Sprachenpaket (HKLM-x32\...\{611ED207-22E5-4543-B9D3-E73096759A4F}) (Version: 2.0.100.0 - The LEGO Group)
LEGO MINDSTORMS NXT Driver for x64 (HKLM\...\{74E85F31-573F-45BF-8939-4D2BCDCC2083}) (Version: 1.17.770 - LEGO)
LEGO MINDSTORMS NXT Migration Package (HKLM-x32\...\{6C1D47CC-682C-4673-8CA8-DEE659628599}) (Version: 1.2.8.0 - LEGO)
LIFEBOOK Application Panel (HKLM-x32\...\InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}) (Version: 8.3.2.0 - FUJITSU LIMITED)
LIFEBOOK Application Panel (Version: 8.3.2.0 - FUJITSU LIMITED) Hidden
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Media Go (HKLM-x32\...\{AF06B8FA-B916-4001-AE51-6645488DEF09}) (Version: 2.8.303 - Sony)
Media Go Network Downloader (HKLM-x32\...\{5562F05F-908C-4F15-9B3C-98D5FD32DCAB}) (Version: 1.5.19.0 - Sony)
Media Go Video Playback Engine 2.12.112.07010 (HKLM-x32\...\{2AC62059-C1F3-3332-14F7-BD4F8231FED9}) (Version: 2.12.112.07010 - Sony)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MyFreeCodec (HKU\S-1-5-21-2454520521-1313131367-1046456688-1001\...\MyFreeCodec) (Version: - )
NAVIGON Fresh 1.4.6 (HKLM-x32\...\NAVIGON Fresh) (Version: 1.4.6 - NAVIGON)
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
NVIDIA Graphics Driver 295.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 295.62 - NVIDIA Corporation)
Nvu 1.0 (HKLM-x32\...\Nvu_is1) (Version: 1.0 - Thorsten Fritz)
NWZ-E380 WALKMAN Guide (HKLM-x32\...\{D98ED583-338D-4425-B2EF-A4C7FB93CE88}) (Version: 2.2.0.05230 - Sony Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Plugfree NETWORK (HKLM\...\{7BA64D21-EE46-4a9a-8145-52B0175C3F86}) (Version: 6.2.0.1 - FUJITSU LIMITED)
Plugfree NETWORK (Version: 6.2.001 - FUJITSU LIMITED) Hidden
Power Saving Utility (HKLM-x32\...\{49A588CF-5FD4-4774-BFBF-0764287DE82B}) (Version: 32.01.10.038 - FUJITSU LIMITED)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6526 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7601.30129 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
VDownloader 4.0.1163 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version: - Vitzo Limited)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Willi wills wissen - Notruf - Retter im Einsatz (HKLM-x32\...\{2A8651D3-6385-4A43-A05B-F3FE94E2EAE0}) (Version: 1.00.000 - )
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
16-08-2015 17:34:47 Windows Update
16-08-2015 22:26:28 Konfiguriert Willi wills wissen - Notruf - Retter im Einsatz
16-08-2015 23:40:39 Windows Update
18-08-2015 13:29:00 JRT Pre-Junkware Removal
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2015-08-17 17:34 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {1419DD6B-0F12-4F51-8B12-728A2573BDA6} - System32\Tasks\BackUp_Maker-Susanne_Ludewig => C:\Program Files (x86)\ASCOMP Software\BackUp Maker\bkmaker.exe
Task: {7602F2F4-D138-4177-BD5F-0ECAC4FD687C} - \GoogleUpdateTaskMachineUA -> Keine Datei <==== ACHTUNG
Task: {95CCD9FD-4191-4D0B-8179-CB8A95E5F635} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {BBF2FAE7-476E-4CEB-B539-0ED863E56AFF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-16] (Adobe Systems Incorporated)
Task: {D35C8504-E265-46BC-B076-BC43AF276D95} - System32\Tasks\Fujitsu\DeskUpdate => c:\Fujitsu\Programs\DeskUpdate\ducmd.exe [2011-11-10] (Fujitsu Technology Solutions)
Task: {E3CCC28D-34A7-4967-BBF7-1C410A1F3466} - \GoogleUpdateTaskMachineCore -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-07-24 20:48 - 2015-07-09 05:45 - 00613968 _____ () C:\Program Files (x86)\360\Total Security\MenuEx64.dll
2015-07-24 20:48 - 2015-07-09 05:45 - 01020536 _____ () C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2454520521-1313131367-1046456688-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Susanne Ludewig\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{5A973C04-8A01-444A-9F62-4D661732E8C9}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{85B8AFFC-FDBE-47F1-89AB-A327D757ED9F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{138880AE-4B88-40CE-B48D-EDD4DF3981B7}] => (Allow) LPort=2869
FirewallRules: [{EFA81EDC-3389-454E-AA74-F78F1BA27D4B}] => (Allow) LPort=1900
FirewallRules: [{7BF651F7-68D9-44DC-84A9-3EC9698B7E2E}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{711C483B-EF22-4CDF-A9A4-936823FA522B}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{AB78AF93-C707-438C-B39D-D373DFF942F8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9A83D8DB-FC1E-4290-BCC4-A043847EF42C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D8360459-C02C-41F7-8825-D0357EDBAA5B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B9D0DD23-217B-42BA-8C33-829B2537C879}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9E3F8869-D1CA-416E-979E-0061E9E210B8}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{487091B5-24A5-446A-AE16-1DA33F3C964C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E50B70E9-643D-4BAC-928A-88FA1BAA0A40}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B11D2C85-A252-407E-B36A-06527906C95F}] => (Allow) C:\Program Files\360\360 Internet Security\safemon\360Tray.exe
FirewallRules: [{6C2C9ECB-9E7D-4D4B-847C-F15AFC727D48}] => (Allow) C:\Program Files\360\360 Internet Security\safemon\360Tray.exe
FirewallRules: [{238BFC44-9EF7-4C0E-9771-C05E868D2F71}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{027A6FAF-AAAF-45A7-BF1C-3201C3DC738F}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{B1E60322-10BB-414F-A86C-8265D94CF5F9}] => (Allow) C:\Program Files\360\360 Internet Security\UpTip.exe
FirewallRules: [{BCB5B658-DCC5-47F7-B12D-3C5BF269246A}] => (Allow) C:\Program Files\360\360 Internet Security\UpTip.exe
FirewallRules: [{A1103A2F-B807-4EAB-AD4E-0BEBEE4D9EC5}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{57F148A1-52A8-4178-B500-24200989977D}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/18/2015 12:43:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/18/2015 08:22:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/17/2015 08:56:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/17/2015 06:13:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 938627
Error: (08/17/2015 06:13:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 938627
Error: (08/17/2015 06:13:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/17/2015 05:58:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6630
Error: (08/17/2015 05:58:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6630
Error: (08/17/2015 05:58:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/17/2015 05:58:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5600
Systemfehler:
=============
Error: (08/18/2015 01:42:21 PM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "C:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Error: (08/18/2015 01:42:16 PM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "C:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Error: (08/18/2015 01:42:11 PM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "C:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Error: (08/18/2015 01:42:06 PM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "C:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Error: (08/18/2015 01:42:01 PM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "C:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Error: (08/18/2015 01:41:56 PM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "C:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Error: (08/18/2015 01:41:51 PM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "C:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Error: (08/18/2015 01:41:45 PM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "C:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Error: (08/18/2015 01:41:40 PM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "C:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Error: (08/18/2015 01:41:35 PM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "C:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Microsoft Office:
=========================
Error: (08/18/2015 12:43:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/18/2015 08:22:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/17/2015 08:56:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/17/2015 06:13:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 938627
Error: (08/17/2015 06:13:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 938627
Error: (08/17/2015 06:13:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/17/2015 05:58:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6630
Error: (08/17/2015 05:58:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6630
Error: (08/17/2015 05:58:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/17/2015 05:58:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5600
CodeIntegrity:
===================================
Date: 2015-08-18 13:41:28.446
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-18 13:18:30.273
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-18 12:43:56.971
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-18 09:58:36.808
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-18 09:39:40.757
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-18 09:26:41.537
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-18 08:23:19.246
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-17 20:56:49.621
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-17 17:43:22.895
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-17 17:35:31.477
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 23%
Installierter physikalischer RAM: 8052.3 MB
Verfügbarer physikalischer RAM: 6140.91 MB
Summe virtueller Speicher: 16102.8 MB
Verfügbarer virtueller Speicher: 14123.41 MB
==================== Laufwerke ================================
Drive c: (System) (Fixed) (Total:681.63 GB) (Free:336.8 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: B8755606)
Partition 1: (Active) - (Size=2 GB) - (Type=27)
Partition 2: (Not Active) - (Size=696.6 GB) - (Type=OF Extended)
==================== Ende von Ergebnis ============================
|
|
19.08.2015, 07:30
| #15 |
| /// the machine /// TB-Ausbilder | Windows 7 bootet nicht mehr, nur Sperrbildschirm! FRST-Scan ist erfolgt.ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windows 7 bootet nicht mehr, nur Sperrbildschirm! FRST-Scan ist erfolgt. |
| adobe flash player, conduit-search, conduit-search entfernen, corp./icp, defender, dnsapi.dll, explorer, flash player, microsoft, pup.optional.babylon.a, pup.optional.conduit.a, pup.optional.datamangr.a, pup.optional.datamngr.a, pup.optional.delta.shrtcln, pup.optional.opencandy, pup.optional.opencandy.a, pup.optional.searchprotect.a, pup.optional.softonic.a, registry, security, services.exe, software, svchost.exe, winlogon.exe |
WARNUNG an die MITLESER: 
Linear-Darstellung
