Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Email- Konto gehackt?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 16.08.2015, 17:43   #1
günni42
 
Email- Konto gehackt? - Standard

Email- Konto gehackt?



Hallo Trojanerteam,

gestern bekam ich einen Anruf von einem Freund, der mich fragte, was ich ihm denn für eine Mail geschickt habe, mit einem Link (nach Polen), den er leichtsinnigerweise angeklickt hat. Da verschickt also 'Jemand' bzw. ein 'Programm' - mit meiner Mailadresse als Absender - Mails an Personen aus meinen Kontakten, aber auch an andere Personen. Die Namen werden offenbar auch mit anderen Netzen bzw. Providern kombiniert (...Name@vpstux3.its-gbr.de. oder ...Name@host ns1.dinamocms.com). Was falsch ist, kommt dann vom Mailer-Daemon zurück an mich.

Ob das Folgende was mit dem oben Geschilderten zu tun hat, weiß ich nicht: vor ein paar Tagen hatte ich einen Bluescreen (' ... um den Computer vor Schaden zu bewahren ...').

Seit ca. 1 Jahr verweigert die Maus , egal ob USB oder BT in unregelmäßigen Abständen den Dienst. Da hilft nur USB-Stecker ziehen bzw. Aus- Einschalten der BT-Maus.

Schon jetzt vielen Dank für Eure Mühen! günni42

Avira meldet keine Funde

- gmer muß ich noch nachliefern, ist zu groß ( 8178 ohne 13795 mit Leerzeichen) -
(Zit. 'Vermeide es auf Dein Thema selbst zu antworten')

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 15.08.2015
Suchlaufzeit: 15:37
Protokolldatei: MWB-Scan_150815.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.08.15.03
Rootkit-Datenbank: v2015.08.06.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Admi_günter

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 524792
Abgelaufene Zeit: 16 Min., 42 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 1
PUP.Optional.AskAPN.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4646332D-5350-006A-76A7-A758B70C1200}, In Quarantäne, [a8771bee09826ec8aed49e7d2fd426da], 

Registrierungswerte: 1
PUP.Optional.AskAPN.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4646332D-5350-006A-76A7-A758B70C1200}|InstallSource, C:\ProgramData\APN\APN-Stub\FF3-SP\, In Quarantäne, [a8771bee09826ec8aed49e7d2fd426da]

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:14-08-2015 01
durchgeführt von Admi_günter (Administrator) auf RECHNER_*** (15-08-2015 18:46:39)
Gestartet von C:\Users\Günter\Downloads
Geladene Profile: Günter & Admi_günter &  (Verfügbare Profile: Günter & Admi_günter & Christine)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(O3SIS AG) C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Users\Günter\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Alcor Micro Corp.) C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
() C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManager.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 8.0\PhotoshopElementsEditor.exe
(Acresso Software Inc.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_18_0_0_232_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-23] (Realtek Semiconductor)
HKLM\...\Run: [RunDLLEntry_THXCfg] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM\...\Run: [RunDLLEntry_EptMon] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\EptMon64.dll,RunDLLEntry EptMon64
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ShwiconXP9106] => C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe [237568 2010-03-10] (Alcor Micro Corp.)
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe [963584 2009-12-01] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-10-01] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-09-17] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe [75048 2010-10-27] (cyberlink)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-06-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-07-28] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-07-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKLM\...\RunOnce: [PC-Doctor for Windows REBOOT] => [X]
HKLM-x32\...\RunOnce: [Launcher] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe [163040 2010-08-11] (Softthinks)
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] => C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe [54072 2015-04-14] (Malwarebytes Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [CAHeadless] => c:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe [615808 2009-09-18] (Adobe Systems Incorporated)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6129496 2011-01-13] (Logitech Inc.)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1084800 2012-04-25] (Nokia)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [DataSync Outlook] => C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe [720896 2009-12-07] (O3SIS AG)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [Amazon Cloud Player] => C:\Users\Günter\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2014-05-08] ()
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CAHeadless] => c:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe [615808 2009-09-18] (Adobe Systems Incorporated)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6129496 2011-01-13] (Logitech Inc.)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1084800 2012-04-25] (Nokia)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DataSync Outlook] => C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe [720896 2009-12-07] (O3SIS AG)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Amazon Cloud Player] => C:\Users\Günter\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2014-05-08] ()
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6129496 2011-01-13] (Logitech Inc.)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\...\Run: [] => [X]
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\...\Run: [DataSync Outlook] => C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe [720896 2009-12-07] (O3SIS AG)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202080 2014-06-16] (Kaspersky Lab ZAO)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\...\RunOnce: [Adobe Speed Launcher] => 1427060868
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6129496 2011-01-13] (Logitech Inc.)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [] => [X]
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DataSync Outlook] => C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe [720896 2009-12-07] (O3SIS AG)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202080 2014-06-16] (Kaspersky Lab ZAO)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Adobe Speed Launcher] => 1427060868
HKU\S-1-5-21-1916591956-2551971433-4189181994-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6129496 2011-01-13] (Logitech Inc.)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [DataSync Outlook] => C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe [720896 2009-12-07] (O3SIS AG)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6129496 2011-01-13] (Logitech Inc.)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DataSync Outlook] => C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe [720896 2009-12-07] (O3SIS AG)
Startup: C:\Users\Admi_günter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2011-06-15]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Admi_günter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Versandhelfer.lnk [2012-02-11]
ShortcutTarget: Versandhelfer.lnk -> C:\Program Files (x86)\Versandhelfer\Versandhelfer.exe (Keine Datei)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2011-06-07]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Günter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2011-06-13]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicyScripts-x32: Gruppenrichtline erkannt <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://ixquick.com/deu/
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://ixquick.com/deu/
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://ixquick.com/deu/?
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://ixquick.com/deu/?
HKU\S-1-5-21-1916591956-2551971433-4189181994-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.search.ask.com/?tpid=FF3-SP&o=APN11414&pf=V7&trgb=IE&p2=%5EBBM%5Eaaa155%5EYY%5EDE&gct=hp&apn_ptnrs=%5EBBM&apn_dtid=%5Eaaa155%5EYY%5EDE&apn_dbr=iexplore.exe_6_11.0.9600.17280&apn_uid=E06E78F2-71B2-4AD9-8284-F83C3CD00A9F&itbv=12.17.1.2464&doi=2014-10-10&psv=&pt=tb
HKU\S-1-5-21-1916591956-2551971433-4189181994-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
HKU\S-1-5-21-1916591956-2551971433-4189181994-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.search.ask.com/?tpid=FF3-SP&o=APN11414&pf=V7&trgb=IE&p2=%5EBBM%5Eaaa155%5EYY%5EDE&gct=hp&apn_ptnrs=%5EBBM&apn_dtid=%5Eaaa155%5EYY%5EDE&apn_dbr=iexplore.exe_6_11.0.9600.17280&apn_uid=E06E78F2-71B2-4AD9-8284-F83C3CD00A9F&itbv=12.17.1.2464&doi=2014-10-10&psv=&pt=tb
HKU\S-1-5-21-1916591956-2551971433-4189181994-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
SearchScopes: HKLM -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1000 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1000 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = 
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = 
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1003 -> DefaultScope {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1003 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1003 -> {E935E8C2-8F33-448E-8292-885736E481FE} URL = hxxp://ixquick.com/do/metasearch.pl?query={searchTerms}&cat=web&pl=ie&language=deutsch
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {E935E8C2-8F33-448E-8292-885736E481FE} URL = hxxp://ixquick.com/do/metasearch.pl?query={searchTerms}&cat=web&pl=ie&language=deutsch
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll [2013-04-08] (pdfforge GmbH)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
DPF: HKLM-x32 {0742B9EF-8C83-41CA-BFBA-830A59E23533} hxxps://oas.support.microsoft.com/ActiveX/MSDcode.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/3,0,0,6538/mcfscan.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{D1A003C6-1664-4416-B03E-A904900A29D8}: [DhcpNameServer] 192.168.2.1 192.168.2.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\system32\npDeployJava1.dll [2013-02-13] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-04-04] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2012-04-25] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-14] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-08-27]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-07-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-07-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-07-28] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-07-28] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [218816 2015-07-02] (Avira Operations GmbH & Co. KG)
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [236016 2010-10-26] (CyberLink)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
R2 KSS; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202080 2014-06-16] (Kaspersky Lab ZAO)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162528 2015-07-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-04] (Avira Operations GmbH & Co. KG)
S3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [34672 2011-03-29] (REINER SCT)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir3.sys [33792 2010-06-03] (Hauppauge Computer Works, Inc.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 MEMSWEEP2; C:\Windows\system32\F492.tmp [6144 2011-05-12] (Sophos Plc) [Datei ist nicht signiert]
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2014-08-06] ()
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-15 18:38 - 2015-08-15 18:39 - 00038767 _____ C:\Users\Günter\Downloads\Addition.txt
2015-08-15 18:37 - 2015-08-15 18:46 - 00032491 _____ C:\Users\Günter\Downloads\FRST.txt
2015-08-15 18:36 - 2015-08-15 18:46 - 00000000 ____D C:\FRST
2015-08-15 18:30 - 2015-08-15 18:30 - 02173952 _____ (Farbar) C:\Users\Günter\Downloads\FRST64.exe
2015-08-15 18:26 - 2015-08-15 18:26 - 00000484 _____ C:\Users\Günter\Desktop\defogger_disable.log
2015-08-15 18:26 - 2015-08-15 18:26 - 00000000 _____ C:\Users\Admi_günter\defogger_reenable
2015-08-15 18:23 - 2015-08-15 18:25 - 00050477 _____ C:\Users\Günter\Downloads\Defogger.exe
2015-08-15 17:46 - 2015-08-15 17:46 - 00000000 ____D C:\Program Files\Common Files\AV
2015-08-15 17:46 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-08-14 16:26 - 2015-08-14 16:26 - 00000000 ____D C:\Users\Günter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2015-08-13 07:50 - 2015-08-13 07:50 - 00001022 _____ C:\Users\Günter\Desktop\E-Mail.url
2015-08-12 22:02 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 22:02 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 08:30 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 08:30 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 08:30 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 08:30 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 08:30 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 08:30 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-12 08:30 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 08:30 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 08:28 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-12 08:28 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-12 08:28 - 2015-07-16 23:14 - 25192448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-12 08:28 - 2015-07-16 22:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-12 08:28 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-12 08:28 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-12 08:28 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 08:28 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 08:28 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-12 08:28 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 08:28 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-12 08:28 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 08:28 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 08:28 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-12 08:28 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 08:28 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 08:28 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-12 08:28 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 08:28 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-12 08:28 - 2015-07-16 22:20 - 19870208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-12 08:28 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-12 08:28 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 08:28 - 2015-07-16 22:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-12 08:28 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 08:28 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-12 08:28 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 08:28 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 08:28 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 08:28 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-12 08:28 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 08:28 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-12 08:28 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-12 08:28 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 08:28 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 08:28 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-12 08:28 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 08:28 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 08:28 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 08:28 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-12 08:28 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 08:28 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-12 08:28 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 08:28 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-12 08:28 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 08:28 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 08:28 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-12 08:28 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-12 08:28 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 08:28 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 08:28 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 08:28 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 08:28 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 08:28 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-12 08:28 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-12 08:28 - 2015-07-16 21:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 08:28 - 2015-07-16 21:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-12 08:28 - 2015-07-16 21:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-12 08:28 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 08:28 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 08:28 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 08:28 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-12 08:28 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 08:28 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 08:28 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 08:28 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 08:28 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 08:28 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 08:28 - 2015-07-15 20:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-12 08:28 - 2015-07-15 20:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-12 08:28 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 08:28 - 2015-07-15 20:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 08:28 - 2015-07-15 20:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-12 08:28 - 2015-07-15 20:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-12 08:28 - 2015-07-15 20:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-12 08:28 - 2015-07-15 20:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-12 08:28 - 2015-07-15 20:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-12 08:28 - 2015-07-15 20:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-12 08:28 - 2015-07-15 20:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-12 08:28 - 2015-07-15 20:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 08:28 - 2015-07-15 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-12 08:28 - 2015-07-15 20:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-12 08:28 - 2015-07-15 20:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-12 08:28 - 2015-07-15 20:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-12 08:28 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-12 08:28 - 2015-07-15 19:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 08:28 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-12 08:28 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-12 08:28 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-12 08:28 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-12 08:28 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-12 08:28 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-12 08:28 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-12 08:28 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-12 08:28 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-12 08:28 - 2015-07-15 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-12 08:28 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-12 08:28 - 2015-07-15 19:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-12 08:28 - 2015-07-15 19:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-12 08:28 - 2015-07-15 19:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-12 08:28 - 2015-07-15 19:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-12 08:28 - 2015-07-15 19:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-12 08:28 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-12 08:28 - 2015-07-15 19:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-12 08:28 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-12 08:28 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-12 08:28 - 2015-07-15 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-12 08:28 - 2015-07-15 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-12 08:28 - 2015-07-15 18:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-12 08:28 - 2015-07-15 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-12 08:28 - 2015-07-15 18:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 18:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 18:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 18:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 08:28 - 2015-07-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-08-12 08:27 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-12 08:27 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 08:27 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 08:27 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-12 08:27 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 08:27 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-12 08:27 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-12 08:27 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 08:27 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 08:27 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 08:27 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 08:27 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 08:27 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-12 08:27 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-12 08:27 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 08:27 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 08:27 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-12 08:27 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-12 08:27 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 08:27 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 08:27 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 08:27 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 08:25 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 08:25 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-12 08:25 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 08:25 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 08:25 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 08:25 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 08:25 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-12 08:25 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 08:25 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-12 08:25 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 08:25 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 08:25 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 08:25 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-31 22:22 - 2015-07-31 22:40 - 00000000 ____D C:\Users\Public\Documents\QV7_Data
2015-07-28 20:08 - 2015-07-28 20:28 - 3268147200 _____ C:\Users\Günter\Downloads\WIN_7_HOME_MAR_64.iso
2015-07-25 23:36 - 2015-07-25 23:43 - 00003484 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask
2015-07-25 23:36 - 2015-07-25 23:36 - 00004048 _____ C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2015-07-25 23:36 - 2015-07-25 23:36 - 00003236 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest
2015-07-25 23:36 - 2015-07-25 23:36 - 00000000 ____D C:\ProgramData\PC-Doctor for Windows
2015-07-25 23:36 - 2015-07-25 23:36 - 00000000 ____D C:\Program Files\Dell Support Center
2015-07-25 23:36 - 2015-07-25 23:36 - 00000000 ____D C:\Program Files\Dell
2015-07-25 23:28 - 2015-07-25 23:28 - 00000000 ____D C:\Users\Günter\AppData\Local\Dell Edoc Viewer
2015-07-22 21:15 - 2015-07-22 21:15 - 00074703 _____ C:\Windows\SysWOW64\mfc45.dat
2015-07-22 21:15 - 2015-07-22 21:15 - 00001181 _____ C:\Users\Admi_günter\Desktop\System Checkup.lnk
2015-07-22 21:15 - 2015-07-22 21:15 - 00000000 ____D C:\ProgramData\iolo
2015-07-22 21:15 - 2015-07-22 21:15 - 00000000 ____D C:\Program Files (x86)\iolo

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-15 18:47 - 2011-12-20 20:28 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-15 18:26 - 2011-06-12 17:32 - 00000000 ____D C:\Users\Admi_günter
2015-08-15 18:10 - 2009-07-14 06:45 - 00028128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-15 18:10 - 2009-07-14 06:45 - 00028128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-15 18:05 - 2012-08-24 00:41 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-15 18:04 - 2011-06-17 14:09 - 00000000 _____ C:\Windows\system32\Drivers\lvuvc.hs
2015-08-15 17:46 - 2013-04-18 22:52 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-15 17:28 - 2011-06-07 16:17 - 01731428 _____ C:\Windows\WindowsUpdate.log
2015-08-15 17:25 - 2011-06-14 15:32 - 00000000 ____D C:\Users\Günter\Documents\Outlook-Dateien
2015-08-15 17:07 - 2011-06-15 17:24 - 00000000 ____D C:\Users\Admi_günter\Documents\Outlook-Dateien
2015-08-15 15:37 - 2015-03-21 21:38 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-15 15:36 - 2015-03-21 21:38 - 00001108 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-08-15 15:36 - 2015-03-21 21:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-08-15 15:36 - 2015-03-21 21:38 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-08-14 22:59 - 2011-12-20 20:28 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-14 16:26 - 2015-04-11 07:14 - 00008289 _____ C:\Windows\setupact.log
2015-08-14 14:17 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-08-13 15:39 - 2013-09-03 15:45 - 00000219 _____ C:\Users\Günter\Desktop\www_ixquick Suche.url
2015-08-12 23:27 - 2015-05-30 21:06 - 00000458 _____ C:\Users\Günter\Desktop\www_PayPal.url
2015-08-12 23:24 - 2010-11-21 08:50 - 00702964 _____ C:\Windows\system32\perfh007.dat
2015-08-12 23:24 - 2010-11-21 08:50 - 00150604 _____ C:\Windows\system32\perfc007.dat
2015-08-12 23:24 - 2009-07-14 07:13 - 01629436 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-12 23:18 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-12 22:26 - 2009-07-14 06:45 - 00489808 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-12 22:24 - 2015-04-26 16:55 - 00023808 _____ C:\Windows\PFRO.log
2015-08-12 22:24 - 2014-12-11 16:36 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-12 22:24 - 2014-05-06 22:34 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-12 22:02 - 2013-03-13 00:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 22:02 - 2013-03-13 00:40 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-12 22:02 - 2013-03-13 00:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-12 22:01 - 2011-06-13 01:33 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-12 21:57 - 2013-08-15 21:53 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 21:57 - 2009-07-14 04:34 - 00000510 _____ C:\Windows\win.ini
2015-08-12 21:47 - 2011-06-10 22:26 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-12 19:05 - 2012-08-24 00:41 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-12 19:05 - 2012-04-09 10:39 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-12 19:05 - 2011-06-19 14:29 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-06 20:10 - 2011-06-16 21:23 - 00000000 ____D C:\Users\Günter\Documents\Computer, Treiber, Internet
2015-08-05 17:58 - 2011-06-16 21:28 - 00000000 ____D C:\Users\Günter\Documents\Telekom
2015-08-01 00:16 - 2013-09-08 23:50 - 00000000 ____D C:\Program Files (x86)\TTQV4
2015-07-31 22:44 - 2011-06-14 21:28 - 00000064 _____ C:\Windows\control.ini
2015-07-31 22:22 - 2015-02-28 00:50 - 00001074 _____ C:\Users\Admi_günter\Desktop\QuoVadis 7.lnk
2015-07-31 22:22 - 2015-02-28 00:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuoVadis 7
2015-07-31 22:22 - 2013-09-15 12:21 - 00000000 ____D C:\Program Files (x86)\QuoVadis7
2015-07-30 21:56 - 2015-01-24 18:20 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-30 21:56 - 2015-01-24 18:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-07-28 20:51 - 2011-06-10 18:54 - 00000000 ____D C:\Users\Günter\AppData\Roaming\Roxio
2015-07-28 13:19 - 2015-01-24 18:21 - 00162528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-07-28 13:19 - 2015-01-24 18:21 - 00141416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-07-28 08:23 - 2011-02-11 19:13 - 00000000 ____D C:\Windows\panther
2015-07-28 08:17 - 2015-07-10 19:28 - 00000000 ___HD C:\$Windows.~BT
2015-07-25 23:43 - 2011-06-17 14:09 - 00099106 _____ C:\Windows\system32\lvcoinst.log
2015-07-25 23:37 - 2012-05-06 16:53 - 00000000 ____D C:\Users\Admi_günter\AppData\Roaming\PCDr
2015-07-25 23:36 - 2011-06-12 17:00 - 00000000 ____D C:\ProgramData\PCDr
2015-07-25 23:36 - 2011-06-07 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-07-25 22:34 - 2015-04-04 23:37 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-21 17:47 - 2014-12-12 08:40 - 00002021 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2015-07-21 17:47 - 2011-06-07 16:41 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-07-21 17:45 - 2015-05-17 23:22 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-20 17:55 - 2015-04-04 23:37 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-16 07:19 - 2015-01-02 17:17 - 00000000 __SHD C:\Users\Admi_günter\AppData\Local\EmieBrowserModeList
2015-07-16 07:19 - 2014-05-23 22:29 - 00000000 __SHD C:\Users\Admi_günter\AppData\Local\EmieUserList
2015-07-16 07:19 - 2014-05-23 22:29 - 00000000 __SHD C:\Users\Admi_günter\AppData\Local\EmieSiteList
2015-07-16 07:15 - 2011-06-16 21:23 - 00000000 ____D C:\Users\Günter\Documents\Bild- Scans; OCR
2015-07-16 06:43 - 2015-02-16 00:27 - 00000430 _____ C:\Windows\Tasks\Defraggler Volume C Task.job
2015-07-16 06:41 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2012-04-13 23:18 - 2012-04-13 23:18 - 0000361 _____ () C:\Users\Admi_günter\AppData\Roaming\dpdhl.versandhelfer_state.xml
2011-11-05 19:48 - 2011-11-30 16:16 - 0124657 _____ () C:\Users\Admi_günter\AppData\Local\ars.cache
2011-11-05 19:48 - 2011-11-30 16:16 - 0920400 _____ () C:\Users\Admi_günter\AppData\Local\census.cache
2013-07-31 10:43 - 2013-07-31 10:43 - 0003584 _____ () C:\Users\Admi_günter\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-11-05 19:41 - 2011-11-05 19:41 - 0000036 _____ () C:\Users\Admi_günter\AppData\Local\housecall.guid.cache
2011-06-29 12:18 - 2015-05-17 23:45 - 0007646 _____ () C:\Users\Admi_günter\AppData\Local\Resmon.ResmonCfg
2013-05-02 22:40 - 2013-05-02 22:40 - 0000056 _____ () C:\ProgramData\3mj1ol.bat
2013-05-02 22:40 - 2013-05-02 22:49 - 95023320 ____T () C:\ProgramData\3mj1ol.pad
2013-05-02 22:40 - 2013-05-02 22:40 - 0000152 _____ () C:\ProgramData\3mj1ol.reg
2013-05-02 22:40 - 2013-05-02 22:49 - 0000000 _____ () C:\ProgramData\as98213.txt
2011-06-22 15:58 - 2011-06-22 15:58 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\3mj1ol.bat
C:\ProgramData\3mj1ol.pad
C:\ProgramData\3mj1ol.reg


Einige Dateien in TEMP:
====================
C:\Users\Christine\AppData\Local\Temp\avgnt.exe
C:\Users\Günter\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-14 14:09

==================== Ende von Ergebnis ============================
         
Code:
ATTFilter
 Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:14-08-2015 01
durchgeführt von Günter (2015-08-15 18:38:42)
Gestartet von C:\Users\Günter\Downloads
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1916591956-2551971433-4189181994-500 - Administrator - Disabled)
Admi_günter (S-1-5-21-1916591956-2551971433-4189181994-1003 - Administrator - Enabled) => C:\Users\Admi_günter
Christine (S-1-5-21-1916591956-2551971433-4189181994-1004 - Limited - Enabled) => C:\Users\Christine
Gast (S-1-5-21-1916591956-2551971433-4189181994-501 - Limited - Disabled)
Günter (S-1-5-21-1916591956-2551971433-4189181994-1000 - Limited - Enabled) => C:\Users\Günter
HomeGroupUser$ (S-1-5-21-1916591956-2551971433-4189181994-1006 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (HKLM-x32\...\Adobe Photoshop Elements 8.0) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 8.0 (HKLM-x32\...\PremElem80) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 8.0 Templates (HKLM-x32\...\PremElem80Templates) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.15) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
Amazon Cloud Player (HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Amazon Amazon Cloud Player) (Version: 2.4.0.33 - Amazon Services LLC)
Amazon Cloud Player (HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Amazon Amazon Cloud Player) (Version: 2.4.0.33 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{20384EBF-4F10-13F0-07C6-7A6C87FD83DF}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI AVIVO64 Codecs (Version: 11.6.0.51125 - ATI Technologies Inc.) Hidden
Avira (HKLM-x32\...\{a5e00a72-db4a-4f77-8874-d1265b8fcd7e}) (Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.408 - Avira Operations GmbH & Co. KG)
CameraHelperMsi (x32 Version: 13.50.854.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
CyberLink PowerDVD 9.5 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.3426 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DataSync Outlook (HKLM-x32\...\InstallShield_{1C9171AC-5519-4DF4-B44D-B28F678DEB4C}) (Version: 7.00.2906 - O3SIS IT AG)
DataSync Outlook (x32 Version: 7.00.2906 - O3SIS IT AG) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.17 - Piriform)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version:  - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.47 - Dell)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{17407164-F2AD-4E04-886B-8060D503F21C}) (Version: 1.4.162.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.30 - ArcSoft)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.10 - Dell)
Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.1.1.1408 - CyberLink Corp.)
Dell VideoStage (x32 Version: 1.1.1.1408 - CyberLink Corp.) Hidden
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
EAGLE 6.5.0 (HKLM-x32\...\EAGLE 6.5.0) (Version: 6.5.0 - CadSoft Computer GmbH)
eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)
EPSON Attach To Email (HKLM-x32\...\InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}) (Version: 1.01.0000 - SEIKO EPSON)
EPSON Attach To Email (x32 Version: 1.01.0000 - SEIKO EPSON) Hidden
EPSON File Manager (HKLM-x32\...\{D02F30FB-0BC4-419A-9B9C-ADC610029B50}) (Version: 1.3.2.0 - )
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.34.00 - SEIKO EPSON CORPORATION)
EPSON Scan Assistant (HKLM-x32\...\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}) (Version: 1.10.00 - )
EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version:  - )
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Greenfish Icon Editor Pro 3.31 (HKLM-x32\...\{27135B83-5AFF-42A3-BCEB-E689BE9E2090}_is1) (Version:  - Greenfish Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
Internet-TV für Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Security Scan (HKLM-x32\...\InstallWIX_{D1282694-0693-41A8-ABC1-6D1FFC1F65C4}) (Version: 12.0.1.881 - Kaspersky Lab)
Kaspersky Security Scan (x32 Version: 12.0.1.881 - Kaspersky Lab) Hidden
Logitech Vid HD (HKLM-x32\...\Logitech Vid) (Version: 7.2 (7248) - Logitech Inc..)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.0 - Logitech Inc.)
LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden
MagicMaps Baden-Württemberg 3.0 (HKLM-x32\...\{F9A536B2-61B8-418C-AA23-258E2CCF4FB1}) (Version: 3.0 - MagicMaps)
MagicMaps Bayern 3.0 (HKLM-x32\...\{9CAD9741-F868-4D22-8D98-5AE8F65A4A9D}) (Version: 3.0 - MagicMaps)
MagicMaps Berlin Brandenburg Sachsen-Anhalt 3.0 (HKLM-x32\...\{86E3BE15-66B5-4775-862F-9C8A6C67C7C5}) (Version: 3.0 - MagicMaps)
MagicMaps Hessen Rheinland-Pfalz Saarland 3.0 (HKLM-x32\...\{8E7C9790-9804-44E9-8B50-34D5F448570B}) (Version: 3.0 - MagicMaps)
MagicMaps Niedersachsen Bremen 3.0 (HKLM-x32\...\{37C70729-A5AE-4894-AAB7-ADB8A2A8DD0E}) (Version: 3.0 - MagicMaps)
MagicMaps Nordrhein-Westfalen 3.0 (HKLM-x32\...\{C1918F8D-03AC-49D1-BA57-22A1AC3F672A}) (Version: 3.0 - MagicMaps)
MagicMaps Sachsen Thüringen 3.0 (HKLM-x32\...\{30D14A06-9B5B-4CA0-84E7-DBD16D5678F5}) (Version: 3.0 - MagicMaps)
MagicMaps Schleswig-Holstein Hamburg Mecklenburg-Vorpommern 3.0 (HKLM-x32\...\{8191A649-0833-44B4-BCC0-422227A67FA7}) (Version: 3.0 - MagicMaps)
MagicMaps Support und Update Tool (HKLM-x32\...\{0CA1C412-6716-40E8-B033-006002E7F7EC}) (Version: 1.1.3 - MagicMaps)
MagicMaps Tour Explorer Deutschland (HKLM-x32\...\{655B0665-7688-4269-B5B0-EC2D8F62D8B7}) (Version: 3.0.6 - MagicMaps)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Multimedia Card Reader (HKLM-x32\...\InstallShield_{41068A8C-3F30-46B6-978A-EA692F28D1AF}) (Version: 1.7.915.93 - Fitipower)
Multimedia Card Reader (x32 Version: 1.7.915.93 - Fitipower) Hidden
Nikon Scan (HKLM-x32\...\{9AE4AC96-A5F4-4F19-9D13-066C8B3CE034}) (Version:  - )
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.4.40.0 - Nokia)
Nokia Suite (x32 Version: 3.4.40.0 - Nokia) Hidden
OpenFietsMap (BNLv10-05-2013) (HKLM-x32\...\OpenFietsMap (BNL)) (Version:  - )
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.0.107 - Panda Security)
PathAway GPS 5 for Windows Mobile (HKLM-x32\...\PathAway GPS 5 for Windows Mobile) (Version:  - )
PC Connectivity Solution (HKLM-x32\...\{DA5B2BDC-F654-4A88-A669-4D34BC7846A1}) (Version: 12.0.17.0 - Nokia)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
QuickSteuer 2014 (HKLM-x32\...\{52DD1288-FA17-4062-8280-532C89A7E2F2}) (Version: 20.04.00.0003 - Haufe-Lexware GmbH & Co.KG)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
QuoVadis 7 (HKLM-x32\...\QuoVadis 7_is1) (Version: 7 - Flemming Software Development CC)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Real Time Analyzer (HKLM-x32\...\Real Time Analyzer_is1) (Version: 1.3 - Timo Esser)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6141 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.43 - Piriform)
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SmartSound Quicktracks for Premiere Elements 8.0 (HKLM-x32\...\InstallShield_{4685A344-6718-4923-AA9D-158A0A2E1CFB}) (Version: 3.11.3090 - SmartSound Software Inc)
SmartSound Quicktracks for Premiere Elements 8.0 (x32 Version: 3.11.3090 - SmartSound Software Inc) Hidden
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.13 - Piriform)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
System Checkup 3.4 (HKLM-x32\...\{4AC7B4E7-59B7-4E48-A60D-263C486FC33A}_is1) (Version: 3.4.0.47 - iolo technologies, LLC)
THX TruStudio PC (HKLM-x32\...\{010A785B-F920-4350-821B-6309909C20BB}) (Version: 1.0 - Creative Technology Limited)
Touratech QV 4 (HKLM-x32\...\Touratech QV 4_is1) (Version: 4 - Thomas Flemming, Touratech AG)
TTQV Navteq-Maps 2005Q4 (HKLM-x32\...\TTQV Navteq-Maps_is1) (Version:  - Touratech AG, Niedereschach)
TTQV-Map Europa Serie 200 (HKLM-x32\...\TTQV-Map Europa Serie 200_is1) (Version: 4 - Thomas Flemming, Touratech AG)
Ulead PhotoImpact 8 (HKLM-x32\...\InstallShield_{F101C58C-15CC-42B3-83D1-536CFB960634}) (Version: 8.0 - Ulead System)
Ulead PhotoImpact 8 (x32 Version: 8.0 - Ulead System) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6200 - Broadcom Corporation)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter: Treiberupdate (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert
Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => 
Task: C:\Windows\Tasks\Defraggler Volume C Task.job => 
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => 
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => 

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2010-07-21 13:46 - 2010-07-21 13:46 - 00173856 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2014-05-27 17:31 - 2014-05-08 19:26 - 03145536 _____ () C:\Users\Günter\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2014-12-13 00:24 - 2014-12-13 00:24 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2010-11-17 10:35 - 2010-11-17 10:35 - 00514544 _____ () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
2011-11-11 14:07 - 2011-11-11 14:07 - 00265240 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2011-08-12 12:19 - 2011-08-12 12:19 - 00680984 _____ () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Günter\Downloads\geburtstagsgruß an udo.eml:OECustomProperty

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7867 mehr eingeschränkte Seiten.

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Günter\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Günter\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{E41899B2-C951-4F9C-8F50-C55ACEA0C8C2}] => (Allow) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [{43B65E2F-9BD9-4472-B16D-86A9E3BFD43D}] => (Allow) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [{0FC66207-DD09-44FE-9B16-3887FA4698F6}] => (Allow) c:\Program Files (x86)\Dell\VideoStage\VideoStage.exe
FirewallRules: [{3D66FE33-7768-47EA-9D8E-EF65818EF7C6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{6326CA8F-A859-4E19-B938-2F192EBA5407}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{8289E964-C8CA-4E43-B01C-F131CB392846}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{FBDB4155-46DB-4DD7-ADCC-B7DE97CBBCBE}] => (Allow) LPort=2869
FirewallRules: [{E0E9307E-966C-4D6F-B865-81A2212B3907}] => (Allow) LPort=1900
FirewallRules: [{944FA721-B09E-4DFC-9F16-4D37359C7F32}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{7722C1AB-A88E-4C2F-8A6F-F87637BC87C9}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{27D121AA-BD51-41A4-943A-6E3AAD0532C4}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{85FFE42F-593E-4472-B6BF-B0A1AA7DB0DC}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{264402D7-7A7F-41F4-B146-5480C0EA5F37}] => (Allow) LPort=26675
FirewallRules: [{B2738629-CBA9-41C5-B75A-AA2AAA8659DF}] => (Allow) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
FirewallRules: [{DEDEE668-4BA1-4D33-A3B3-3B7F9B376013}] => (Allow) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
FirewallRules: [TCP Query User{1C539E96-F30F-4C5D-98F1-12A41A9274A7}C:\program files (x86)\logitech\vid hd\vid.exe] => (Block) C:\program files (x86)\logitech\vid hd\vid.exe
FirewallRules: [UDP Query User{B8F03193-3143-4379-AE44-639BDA39B37D}C:\program files (x86)\logitech\vid hd\vid.exe] => (Block) C:\program files (x86)\logitech\vid hd\vid.exe
FirewallRules: [{82BDAAF5-D4FA-4A3D-BDBA-CFD2170F7467}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{11986B09-3F96-40F9-BED3-CD08A6A5DA94}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{594427F1-EDA9-4261-89A5-86D20DB19A89}] => (Allow) LPort=26675
FirewallRules: [{9379F618-D5CC-46AF-B1DD-BDE13D736DD8}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{D95CA1D7-E74C-4233-9F1E-434EE7F5210C}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{D956C328-C1BE-4F1E-BD62-A9E4388E9EBD}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{2EC1FF0F-3293-46E2-AED9-39221AE480F5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3892184A-DC33-4C12-8CF4-0B04FD696E54}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/13/2015 01:47:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm IEXPLORE.EXE, Version 11.0.9600.17937 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2278

Startzeit: 01d0d5bdc5bc226a

Endzeit: 10

Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Berichts-ID:

Error: (08/13/2015 07:52:10 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm IEXPLORE.EXE, Version 11.0.9600.17937 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: e74

Startzeit: 01d0d58c16a38c0c

Endzeit: 12

Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Berichts-ID:

Error: (08/12/2015 11:18:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/12/2015 10:26:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/08/2015 11:30:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GWXUX.exe, Version: 6.3.9600.17923, Zeitstempel: 0x55945dbd
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18869, Zeitstempel: 0x556366f2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000004ada4
ID des fehlerhaften Prozesses: 0x16c8
Startzeit der fehlerhaften Anwendung: 0xGWXUX.exe0
Pfad der fehlerhaften Anwendung: GWXUX.exe1
Pfad des fehlerhaften Moduls: GWXUX.exe2
Berichtskennung: GWXUX.exe3

Error: (08/01/2015 07:41:30 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "J:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

Error: (08/01/2015 12:22:11 AM) (Source: RapiMgr) (EventID: 8) (User: )
Description: communication (0x80072745)-Fehler beim Verbinden des Windows Mobile-basierten Geräts. (Die Daten enthalten den Fehlercode.).

Error: (07/31/2015 11:03:45 PM) (Source: RapiMgr) (EventID: 8) (User: )
Description: communication (0x80072745)-Fehler beim Verbinden des Windows Mobile-basierten Geräts. (Die Daten enthalten den Fehlercode.).

Error: (07/30/2015 11:51:42 AM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "DeviceIoControl(\\?\Volume{d29a9d45-910f-11e0-938c-806e6f6e6963} - 0000000000000074,0x0053c008,000000000039EFD0,0,000000000039FFE0,4096,[0])". hr = 0x80070079, Das Zeitlimit für die Semaphore wurde erreicht.
.


Vorgang:
   EndPrepareSnapshots wird verarbeitet

Kontext:
   Ausführungskontext: System Provider

Error: (07/29/2015 01:35:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


Systemfehler:
=============
Error: (08/15/2015 01:56:10 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 43. Der interne Fehlerstatus lautet: 252.

Error: (08/15/2015 01:17:37 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240020 fehlgeschlagen: Upgrade auf Windows 10 Home

Error: (08/14/2015 04:25:55 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst RasMan erreicht.

Error: (08/14/2015 04:23:45 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (08/14/2015 07:31:25 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240020 fehlgeschlagen: Upgrade auf Windows 10 Home

Error: (08/13/2015 10:36:23 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (08/13/2015 10:36:23 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (08/13/2015 10:30:17 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 43. Der interne Fehlerstatus lautet: 252.

Error: (08/13/2015 10:30:17 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 43. Der interne Fehlerstatus lautet: 252.

Error: (08/13/2015 10:21:41 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 43. Der interne Fehlerstatus lautet: 252.


Microsoft Office:
=========================
Error: (08/13/2015 01:47:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17937227801d0d5bdc5bc226a10C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (08/13/2015 07:52:10 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17937e7401d0d58c16a38c0c12C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (08/12/2015 11:18:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/12/2015 10:26:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/08/2015 11:30:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: GWXUX.exe6.3.9600.1792355945dbdntdll.dll6.1.7601.18869556366f2c0000005000000000004ada416c801d0d1bcceb46f11C:\Windows\System32\GWX\GWXUX.exeC:\Windows\SYSTEM32\ntdll.dll0e0aa126-3db0-11e5-8fb3-782bcb983f04

Error: (08/01/2015 07:41:30 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: J:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)

Error: (08/01/2015 12:22:11 AM) (Source: RapiMgr) (EventID: 8) (User: )
Description: communication (0x80072745)

Error: (07/31/2015 11:03:45 PM) (Source: RapiMgr) (EventID: 8) (User: )
Description: communication (0x80072745)

Error: (07/30/2015 11:51:42 AM) (Source: VSS) (EventID: 12289) (User: )
Description: DeviceIoControl(\\?\Volume{d29a9d45-910f-11e0-938c-806e6f6e6963} - 0000000000000074,0x0053c008,000000000039EFD0,0,000000000039FFE0,4096,[0])0x80070079, Das Zeitlimit für die Semaphore wurde erreicht.


Vorgang:
   EndPrepareSnapshots wird verarbeitet

Kontext:
   Ausführungskontext: System Provider

Error: (07/29/2015 01:35:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity:
===================================
  Date: 2015-07-28 08:12:37.676
  Description: Die Integrität der Datei "\Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-07-28 08:12:37.671
  Description: Die Integrität der Datei "\Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-07-28 08:12:37.665
  Description: Die Integrität der Datei "\Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-07-28 08:12:37.658
  Description: Die Integrität der Datei "\Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-07-28 08:12:37.591
  Description: Die Integrität der Datei "\Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-07-28 08:12:37.585
  Description: Die Integrität der Datei "\Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-07-28 08:12:37.580
  Description: Die Integrität der Datei "\Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-07-28 08:12:37.573
  Description: Die Integrität der Datei "\Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-07-28 08:12:37.507
  Description: Die Integrität der Datei "\Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.

  Date: 2015-07-28 08:12:37.500
  Description: Die Integrität der Datei "\Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.


==================== Speicherinformationen =========================== 

Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 29%
Installierter physikalischer RAM: 8174.41 MB
Verfügbarer physikalischer RAM: 5745.73 MB
Summe virtueller Speicher: 16347.02 MB
Verfügbarer virtueller Speicher: 11006.92 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:1845.61 GB) (Free:1580.56 GB) NTFS

==================== MBR & Partitionstabelle ==================

==================== Ende von Ergebnis ============================
         

Alt 16.08.2015, 18:09   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Email- Konto gehackt? - Standard

Email- Konto gehackt?



hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________

Alt 16.08.2015, 23:55   #3
günni42
 
Email- Konto gehackt? - Standard

Email- Konto gehackt?



Hallo Schrauber,

Nachtrag: GMER

Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-08-15 22:46:34
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-2 Intel___ rev.1.0. 1863,02GB
Running: Gmer-19357.exe; Driver: C:\Users\ADMI_G~1\AppData\Local\Temp\pwdoaaow.sys


---- User code sections - GMER 2.1 ----

.text   C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4364] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                   0000000075a91401 2 bytes JMP 76f7b20b C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4364] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                     0000000075a91419 2 bytes JMP 76f7b336 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4364] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                   0000000075a91431 2 bytes JMP 76ff8f39 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4364] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                   0000000075a9144a 2 bytes CALL 76f54885 C:\Windows\syswow64\kernel32.dll
.text   ...                                                                                                                                                                                                   * 9
.text   C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4364] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                      0000000075a914dd 2 bytes JMP 76ff8832 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4364] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                               0000000075a914f5 2 bytes JMP 76ff8a08 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4364] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                      0000000075a9150d 2 bytes JMP 76ff8728 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4364] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                               0000000075a91525 2 bytes JMP 76ff8af2 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4364] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                     0000000075a9153d 2 bytes JMP 76f6fc98 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4364] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                          0000000075a91555 2 bytes JMP 76f768df C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4364] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                   0000000075a9156d 2 bytes JMP 76ff8ff1 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4364] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                     0000000075a91585 2 bytes JMP 76ff8b52 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4364] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                        0000000075a9159d 2 bytes JMP 76ff86ec C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4364] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                     0000000075a915b5 2 bytes JMP 76f6fd31 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4364] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                   0000000075a915cd 2 bytes JMP 76f7b2cc C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4364] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                               0000000075a916b2 2 bytes JMP 76ff8eb4 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[4364] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                               0000000075a916bd 2 bytes JMP 76ff8681 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5480] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                   0000000075a91401 2 bytes JMP 76f7b20b C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5480] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                     0000000075a91419 2 bytes JMP 76f7b336 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5480] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                   0000000075a91431 2 bytes JMP 76ff8f39 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5480] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                   0000000075a9144a 2 bytes CALL 76f54885 C:\Windows\syswow64\kernel32.dll
.text   ...                                                                                                                                                                                                   * 9
.text   C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5480] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                      0000000075a914dd 2 bytes JMP 76ff8832 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5480] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                               0000000075a914f5 2 bytes JMP 76ff8a08 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5480] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                      0000000075a9150d 2 bytes JMP 76ff8728 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5480] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                               0000000075a91525 2 bytes JMP 76ff8af2 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5480] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                     0000000075a9153d 2 bytes JMP 76f6fc98 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5480] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                          0000000075a91555 2 bytes JMP 76f768df C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5480] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                   0000000075a9156d 2 bytes JMP 76ff8ff1 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5480] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                     0000000075a91585 2 bytes JMP 76ff8b52 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5480] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                        0000000075a9159d 2 bytes JMP 76ff86ec C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5480] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                     0000000075a915b5 2 bytes JMP 76f6fd31 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5480] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                   0000000075a915cd 2 bytes JMP 76f7b2cc C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5480] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                               0000000075a916b2 2 bytes JMP 76ff8eb4 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[5480] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                               0000000075a916bd 2 bytes JMP 76ff8681 C:\Windows\syswow64\kernel32.dll

---- Threads - GMER 2.1 ----

Thread  C:\Windows\system32\svchost.exe [5760:2984]                                                                                                                                                           000007feff33a808

---- Registry - GMER 2.1 ----

Reg     HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c0f8daea49a3                                                                                                                           
Reg     HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c0f8daea49a3@002376a7b2e6                                                                                                              0xBE 0x5C 0x61 0x75 ...
Reg     HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c0f8daea49a3@001122334455                                                                                                              0xF2 0xF4 0xD7 0xCA ...
Reg     HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c0f8daea49a3@000113141a69                                                                                                              0xF4 0x9A 0x42 0xA4 ...
Reg     HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c0f8daea49a3@001dd9eb27a9                                                                                                              0x84 0xD3 0x71 0x2D ...
Reg     HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c0f8daea49a3@1dfe819f6260                                                                                                              0x19 0xFC 0xA2 0x9B ...
Reg     HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c0f8daea49a3@0007619c84b2                                                                                                              0x46 0x8F 0xD8 0x4E ...
Reg     HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c0f8daea49a3 (not active ControlSet)                                                                                                       
Reg     HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c0f8daea49a3@002376a7b2e6                                                                                                                  0xBE 0x5C 0x61 0x75 ...
Reg     HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c0f8daea49a3@001122334455                                                                                                                  0xF2 0xF4 0xD7 0xCA ...
Reg     HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c0f8daea49a3@000113141a69                                                                                                                  0xF4 0x9A 0x42 0xA4 ...
Reg     HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c0f8daea49a3@001dd9eb27a9                                                                                                                  0x84 0xD3 0x71 0x2D ...
Reg     HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c0f8daea49a3@1dfe819f6260                                                                                                                  0x19 0xFC 0xA2 0x9B ...
Reg     HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c0f8daea49a3@0007619c84b2                                                                                                                  0x46 0x8F 0xD8 0x4E ...
Reg     HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@C:\Users\Admi_günter\AppData\Local\Logitech\xae Webcam-Software\Logishrd\LU2.0\LogitechUpdate.exe  1

---- EOF - GMER 2.1 ----
         
Malwarebytes Anti-Rootkit-Scan

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.08.16.03
  rootkit: v2015.08.16.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17959
Admi_günter :: RECHNER_*** [administrator]

16.08.2015 20:21:13
mbar-log-2015-08-16 (20-21-13).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 526443
Time elapsed: 18 minute(s), 57 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         

Der Log von TDSSKiller in den noch folgenden Teilbeiträgen (wegen zu großem Umfang)

Gruß! - günni42

Nachtrag: Report TDSSKiller

Code:
ATTFilter
22:05:11.0611 0x365c  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
22:05:16.0221 0x365c  ============================================================
22:05:16.0221 0x365c  Current date / time: 2015/08/16 22:05:16.0221
22:05:16.0221 0x365c  SystemInfo:
22:05:16.0221 0x365c  
22:05:16.0221 0x365c  OS Version: 6.1.7601 ServicePack: 1.0
22:05:16.0221 0x365c  Product type: Workstation
22:05:16.0221 0x365c  ComputerName: RECHNER_RUG
22:05:16.0221 0x365c  UserName: Admi_günter
22:05:16.0221 0x365c  Windows directory: C:\Windows
22:05:16.0221 0x365c  System windows directory: C:\Windows
22:05:16.0221 0x365c  Running under WOW64
22:05:16.0221 0x365c  Processor architecture: Intel x64
22:05:16.0221 0x365c  Number of processors: 8
22:05:16.0221 0x365c  Page size: 0x1000
22:05:16.0221 0x365c  Boot type: Normal boot
22:05:16.0221 0x365c  ============================================================
22:05:16.0701 0x365c  KLMD registered as C:\Windows\system32\drivers\27365469.sys
22:05:16.0986 0x365c  System UUID: {3DBE4E46-81AA-A90D-DDCD-1A5BE8A86BEB}
22:05:17.0237 0x365c  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1600000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:05:17.0249 0x365c  ============================================================
22:05:17.0249 0x365c  \Device\Harddisk0\DR0:
22:05:17.0249 0x365c  MBR partitions:
22:05:17.0249 0x365c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x52800, BlocksNum 0x227F000
22:05:17.0249 0x365c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x22D1800, BlocksNum 0xE6B39000
22:05:17.0249 0x365c  ============================================================
22:05:17.0320 0x365c  C: <-> \Device\Harddisk0\DR0\Partition2
22:05:17.0321 0x365c  ============================================================
22:05:17.0321 0x365c  Initialize success
22:05:17.0321 0x365c  ============================================================
22:05:24.0941 0x26e0  ============================================================
22:05:24.0941 0x26e0  Scan started
22:05:24.0941 0x26e0  Mode: Manual; 
22:05:24.0941 0x26e0  ============================================================
22:05:24.0941 0x26e0  KSN ping started
22:05:27.0276 0x26e0  KSN ping finished: true
22:05:28.0398 0x26e0  ================ Scan system memory ========================
22:05:28.0398 0x26e0  System memory - ok
22:05:28.0399 0x26e0  ================ Scan services =============================
22:05:28.0557 0x26e0  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
22:05:28.0561 0x26e0  1394ohci - ok
22:05:28.0593 0x26e0  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
22:05:28.0598 0x26e0  ACPI - ok
22:05:28.0621 0x26e0  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
22:05:28.0629 0x26e0  AcpiPmi - ok
22:05:28.0740 0x26e0  [ 765FE0463E711E5A68AC7B69538ED922, A1D31DECBE8F703DB2FAF4B1A10D3B70FBBA0AD776CDC1B813387BFEDAE9D0A0 ] AdobeActiveFileMonitor8.0 c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
22:05:28.0742 0x26e0  AdobeActiveFileMonitor8.0 - ok
22:05:28.0823 0x26e0  [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:05:28.0825 0x26e0  AdobeARMservice - ok
22:05:28.0913 0x26e0  [ 368290D0A612D62DA6F3D798B1BB8FE7, D573BF8543F37BC51B88A2473EDFD28AFBCCC446E8CADD54A90FA48D8739D222 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:05:28.0916 0x26e0  AdobeFlashPlayerUpdateSvc - ok
22:05:28.0943 0x26e0  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
22:05:28.0956 0x26e0  adp94xx - ok
22:05:28.0972 0x26e0  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
22:05:28.0978 0x26e0  adpahci - ok
22:05:29.0003 0x26e0  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
22:05:29.0006 0x26e0  adpu320 - ok
22:05:29.0045 0x26e0  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:05:29.0047 0x26e0  AeLookupSvc - ok
22:05:29.0094 0x26e0  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
22:05:29.0105 0x26e0  AFD - ok
22:05:29.0122 0x26e0  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
22:05:29.0123 0x26e0  agp440 - ok
22:05:29.0151 0x26e0  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
22:05:29.0154 0x26e0  ALG - ok
22:05:29.0182 0x26e0  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
22:05:29.0183 0x26e0  aliide - ok
22:05:29.0222 0x26e0  [ 4EAAAAB8759644D572522FBCDD196A13, EF1ECE8073B048C2286F639BA76C523B6B267B64447358383C042BD593194350 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:05:29.0235 0x26e0  AMD External Events Utility - ok
22:05:29.0253 0x26e0  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
22:05:29.0254 0x26e0  amdide - ok
22:05:29.0266 0x26e0  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
22:05:29.0268 0x26e0  AmdK8 - ok
22:05:29.0489 0x26e0  [ 22A14DF59FB8D0BE918C597988AF4296, 714BD1BB63D732C6D03DFA1C2D81A2E00659C04052E110F0BF1EB74A7CD39B1C ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
22:05:29.0759 0x26e0  amdkmdag - ok
22:05:29.0795 0x26e0  [ EE22D3ED6D55A855E709F811CCCA97ED, 179F34CF6E0C2F821EBC0AECF09AAA0867616CCBB5EA6B17891860B27D56AC66 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
22:05:29.0807 0x26e0  amdkmdap - ok
22:05:29.0814 0x26e0  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
22:05:29.0816 0x26e0  AmdPPM - ok
22:05:29.0840 0x26e0  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
22:05:29.0848 0x26e0  amdsata - ok
22:05:29.0868 0x26e0  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
22:05:29.0873 0x26e0  amdsbs - ok
22:05:29.0888 0x26e0  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
22:05:29.0889 0x26e0  amdxata - ok
22:05:30.0029 0x26e0  [ 9FE1AC875A7AD7B7FF28FEC8B754968D, EEE04D4073E49332C85028B62E8A035EAA2284526A3F3820133492C8F8CBA3D5 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
22:05:30.0048 0x26e0  AntiVirMailService - ok
22:05:30.0110 0x26e0  [ 58FB167B287CAA05F7DD5AA1018FD52C, D9EB68E1C2B99E5F59A0DA4C9FA46E15C6E470F7445E232C03C82790F546A6AA ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
22:05:30.0116 0x26e0  AntiVirSchedulerService - ok
22:05:30.0179 0x26e0  [ 58FB167B287CAA05F7DD5AA1018FD52C, D9EB68E1C2B99E5F59A0DA4C9FA46E15C6E470F7445E232C03C82790F546A6AA ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
22:05:30.0185 0x26e0  AntiVirService - ok
22:05:30.0290 0x26e0  [ F857D22CEC14854D310C5596C8CE6006, 67448C506D3171D327A6CE3952E41BDC65587FEB45F510160A1DAFCA9491711E ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
22:05:30.0316 0x26e0  AntiVirWebService - ok
22:05:30.0356 0x26e0  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
22:05:30.0358 0x26e0  AppID - ok
22:05:30.0398 0x26e0  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:05:30.0406 0x26e0  AppIDSvc - ok
22:05:30.0454 0x26e0  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\Windows\System32\appinfo.dll
22:05:30.0456 0x26e0  Appinfo - ok
22:05:30.0492 0x26e0  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
22:05:30.0495 0x26e0  arc - ok
22:05:30.0517 0x26e0  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
22:05:30.0520 0x26e0  arcsas - ok
22:05:30.0617 0x26e0  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:05:30.0619 0x26e0  aspnet_state - ok
22:05:30.0647 0x26e0  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:05:30.0648 0x26e0  AsyncMac - ok
22:05:30.0665 0x26e0  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
22:05:30.0665 0x26e0  atapi - ok
22:05:30.0684 0x26e0  [ 437F55435623D4D54D36197F5AD8B435, CE004F1E3299E39AFD70C8618253901614C0F3DBD594B6F0E1BA294C7B47FAD6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
22:05:30.0687 0x26e0  AtiHDAudioService - ok
22:05:30.0720 0x26e0  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:05:30.0733 0x26e0  AudioEndpointBuilder - ok
22:05:30.0745 0x26e0  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
22:05:30.0754 0x26e0  AudioSrv - ok
22:05:30.0820 0x26e0  [ 24843902369DC82B4691F816F08F2938, 330E22C6007B10FE9C232BBCA2F388ADA17DEDBAA11BEC2A70377A4466DFB6FA ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
22:05:30.0827 0x26e0  avgntflt - ok
22:05:30.0872 0x26e0  [ 043E5F34C3878C844568658B79B3E55C, D13D8FC5205562E02F252C0EE1AB2236C9212445D6EC3715041EBDF993CB467F ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
22:05:30.0880 0x26e0  avipbb - ok
22:05:30.0941 0x26e0  [ 4B3DBF1CEBE1B2346BF2F8D2251F641A, CDC5BCA35BE658007E29E94E7FBFAA499B50929E738A12904397D16268C6FBAE ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
22:05:30.0944 0x26e0  Avira.ServiceHost - ok
22:05:30.0974 0x26e0  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
22:05:30.0975 0x26e0  avkmgr - ok
22:05:31.0003 0x26e0  [ 13253E5E3B6BDF945B63B336A8C9489B, 671C716E43F89D4BDDAA2BE045CDEBBB569C85BC2BA334E1F550187B79A7740D ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
22:05:31.0005 0x26e0  avnetflt - ok
22:05:31.0035 0x26e0  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:05:31.0038 0x26e0  AxInstSV - ok
22:05:31.0069 0x26e0  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
22:05:31.0077 0x26e0  b06bdrv - ok
22:05:31.0090 0x26e0  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
22:05:31.0095 0x26e0  b57nd60a - ok
22:05:31.0113 0x26e0  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
22:05:31.0116 0x26e0  BDESVC - ok
22:05:31.0141 0x26e0  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:05:31.0141 0x26e0  Beep - ok
22:05:31.0191 0x26e0  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
22:05:31.0204 0x26e0  BFE - ok
22:05:31.0261 0x26e0  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
22:05:31.0281 0x26e0  BITS - ok
22:05:31.0301 0x26e0  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
22:05:31.0303 0x26e0  blbdrive - ok
22:05:31.0321 0x26e0  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:05:31.0323 0x26e0  bowser - ok
22:05:31.0338 0x26e0  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
22:05:31.0342 0x26e0  BrFiltLo - ok
22:05:31.0358 0x26e0  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
22:05:31.0366 0x26e0  BrFiltUp - ok
22:05:31.0394 0x26e0  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
22:05:31.0397 0x26e0  Browser - ok
22:05:31.0414 0x26e0  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
22:05:31.0419 0x26e0  Brserid - ok
22:05:31.0433 0x26e0  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
22:05:31.0434 0x26e0  BrSerWdm - ok
22:05:31.0450 0x26e0  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
22:05:31.0458 0x26e0  BrUsbMdm - ok
22:05:31.0467 0x26e0  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
22:05:31.0468 0x26e0  BrUsbSer - ok
22:05:31.0504 0x26e0  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
22:05:31.0505 0x26e0  BthEnum - ok
22:05:31.0517 0x26e0  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
22:05:31.0519 0x26e0  BTHMODEM - ok
22:05:31.0548 0x26e0  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
22:05:31.0551 0x26e0  BthPan - ok
22:05:31.0595 0x26e0  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
22:05:31.0604 0x26e0  BTHPORT - ok
22:05:31.0620 0x26e0  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
22:05:31.0622 0x26e0  bthserv - ok
22:05:31.0662 0x26e0  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
22:05:31.0664 0x26e0  BTHUSB - ok
22:05:31.0705 0x26e0  [ 7A2CE8C1BF4DAA1F2766E21E9CA11078, 2AF02D206F60F95185894D829D7CC322C4986847153269DE186E11EE2353FBBC ] btwampfl        C:\Windows\system32\drivers\btwampfl.sys
22:05:31.0711 0x26e0  btwampfl - ok
22:05:31.0733 0x26e0  [ A75BF6802A967F5AACECC3C67FEBDF55, 7FD561C3817ABE48121926361ED12943A1EF5C0006689DCE3813697868D763B4 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
22:05:31.0742 0x26e0  btwaudio - ok
22:05:31.0774 0x26e0  [ D895DC213EDBDA5FCC53AAD1F1E0E63B, FF3B483752E45911C267367B102EA0901BE13840FDBA083D0B7FF3379C37B898 ] btwavdt         C:\Windows\system32\DRIVERS\btwavdt.sys
22:05:31.0780 0x26e0  btwavdt - ok
22:05:31.0873 0x26e0  [ 6A667ADAD3C2151131E6A478850762BE, 3A98BFB7E201EBDB55CB7C7332CF7C3D876BE03910FDA24F1146F8AAE4C39DD8 ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
22:05:31.0886 0x26e0  btwdins - ok
22:05:31.0894 0x26e0  [ 07096D2BC22CCB6CEA5A532DF0BE8A75, A9B7F2EFFDF1E4EC0A5DC098F0ED2BE44E271844A4F1CBAD2FA1655DE1E03F6E ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
22:05:31.0895 0x26e0  btwl2cap - ok
22:05:31.0902 0x26e0  [ 6D7AA2BDE0135599C5F230D69DB3B420, 5179F57976B3903B5D45C5B383C691BCB26411B5C98296F99C1F79EF863E1E0A ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
22:05:31.0903 0x26e0  btwrchid - ok
22:05:31.0915 0x26e0  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:05:31.0922 0x26e0  cdfs - ok
22:05:31.0933 0x26e0  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
22:05:31.0935 0x26e0  cdrom - ok
22:05:31.0951 0x26e0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
22:05:31.0953 0x26e0  CertPropSvc - ok
22:05:31.0969 0x26e0  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
22:05:31.0970 0x26e0  circlass - ok
22:05:31.0993 0x26e0  [ 06E1F5228399FC49A8D026DA38DB6784, 5554071E5C55FC7EF3C7C95F0BC565509C3F0C03E0814C98376932A9D1C32AA6 ] cjusb           C:\Windows\system32\DRIVERS\cjusb.sys
22:05:31.0994 0x26e0  cjusb - ok
22:05:32.0041 0x26e0  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
22:05:32.0048 0x26e0  CLFS - ok
22:05:32.0104 0x26e0  [ 730BF325E4CC1E3935B81943AC6DA216, FF6D7C087976D6B431F8799AEF6DFA12F31F6B38D5D70F9A8F03AB01CC58BD58 ] CLKMSVC10_9EC60124 C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe
22:05:32.0109 0x26e0  CLKMSVC10_9EC60124 - ok
22:05:32.0181 0x26e0  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:05:32.0190 0x26e0  clr_optimization_v2.0.50727_32 - ok
22:05:32.0262 0x26e0  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:05:32.0265 0x26e0  clr_optimization_v2.0.50727_64 - ok
22:05:32.0361 0x26e0  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:05:32.0364 0x26e0  clr_optimization_v4.0.30319_32 - ok
22:05:32.0379 0x26e0  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:05:32.0390 0x26e0  clr_optimization_v4.0.30319_64 - ok
22:05:32.0410 0x26e0  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
22:05:32.0411 0x26e0  CmBatt - ok
22:05:32.0430 0x26e0  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:05:32.0436 0x26e0  cmdide - ok
22:05:32.0509 0x26e0  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
22:05:32.0526 0x26e0  CNG - ok
22:05:32.0550 0x26e0  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
22:05:32.0551 0x26e0  Compbatt - ok
22:05:32.0572 0x26e0  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
22:05:32.0573 0x26e0  CompositeBus - ok
22:05:32.0585 0x26e0  COMSysApp - ok
22:05:32.0598 0x26e0  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
22:05:32.0599 0x26e0  crcdisk - ok
22:05:32.0644 0x26e0  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:05:32.0648 0x26e0  CryptSvc - ok
22:05:32.0674 0x26e0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:05:32.0683 0x26e0  DcomLaunch - ok
22:05:32.0707 0x26e0  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
22:05:32.0713 0x26e0  defragsvc - ok
22:05:32.0729 0x26e0  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:05:32.0738 0x26e0  DfsC - ok
22:05:32.0774 0x26e0  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:05:32.0779 0x26e0  Dhcp - ok
22:05:32.0881 0x26e0  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack       C:\Windows\system32\diagtrack.dll
22:05:32.0906 0x26e0  DiagTrack - ok
22:05:32.0921 0x26e0  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
22:05:32.0922 0x26e0  discache - ok
22:05:32.0933 0x26e0  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
22:05:32.0935 0x26e0  Disk - ok
22:05:32.0983 0x26e0  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:05:32.0987 0x26e0  Dnscache - ok
22:05:33.0016 0x26e0  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
22:05:33.0029 0x26e0  dot3svc - ok
22:05:33.0043 0x26e0  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
22:05:33.0047 0x26e0  DPS - ok
22:05:33.0074 0x26e0  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:05:33.0075 0x26e0  drmkaud - ok
22:05:33.0134 0x26e0  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:05:33.0153 0x26e0  DXGKrnl - ok
22:05:33.0158 0x26e0  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
22:05:33.0160 0x26e0  EapHost - ok
22:05:33.0241 0x26e0  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
22:05:33.0312 0x26e0  ebdrv - ok
22:05:33.0346 0x26e0  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] EFS             C:\Windows\System32\lsass.exe
22:05:33.0348 0x26e0  EFS - ok
22:05:33.0446 0x26e0  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
22:05:33.0459 0x26e0  ehRecvr - ok
22:05:33.0493 0x26e0  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
22:05:33.0496 0x26e0  ehSched - ok
22:05:33.0528 0x26e0  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
22:05:33.0541 0x26e0  elxstor - ok
22:05:33.0559 0x26e0  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
22:05:33.0564 0x26e0  ErrDev - ok
22:05:33.0600 0x26e0  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
22:05:33.0607 0x26e0  EventSystem - ok
22:05:33.0638 0x26e0  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
22:05:33.0641 0x26e0  exfat - ok
22:05:33.0661 0x26e0  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:05:33.0669 0x26e0  fastfat - ok
22:05:33.0699 0x26e0  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
22:05:33.0713 0x26e0  Fax - ok
22:05:33.0727 0x26e0  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
22:05:33.0728 0x26e0  fdc - ok
22:05:33.0749 0x26e0  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
22:05:33.0750 0x26e0  fdPHost - ok
22:05:33.0761 0x26e0  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:05:33.0762 0x26e0  FDResPub - ok
22:05:33.0775 0x26e0  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:05:33.0777 0x26e0  FileInfo - ok
22:05:33.0788 0x26e0  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:05:33.0790 0x26e0  Filetrace - ok
22:05:33.0834 0x26e0  [ 8669BE94F63944E4F899C3950B520241, 9991E57B3C366D59BD186CEAA78D4590EDB2BC127250CF4D1522CBE413453E72 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
22:05:33.0857 0x26e0  FLEXnet Licensing Service - ok
22:05:33.0861 0x26e0  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
22:05:33.0862 0x26e0  flpydisk - ok
22:05:33.0881 0x26e0  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:05:33.0885 0x26e0  FltMgr - ok
22:05:33.0966 0x26e0  [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache       C:\Windows\system32\FntCache.dll
22:05:34.0000 0x26e0  FontCache - ok
22:05:34.0040 0x26e0  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:05:34.0042 0x26e0  FontCache3.0.0.0 - ok
22:05:34.0053 0x26e0  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:05:34.0054 0x26e0  FsDepends - ok
22:05:34.0080 0x26e0  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:05:34.0080 0x26e0  Fs_Rec - ok
22:05:34.0107 0x26e0  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:05:34.0112 0x26e0  fvevol - ok
22:05:34.0126 0x26e0  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
22:05:34.0135 0x26e0  gagp30kx - ok
22:05:34.0177 0x26e0  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
22:05:34.0192 0x26e0  gpsvc - ok
22:05:34.0249 0x26e0  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:05:34.0251 0x26e0  gupdate - ok
22:05:34.0269 0x26e0  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:05:34.0271 0x26e0  gupdatem - ok
22:05:34.0341 0x26e0  [ 8298C833C1EE0B271F6E6F50439B8814, 4E5C54423405B2DB2DEDE49DBA2C11C75693AC994236DECAFE50F96B852BF471 ] HCW85BDA        C:\Windows\system32\drivers\HCW85BDA.sys
22:05:34.0369 0x26e0  HCW85BDA - ok
22:05:34.0391 0x26e0  [ C3097DDF0618315438A660CE34CAB4E6, 5A0BA48C7F02DE31A973DE81F7C46F1D4091CE887D46710B58DCDD17804145A3 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir3.sys
22:05:34.0399 0x26e0  hcw85cir - ok
22:05:34.0418 0x26e0  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
22:05:34.0420 0x26e0  HDAudBus - ok
22:05:34.0434 0x26e0  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
22:05:34.0435 0x26e0  HidBatt - ok
22:05:34.0466 0x26e0  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
22:05:34.0468 0x26e0  HidBth - ok
22:05:34.0491 0x26e0  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
22:05:34.0499 0x26e0  HidIr - ok
22:05:34.0514 0x26e0  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
22:05:34.0515 0x26e0  hidserv - ok
22:05:34.0539 0x26e0  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
22:05:34.0540 0x26e0  HidUsb - ok
22:05:34.0560 0x26e0  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:05:34.0563 0x26e0  hkmsvc - ok
22:05:34.0593 0x26e0  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:05:34.0599 0x26e0  HomeGroupListener - ok
22:05:34.0610 0x26e0  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:05:34.0614 0x26e0  HomeGroupProvider - ok
22:05:34.0629 0x26e0  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
22:05:34.0631 0x26e0  HpSAMD - ok
22:05:34.0689 0x26e0  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:05:34.0700 0x26e0  HTTP - ok
22:05:34.0710 0x26e0  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:05:34.0711 0x26e0  hwpolicy - ok
22:05:34.0738 0x26e0  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
22:05:34.0741 0x26e0  i8042prt - ok
22:05:34.0771 0x26e0  [ F7CE9BE72EDAC499B713ECA6DAE5D26F, AF158C8ADF0815C406435AB051C8D8DD0ECBDBA8644CB75D7611980D70662193 ] iaStor          C:\Windows\system32\drivers\iaStor.sys
22:05:34.0777 0x26e0  iaStor - ok
22:05:34.0818 0x26e0  [ B25F192EA1F84A316EB7C19EFCCCF33D, 00BACE87CCA40722FF3AD7243439201CDCC23D0BA01E25F928BF63DA12816F8F ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
22:05:34.0819 0x26e0  IAStorDataMgrSvc - ok
22:05:34.0841 0x26e0  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
22:05:34.0850 0x26e0  iaStorV - ok
22:05:34.0931 0x26e0  [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
22:05:34.0947 0x26e0  IDriverT - ok
22:05:35.0003 0x26e0  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:05:35.0024 0x26e0  idsvc - ok
22:05:35.0040 0x26e0  IEEtwCollectorService - ok
22:05:35.0057 0x26e0  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
22:05:35.0059 0x26e0  iirsp - ok
22:05:35.0089 0x26e0  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
22:05:35.0102 0x26e0  IKEEXT - ok
22:05:35.0124 0x26e0  [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd           C:\Windows\system32\drivers\Impcd.sys
22:05:35.0132 0x26e0  Impcd - ok
22:05:35.0213 0x26e0  [ 235362D403D9D677514649D88DB31914, 522F5BA88169ADEC1EEB595BFBBCD6417DF38CD93A0D2B2FD0AF4C907FF6D965 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:05:35.0265 0x26e0  IntcAzAudAddService - ok
22:05:35.0308 0x26e0  [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
22:05:35.0315 0x26e0  IntcDAud - ok
22:05:35.0344 0x26e0  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
22:05:35.0345 0x26e0  intelide - ok
22:05:35.0373 0x26e0  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:05:35.0374 0x26e0  intelppm - ok
22:05:35.0393 0x26e0  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:05:35.0396 0x26e0  IPBusEnum - ok
22:05:35.0409 0x26e0  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:05:35.0411 0x26e0  IpFilterDriver - ok
22:05:35.0436 0x26e0  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:05:35.0445 0x26e0  iphlpsvc - ok
22:05:35.0458 0x26e0  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
22:05:35.0460 0x26e0  IPMIDRV - ok
22:05:35.0478 0x26e0  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:05:35.0486 0x26e0  IPNAT - ok
22:05:35.0502 0x26e0  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:05:35.0511 0x26e0  IRENUM - ok
22:05:35.0523 0x26e0  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:05:35.0523 0x26e0  isapnp - ok
22:05:35.0549 0x26e0  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
22:05:35.0554 0x26e0  iScsiPrt - ok
22:05:35.0585 0x26e0  [ 12E27942DBB7C91880163634B0D8A776, DEE56DB8993A915E8FC32F9F50FAEED591799B0694655926C4F260EBFB99FC7E ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
22:05:35.0593 0x26e0  k57nd60a - ok
22:05:35.0613 0x26e0  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:05:35.0621 0x26e0  kbdclass - ok
22:05:35.0634 0x26e0  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
22:05:35.0635 0x26e0  kbdhid - ok
22:05:35.0646 0x26e0  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] KeyIso          C:\Windows\system32\lsass.exe
22:05:35.0647 0x26e0  KeyIso - ok
22:05:35.0687 0x26e0  [ 67A1743377EBB5D9A370A8C2086CFDCC, 2F0FD6C1969B1EEEEFFC1A8F972E1E90F1AD9558FF00EC159BC19ED927FD4BF5 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:05:35.0690 0x26e0  KSecDD - ok
22:05:35.0705 0x26e0  [ 522A1595D5701800DD41B2D472F5AAED, B62924AE94A5AC454AD6057BC133D717BB1C6445BE36D6BECAB76E1600F60C33 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:05:35.0709 0x26e0  KSecPkg - ok
22:05:35.0839 0x26e0  [ EFB2614E9142FA4427CE82EE6DC0CA7B, DE67CED09EA1A3B10BF0F3B22B2675844122783AE2523CE01E0BDE2691FC684A ] KSS             C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
22:05:35.0842 0x26e0  KSS - ok
22:05:35.0861 0x26e0  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
22:05:35.0862 0x26e0  ksthunk - ok
22:05:35.0900 0x26e0  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:05:35.0915 0x26e0  KtmRm - ok
22:05:35.0960 0x26e0  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
22:05:35.0965 0x26e0  LanmanServer - ok
22:05:35.0997 0x26e0  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:05:36.0004 0x26e0  LanmanWorkstation - ok
22:05:36.0022 0x26e0  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:05:36.0023 0x26e0  lltdio - ok
22:05:36.0052 0x26e0  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:05:36.0059 0x26e0  lltdsvc - ok
22:05:36.0073 0x26e0  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:05:36.0074 0x26e0  lmhosts - ok
22:05:36.0104 0x26e0  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
22:05:36.0108 0x26e0  LSI_FC - ok
22:05:36.0120 0x26e0  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
22:05:36.0123 0x26e0  LSI_SAS - ok
22:05:36.0135 0x26e0  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
22:05:36.0137 0x26e0  LSI_SAS2 - ok
22:05:36.0167 0x26e0  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
22:05:36.0175 0x26e0  LSI_SCSI - ok
22:05:36.0191 0x26e0  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
22:05:36.0199 0x26e0  luafv - ok
22:05:36.0231 0x26e0  [ 0C85B2B6FB74B36A251792D45E0EF860, 2E04204560C1159ABC25F273B0B7F81FDF9BA5E88C17929FD924C4E945DE5020 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
22:05:36.0243 0x26e0  LVRS64 - ok
22:05:36.0372 0x26e0  [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
22:05:36.0460 0x26e0  LVUVC64 - ok
22:05:36.0525 0x26e0  [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
22:05:36.0527 0x26e0  MBAMProtector - ok
22:05:36.0638 0x26e0  [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
22:05:36.0662 0x26e0  MBAMService - ok
22:05:36.0679 0x26e0  [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
22:05:36.0681 0x26e0  MBAMWebAccessControl - ok
22:05:36.0707 0x26e0  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
22:05:36.0712 0x26e0  Mcx2Svc - ok
22:05:36.0725 0x26e0  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
22:05:36.0726 0x26e0  megasas - ok
22:05:36.0741 0x26e0  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
22:05:36.0747 0x26e0  MegaSR - ok
22:05:36.0779 0x26e0  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
22:05:36.0780 0x26e0  MEIx64 - ok
22:05:36.0827 0x26e0  [ F9CE67E9E0226079B59107B649851F96, 7A55FB58425F2E59B5D400E85E1B271B84295548B8EDA865F7B8C804CB94563C ] MEMSWEEP2       C:\Windows\system32\F492.tmp
22:05:36.0828 0x26e0  MEMSWEEP2 - ok
22:05:36.0847 0x26e0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
22:05:36.0849 0x26e0  MMCSS - ok
22:05:36.0875 0x26e0  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
22:05:36.0876 0x26e0  Modem - ok
22:05:36.0902 0x26e0  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:05:36.0903 0x26e0  monitor - ok
22:05:36.0911 0x26e0  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:05:36.0913 0x26e0  mouclass - ok
22:05:36.0920 0x26e0  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:05:36.0921 0x26e0  mouhid - ok
22:05:36.0964 0x26e0  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:05:36.0974 0x26e0  mountmgr - ok
22:05:36.0978 0x26e0  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:05:36.0982 0x26e0  mpio - ok
22:05:36.0993 0x26e0  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:05:37.0001 0x26e0  mpsdrv - ok
22:05:37.0031 0x26e0  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:05:37.0050 0x26e0  MpsSvc - ok
22:05:37.0067 0x26e0  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:05:37.0070 0x26e0  MRxDAV - ok
22:05:37.0115 0x26e0  [ B2081803D510DCE174992BA880EDCA70, 37DB53C9756EC03EB7165DEB58251615D70B7C86DF32A54DE25ADAF30A04D792 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:05:37.0121 0x26e0  mrxsmb - ok
22:05:37.0165 0x26e0  [ 552FA62B0EFECD22D8D52499324BCA4F, C3A02C9C30C36928AC7B1025496544967187A05BEF5D100B54F2C0155E47145C ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:05:37.0171 0x26e0  mrxsmb10 - ok
22:05:37.0211 0x26e0  [ 97687971F9CB30E2633DE0F1296B9F61, 865DA87523E4C32D65D55D5475A5CDDFA10699780DA500E6D606384FB3BEB1BE ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:05:37.0215 0x26e0  mrxsmb20 - ok
22:05:37.0244 0x26e0  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
22:05:37.0252 0x26e0  msahci - ok
22:05:37.0256 0x26e0  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
22:05:37.0259 0x26e0  msdsm - ok
22:05:37.0276 0x26e0  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
22:05:37.0284 0x26e0  MSDTC - ok
22:05:37.0300 0x26e0  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:05:37.0301 0x26e0  Msfs - ok
22:05:37.0323 0x26e0  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:05:37.0332 0x26e0  mshidkmdf - ok
22:05:37.0343 0x26e0  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:05:37.0343 0x26e0  msisadrv - ok
22:05:37.0371 0x26e0  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:05:37.0375 0x26e0  MSiSCSI - ok
22:05:37.0377 0x26e0  msiserver - ok
22:05:37.0408 0x26e0  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:05:37.0416 0x26e0  MSKSSRV - ok
22:05:37.0428 0x26e0  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:05:37.0429 0x26e0  MSPCLOCK - ok
22:05:37.0439 0x26e0  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:05:37.0447 0x26e0  MSPQM - ok
22:05:37.0467 0x26e0  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:05:37.0482 0x26e0  MsRPC - ok
22:05:37.0517 0x26e0  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
22:05:37.0518 0x26e0  mssmbios - ok
22:05:37.0528 0x26e0  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:05:37.0536 0x26e0  MSTEE - ok
22:05:37.0551 0x26e0  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
22:05:37.0560 0x26e0  MTConfig - ok
22:05:37.0568 0x26e0  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
22:05:37.0570 0x26e0  Mup - ok
22:05:37.0607 0x26e0  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
22:05:37.0621 0x26e0  napagent - ok
22:05:37.0658 0x26e0  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:05:37.0663 0x26e0  NativeWifiP - ok
22:05:37.0713 0x26e0  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:05:37.0727 0x26e0  NDIS - ok
22:05:37.0747 0x26e0  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
22:05:37.0748 0x26e0  NdisCap - ok
22:05:37.0763 0x26e0  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:05:37.0764 0x26e0  NdisTapi - ok
22:05:37.0777 0x26e0  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:05:37.0779 0x26e0  Ndisuio - ok
22:05:37.0795 0x26e0  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:05:37.0803 0x26e0  NdisWan - ok
22:05:37.0823 0x26e0  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:05:37.0824 0x26e0  NDProxy - ok
22:05:37.0827 0x26e0  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:05:37.0828 0x26e0  NetBIOS - ok
22:05:37.0846 0x26e0  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:05:37.0851 0x26e0  NetBT - ok
22:05:37.0854 0x26e0  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] Netlogon        C:\Windows\system32\lsass.exe
22:05:37.0855 0x26e0  Netlogon - ok
22:05:37.0903 0x26e0  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
22:05:37.0912 0x26e0  Netman - ok
22:05:37.0953 0x26e0  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:05:37.0960 0x26e0  NetMsmqActivator - ok
22:05:37.0964 0x26e0  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:05:37.0966 0x26e0  NetPipeActivator - ok
22:05:37.0994 0x26e0  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
22:05:38.0002 0x26e0  netprofm - ok
22:05:38.0005 0x26e0  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:05:38.0008 0x26e0  NetTcpActivator - ok
22:05:38.0011 0x26e0  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:05:38.0013 0x26e0  NetTcpPortSharing - ok
22:05:38.0027 0x26e0  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
22:05:38.0035 0x26e0  nfrd960 - ok
22:05:38.0082 0x26e0  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:05:38.0089 0x26e0  NlaSvc - ok
22:05:38.0128 0x26e0  [ 5FE6F8C05F0769BBB74AFAC11453B182, ACF6026EF8D038B73484AE59FBD03559E1263CE134473D7A8C3F97CF71BC640C ] nmwcd           C:\Windows\system32\drivers\ccdcmbx64.sys
22:05:38.0129 0x26e0  nmwcd - ok
22:05:38.0165 0x26e0  [ 73C929945C0850B8D1FE2FEA05FDF05D, 665FBA777E5EF3F28828D19F2BBCCB778C1C6105BD830C1E29A1C4739663F0D3 ] nmwcdc          C:\Windows\system32\drivers\ccdcmbox64.sys
22:05:38.0166 0x26e0  nmwcdc - ok
22:05:38.0272 0x26e0  [ B9B72FAAAA41D59B73B88FE3DD737ED1, 050E741FB5313523340B19C9C168611222C4AE9A6084FE3E2F908A49EA909A29 ] NOBU            C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
22:05:38.0310 0x26e0  NOBU - ok
22:05:38.0320 0x26e0  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:05:38.0321 0x26e0  Npfs - ok
22:05:38.0351 0x26e0  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
22:05:38.0353 0x26e0  nsi - ok
22:05:38.0355 0x26e0  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:05:38.0356 0x26e0  nsiproxy - ok
22:05:38.0413 0x26e0  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:05:38.0445 0x26e0  Ntfs - ok
22:05:38.0452 0x26e0  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
22:05:38.0452 0x26e0  Null - ok
22:05:38.0465 0x26e0  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:05:38.0468 0x26e0  nvraid - ok
22:05:38.0496 0x26e0  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:05:38.0503 0x26e0  nvstor - ok
22:05:38.0535 0x26e0  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:05:38.0539 0x26e0  nv_agp - ok
22:05:38.0559 0x26e0  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
22:05:38.0561 0x26e0  ohci1394 - ok
22:05:38.0622 0x26e0  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:05:38.0629 0x26e0  ose - ok
22:05:38.0788 0x26e0  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:05:38.0855 0x26e0  osppsvc - ok
22:05:38.0906 0x26e0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:05:38.0912 0x26e0  p2pimsvc - ok
22:05:38.0939 0x26e0  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
22:05:38.0953 0x26e0  p2psvc - ok
22:05:38.0966 0x26e0  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
22:05:38.0969 0x26e0  Parport - ok
22:05:38.0983 0x26e0  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:05:38.0985 0x26e0  partmgr - ok
22:05:39.0027 0x26e0  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:05:39.0032 0x26e0  PcaSvc - ok
22:05:39.0069 0x26e0  [ BC0018C2D29F655188A0ED3FA94FDB24, BCF7F2CA5E30F569AEB69049BA3C196982C72EA7264CFBA59D7123041BA96E5A ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
22:05:39.0070 0x26e0  pccsmcfd - ok
22:05:39.0092 0x26e0  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
22:05:39.0096 0x26e0  pci - ok
22:05:39.0122 0x26e0  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
22:05:39.0122 0x26e0  pciide - ok
22:05:39.0139 0x26e0  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
22:05:39.0144 0x26e0  pcmcia - ok
22:05:39.0154 0x26e0  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
22:05:39.0156 0x26e0  pcw - ok
22:05:39.0257 0x26e0  [ 20372BE109FEE1C37E2D5216680DB9EB, 2C3737FB3C6BCF81D0A7293667412DDEA649A8AEA40B7ADCFCB9893E8B3C4AF3 ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
22:05:39.0275 0x26e0  PDF Architect Helper Service - ok
22:05:39.0331 0x26e0  [ B90A279073A815A4AA2C45A09EE004FA, 9EA27630C47F5FF99CBBE513C113F3ED01FABA0D59B9D9637764027BCC6EA24A ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
22:05:39.0342 0x26e0  PDF Architect Service - ok
22:05:39.0397 0x26e0  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:05:39.0414 0x26e0  PEAUTH - ok
22:05:39.0457 0x26e0  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
22:05:39.0458 0x26e0  PerfHost - ok
22:05:39.0508 0x26e0  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
22:05:39.0532 0x26e0  pla - ok
22:05:39.0565 0x26e0  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:05:39.0574 0x26e0  PlugPlay - ok
22:05:39.0595 0x26e0  [ 0BEE791C7C7ACE453C134E73633C497D, 82B30461DBF40AC15FCE6A83B9BAD2EBD05B27DEA1B784EAA096422FE8927B7B ] pmxdrv          C:\Windows\system32\drivers\pmxdrv.sys
22:05:39.0596 0x26e0  pmxdrv - ok
22:05:39.0604 0x26e0  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:05:39.0613 0x26e0  PNRPAutoReg - ok
22:05:39.0637 0x26e0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:05:39.0642 0x26e0  PNRPsvc - ok
22:05:39.0678 0x26e0  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:05:39.0688 0x26e0  PolicyAgent - ok
22:05:39.0704 0x26e0  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
22:05:39.0708 0x26e0  Power - ok
22:05:39.0734 0x26e0  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:05:39.0738 0x26e0  PptpMiniport - ok
22:05:39.0751 0x26e0  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
22:05:39.0753 0x26e0  Processor - ok
22:05:39.0796 0x26e0  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
22:05:39.0806 0x26e0  ProfSvc - ok
22:05:39.0821 0x26e0  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:05:39.0822 0x26e0  ProtectedStorage - ok
22:05:39.0838 0x26e0  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:05:39.0840 0x26e0  Psched - ok
22:05:39.0885 0x26e0  [ 05A0C2744CEAC6F1B723EC469B650EF0, D9F2E0E4431217C6A7CDE38D36362CD5A06E93B9F45F92638120EF151089B370 ] PSKMAD          C:\Windows\system32\DRIVERS\PSKMAD.sys
22:05:39.0886 0x26e0  PSKMAD - ok
22:05:39.0909 0x26e0  [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
22:05:39.0913 0x26e0  PxHlpa64 - ok
22:05:39.0960 0x26e0  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
22:05:39.0982 0x26e0  ql2300 - ok
22:05:39.0998 0x26e0  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
22:05:40.0001 0x26e0  ql40xx - ok
22:05:40.0028 0x26e0  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
22:05:40.0039 0x26e0  QWAVE - ok
22:05:40.0053 0x26e0  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:05:40.0061 0x26e0  QWAVEdrv - ok
22:05:40.0135 0x26e0  [ A55E7D0D873B2C97585B3B5926AC6ADE, 3BE3895DA7F0888E85B1941525878BA0846A8F215AD39ED8138BB39615468E32 ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
22:05:40.0148 0x26e0  RapiMgr - ok
22:05:40.0167 0x26e0  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:05:40.0176 0x26e0  RasAcd - ok
22:05:40.0207 0x26e0  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
22:05:40.0208 0x26e0  RasAgileVpn - ok
22:05:40.0228 0x26e0  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
22:05:40.0231 0x26e0  RasAuto - ok
22:05:40.0242 0x26e0  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:05:40.0245 0x26e0  Rasl2tp - ok
22:05:40.0282 0x26e0  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
22:05:40.0289 0x26e0  RasMan - ok
22:05:40.0296 0x26e0  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:05:40.0298 0x26e0  RasPppoe - ok
22:05:40.0327 0x26e0  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:05:40.0329 0x26e0  RasSstp - ok
22:05:40.0353 0x26e0  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:05:40.0359 0x26e0  rdbss - ok
22:05:40.0373 0x26e0  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
22:05:40.0374 0x26e0  rdpbus - ok
22:05:40.0386 0x26e0  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:05:40.0386 0x26e0  RDPCDD - ok
22:05:40.0393 0x26e0  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:05:40.0393 0x26e0  RDPENCDD - ok
22:05:40.0416 0x26e0  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
22:05:40.0417 0x26e0  RDPREFMP - ok
22:05:40.0485 0x26e0  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
22:05:40.0494 0x26e0  RdpVideoMiniport - ok
22:05:40.0531 0x26e0  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:05:40.0535 0x26e0  RDPWD - ok
22:05:40.0555 0x26e0  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:05:40.0559 0x26e0  rdyboost - ok
22:05:40.0590 0x26e0  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:05:40.0593 0x26e0  RemoteAccess - ok
22:05:40.0608 0x26e0  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:05:40.0612 0x26e0  RemoteRegistry - ok
22:05:40.0644 0x26e0  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
22:05:40.0647 0x26e0  RFCOMM - ok
22:05:40.0738 0x26e0  [ 3C957189B31C34D3AD21967B12B6AED7, 878FE6EA03F60592D6D557B905A5119E2CC836C2A6A86ED2867C3C9B0F0FDBA2 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
22:05:40.0762 0x26e0  RoxMediaDB12OEM - ok
22:05:40.0793 0x26e0  [ 2B73088CC2CA757A172B425C9398E5BC, 3D296B4D6F66F7729CC48FE54456E6E6D8207DBA7E31D66653566C128E53163B ] RoxWatch12      C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
22:05:40.0797 0x26e0  RoxWatch12 - ok
22:05:40.0815 0x26e0  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:05:40.0823 0x26e0  RpcEptMapper - ok
22:05:40.0845 0x26e0  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
22:05:40.0853 0x26e0  RpcLocator - ok
22:05:40.0869 0x26e0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
22:05:40.0877 0x26e0  RpcSs - ok
22:05:40.0889 0x26e0  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:05:40.0891 0x26e0  rspndr - ok
22:05:40.0893 0x26e0  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] SamSs           C:\Windows\system32\lsass.exe
22:05:40.0895 0x26e0  SamSs - ok
22:05:40.0905 0x26e0  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:05:40.0907 0x26e0  sbp2port - ok
22:05:40.0919 0x26e0  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:05:40.0924 0x26e0  SCardSvr - ok
22:05:40.0932 0x26e0  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:05:40.0933 0x26e0  scfilter - ok
22:05:40.0988 0x26e0  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
22:05:41.0008 0x26e0  Schedule - ok
22:05:41.0039 0x26e0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:05:41.0041 0x26e0  SCPolicySvc - ok
22:05:41.0058 0x26e0  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:05:41.0062 0x26e0  SDRSVC - ok
22:05:41.0169 0x26e0  [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
22:05:41.0193 0x26e0  SDScannerService - ok
22:05:41.0274 0x26e0  [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
22:05:41.0302 0x26e0  SDUpdateService - ok
22:05:41.0322 0x26e0  [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
22:05:41.0325 0x26e0  SDWSCService - ok
22:05:41.0342 0x26e0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:05:41.0342 0x26e0  secdrv - ok
22:05:41.0360 0x26e0  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
22:05:41.0362 0x26e0  seclogon - ok
22:05:41.0365 0x26e0  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
22:05:41.0367 0x26e0  SENS - ok
22:05:41.0381 0x26e0  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:05:41.0383 0x26e0  SensrSvc - ok
22:05:41.0393 0x26e0  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
22:05:41.0394 0x26e0  Serenum - ok
22:05:41.0409 0x26e0  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
22:05:41.0411 0x26e0  Serial - ok
22:05:41.0429 0x26e0  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
22:05:41.0437 0x26e0  sermouse - ok
22:05:41.0518 0x26e0  [ C15B813F2FDB44F87F23312472C6E790, 2AA4024C312D0FFDC7DD2F46D011C8C54085216A3B5FA99FA42312C2E991E141 ] ServiceLayer    C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
22:05:41.0528 0x26e0  ServiceLayer - ok
22:05:41.0553 0x26e0  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
22:05:41.0557 0x26e0  SessionEnv - ok
22:05:41.0578 0x26e0  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
22:05:41.0579 0x26e0  sffdisk - ok
22:05:41.0589 0x26e0  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:05:41.0590 0x26e0  sffp_mmc - ok
22:05:41.0597 0x26e0  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
22:05:41.0598 0x26e0  sffp_sd - ok
22:05:41.0605 0x26e0  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
22:05:41.0613 0x26e0  sfloppy - ok
22:05:41.0681 0x26e0  [ E1974A92AC0914A3859359A0A8C82C68, 4908917F72D6E531B44488F06A05915F0DA9767758E44C886F5F93F46BA79654 ] SftService      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
22:05:41.0691 0x26e0  SftService - ok
22:05:41.0739 0x26e0  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:05:41.0753 0x26e0  SharedAccess - ok
22:05:41.0778 0x26e0  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:05:41.0785 0x26e0  ShellHWDetection - ok
22:05:41.0807 0x26e0  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
22:05:41.0808 0x26e0  SiSRaid2 - ok
22:05:41.0820 0x26e0  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
22:05:41.0822 0x26e0  SiSRaid4 - ok
22:05:41.0896 0x26e0  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
22:05:41.0900 0x26e0  SkypeUpdate - ok
22:05:41.0908 0x26e0  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:05:41.0910 0x26e0  Smb - ok
22:05:41.0914 0x26e0  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:05:41.0915 0x26e0  SNMPTRAP - ok
22:05:41.0924 0x26e0  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
22:05:41.0924 0x26e0  spldr - ok
22:05:41.0952 0x26e0  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
22:05:41.0961 0x26e0  Spooler - ok
22:05:42.0058 0x26e0  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
22:05:42.0131 0x26e0  sppsvc - ok
22:05:42.0150 0x26e0  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
22:05:42.0152 0x26e0  sppuinotify - ok
22:05:42.0183 0x26e0  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:05:42.0192 0x26e0  srv - ok
22:05:42.0202 0x26e0  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:05:42.0208 0x26e0  srv2 - ok
22:05:42.0223 0x26e0  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:05:42.0230 0x26e0  srvnet - ok
22:05:42.0246 0x26e0  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:05:42.0250 0x26e0  SSDPSRV - ok
22:05:42.0263 0x26e0  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:05:42.0265 0x26e0  SstpSvc - ok
22:05:42.0278 0x26e0  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
22:05:42.0279 0x26e0  stexstor - ok
22:05:42.0310 0x26e0  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
22:05:42.0321 0x26e0  stisvc - ok
22:05:42.0356 0x26e0  [ 7731F46EC0D687A931CBA063E8F90EF0, 5CF996A209756B901316C4406C7D3E52ECC9C15A1BDB0D4D9C77846AB29FD040 ] stllssvr        C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
22:05:42.0381 0x26e0  stllssvr - ok
22:05:42.0399 0x26e0  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
22:05:42.0407 0x26e0  swenum - ok
22:05:42.0430 0x26e0  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
22:05:42.0441 0x26e0  swprv - ok
22:05:42.0514 0x26e0  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
22:05:42.0567 0x26e0  SysMain - ok
22:05:42.0589 0x26e0  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:05:42.0593 0x26e0  TabletInputService - ok
22:05:42.0612 0x26e0  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:05:42.0627 0x26e0  TapiSrv - ok
22:05:42.0630 0x26e0  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
22:05:42.0632 0x26e0  TBS - ok
22:05:42.0700 0x26e0  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:05:42.0727 0x26e0  Tcpip - ok
22:05:42.0757 0x26e0  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:05:42.0783 0x26e0  TCPIP6 - ok
22:05:42.0808 0x26e0  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:05:42.0810 0x26e0  tcpipreg - ok
22:05:42.0830 0x26e0  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:05:42.0835 0x26e0  TDPIPE - ok
22:05:42.0858 0x26e0  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:05:42.0859 0x26e0  TDTCP - ok
22:05:42.0903 0x26e0  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:05:42.0912 0x26e0  tdx - ok
22:05:42.0919 0x26e0  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
22:05:42.0921 0x26e0  TermDD - ok
22:05:42.0974 0x26e0  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
22:05:42.0985 0x26e0  TermService - ok
22:05:43.0000 0x26e0  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
22:05:43.0002 0x26e0  Themes - ok
22:05:43.0013 0x26e0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
22:05:43.0015 0x26e0  THREADORDER - ok
22:05:43.0028 0x26e0  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
22:05:43.0031 0x26e0  TrkWks - ok
22:05:43.0079 0x26e0  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:05:43.0083 0x26e0  TrustedInstaller - ok
22:05:43.0094 0x26e0  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:05:43.0096 0x26e0  tssecsrv - ok
22:05:43.0132 0x26e0  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
22:05:43.0134 0x26e0  TsUsbFlt - ok
22:05:43.0161 0x26e0  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
22:05:43.0170 0x26e0  TsUsbGD - ok
22:05:43.0189 0x26e0  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:05:43.0192 0x26e0  tunnel - ok
22:05:43.0210 0x26e0  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
22:05:43.0217 0x26e0  uagp35 - ok
22:05:43.0238 0x26e0  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:05:43.0243 0x26e0  udfs - ok
22:05:43.0254 0x26e0  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:05:43.0256 0x26e0  UI0Detect - ok
22:05:43.0271 0x26e0  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:05:43.0273 0x26e0  uliagpkx - ok
22:05:43.0288 0x26e0  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
22:05:43.0289 0x26e0  umbus - ok
22:05:43.0303 0x26e0  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
22:05:43.0303 0x26e0  UmPass - ok
22:05:43.0381 0x26e0  [ 67A95B9D129ED5399E7965CD09CF30E7, F1F2F684146F1CCB293BB9871117B8CFC1D04588A830F67CE5D3F0D034D93B2A ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
22:05:43.0387 0x26e0  UMVPFSrv - ok
22:05:43.0415 0x26e0  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
22:05:43.0422 0x26e0  upnphost - ok
22:05:43.0446 0x26e0  [ 34AFB83C7BBA370E404E52CC2290350C, 1B3F9DF6C0DA8166FE02D4B2B8E3D5A432FE84A248516D0F5DA9E42076095AB8 ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
22:05:43.0447 0x26e0  upperdev - ok
22:05:43.0483 0x26e0  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
22:05:43.0486 0x26e0  usbaudio - ok
22:05:43.0500 0x26e0  [ 91D3C92A44FC682DD791147604E79152, AA0B6799BF9C26C2C1793C91295288A4989AA43EC5E070B650DA7F0A142817CE ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:05:43.0502 0x26e0  usbccgp - ok
22:05:43.0530 0x26e0  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:05:43.0531 0x26e0  usbcir - ok
22:05:43.0554 0x26e0  [ F7FFDF2A1D19A76A87759126B244C816, C91F09D77E22D976952A46F7B93F611B719EDAF694D538242FA8FAF1BA9BB2F0 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
22:05:43.0555 0x26e0  usbehci - ok
22:05:43.0579 0x26e0  [ 245FE7FC634D6A993E682E0A9EBA4ABB, F7A536D215EE3A63358EC8B5946D7BB3B56357BF91347B07013E00DAC98775B6 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:05:43.0593 0x26e0  usbhub - ok
22:05:43.0614 0x26e0  [ C1A8966E0D09BFB501045105B30D86F2, 5BB95FBA441B898E258A3BFE174FC1042A04C19E25C59DE1FD90594290B11DA9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
22:05:43.0615 0x26e0  usbohci - ok
22:05:43.0627 0x26e0  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
22:05:43.0628 0x26e0  usbprint - ok
22:05:43.0632 0x26e0  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
22:05:43.0634 0x26e0  usbscan - ok
22:05:43.0658 0x26e0  [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser          C:\Windows\system32\drivers\usbser.sys
22:05:43.0659 0x26e0  usbser - ok
22:05:43.0669 0x26e0  [ AA75E1EFBEE7186B4CBAAACF1F15E6CA, D7A3069913CF8A7F281AC2D7C1FA58FA31A05D7E35E93D7588F4B3B18B3377FD ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
22:05:43.0669 0x26e0  UsbserFilt - ok
22:05:43.0689 0x26e0  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:05:43.0692 0x26e0  USBSTOR - ok
22:05:43.0708 0x26e0  [ 2E682DCE4319A90E02A327F8A427544A, 3528C5A4669BAD53041085C3E72C64388D308E42AD9D1FAC85B6F2FFD81610FB ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
22:05:43.0716 0x26e0  usbuhci - ok
22:05:43.0758 0x26e0  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
22:05:43.0759 0x26e0  usb_rndisx - ok
22:05:43.0761 0x26e0  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
22:05:43.0763 0x26e0  UxSms - ok
22:05:43.0771 0x26e0  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] VaultSvc        C:\Windows\system32\lsass.exe
22:05:43.0772 0x26e0  VaultSvc - ok
22:05:43.0782 0x26e0  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:05:43.0783 0x26e0  vdrvroot - ok
22:05:43.0802 0x26e0  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
22:05:43.0810 0x26e0  vds - ok
22:05:43.0835 0x26e0  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:05:43.0836 0x26e0  vga - ok
22:05:43.0838 0x26e0  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:05:43.0839 0x26e0  VgaSave - ok
22:05:43.0858 0x26e0  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
22:05:43.0866 0x26e0  vhdmp - ok
22:05:43.0882 0x26e0  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
22:05:43.0883 0x26e0  viaide - ok
22:05:43.0905 0x26e0  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:05:43.0907 0x26e0  volmgr - ok
22:05:43.0923 0x26e0  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:05:43.0930 0x26e0  volmgrx - ok
22:05:43.0947 0x26e0  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:05:43.0953 0x26e0  volsnap - ok
22:05:43.0972 0x26e0  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
22:05:43.0976 0x26e0  vsmraid - ok
22:05:44.0027 0x26e0  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
22:05:44.0053 0x26e0  VSS - ok
22:05:44.0065 0x26e0  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
22:05:44.0066 0x26e0  vwifibus - ok
22:05:44.0085 0x26e0  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
22:05:44.0092 0x26e0  W32Time - ok
22:05:44.0110 0x26e0  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
22:05:44.0118 0x26e0  WacomPen - ok
22:05:44.0141 0x26e0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
22:05:44.0144 0x26e0  WANARP - ok
22:05:44.0155 0x26e0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:05:44.0156 0x26e0  Wanarpv6 - ok
22:05:44.0201 0x26e0  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
22:05:44.0231 0x26e0  wbengine - ok
22:05:44.0263 0x26e0  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:05:44.0276 0x26e0  WbioSrvc - ok
22:05:44.0308 0x26e0  [ 8BDA6DB43AA54E8BB5E0794541DDC209, 8753C507BE77B019A3403AF5252434A01DB9F9332E58AC3783ABCE3D21AD9DD4 ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
22:05:44.0321 0x26e0  WcesComm - ok
22:05:44.0343 0x26e0  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:05:44.0357 0x26e0  wcncsvc - ok
22:05:44.0370 0x26e0  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:05:44.0378 0x26e0  WcsPlugInService - ok
22:05:44.0381 0x26e0  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
22:05:44.0381 0x26e0  Wd - ok
22:05:44.0421 0x26e0  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:05:44.0433 0x26e0  Wdf01000 - ok
22:05:44.0471 0x26e0  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:05:44.0474 0x26e0  WdiServiceHost - ok
22:05:44.0476 0x26e0  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:05:44.0478 0x26e0  WdiSystemHost - ok
22:05:44.0526 0x26e0  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
22:05:44.0532 0x26e0  WebClient - ok
22:05:44.0544 0x26e0  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:05:44.0549 0x26e0  Wecsvc - ok
22:05:44.0562 0x26e0  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:05:44.0565 0x26e0  wercplsupport - ok
22:05:44.0586 0x26e0  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:05:44.0589 0x26e0  WerSvc - ok
22:05:44.0608 0x26e0  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
22:05:44.0609 0x26e0  WfpLwf - ok
22:05:44.0644 0x26e0  [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
22:05:44.0652 0x26e0  WimFltr - ok
22:05:44.0663 0x26e0  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:05:44.0664 0x26e0  WIMMount - ok
22:05:44.0687 0x26e0  WinDefend - ok
22:05:44.0695 0x26e0  WinHttpAutoProxySvc - ok
22:05:44.0757 0x26e0  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:05:44.0764 0x26e0  Winmgmt - ok
22:05:44.0844 0x26e0  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
22:05:44.0886 0x26e0  WinRM - ok
22:05:44.0947 0x26e0  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:05:44.0966 0x26e0  Wlansvc - ok
22:05:45.0021 0x26e0  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
22:05:45.0029 0x26e0  wlcrasvc - ok
22:05:45.0118 0x26e0  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:05:45.0149 0x26e0  wlidsvc - ok
22:05:45.0161 0x26e0  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
22:05:45.0169 0x26e0  WmiAcpi - ok
22:05:45.0185 0x26e0  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:05:45.0189 0x26e0  wmiApSrv - ok
22:05:45.0221 0x26e0  WMPNetworkSvc - ok
22:05:45.0271 0x26e0  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:05:45.0272 0x26e0  WPCSvc - ok
22:05:45.0317 0x26e0  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:05:45.0321 0x26e0  WPDBusEnum - ok
22:05:45.0330 0x26e0  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:05:45.0332 0x26e0  ws2ifsl - ok
22:05:45.0341 0x26e0  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
22:05:45.0345 0x26e0  wscsvc - ok
22:05:45.0346 0x26e0  WSearch - ok
22:05:45.0439 0x26e0  [ 499034D7F1F6AF49F9EE12F8822793CB, 55D591C4861AF66C6B9201BF78808B2ECE7B79D95C6BB07FF0ED87EFE63DD99E ] wuauserv        C:\Windows\system32\wuaueng.dll
22:05:45.0482 0x26e0  wuauserv - ok
22:05:45.0499 0x26e0  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:05:45.0501 0x26e0  WudfPf - ok
22:05:45.0528 0x26e0  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:05:45.0532 0x26e0  WUDFRd - ok
22:05:45.0565 0x26e0  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:05:45.0568 0x26e0  wudfsvc - ok
22:05:45.0594 0x26e0  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:05:45.0600 0x26e0  WwanSvc - ok
22:05:45.0629 0x26e0  ================ Scan global ===============================
22:05:45.0663 0x26e0  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
22:05:45.0703 0x26e0  [ E80CA72FA43BF258E72C408CEF9839BE, 06482E80F43AD91F4B9E5919A0C50219382213D59EACF9FBAE7AFD7A321F30D2 ] C:\Windows\system32\winsrv.dll
22:05:45.0713 0x26e0  [ E80CA72FA43BF258E72C408CEF9839BE, 06482E80F43AD91F4B9E5919A0C50219382213D59EACF9FBAE7AFD7A321F30D2 ] C:\Windows\system32\winsrv.dll
22:05:45.0744 0x26e0  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
22:05:45.0787 0x26e0  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
         
Fortsetzung im nächsten Teilbeitrag
__________________

Alt 17.08.2015, 00:01   #4
günni42
 
Email- Konto gehackt? - Standard

Email- Konto gehackt?



hier der Rest
Code:
ATTFilter
22:05:45.0801 0x26e0  [ Global ] - ok
22:05:45.0801 0x26e0  ================ Scan MBR ==================================
22:05:45.0816 0x26e0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:05:45.0959 0x26e0  \Device\Harddisk0\DR0 - ok
22:05:45.0959 0x26e0  ================ Scan VBR ==================================
22:05:45.0961 0x26e0  [ 37FD435BE0AA27EB3947661B19EDE7AE ] \Device\Harddisk0\DR0\Partition1
22:05:46.0026 0x26e0  \Device\Harddisk0\DR0\Partition1 - ok
22:05:46.0027 0x26e0  [ 953A27EC4B468FC9629B098EFA1555A8 ] \Device\Harddisk0\DR0\Partition2
22:05:46.0081 0x26e0  \Device\Harddisk0\DR0\Partition2 - ok
22:05:46.0081 0x26e0  ================ Scan generic autorun ======================
22:05:46.0318 0x26e0  [ 8CB8E0C93C5459B45BE1FA628FB0D761, F06830359F11515BA1CA5EC061F5B254E5A4676FBEC8AFAC23B56BB413B7E63F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
22:05:46.0463 0x26e0  RtHDVCpl - ok
22:05:46.0491 0x26e0  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\RunDLL32.exe
22:05:46.0492 0x26e0  RunDLLEntry_THXCfg - ok
22:05:46.0495 0x26e0  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\RunDLL32.exe
22:05:46.0497 0x26e0  RunDLLEntry_EptMon - ok
22:05:46.0528 0x26e0  [ 233A10D4B3F6897899112E4EC60F1906, 1F7E768E57064938114DF2EFC5B219EB0D30A7D9E574924E9CED054462505AF0 ] C:\Windows\WindowsMobile\wmdc.exe
22:05:46.0537 0x26e0  Windows Mobile Device Center - ok
22:05:46.0570 0x26e0  [ C0B97E53A0E39A48EEA2DCD500EEA07A, 111FBD91850E52E61E6A4D8065BF56C9C6B89C55BA6312F726125F1CE4B09EE1 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
22:05:46.0574 0x26e0  IAStorIcon - ok
22:05:46.0604 0x26e0  [ 49916F80B1CCE8B80477999921ED14E4, 9AFB9F53FF642BB19F1BE7B3073EC96C59F22D50BF935846E3622D56A414211B ] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
22:05:46.0608 0x26e0  ShwiconXP9106 - ok
22:05:46.0683 0x26e0  [ 2A5E8DBC310C2FB7511B9AB8E7CFB297, F9522B42BAA4A3B5D325385C8AB7BBDE549AB6420D0F430925A22C61C09FE5B2 ] C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe
22:05:46.0696 0x26e0  THX Audio Control Panel - ok
22:05:46.0719 0x26e0  [ C419DF63E0121D72411285780C2FC6CC, F47F854D327C589D174D3BB5B55D5C05F5ACA73DF52A6BEF47596B9010190291 ] C:\Windows\UpdReg.EXE
22:05:46.0721 0x26e0  UpdReg - ok
22:05:46.0749 0x26e0  [ 88FD47E3BD31BC358AD1EF14E75C7681, 0177A849A8E63122628D42AAB97F29224413B10C5E9720F7ED9E109E509EC7ED ] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
22:05:46.0750 0x26e0  RemoteControl9 - ok
22:05:46.0778 0x26e0  [ A4A59E38A82781985AF76BA2038C78BE, 0E349A07EFC7FB0BB6E9CD3A6B9E72CDA4FD45001EEAB3AAC5D885E2AE0CEF77 ] C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe
22:05:46.0779 0x26e0  PDVD9LanguageShortcut - ok
22:05:46.0793 0x26e0  [ 845BA1CEFFD99B178345E2A5A2CC435C, 7539796035A97DF9B1EEAB23ADC0F2385EBD2A5E11EE72E8DDF76CD14A24DD18 ] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
22:05:46.0794 0x26e0  BDRegion - ok
22:05:46.0874 0x26e0  [ EBE1962DC5EEFC13D20543013A891ABC, E6E993B38267D17EF4FFAD8870817DA0D65405C920177D077FA3FD7B98DB4C3D ] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
22:05:46.0890 0x26e0  Dell DataSafe Online - ok
22:05:46.0944 0x26e0  [ 1196380F7BC5A83193BE66594193C20B, 1CDA7C838548C8B3A92F72643A129C077E3AB0E5EBBC2112A7C22CE3E3A81007 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
22:05:46.0945 0x26e0  Adobe Reader Speed Launcher - ok
22:05:46.0979 0x26e0  [ 6CE36EE8D47C825A8D0C56C846CF636F, 62611B4D1CB67E93BFEFCCE605D33A72C3AF2C362B904B571A9E671A178F73E1 ] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
22:05:46.0982 0x26e0  Launcher - ok
22:05:47.0046 0x26e0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:05:47.0069 0x26e0  Sidebar - ok
22:05:47.0098 0x26e0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:05:47.0105 0x26e0  mctadmin - ok
22:05:47.0123 0x26e0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:05:47.0138 0x26e0  Sidebar - ok
22:05:47.0142 0x26e0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:05:47.0144 0x26e0  mctadmin - ok
22:05:47.0232 0x26e0  [ 16DEFCB5F3FAC44D5EB35B19DA337FE5, CE8531B8FBA4896D4A1AB0C5CCEFC5DF0C74063D717EC9BA386B4E25D7F93651 ] c:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe
22:05:47.0243 0x26e0  CAHeadless - ok
22:05:47.0410 0x26e0  [ 61E3B5BEE1C10954F53DC07282F2A61C, 9B092FE63CAECDAD165B702D45B79D5D06DC879C11FEFFCE62B431712C50A1F2 ] C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
22:05:47.0492 0x26e0  Logitech Vid - ok
22:05:47.0497 0x26e0  msnmsgr - ok
22:05:47.0564 0x26e0  [ 35F8F5B393DBBD9A509868E2012795FA, 315BF201051FBBDA0A2A5DAC308F51E6642870B07DD514AB60B2C8B2A580E9BB ] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
22:05:47.0578 0x26e0  NokiaSuite.exe - ok
22:05:47.0638 0x26e0  [ F82090054C9691B7AB7543B081BDA447, 8769BA4A6A8988B68574857A5BBFB82A5CB3BA5EDFFF7793154B19751B736E8C ] C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe
22:05:47.0647 0x26e0  DataSync Outlook - ok
22:05:47.0699 0x26e0  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
22:05:47.0721 0x26e0  Sidebar - ok
22:05:47.0853 0x26e0  [ D8470A716BE1C02A81F5AD704D43D334, DA2E76AFB6C0F0111CC5B3A83B331D2BCA54CC78C56128D2B90B86FC89E7EAA7 ] C:\Users\Günter\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
22:05:47.0894 0x26e0  Amazon Cloud Player - ok
22:05:48.0047 0x26e0  [ B2BAE2D76FBE9FDC3F6E0D1F886DF367, 964EBF736891BE252C68FCE1F9EAD5E60E6E0C2119D21C6DF49FBD30FBB678EF ] C:\Program Files\CCleaner\CCleaner64.exe
22:05:48.0146 0x26e0  CCleaner Monitoring - ok
22:05:48.0211 0x26e0  [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
22:05:48.0261 0x26e0  SpybotPostWindows10UpgradeReInstall - ok
22:05:48.0385 0x26e0  [ 61E3B5BEE1C10954F53DC07282F2A61C, 9B092FE63CAECDAD165B702D45B79D5D06DC879C11FEFFCE62B431712C50A1F2 ] C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
22:05:48.0466 0x26e0  Logitech Vid - ok
22:05:48.0496 0x26e0  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
22:05:48.0516 0x26e0  Sidebar - ok
22:05:48.0631 0x26e0  [ 61E3B5BEE1C10954F53DC07282F2A61C, 9B092FE63CAECDAD165B702D45B79D5D06DC879C11FEFFCE62B431712C50A1F2 ] C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
22:05:48.0713 0x26e0  Logitech Vid - ok
22:05:48.0733 0x26e0  [ F82090054C9691B7AB7543B081BDA447, 8769BA4A6A8988B68574857A5BBFB82A5CB3BA5EDFFF7793154B19751B736E8C ] C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe
22:05:48.0743 0x26e0  DataSync Outlook - ok
22:05:48.0744 0x26e0  Waiting for KSN requests completion. In queue: 83
22:05:49.0745 0x26e0  Waiting for KSN requests completion. In queue: 83
22:05:50.0745 0x26e0  Waiting for KSN requests completion. In queue: 83
22:05:51.0799 0x26e0  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.12.402 ), 0x40000 ( disabled : updated )
22:05:51.0801 0x26e0  Win FW state via NFP2: enabled ( trusted )
22:05:54.0156 0x26e0  ============================================================
22:05:54.0156 0x26e0  Scan finished
22:05:54.0156 0x26e0  ============================================================
22:05:54.0160 0x2988  Detected object count: 0
22:05:54.0160 0x2988  Actual detected object count: 0
22:06:29.0021 0x2670  ============================================================
22:06:29.0021 0x2670  Scan started
22:06:29.0021 0x2670  Mode: Manual; 
22:06:29.0021 0x2670  ============================================================
22:06:29.0021 0x2670  KSN ping started
22:06:31.0315 0x2670  KSN ping finished: true
22:06:31.0663 0x2670  ================ Scan system memory ========================
22:06:31.0663 0x2670  System memory - ok
22:06:31.0664 0x2670  ================ Scan services =============================
22:06:31.0791 0x2670  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
22:06:31.0794 0x2670  1394ohci - ok
22:06:31.0819 0x2670  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
22:06:31.0823 0x2670  ACPI - ok
22:06:31.0838 0x2670  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
22:06:31.0839 0x2670  AcpiPmi - ok
22:06:31.0949 0x2670  [ 765FE0463E711E5A68AC7B69538ED922, A1D31DECBE8F703DB2FAF4B1A10D3B70FBBA0AD776CDC1B813387BFEDAE9D0A0 ] AdobeActiveFileMonitor8.0 c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
22:06:31.0951 0x2670  AdobeActiveFileMonitor8.0 - ok
22:06:31.0999 0x2670  [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:06:32.0001 0x2670  AdobeARMservice - ok
22:06:32.0072 0x2670  [ 368290D0A612D62DA6F3D798B1BB8FE7, D573BF8543F37BC51B88A2473EDFD28AFBCCC446E8CADD54A90FA48D8739D222 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:06:32.0075 0x2670  AdobeFlashPlayerUpdateSvc - ok
22:06:32.0102 0x2670  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
22:06:32.0109 0x2670  adp94xx - ok
22:06:32.0123 0x2670  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
22:06:32.0128 0x2670  adpahci - ok
22:06:32.0137 0x2670  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
22:06:32.0139 0x2670  adpu320 - ok
22:06:32.0179 0x2670  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:06:32.0180 0x2670  AeLookupSvc - ok
22:06:32.0212 0x2670  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
22:06:32.0219 0x2670  AFD - ok
22:06:32.0231 0x2670  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
22:06:32.0232 0x2670  agp440 - ok
22:06:32.0261 0x2670  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
22:06:32.0262 0x2670  ALG - ok
22:06:32.0283 0x2670  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
22:06:32.0283 0x2670  aliide - ok
22:06:32.0315 0x2670  [ 4EAAAAB8759644D572522FBCDD196A13, EF1ECE8073B048C2286F639BA76C523B6B267B64447358383C042BD593194350 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:06:32.0318 0x2670  AMD External Events Utility - ok
22:06:32.0337 0x2670  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
22:06:32.0337 0x2670  amdide - ok
22:06:32.0350 0x2670  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
22:06:32.0351 0x2670  AmdK8 - ok
22:06:32.0580 0x2670  [ 22A14DF59FB8D0BE918C597988AF4296, 714BD1BB63D732C6D03DFA1C2D81A2E00659C04052E110F0BF1EB74A7CD39B1C ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
22:06:32.0734 0x2670  amdkmdag - ok
22:06:32.0778 0x2670  [ EE22D3ED6D55A855E709F811CCCA97ED, 179F34CF6E0C2F821EBC0AECF09AAA0867616CCBB5EA6B17891860B27D56AC66 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
22:06:32.0786 0x2670  amdkmdap - ok
22:06:32.0798 0x2670  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
22:06:32.0799 0x2670  AmdPPM - ok
22:06:32.0824 0x2670  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
22:06:32.0826 0x2670  amdsata - ok
22:06:32.0844 0x2670  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
22:06:32.0847 0x2670  amdsbs - ok
22:06:32.0855 0x2670  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
22:06:32.0856 0x2670  amdxata - ok
22:06:32.0972 0x2670  [ 9FE1AC875A7AD7B7FF28FEC8B754968D, EEE04D4073E49332C85028B62E8A035EAA2284526A3F3820133492C8F8CBA3D5 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
22:06:32.0984 0x2670  AntiVirMailService - ok
22:06:33.0027 0x2670  [ 58FB167B287CAA05F7DD5AA1018FD52C, D9EB68E1C2B99E5F59A0DA4C9FA46E15C6E470F7445E232C03C82790F546A6AA ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
22:06:33.0034 0x2670  AntiVirSchedulerService - ok
22:06:33.0079 0x2670  [ 58FB167B287CAA05F7DD5AA1018FD52C, D9EB68E1C2B99E5F59A0DA4C9FA46E15C6E470F7445E232C03C82790F546A6AA ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
22:06:33.0086 0x2670  AntiVirService - ok
22:06:33.0149 0x2670  [ F857D22CEC14854D310C5596C8CE6006, 67448C506D3171D327A6CE3952E41BDC65587FEB45F510160A1DAFCA9491711E ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
22:06:33.0166 0x2670  AntiVirWebService - ok
22:06:33.0215 0x2670  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
22:06:33.0216 0x2670  AppID - ok
22:06:33.0257 0x2670  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:06:33.0258 0x2670  AppIDSvc - ok
22:06:33.0305 0x2670  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\Windows\System32\appinfo.dll
22:06:33.0306 0x2670  Appinfo - ok
22:06:33.0326 0x2670  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
22:06:33.0328 0x2670  arc - ok
22:06:33.0340 0x2670  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
22:06:33.0342 0x2670  arcsas - ok
22:06:33.0443 0x2670  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:06:33.0444 0x2670  aspnet_state - ok
22:06:33.0456 0x2670  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:06:33.0457 0x2670  AsyncMac - ok
22:06:33.0479 0x2670  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
22:06:33.0480 0x2670  atapi - ok
22:06:33.0502 0x2670  [ 437F55435623D4D54D36197F5AD8B435, CE004F1E3299E39AFD70C8618253901614C0F3DBD594B6F0E1BA294C7B47FAD6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
22:06:33.0503 0x2670  AtiHDAudioService - ok
22:06:33.0524 0x2670  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:06:33.0534 0x2670  AudioEndpointBuilder - ok
22:06:33.0555 0x2670  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
22:06:33.0564 0x2670  AudioSrv - ok
22:06:33.0587 0x2670  [ 24843902369DC82B4691F816F08F2938, 330E22C6007B10FE9C232BBCA2F388ADA17DEDBAA11BEC2A70377A4466DFB6FA ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
22:06:33.0589 0x2670  avgntflt - ok
22:06:33.0606 0x2670  [ 043E5F34C3878C844568658B79B3E55C, D13D8FC5205562E02F252C0EE1AB2236C9212445D6EC3715041EBDF993CB467F ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
22:06:33.0609 0x2670  avipbb - ok
22:06:33.0667 0x2670  [ 4B3DBF1CEBE1B2346BF2F8D2251F641A, CDC5BCA35BE658007E29E94E7FBFAA499B50929E738A12904397D16268C6FBAE ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
22:06:33.0670 0x2670  Avira.ServiceHost - ok
22:06:33.0700 0x2670  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
22:06:33.0701 0x2670  avkmgr - ok
22:06:33.0712 0x2670  [ 13253E5E3B6BDF945B63B336A8C9489B, 671C716E43F89D4BDDAA2BE045CDEBBB569C85BC2BA334E1F550187B79A7740D ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
22:06:33.0713 0x2670  avnetflt - ok
22:06:33.0744 0x2670  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:06:33.0746 0x2670  AxInstSV - ok
22:06:33.0767 0x2670  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
22:06:33.0773 0x2670  b06bdrv - ok
22:06:33.0788 0x2670  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
22:06:33.0792 0x2670  b57nd60a - ok
22:06:33.0806 0x2670  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
22:06:33.0808 0x2670  BDESVC - ok
22:06:33.0817 0x2670  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:06:33.0817 0x2670  Beep - ok
22:06:33.0847 0x2670  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
22:06:33.0857 0x2670  BFE - ok
22:06:33.0895 0x2670  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
22:06:33.0908 0x2670  BITS - ok
22:06:33.0923 0x2670  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
22:06:33.0924 0x2670  blbdrive - ok
22:06:33.0953 0x2670  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:06:33.0954 0x2670  bowser - ok
22:06:33.0973 0x2670  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
22:06:33.0973 0x2670  BrFiltLo - ok
22:06:33.0987 0x2670  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
22:06:33.0988 0x2670  BrFiltUp - ok
22:06:34.0011 0x2670  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
22:06:34.0014 0x2670  Browser - ok
22:06:34.0031 0x2670  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
22:06:34.0035 0x2670  Brserid - ok
22:06:34.0050 0x2670  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
22:06:34.0051 0x2670  BrSerWdm - ok
22:06:34.0067 0x2670  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
22:06:34.0067 0x2670  BrUsbMdm - ok
22:06:34.0076 0x2670  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
22:06:34.0076 0x2670  BrUsbSer - ok
22:06:34.0088 0x2670  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
22:06:34.0089 0x2670  BthEnum - ok
22:06:34.0103 0x2670  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
22:06:34.0105 0x2670  BTHMODEM - ok
22:06:34.0132 0x2670  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
22:06:34.0134 0x2670  BthPan - ok
22:06:34.0170 0x2670  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
22:06:34.0178 0x2670  BTHPORT - ok
22:06:34.0182 0x2670  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
22:06:34.0183 0x2670  bthserv - ok
22:06:34.0205 0x2670  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
22:06:34.0206 0x2670  BTHUSB - ok
22:06:34.0230 0x2670  [ 7A2CE8C1BF4DAA1F2766E21E9CA11078, 2AF02D206F60F95185894D829D7CC322C4986847153269DE186E11EE2353FBBC ] btwampfl        C:\Windows\system32\drivers\btwampfl.sys
22:06:34.0235 0x2670  btwampfl - ok
22:06:34.0260 0x2670  [ A75BF6802A967F5AACECC3C67FEBDF55, 7FD561C3817ABE48121926361ED12943A1EF5C0006689DCE3813697868D763B4 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
22:06:34.0261 0x2670  btwaudio - ok
22:06:34.0282 0x2670  [ D895DC213EDBDA5FCC53AAD1F1E0E63B, FF3B483752E45911C267367B102EA0901BE13840FDBA083D0B7FF3379C37B898 ] btwavdt         C:\Windows\system32\DRIVERS\btwavdt.sys
22:06:34.0284 0x2670  btwavdt - ok
22:06:34.0372 0x2670  [ 6A667ADAD3C2151131E6A478850762BE, 3A98BFB7E201EBDB55CB7C7332CF7C3D876BE03910FDA24F1146F8AAE4C39DD8 ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
22:06:34.0385 0x2670  btwdins - ok
22:06:34.0394 0x2670  [ 07096D2BC22CCB6CEA5A532DF0BE8A75, A9B7F2EFFDF1E4EC0A5DC098F0ED2BE44E271844A4F1CBAD2FA1655DE1E03F6E ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
22:06:34.0395 0x2670  btwl2cap - ok
22:06:34.0402 0x2670  [ 6D7AA2BDE0135599C5F230D69DB3B420, 5179F57976B3903B5D45C5B383C691BCB26411B5C98296F99C1F79EF863E1E0A ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
22:06:34.0402 0x2670  btwrchid - ok
22:06:34.0415 0x2670  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:06:34.0416 0x2670  cdfs - ok
22:06:34.0431 0x2670  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
22:06:34.0433 0x2670  cdrom - ok
22:06:34.0436 0x2670  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
22:06:34.0438 0x2670  CertPropSvc - ok
22:06:34.0444 0x2670  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
22:06:34.0445 0x2670  circlass - ok
22:06:34.0459 0x2670  [ 06E1F5228399FC49A8D026DA38DB6784, 5554071E5C55FC7EF3C7C95F0BC565509C3F0C03E0814C98376932A9D1C32AA6 ] cjusb           C:\Windows\system32\DRIVERS\cjusb.sys
22:06:34.0460 0x2670  cjusb - ok
22:06:34.0507 0x2670  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
22:06:34.0512 0x2670  CLFS - ok
22:06:34.0571 0x2670  [ 730BF325E4CC1E3935B81943AC6DA216, FF6D7C087976D6B431F8799AEF6DFA12F31F6B38D5D70F9A8F03AB01CC58BD58 ] CLKMSVC10_9EC60124 C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe
22:06:34.0574 0x2670  CLKMSVC10_9EC60124 - ok
22:06:34.0648 0x2670  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:06:34.0649 0x2670  clr_optimization_v2.0.50727_32 - ok
22:06:34.0720 0x2670  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:06:34.0722 0x2670  clr_optimization_v2.0.50727_64 - ok
22:06:34.0786 0x2670  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:06:34.0788 0x2670  clr_optimization_v4.0.30319_32 - ok
22:06:34.0804 0x2670  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:06:34.0806 0x2670  clr_optimization_v4.0.30319_64 - ok
22:06:34.0826 0x2670  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
22:06:34.0827 0x2670  CmBatt - ok
22:06:34.0847 0x2670  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:06:34.0847 0x2670  cmdide - ok
22:06:34.0925 0x2670  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
22:06:34.0932 0x2670  CNG - ok
22:06:34.0941 0x2670  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
22:06:34.0942 0x2670  Compbatt - ok
22:06:34.0947 0x2670  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
22:06:34.0947 0x2670  CompositeBus - ok
22:06:34.0949 0x2670  COMSysApp - ok
22:06:34.0964 0x2670  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
22:06:34.0965 0x2670  crcdisk - ok
22:06:35.0002 0x2670  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:06:35.0005 0x2670  CryptSvc - ok
22:06:35.0032 0x2670  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:06:35.0040 0x2670  DcomLaunch - ok
22:06:35.0066 0x2670  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
22:06:35.0070 0x2670  defragsvc - ok
22:06:35.0087 0x2670  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:06:35.0089 0x2670  DfsC - ok
22:06:35.0107 0x2670  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:06:35.0111 0x2670  Dhcp - ok
22:06:35.0180 0x2670  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack       C:\Windows\system32\diagtrack.dll
22:06:35.0198 0x2670  DiagTrack - ok
22:06:35.0237 0x2670  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
22:06:35.0238 0x2670  discache - ok
22:06:35.0250 0x2670  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
22:06:35.0251 0x2670  Disk - ok
22:06:35.0299 0x2670  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:06:35.0302 0x2670  Dnscache - ok
22:06:35.0333 0x2670  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
22:06:35.0337 0x2670  dot3svc - ok
22:06:35.0351 0x2670  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
22:06:35.0353 0x2670  DPS - ok
22:06:35.0366 0x2670  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:06:35.0366 0x2670  drmkaud - ok
22:06:35.0425 0x2670  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:06:35.0439 0x2670  DXGKrnl - ok
22:06:35.0443 0x2670  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
22:06:35.0445 0x2670  EapHost - ok
22:06:35.0521 0x2670  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
22:06:35.0566 0x2670  ebdrv - ok
22:06:35.0596 0x2670  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] EFS             C:\Windows\System32\lsass.exe
22:06:35.0597 0x2670  EFS - ok
22:06:35.0696 0x2670  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
22:06:35.0706 0x2670  ehRecvr - ok
22:06:35.0719 0x2670  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
22:06:35.0721 0x2670  ehSched - ok
22:06:35.0744 0x2670  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
22:06:35.0751 0x2670  elxstor - ok
22:06:35.0767 0x2670  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
22:06:35.0767 0x2670  ErrDev - ok
22:06:35.0799 0x2670  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
22:06:35.0805 0x2670  EventSystem - ok
22:06:35.0837 0x2670  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
22:06:35.0840 0x2670  exfat - ok
22:06:35.0861 0x2670  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:06:35.0864 0x2670  fastfat - ok
22:06:35.0894 0x2670  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
22:06:35.0904 0x2670  Fax - ok
22:06:35.0918 0x2670  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
22:06:35.0919 0x2670  fdc - ok
22:06:35.0940 0x2670  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
22:06:35.0941 0x2670  fdPHost - ok
22:06:35.0952 0x2670  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:06:35.0953 0x2670  FDResPub - ok
22:06:35.0966 0x2670  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:06:35.0967 0x2670  FileInfo - ok
22:06:35.0972 0x2670  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:06:35.0972 0x2670  Filetrace - ok
22:06:36.0026 0x2670  [ 8669BE94F63944E4F899C3950B520241, 9991E57B3C366D59BD186CEAA78D4590EDB2BC127250CF4D1522CBE413453E72 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
22:06:36.0040 0x2670  FLEXnet Licensing Service - ok
22:06:36.0043 0x2670  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
22:06:36.0044 0x2670  flpydisk - ok
22:06:36.0064 0x2670  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:06:36.0069 0x2670  FltMgr - ok
22:06:36.0141 0x2670  [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache       C:\Windows\system32\FntCache.dll
22:06:36.0157 0x2670  FontCache - ok
22:06:36.0199 0x2670  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:06:36.0199 0x2670  FontCache3.0.0.0 - ok
22:06:36.0211 0x2670  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:06:36.0212 0x2670  FsDepends - ok
22:06:36.0238 0x2670  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:06:36.0238 0x2670  Fs_Rec - ok
22:06:36.0265 0x2670  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:06:36.0268 0x2670  fvevol - ok
22:06:36.0284 0x2670  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
22:06:36.0286 0x2670  gagp30kx - ok
22:06:36.0327 0x2670  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
22:06:36.0338 0x2670  gpsvc - ok
22:06:36.0374 0x2670  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:06:36.0376 0x2670  gupdate - ok
22:06:36.0394 0x2670  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:06:36.0396 0x2670  gupdatem - ok
22:06:36.0458 0x2670  [ 8298C833C1EE0B271F6E6F50439B8814, 4E5C54423405B2DB2DEDE49DBA2C11C75693AC994236DECAFE50F96B852BF471 ] HCW85BDA        C:\Windows\system32\drivers\HCW85BDA.sys
22:06:36.0483 0x2670  HCW85BDA - ok
22:06:36.0507 0x2670  [ C3097DDF0618315438A660CE34CAB4E6, 5A0BA48C7F02DE31A973DE81F7C46F1D4091CE887D46710B58DCDD17804145A3 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir3.sys
22:06:36.0508 0x2670  hcw85cir - ok
22:06:36.0526 0x2670  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
22:06:36.0528 0x2670  HDAudBus - ok
22:06:36.0542 0x2670  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
22:06:36.0543 0x2670  HidBatt - ok
22:06:36.0557 0x2670  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
22:06:36.0559 0x2670  HidBth - ok
22:06:36.0574 0x2670  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
22:06:36.0575 0x2670  HidIr - ok
22:06:36.0588 0x2670  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
22:06:36.0589 0x2670  hidserv - ok
22:06:36.0614 0x2670  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
22:06:36.0614 0x2670  HidUsb - ok
22:06:36.0634 0x2670  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:06:36.0636 0x2670  hkmsvc - ok
22:06:36.0660 0x2670  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:06:36.0663 0x2670  HomeGroupListener - ok
22:06:36.0677 0x2670  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:06:36.0680 0x2670  HomeGroupProvider - ok
22:06:36.0696 0x2670  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
22:06:36.0697 0x2670  HpSAMD - ok
22:06:36.0755 0x2670  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:06:36.0766 0x2670  HTTP - ok
22:06:36.0777 0x2670  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:06:36.0777 0x2670  hwpolicy - ok
22:06:36.0793 0x2670  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
22:06:36.0794 0x2670  i8042prt - ok
22:06:36.0820 0x2670  [ F7CE9BE72EDAC499B713ECA6DAE5D26F, AF158C8ADF0815C406435AB051C8D8DD0ECBDBA8644CB75D7611980D70662193 ] iaStor          C:\Windows\system32\drivers\iaStor.sys
22:06:36.0826 0x2670  iaStor - ok
22:06:36.0860 0x2670  [ B25F192EA1F84A316EB7C19EFCCCF33D, 00BACE87CCA40722FF3AD7243439201CDCC23D0BA01E25F928BF63DA12816F8F ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
22:06:36.0860 0x2670  IAStorDataMgrSvc - ok
22:06:36.0883 0x2670  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
22:06:36.0888 0x2670  iaStorV - ok
22:06:36.0956 0x2670  [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
22:06:36.0957 0x2670  IDriverT - ok
22:06:37.0011 0x2670  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:06:37.0024 0x2670  idsvc - ok
22:06:37.0026 0x2670  IEEtwCollectorService - ok
22:06:37.0040 0x2670  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
22:06:37.0041 0x2670  iirsp - ok
22:06:37.0081 0x2670  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
22:06:37.0093 0x2670  IKEEXT - ok
22:06:37.0116 0x2670  [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd           C:\Windows\system32\drivers\Impcd.sys
22:06:37.0118 0x2670  Impcd - ok
22:06:37.0195 0x2670  [ 235362D403D9D677514649D88DB31914, 522F5BA88169ADEC1EEB595BFBBCD6417DF38CD93A0D2B2FD0AF4C907FF6D965 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:06:37.0228 0x2670  IntcAzAudAddService - ok
22:06:37.0274 0x2670  [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
22:06:37.0279 0x2670  IntcDAud - ok
22:06:37.0302 0x2670  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
22:06:37.0302 0x2670  intelide - ok
22:06:37.0323 0x2670  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:06:37.0324 0x2670  intelppm - ok
22:06:37.0343 0x2670  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:06:37.0345 0x2670  IPBusEnum - ok
22:06:37.0358 0x2670  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:06:37.0360 0x2670  IpFilterDriver - ok
22:06:37.0385 0x2670  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:06:37.0394 0x2670  iphlpsvc - ok
22:06:37.0408 0x2670  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
22:06:37.0409 0x2670  IPMIDRV - ok
22:06:37.0428 0x2670  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:06:37.0429 0x2670  IPNAT - ok
22:06:37.0444 0x2670  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:06:37.0444 0x2670  IRENUM - ok
22:06:37.0456 0x2670  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:06:37.0456 0x2670  isapnp - ok
22:06:37.0482 0x2670  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
22:06:37.0486 0x2670  iScsiPrt - ok
22:06:37.0509 0x2670  [ 12E27942DBB7C91880163634B0D8A776, DEE56DB8993A915E8FC32F9F50FAEED591799B0694655926C4F260EBFB99FC7E ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
22:06:37.0515 0x2670  k57nd60a - ok
22:06:37.0534 0x2670  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:06:37.0534 0x2670  kbdclass - ok
22:06:37.0542 0x2670  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
22:06:37.0543 0x2670  kbdhid - ok
22:06:37.0554 0x2670  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] KeyIso          C:\Windows\system32\lsass.exe
22:06:37.0555 0x2670  KeyIso - ok
22:06:37.0595 0x2670  [ 67A1743377EBB5D9A370A8C2086CFDCC, 2F0FD6C1969B1EEEEFFC1A8F972E1E90F1AD9558FF00EC159BC19ED927FD4BF5 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:06:37.0597 0x2670  KSecDD - ok
22:06:37.0614 0x2670  [ 522A1595D5701800DD41B2D472F5AAED, B62924AE94A5AC454AD6057BC133D717BB1C6445BE36D6BECAB76E1600F60C33 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:06:37.0616 0x2670  KSecPkg - ok
22:06:37.0705 0x2670  [ EFB2614E9142FA4427CE82EE6DC0CA7B, DE67CED09EA1A3B10BF0F3B22B2675844122783AE2523CE01E0BDE2691FC684A ] KSS             C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
22:06:37.0708 0x2670  KSS - ok
22:06:37.0727 0x2670  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
22:06:37.0728 0x2670  ksthunk - ok
22:06:37.0762 0x2670  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:06:37.0767 0x2670  KtmRm - ok
22:06:37.0802 0x2670  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
22:06:37.0806 0x2670  LanmanServer - ok
22:06:37.0839 0x2670  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:06:37.0842 0x2670  LanmanWorkstation - ok
22:06:37.0846 0x2670  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:06:37.0847 0x2670  lltdio - ok
22:06:37.0877 0x2670  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:06:37.0882 0x2670  lltdsvc - ok
22:06:37.0898 0x2670  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:06:37.0899 0x2670  lmhosts - ok
22:06:37.0917 0x2670  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
22:06:37.0918 0x2670  LSI_FC - ok
22:06:37.0928 0x2670  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
22:06:37.0930 0x2670  LSI_SAS - ok
22:06:37.0944 0x2670  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
22:06:37.0945 0x2670  LSI_SAS2 - ok
22:06:37.0961 0x2670  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
22:06:37.0963 0x2670  LSI_SCSI - ok
22:06:37.0983 0x2670  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
22:06:37.0984 0x2670  luafv - ok
22:06:38.0022 0x2670  [ 0C85B2B6FB74B36A251792D45E0EF860, 2E04204560C1159ABC25F273B0B7F81FDF9BA5E88C17929FD924C4E945DE5020 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
22:06:38.0027 0x2670  LVRS64 - ok
22:06:38.0150 0x2670  [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
22:06:38.0217 0x2670  LVUVC64 - ok
22:06:38.0242 0x2670  [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
22:06:38.0243 0x2670  MBAMProtector - ok
22:06:38.0354 0x2670  [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
22:06:38.0370 0x2670  MBAMService - ok
22:06:38.0404 0x2670  [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
22:06:38.0405 0x2670  MBAMWebAccessControl - ok
22:06:38.0431 0x2670  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
22:06:38.0433 0x2670  Mcx2Svc - ok
22:06:38.0450 0x2670  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
22:06:38.0450 0x2670  megasas - ok
22:06:38.0466 0x2670  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
22:06:38.0470 0x2670  MegaSR - ok
22:06:38.0487 0x2670  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
22:06:38.0488 0x2670  MEIx64 - ok
22:06:38.0510 0x2670  [ F9CE67E9E0226079B59107B649851F96, 7A55FB58425F2E59B5D400E85E1B271B84295548B8EDA865F7B8C804CB94563C ] MEMSWEEP2       C:\Windows\system32\F492.tmp
22:06:38.0511 0x2670  MEMSWEEP2 - ok
22:06:38.0530 0x2670  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
22:06:38.0532 0x2670  MMCSS - ok
22:06:38.0558 0x2670  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
22:06:38.0559 0x2670  Modem - ok
22:06:38.0577 0x2670  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:06:38.0578 0x2670  monitor - ok
22:06:38.0586 0x2670  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:06:38.0587 0x2670  mouclass - ok
22:06:38.0595 0x2670  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:06:38.0595 0x2670  mouhid - ok
22:06:38.0639 0x2670  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:06:38.0641 0x2670  mountmgr - ok
22:06:38.0645 0x2670  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:06:38.0648 0x2670  mpio - ok
22:06:38.0660 0x2670  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:06:38.0661 0x2670  mpsdrv - ok
22:06:38.0697 0x2670  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:06:38.0709 0x2670  MpsSvc - ok
22:06:38.0733 0x2670  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:06:38.0735 0x2670  MRxDAV - ok
22:06:38.0773 0x2670  [ B2081803D510DCE174992BA880EDCA70, 37DB53C9756EC03EB7165DEB58251615D70B7C86DF32A54DE25ADAF30A04D792 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:06:38.0775 0x2670  mrxsmb - ok
22:06:38.0822 0x2670  [ 552FA62B0EFECD22D8D52499324BCA4F, C3A02C9C30C36928AC7B1025496544967187A05BEF5D100B54F2C0155E47145C ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:06:38.0827 0x2670  mrxsmb10 - ok
22:06:38.0861 0x2670  [ 97687971F9CB30E2633DE0F1296B9F61, 865DA87523E4C32D65D55D5475A5CDDFA10699780DA500E6D606384FB3BEB1BE ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:06:38.0863 0x2670  mrxsmb20 - ok
22:06:38.0885 0x2670  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
22:06:38.0886 0x2670  msahci - ok
22:06:38.0890 0x2670  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
22:06:38.0893 0x2670  msdsm - ok
22:06:38.0916 0x2670  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
22:06:38.0919 0x2670  MSDTC - ok
22:06:38.0933 0x2670  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:06:38.0934 0x2670  Msfs - ok
22:06:38.0948 0x2670  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:06:38.0949 0x2670  mshidkmdf - ok
22:06:38.0968 0x2670  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:06:38.0968 0x2670  msisadrv - ok
22:06:38.0995 0x2670  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:06:38.0998 0x2670  MSiSCSI - ok
22:06:39.0000 0x2670  msiserver - ok
22:06:39.0008 0x2670  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:06:39.0008 0x2670  MSKSSRV - ok
22:06:39.0020 0x2670  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:06:39.0020 0x2670  MSPCLOCK - ok
22:06:39.0031 0x2670  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:06:39.0031 0x2670  MSPQM - ok
22:06:39.0050 0x2670  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:06:39.0056 0x2670  MsRPC - ok
22:06:39.0075 0x2670  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
22:06:39.0076 0x2670  mssmbios - ok
22:06:39.0086 0x2670  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:06:39.0086 0x2670  MSTEE - ok
22:06:39.0101 0x2670  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
22:06:39.0102 0x2670  MTConfig - ok
22:06:39.0109 0x2670  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
22:06:39.0110 0x2670  Mup - ok
22:06:39.0134 0x2670  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
22:06:39.0141 0x2670  napagent - ok
22:06:39.0166 0x2670  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:06:39.0171 0x2670  NativeWifiP - ok
22:06:39.0213 0x2670  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:06:39.0226 0x2670  NDIS - ok
22:06:39.0255 0x2670  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
22:06:39.0255 0x2670  NdisCap - ok
22:06:39.0279 0x2670  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:06:39.0280 0x2670  NdisTapi - ok
22:06:39.0318 0x2670  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:06:39.0319 0x2670  Ndisuio - ok
22:06:39.0337 0x2670  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:06:39.0339 0x2670  NdisWan - ok
22:06:39.0356 0x2670  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:06:39.0357 0x2670  NDProxy - ok
22:06:39.0360 0x2670  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:06:39.0361 0x2670  NetBIOS - ok
22:06:39.0379 0x2670  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:06:39.0383 0x2670  NetBT - ok
22:06:39.0385 0x2670  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] Netlogon        C:\Windows\system32\lsass.exe
22:06:39.0387 0x2670  Netlogon - ok
22:06:39.0412 0x2670  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
22:06:39.0417 0x2670  Netman - ok
22:06:39.0453 0x2670  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:06:39.0456 0x2670  NetMsmqActivator - ok
22:06:39.0468 0x2670  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:06:39.0470 0x2670  NetPipeActivator - ok
22:06:39.0494 0x2670  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
22:06:39.0501 0x2670  netprofm - ok
22:06:39.0504 0x2670  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:06:39.0507 0x2670  NetTcpActivator - ok
22:06:39.0510 0x2670  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:06:39.0512 0x2670  NetTcpPortSharing - ok
22:06:39.0527 0x2670  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
22:06:39.0527 0x2670  nfrd960 - ok
22:06:39.0574 0x2670  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:06:39.0579 0x2670  NlaSvc - ok
22:06:39.0603 0x2670  [ 5FE6F8C05F0769BBB74AFAC11453B182, ACF6026EF8D038B73484AE59FBD03559E1263CE134473D7A8C3F97CF71BC640C ] nmwcd           C:\Windows\system32\drivers\ccdcmbx64.sys
22:06:39.0603 0x2670  nmwcd - ok
22:06:39.0623 0x2670  [ 73C929945C0850B8D1FE2FEA05FDF05D, 665FBA777E5EF3F28828D19F2BBCCB778C1C6105BD830C1E29A1C4739663F0D3 ] nmwcdc          C:\Windows\system32\drivers\ccdcmbox64.sys
22:06:39.0624 0x2670  nmwcdc - ok
22:06:39.0724 0x2670  [ B9B72FAAAA41D59B73B88FE3DD737ED1, 050E741FB5313523340B19C9C168611222C4AE9A6084FE3E2F908A49EA909A29 ] NOBU            C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
22:06:39.0763 0x2670  NOBU - ok
22:06:39.0770 0x2670  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:06:39.0771 0x2670  Npfs - ok
22:06:39.0801 0x2670  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
22:06:39.0802 0x2670  nsi - ok
22:06:39.0804 0x2670  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:06:39.0805 0x2670  nsiproxy - ok
22:06:39.0864 0x2670  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:06:39.0887 0x2670  Ntfs - ok
22:06:39.0893 0x2670  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
22:06:39.0894 0x2670  Null - ok
22:06:39.0907 0x2670  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:06:39.0909 0x2670  nvraid - ok
22:06:39.0937 0x2670  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:06:39.0940 0x2670  nvstor - ok
22:06:39.0957 0x2670  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:06:39.0959 0x2670  nv_agp - ok
22:06:39.0975 0x2670  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
22:06:39.0976 0x2670  ohci1394 - ok
22:06:40.0014 0x2670  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:06:40.0016 0x2670  ose - ok
22:06:40.0162 0x2670  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:06:40.0230 0x2670  osppsvc - ok
22:06:40.0256 0x2670  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:06:40.0261 0x2670  p2pimsvc - ok
22:06:40.0289 0x2670  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
22:06:40.0296 0x2670  p2psvc - ok
22:06:40.0307 0x2670  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
22:06:40.0309 0x2670  Parport - ok
22:06:40.0324 0x2670  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:06:40.0326 0x2670  partmgr - ok
22:06:40.0369 0x2670  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:06:40.0372 0x2670  PcaSvc - ok
22:06:40.0385 0x2670  [ BC0018C2D29F655188A0ED3FA94FDB24, BCF7F2CA5E30F569AEB69049BA3C196982C72EA7264CFBA59D7123041BA96E5A ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
22:06:40.0386 0x2670  pccsmcfd - ok
22:06:40.0409 0x2670  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
22:06:40.0411 0x2670  pci - ok
22:06:40.0438 0x2670  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
22:06:40.0439 0x2670  pciide - ok
22:06:40.0456 0x2670  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
22:06:40.0459 0x2670  pcmcia - ok
22:06:40.0471 0x2670  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
22:06:40.0472 0x2670  pcw - ok
22:06:40.0540 0x2670  [ 20372BE109FEE1C37E2D5216680DB9EB, 2C3737FB3C6BCF81D0A7293667412DDEA649A8AEA40B7ADCFCB9893E8B3C4AF3 ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
22:06:40.0558 0x2670  PDF Architect Helper Service - ok
22:06:40.0597 0x2670  [ B90A279073A815A4AA2C45A09EE004FA, 9EA27630C47F5FF99CBBE513C113F3ED01FABA0D59B9D9637764027BCC6EA24A ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
22:06:40.0608 0x2670  PDF Architect Service - ok
22:06:40.0664 0x2670  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:06:40.0673 0x2670  PEAUTH - ok
22:06:40.0715 0x2670  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
22:06:40.0716 0x2670  PerfHost - ok
22:06:40.0766 0x2670  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
22:06:40.0786 0x2670  pla - ok
22:06:40.0815 0x2670  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:06:40.0821 0x2670  PlugPlay - ok
22:06:40.0845 0x2670  [ 0BEE791C7C7ACE453C134E73633C497D, 82B30461DBF40AC15FCE6A83B9BAD2EBD05B27DEA1B784EAA096422FE8927B7B ] pmxdrv          C:\Windows\system32\drivers\pmxdrv.sys
22:06:40.0846 0x2670  pmxdrv - ok
22:06:40.0854 0x2670  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:06:40.0855 0x2670  PNRPAutoReg - ok
22:06:40.0878 0x2670  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:06:40.0883 0x2670  PNRPsvc - ok
22:06:40.0920 0x2670  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:06:40.0927 0x2670  PolicyAgent - ok
22:06:40.0938 0x2670  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
22:06:40.0941 0x2670  Power - ok
22:06:40.0951 0x2670  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:06:40.0953 0x2670  PptpMiniport - ok
22:06:40.0968 0x2670  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
22:06:40.0969 0x2670  Processor - ok
22:06:41.0013 0x2670  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
22:06:41.0016 0x2670  ProfSvc - ok
22:06:41.0019 0x2670  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:06:41.0020 0x2670  ProtectedStorage - ok
22:06:41.0038 0x2670  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:06:41.0040 0x2670  Psched - ok
22:06:41.0076 0x2670  [ 05A0C2744CEAC6F1B723EC469B650EF0, D9F2E0E4431217C6A7CDE38D36362CD5A06E93B9F45F92638120EF151089B370 ] PSKMAD          C:\Windows\system32\DRIVERS\PSKMAD.sys
22:06:41.0077 0x2670  PSKMAD - ok
22:06:41.0101 0x2670  [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
22:06:41.0102 0x2670  PxHlpa64 - ok
22:06:41.0147 0x2670  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
22:06:41.0168 0x2670  ql2300 - ok
22:06:41.0184 0x2670  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
22:06:41.0201 0x2670  ql40xx - ok
22:06:41.0227 0x2670  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
22:06:41.0232 0x2670  QWAVE - ok
22:06:41.0244 0x2670  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:06:41.0245 0x2670  QWAVEdrv - ok
22:06:41.0351 0x2670  [ A55E7D0D873B2C97585B3B5926AC6ADE, 3BE3895DA7F0888E85B1941525878BA0846A8F215AD39ED8138BB39615468E32 ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
22:06:41.0355 0x2670  RapiMgr - ok
22:06:41.0367 0x2670  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:06:41.0368 0x2670  RasAcd - ok
22:06:41.0381 0x2670  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
22:06:41.0383 0x2670  RasAgileVpn - ok
22:06:41.0403 0x2670  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
22:06:41.0405 0x2670  RasAuto - ok
22:06:41.0416 0x2670  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:06:41.0418 0x2670  Rasl2tp - ok
22:06:41.0457 0x2670  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
22:06:41.0463 0x2670  RasMan - ok
22:06:41.0471 0x2670  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:06:41.0472 0x2670  RasPppoe - ok
22:06:41.0485 0x2670  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:06:41.0486 0x2670  RasSstp - ok
22:06:41.0509 0x2670  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:06:41.0514 0x2670  rdbss - ok
22:06:41.0531 0x2670  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
22:06:41.0532 0x2670  rdpbus - ok
22:06:41.0544 0x2670  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:06:41.0544 0x2670  RDPCDD - ok
22:06:41.0547 0x2670  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:06:41.0547 0x2670  RDPENCDD - ok
22:06:41.0558 0x2670  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
22:06:41.0558 0x2670  RDPREFMP - ok
22:06:41.0628 0x2670  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
22:06:41.0629 0x2670  RdpVideoMiniport - ok
22:06:41.0665 0x2670  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:06:41.0669 0x2670  RDPWD - ok
22:06:41.0689 0x2670  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:06:41.0692 0x2670  rdyboost - ok
22:06:41.0708 0x2670  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:06:41.0710 0x2670  RemoteAccess - ok
22:06:41.0725 0x2670  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:06:41.0728 0x2670  RemoteRegistry - ok
22:06:41.0761 0x2670  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
22:06:41.0763 0x2670  RFCOMM - ok
22:06:41.0855 0x2670  [ 3C957189B31C34D3AD21967B12B6AED7, 878FE6EA03F60592D6D557B905A5119E2CC836C2A6A86ED2867C3C9B0F0FDBA2 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
22:06:41.0870 0x2670  RoxMediaDB12OEM - ok
22:06:41.0894 0x2670  [ 2B73088CC2CA757A172B425C9398E5BC, 3D296B4D6F66F7729CC48FE54456E6E6D8207DBA7E31D66653566C128E53163B ] RoxWatch12      C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
22:06:41.0897 0x2670  RoxWatch12 - ok
22:06:41.0915 0x2670  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:06:41.0917 0x2670  RpcEptMapper - ok
22:06:41.0929 0x2670  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
22:06:41.0929 0x2670  RpcLocator - ok
22:06:41.0945 0x2670  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
22:06:41.0953 0x2670  RpcSs - ok
22:06:41.0965 0x2670  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:06:41.0966 0x2670  rspndr - ok
22:06:41.0968 0x2670  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] SamSs           C:\Windows\system32\lsass.exe
22:06:41.0970 0x2670  SamSs - ok
22:06:41.0981 0x2670  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:06:41.0983 0x2670  sbp2port - ok
22:06:41.0988 0x2670  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:06:41.0992 0x2670  SCardSvr - ok
22:06:42.0004 0x2670  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:06:42.0005 0x2670  scfilter - ok
22:06:42.0044 0x2670  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
22:06:42.0060 0x2670  Schedule - ok
22:06:42.0090 0x2670  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:06:42.0092 0x2670  SCPolicySvc - ok
22:06:42.0101 0x2670  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:06:42.0104 0x2670  SDRSVC - ok
22:06:42.0203 0x2670  [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
22:06:42.0227 0x2670  SDScannerService - ok
22:06:42.0283 0x2670  [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
22:06:42.0311 0x2670  SDUpdateService - ok
22:06:42.0331 0x2670  [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
22:06:42.0334 0x2670  SDWSCService - ok
22:06:42.0351 0x2670  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:06:42.0351 0x2670  secdrv - ok
22:06:42.0369 0x2670  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
22:06:42.0370 0x2670  seclogon - ok
22:06:42.0374 0x2670  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
22:06:42.0376 0x2670  SENS - ok
22:06:42.0382 0x2670  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:06:42.0383 0x2670  SensrSvc - ok
22:06:42.0394 0x2670  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
22:06:42.0394 0x2670  Serenum - ok
22:06:42.0410 0x2670  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
22:06:42.0411 0x2670  Serial - ok
22:06:42.0421 0x2670  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
22:06:42.0422 0x2670  sermouse - ok
22:06:42.0477 0x2670  [ C15B813F2FDB44F87F23312472C6E790, 2AA4024C312D0FFDC7DD2F46D011C8C54085216A3B5FA99FA42312C2E991E141 ] ServiceLayer    C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
22:06:42.0487 0x2670  ServiceLayer - ok
22:06:42.0504 0x2670  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
22:06:42.0507 0x2670  SessionEnv - ok
22:06:42.0529 0x2670  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
22:06:42.0529 0x2670  sffdisk - ok
22:06:42.0540 0x2670  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:06:42.0540 0x2670  sffp_mmc - ok
22:06:42.0548 0x2670  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
22:06:42.0548 0x2670  sffp_sd - ok
22:06:42.0564 0x2670  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
22:06:42.0564 0x2670  sfloppy - ok
22:06:42.0632 0x2670  [ E1974A92AC0914A3859359A0A8C82C68, 4908917F72D6E531B44488F06A05915F0DA9767758E44C886F5F93F46BA79654 ] SftService      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
22:06:42.0642 0x2670  SftService - ok
22:06:42.0681 0x2670  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:06:42.0687 0x2670  SharedAccess - ok
22:06:42.0713 0x2670  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:06:42.0718 0x2670  ShellHWDetection - ok
22:06:42.0733 0x2670  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
22:06:42.0734 0x2670  SiSRaid2 - ok
22:06:42.0746 0x2670  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
22:06:42.0747 0x2670  SiSRaid4 - ok
22:06:42.0845 0x2670  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
22:06:42.0850 0x2670  SkypeUpdate - ok
22:06:42.0877 0x2670  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:06:42.0878 0x2670  Smb - ok
22:06:42.0882 0x2670  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:06:42.0883 0x2670  SNMPTRAP - ok
22:06:42.0899 0x2670  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
22:06:42.0900 0x2670  spldr - ok
22:06:42.0960 0x2670  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
22:06:42.0969 0x2670  Spooler - ok
22:06:43.0059 0x2670  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
22:06:43.0108 0x2670  sppsvc - ok
22:06:43.0134 0x2670  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
22:06:43.0136 0x2670  sppuinotify - ok
22:06:43.0168 0x2670  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:06:43.0175 0x2670  srv - ok
22:06:43.0210 0x2670  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:06:43.0216 0x2670  srv2 - ok
22:06:43.0249 0x2670  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:06:43.0252 0x2670  srvnet - ok
22:06:43.0258 0x2670  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:06:43.0261 0x2670  SSDPSRV - ok
22:06:43.0272 0x2670  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:06:43.0274 0x2670  SstpSvc - ok
22:06:43.0287 0x2670  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
22:06:43.0288 0x2670  stexstor - ok
22:06:43.0310 0x2670  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
22:06:43.0319 0x2670  stisvc - ok
22:06:43.0349 0x2670  [ 7731F46EC0D687A931CBA063E8F90EF0, 5CF996A209756B901316C4406C7D3E52ECC9C15A1BDB0D4D9C77846AB29FD040 ] stllssvr        C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
22:06:43.0350 0x2670  stllssvr - ok
22:06:43.0366 0x2670  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
22:06:43.0367 0x2670  swenum - ok
22:06:43.0389 0x2670  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
22:06:43.0397 0x2670  swprv - ok
22:06:43.0468 0x2670  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
22:06:43.0492 0x2670  SysMain - ok
22:06:43.0507 0x2670  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:06:43.0509 0x2670  TabletInputService - ok
22:06:43.0537 0x2670  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:06:43.0542 0x2670  TapiSrv - ok
22:06:43.0546 0x2670  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
22:06:43.0547 0x2670  TBS - ok
22:06:43.0618 0x2670  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:06:43.0644 0x2670  Tcpip - ok
22:06:43.0675 0x2670  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:06:43.0701 0x2670  TCPIP6 - ok
22:06:43.0726 0x2670  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:06:43.0727 0x2670  tcpipreg - ok
22:06:43.0739 0x2670  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:06:43.0740 0x2670  TDPIPE - ok
22:06:43.0759 0x2670  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:06:43.0759 0x2670  TDTCP - ok
22:06:43.0805 0x2670  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:06:43.0806 0x2670  tdx - ok
22:06:43.0812 0x2670  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
22:06:43.0813 0x2670  TermDD - ok
22:06:43.0867 0x2670  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
22:06:43.0877 0x2670  TermService - ok
22:06:43.0884 0x2670  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
22:06:43.0886 0x2670  Themes - ok
22:06:43.0898 0x2670  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
22:06:43.0899 0x2670  THREADORDER - ok
22:06:43.0912 0x2670  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
22:06:43.0914 0x2670  TrkWks - ok
22:06:43.0963 0x2670  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:06:43.0966 0x2670  TrustedInstaller - ok
22:06:43.0979 0x2670  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:06:43.0979 0x2670  tssecsrv - ok
22:06:44.0016 0x2670  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
22:06:44.0017 0x2670  TsUsbFlt - ok
22:06:44.0046 0x2670  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
22:06:44.0046 0x2670  TsUsbGD - ok
22:06:44.0058 0x2670  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:06:44.0060 0x2670  tunnel - ok
22:06:44.0077 0x2670  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
22:06:44.0078 0x2670  uagp35 - ok
22:06:44.0101 0x2670  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:06:44.0106 0x2670  udfs - ok
22:06:44.0121 0x2670  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:06:44.0123 0x2670  UI0Detect - ok
22:06:44.0132 0x2670  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:06:44.0133 0x2670  uliagpkx - ok
22:06:44.0147 0x2670  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
22:06:44.0148 0x2670  umbus - ok
22:06:44.0162 0x2670  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
22:06:44.0162 0x2670  UmPass - ok
22:06:44.0217 0x2670  [ 67A95B9D129ED5399E7965CD09CF30E7, F1F2F684146F1CCB293BB9871117B8CFC1D04588A830F67CE5D3F0D034D93B2A ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
22:06:44.0223 0x2670  UMVPFSrv - ok
22:06:44.0249 0x2670  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
22:06:44.0255 0x2670  upnphost - ok
22:06:44.0280 0x2670  [ 34AFB83C7BBA370E404E52CC2290350C, 1B3F9DF6C0DA8166FE02D4B2B8E3D5A432FE84A248516D0F5DA9E42076095AB8 ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
22:06:44.0281 0x2670  upperdev - ok
22:06:44.0309 0x2670  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
22:06:44.0311 0x2670  usbaudio - ok
22:06:44.0333 0x2670  [ 91D3C92A44FC682DD791147604E79152, AA0B6799BF9C26C2C1793C91295288A4989AA43EC5E070B650DA7F0A142817CE ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:06:44.0335 0x2670  usbccgp - ok
22:06:44.0356 0x2670  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:06:44.0357 0x2670  usbcir - ok
22:06:44.0380 0x2670  [ F7FFDF2A1D19A76A87759126B244C816, C91F09D77E22D976952A46F7B93F611B719EDAF694D538242FA8FAF1BA9BB2F0 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
22:06:44.0381 0x2670  usbehci - ok
22:06:44.0405 0x2670  [ 245FE7FC634D6A993E682E0A9EBA4ABB, F7A536D215EE3A63358EC8B5946D7BB3B56357BF91347B07013E00DAC98775B6 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:06:44.0410 0x2670  usbhub - ok
22:06:44.0432 0x2670  [ C1A8966E0D09BFB501045105B30D86F2, 5BB95FBA441B898E258A3BFE174FC1042A04C19E25C59DE1FD90594290B11DA9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
22:06:44.0432 0x2670  usbohci - ok
22:06:44.0444 0x2670  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
22:06:44.0445 0x2670  usbprint - ok
22:06:44.0450 0x2670  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
22:06:44.0450 0x2670  usbscan - ok
22:06:44.0458 0x2670  [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser          C:\Windows\system32\drivers\usbser.sys
22:06:44.0459 0x2670  usbser - ok
22:06:44.0478 0x2670  [ AA75E1EFBEE7186B4CBAAACF1F15E6CA, D7A3069913CF8A7F281AC2D7C1FA58FA31A05D7E35E93D7588F4B3B18B3377FD ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
22:06:44.0478 0x2670  UsbserFilt - ok
22:06:44.0499 0x2670  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:06:44.0500 0x2670  USBSTOR - ok
22:06:44.0517 0x2670  [ 2E682DCE4319A90E02A327F8A427544A, 3528C5A4669BAD53041085C3E72C64388D308E42AD9D1FAC85B6F2FFD81610FB ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
22:06:44.0517 0x2670  usbuhci - ok
22:06:44.0542 0x2670  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
22:06:44.0543 0x2670  usb_rndisx - ok
22:06:44.0548 0x2670  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
22:06:44.0550 0x2670  UxSms - ok
22:06:44.0552 0x2670  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] VaultSvc        C:\Windows\system32\lsass.exe
22:06:44.0553 0x2670  VaultSvc - ok
22:06:44.0566 0x2670  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:06:44.0567 0x2670  vdrvroot - ok
22:06:44.0586 0x2670  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
22:06:44.0594 0x2670  vds - ok
22:06:44.0603 0x2670  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:06:44.0603 0x2670  vga - ok
22:06:44.0605 0x2670  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:06:44.0606 0x2670  VgaSave - ok
22:06:44.0626 0x2670  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
22:06:44.0629 0x2670  vhdmp - ok
22:06:44.0641 0x2670  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
22:06:44.0642 0x2670  viaide - ok
22:06:44.0664 0x2670  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:06:44.0666 0x2670  volmgr - ok
22:06:44.0682 0x2670  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:06:44.0687 0x2670  volmgrx - ok
22:06:44.0705 0x2670  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:06:44.0709 0x2670  volsnap - ok
22:06:44.0723 0x2670  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
22:06:44.0725 0x2670  vsmraid - ok
22:06:44.0770 0x2670  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
22:06:44.0793 0x2670  VSS - ok
22:06:44.0808 0x2670  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
22:06:44.0808 0x2670  vwifibus - ok
22:06:44.0828 0x2670  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
22:06:44.0834 0x2670  W32Time - ok
22:06:44.0853 0x2670  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
22:06:44.0853 0x2670  WacomPen - ok
22:06:44.0867 0x2670  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
22:06:44.0869 0x2670  WANARP - ok
22:06:44.0872 0x2670  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:06:44.0874 0x2670  Wanarpv6 - ok
22:06:44.0928 0x2670  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
22:06:44.0949 0x2670  wbengine - ok
22:06:44.0969 0x2670  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:06:44.0973 0x2670  WbioSrvc - ok
22:06:44.0996 0x2670  [ 8BDA6DB43AA54E8BB5E0794541DDC209, 8753C507BE77B019A3403AF5252434A01DB9F9332E58AC3783ABCE3D21AD9DD4 ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
22:06:45.0002 0x2670  WcesComm - ok
22:06:45.0042 0x2670  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:06:45.0047 0x2670  wcncsvc - ok
22:06:45.0063 0x2670  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:06:45.0064 0x2670  WcsPlugInService - ok
22:06:45.0078 0x2670  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
22:06:45.0078 0x2670  Wd - ok
22:06:45.0122 0x2670  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:06:45.0133 0x2670  Wdf01000 - ok
22:06:45.0171 0x2670  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:06:45.0174 0x2670  WdiServiceHost - ok
22:06:45.0195 0x2670  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:06:45.0198 0x2670  WdiSystemHost - ok
22:06:45.0243 0x2670  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
22:06:45.0247 0x2670  WebClient - ok
22:06:45.0261 0x2670  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:06:45.0265 0x2670  Wecsvc - ok
22:06:45.0272 0x2670  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:06:45.0274 0x2670  wercplsupport - ok
22:06:45.0282 0x2670  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:06:45.0285 0x2670  WerSvc - ok
22:06:45.0300 0x2670  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
22:06:45.0301 0x2670  WfpLwf - ok
22:06:45.0328 0x2670  [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
22:06:45.0330 0x2670  WimFltr - ok
22:06:45.0339 0x2670  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:06:45.0340 0x2670  WIMMount - ok
22:06:45.0363 0x2670  WinDefend - ok
22:06:45.0366 0x2670  WinHttpAutoProxySvc - ok
22:06:45.0424 0x2670  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:06:45.0428 0x2670  Winmgmt - ok
22:06:45.0512 0x2670  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
22:06:45.0541 0x2670  WinRM - ok
22:06:45.0590 0x2670  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:06:45.0603 0x2670  Wlansvc - ok
22:06:45.0655 0x2670  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
22:06:45.0656 0x2670  wlcrasvc - ok
22:06:45.0736 0x2670  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:06:45.0767 0x2670  wlidsvc - ok
22:06:45.0778 0x2670  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
22:06:45.0779 0x2670  WmiAcpi - ok
22:06:45.0803 0x2670  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:06:45.0806 0x2670  wmiApSrv - ok
22:06:45.0814 0x2670  WMPNetworkSvc - ok
22:06:45.0822 0x2670  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:06:45.0823 0x2670  WPCSvc - ok
22:06:45.0835 0x2670  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:06:45.0837 0x2670  WPDBusEnum - ok
22:06:45.0848 0x2670  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:06:45.0849 0x2670  ws2ifsl - ok
22:06:45.0852 0x2670  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
22:06:45.0855 0x2670  wscsvc - ok
22:06:45.0857 0x2670  WSearch - ok
22:06:45.0949 0x2670  [ 499034D7F1F6AF49F9EE12F8822793CB, 55D591C4861AF66C6B9201BF78808B2ECE7B79D95C6BB07FF0ED87EFE63DD99E ] wuauserv        C:\Windows\system32\wuaueng.dll
22:06:45.0985 0x2670  wuauserv - ok
22:06:46.0000 0x2670  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:06:46.0001 0x2670  WudfPf - ok
22:06:46.0020 0x2670  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:06:46.0023 0x2670  WUDFRd - ok
22:06:46.0049 0x2670  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:06:46.0051 0x2670  wudfsvc - ok
22:06:46.0079 0x2670  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:06:46.0083 0x2670  WwanSvc - ok
22:06:46.0089 0x2670  ================ Scan global ===============================
22:06:46.0122 0x2670  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
22:06:46.0162 0x2670  [ E80CA72FA43BF258E72C408CEF9839BE, 06482E80F43AD91F4B9E5919A0C50219382213D59EACF9FBAE7AFD7A321F30D2 ] C:\Windows\system32\winsrv.dll
22:06:46.0177 0x2670  [ E80CA72FA43BF258E72C408CEF9839BE, 06482E80F43AD91F4B9E5919A0C50219382213D59EACF9FBAE7AFD7A321F30D2 ] C:\Windows\system32\winsrv.dll
22:06:46.0203 0x2670  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
22:06:46.0246 0x2670  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
22:06:46.0252 0x2670  [ Global ] - ok
22:06:46.0252 0x2670  ================ Scan MBR ==================================
22:06:46.0267 0x2670  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:06:46.0402 0x2670  \Device\Harddisk0\DR0 - ok
22:06:46.0402 0x2670  ================ Scan VBR ==================================
22:06:46.0404 0x2670  [ 37FD435BE0AA27EB3947661B19EDE7AE ] \Device\Harddisk0\DR0\Partition1
22:06:46.0468 0x2670  \Device\Harddisk0\DR0\Partition1 - ok
22:06:46.0470 0x2670  [ 953A27EC4B468FC9629B098EFA1555A8 ] \Device\Harddisk0\DR0\Partition2
22:06:46.0524 0x2670  \Device\Harddisk0\DR0\Partition2 - ok
22:06:46.0524 0x2670  ================ Scan generic autorun ======================
22:06:46.0779 0x2670  [ 8CB8E0C93C5459B45BE1FA628FB0D761, F06830359F11515BA1CA5EC061F5B254E5A4676FBEC8AFAC23B56BB413B7E63F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
22:06:46.0924 0x2670  RtHDVCpl - ok
22:06:46.0950 0x2670  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\RunDLL32.exe
22:06:46.0952 0x2670  RunDLLEntry_THXCfg - ok
22:06:46.0954 0x2670  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\RunDLL32.exe
22:06:46.0956 0x2670  RunDLLEntry_EptMon - ok
22:06:46.0985 0x2670  [ 233A10D4B3F6897899112E4EC60F1906, 1F7E768E57064938114DF2EFC5B219EB0D30A7D9E574924E9CED054462505AF0 ] C:\Windows\WindowsMobile\wmdc.exe
22:06:46.0994 0x2670  Windows Mobile Device Center - ok
22:06:47.0021 0x2670  [ C0B97E53A0E39A48EEA2DCD500EEA07A, 111FBD91850E52E61E6A4D8065BF56C9C6B89C55BA6312F726125F1CE4B09EE1 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
22:06:47.0025 0x2670  IAStorIcon - ok
22:06:47.0055 0x2670  [ 49916F80B1CCE8B80477999921ED14E4, 9AFB9F53FF642BB19F1BE7B3073EC96C59F22D50BF935846E3622D56A414211B ] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
22:06:47.0059 0x2670  ShwiconXP9106 - ok
22:06:47.0134 0x2670  [ 2A5E8DBC310C2FB7511B9AB8E7CFB297, F9522B42BAA4A3B5D325385C8AB7BBDE549AB6420D0F430925A22C61C09FE5B2 ] C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe
22:06:47.0147 0x2670  THX Audio Control Panel - ok
22:06:47.0170 0x2670  [ C419DF63E0121D72411285780C2FC6CC, F47F854D327C589D174D3BB5B55D5C05F5ACA73DF52A6BEF47596B9010190291 ] C:\Windows\UpdReg.EXE
22:06:47.0172 0x2670  UpdReg - ok
22:06:47.0257 0x2670  [ 88FD47E3BD31BC358AD1EF14E75C7681, 0177A849A8E63122628D42AAB97F29224413B10C5E9720F7ED9E109E509EC7ED ] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
22:06:47.0258 0x2670  RemoteControl9 - ok
22:06:47.0313 0x2670  [ A4A59E38A82781985AF76BA2038C78BE, 0E349A07EFC7FB0BB6E9CD3A6B9E72CDA4FD45001EEAB3AAC5D885E2AE0CEF77 ] C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe
22:06:47.0314 0x2670  PDVD9LanguageShortcut - ok
22:06:47.0335 0x2670  [ 845BA1CEFFD99B178345E2A5A2CC435C, 7539796035A97DF9B1EEAB23ADC0F2385EBD2A5E11EE72E8DDF76CD14A24DD18 ] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
22:06:47.0336 0x2670  BDRegion - ok
22:06:47.0417 0x2670  [ EBE1962DC5EEFC13D20543013A891ABC, E6E993B38267D17EF4FFAD8870817DA0D65405C920177D077FA3FD7B98DB4C3D ] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
22:06:47.0432 0x2670  Dell DataSafe Online - ok
22:06:47.0487 0x2670  [ 1196380F7BC5A83193BE66594193C20B, 1CDA7C838548C8B3A92F72643A129C077E3AB0E5EBBC2112A7C22CE3E3A81007 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
22:06:47.0487 0x2670  Adobe Reader Speed Launcher - ok
22:06:47.0522 0x2670  [ 6CE36EE8D47C825A8D0C56C846CF636F, 62611B4D1CB67E93BFEFCCE605D33A72C3AF2C362B904B571A9E671A178F73E1 ] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
22:06:47.0524 0x2670  Launcher - ok
22:06:47.0589 0x2670  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:06:47.0605 0x2670  Sidebar - ok
22:06:47.0632 0x2670  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:06:47.0634 0x2670  mctadmin - ok
22:06:47.0662 0x2670  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:06:47.0678 0x2670  Sidebar - ok
22:06:47.0689 0x2670  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:06:47.0691 0x2670  mctadmin - ok
22:06:47.0774 0x2670  [ 16DEFCB5F3FAC44D5EB35B19DA337FE5, CE8531B8FBA4896D4A1AB0C5CCEFC5DF0C74063D717EC9BA386B4E25D7F93651 ] c:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe
22:06:47.0783 0x2670  CAHeadless - ok
22:06:47.0928 0x2670  [ 61E3B5BEE1C10954F53DC07282F2A61C, 9B092FE63CAECDAD165B702D45B79D5D06DC879C11FEFFCE62B431712C50A1F2 ] C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
22:06:48.0010 0x2670  Logitech Vid - ok
22:06:48.0015 0x2670  msnmsgr - ok
22:06:48.0107 0x2670  [ 35F8F5B393DBBD9A509868E2012795FA, 315BF201051FBBDA0A2A5DAC308F51E6642870B07DD514AB60B2C8B2A580E9BB ] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
22:06:48.0121 0x2670  NokiaSuite.exe - ok
22:06:48.0180 0x2670  [ F82090054C9691B7AB7543B081BDA447, 8769BA4A6A8988B68574857A5BBFB82A5CB3BA5EDFFF7793154B19751B736E8C ] C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe
22:06:48.0190 0x2670  DataSync Outlook - ok
22:06:48.0248 0x2670  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
22:06:48.0268 0x2670  Sidebar - ok
22:06:48.0386 0x2670  [ D8470A716BE1C02A81F5AD704D43D334, DA2E76AFB6C0F0111CC5B3A83B331D2BCA54CC78C56128D2B90B86FC89E7EAA7 ] C:\Users\Günter\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
22:06:48.0427 0x2670  Amazon Cloud Player - ok
22:06:48.0598 0x2670  [ B2BAE2D76FBE9FDC3F6E0D1F886DF367, 964EBF736891BE252C68FCE1F9EAD5E60E6E0C2119D21C6DF49FBD30FBB678EF ] C:\Program Files\CCleaner\CCleaner64.exe
22:06:48.0696 0x2670  CCleaner Monitoring - ok
22:06:48.0770 0x2670  [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
22:06:48.0783 0x2670  SpybotPostWindows10UpgradeReInstall - ok
22:06:48.0911 0x2670  [ 61E3B5BEE1C10954F53DC07282F2A61C, 9B092FE63CAECDAD165B702D45B79D5D06DC879C11FEFFCE62B431712C50A1F2 ] C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
22:06:48.0993 0x2670  Logitech Vid - ok
22:06:49.0021 0x2670  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
22:06:49.0041 0x2670  Sidebar - ok
22:06:49.0148 0x2670  [ 61E3B5BEE1C10954F53DC07282F2A61C, 9B092FE63CAECDAD165B702D45B79D5D06DC879C11FEFFCE62B431712C50A1F2 ] C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
22:06:49.0230 0x2670  Logitech Vid - ok
22:06:49.0268 0x2670  [ F82090054C9691B7AB7543B081BDA447, 8769BA4A6A8988B68574857A5BBFB82A5CB3BA5EDFFF7793154B19751B736E8C ] C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe
22:06:49.0277 0x2670  DataSync Outlook - ok
22:06:49.0281 0x2670  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.12.402 ), 0x40000 ( disabled : updated )
22:06:49.0282 0x2670  Win FW state via NFP2: enabled ( trusted )
22:06:51.0629 0x2670  ============================================================
22:06:51.0629 0x2670  Scan finished
22:06:51.0629 0x2670  ============================================================
22:06:51.0632 0x2288  Detected object count: 0
22:06:51.0632 0x2288  Actual detected object count: 0
         

So viel für Heute.

Gruß! günni42

Alt 17.08.2015, 15:55   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Email- Konto gehackt? - Standard

Email- Konto gehackt?



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.


__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 17.08.2015, 16:59   #6
günni42
 
Email- Konto gehackt? - Standard

Email- Konto gehackt?



Hallo schrauber,
bei mir dauert's immer etwas länger, nachdem ich den Schalter zum Deaktivieren von Spybot S&D nicht gefunden habe, habe ich das PGM deinstalliert.
Combofix hat ca. 30 Min. gebraucht. Hier der Log

Code:
ATTFilter
ComboFix 15-08-17.01 - Admi_günter 17.08.2015  16:25:41.1.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.8174.5373 [GMT 2:00]
ausgeführt von:: c:\users\G³nter\Downloads\ComboFix.exe
AV: Avira Antivirus *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Antivirus *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\3mj1ol.bat
c:\programdata\3mj1ol.pad
c:\programdata\PCDr\6664\AddOnDownloaded\2c507aa3-5c72-4011-b9e1-3928beb6f336.dll
c:\programdata\PCDr\6664\AddOnDownloaded\2ed4ce9e-0dff-4595-a0aa-f3e3b671fddc.dll
c:\programdata\PCDr\6664\AddOnDownloaded\3324fb70-b482-4ff5-9d0e-102981046ff0.dll
c:\programdata\PCDr\6664\AddOnDownloaded\459715e4-d2b9-4b1d-9abd-b72ddc2c69b1.dll
c:\programdata\PCDr\6664\AddOnDownloaded\4628ddf8-b4cb-4445-b869-56cb92eae20b.dll
c:\programdata\PCDr\6664\AddOnDownloaded\48db0c93-e691-44fc-9c6b-a61e60525cfe.dll
c:\programdata\PCDr\6664\AddOnDownloaded\4cb05034-365d-4b59-a070-5750405458b0.dll
c:\programdata\PCDr\6664\AddOnDownloaded\4e3bd962-072e-42a0-8ffb-faf4fbf06230.dll
c:\programdata\PCDr\6664\AddOnDownloaded\526d8043-c04a-458e-b41c-9f0b037eb5ab.dll
c:\programdata\PCDr\6664\AddOnDownloaded\5d59ed02-c0da-4e0e-8811-16a3d0b6a87d.dll
c:\programdata\PCDr\6664\AddOnDownloaded\649574c7-1acb-458c-a846-1bc04bfcdb93.dll
c:\programdata\PCDr\6664\AddOnDownloaded\6b56d7e1-5ac6-46da-8615-10fbe2919ac8.dll
c:\programdata\PCDr\6664\AddOnDownloaded\6f9e83ca-5216-40db-863d-61ffff2a1563.dll
c:\programdata\PCDr\6664\AddOnDownloaded\812fed95-c1fb-4695-be1a-fd6265302cf9.dll
c:\programdata\PCDr\6664\AddOnDownloaded\873c94c8-114d-4d39-a36a-14d636c6e7f3.dll
c:\programdata\PCDr\6664\AddOnDownloaded\909c2f24-5974-42a7-a041-bbc7c1411046.dll
c:\programdata\PCDr\6664\AddOnDownloaded\943fb1bd-a66d-43d4-943d-6261ebf98050.dll
c:\programdata\PCDr\6664\AddOnDownloaded\95863b84-2a1c-4539-bd21-ffbef3ea7fd9.dll
c:\programdata\PCDr\6664\AddOnDownloaded\964840d8-cf70-45c0-a3db-802e021f9658.dll
c:\programdata\PCDr\6664\AddOnDownloaded\9afbb1e4-1951-4d6e-bd32-2e0e5254786f.dll
c:\programdata\PCDr\6664\AddOnDownloaded\9b664440-a1fb-457f-a208-c519fea54f87.dll
c:\programdata\PCDr\6664\AddOnDownloaded\9b6e4d67-f75b-40b4-bfb0-bc8d902f62eb.dll
c:\programdata\PCDr\6664\AddOnDownloaded\9bf708b5-617d-4352-8ecd-ff95912dcb95.dll
c:\programdata\PCDr\6664\AddOnDownloaded\a7a4f473-8998-4029-be3e-f4280478bd6b.dll
c:\programdata\PCDr\6664\AddOnDownloaded\ac83e4d3-2f37-4679-a3b4-b7f5aa568264.dll
c:\programdata\PCDr\6664\AddOnDownloaded\b4e7e391-8ff3-4363-bb72-f41a243749b1.dll
c:\programdata\PCDr\6664\AddOnDownloaded\b9f9154e-1581-4a2a-a195-eeb46e9e239b.dll
c:\programdata\PCDr\6664\AddOnDownloaded\bb97e28d-bdfb-4fa4-902d-264275c5cb1b.dll
c:\programdata\PCDr\6664\AddOnDownloaded\c6528f35-d623-4e84-a9b2-58ecb22dabd4.dll
c:\programdata\PCDr\6664\AddOnDownloaded\c746a3b1-ed0c-4bff-941c-d5e6f0583ce7.dll
c:\programdata\PCDr\6664\AddOnDownloaded\c749e834-df0f-483e-9946-33435f37c240.dll
c:\programdata\PCDr\6664\AddOnDownloaded\edb10714-8498-4679-a667-4c4c359de017.dll
c:\programdata\PCDr\6664\AddOnDownloaded\ef32b2f9-e518-400c-8172-d1a06ae9d208.dll
c:\programdata\PCDr\6664\AddOnDownloaded\ff34f184-7b2d-4b07-9131-b1349888b6e5.dll
c:\windows\SysWow64\csftxctl.ocx
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-07-17 bis 2015-08-17  ))))))))))))))))))))))))))))))
.
.
2015-08-17 14:36 . 2015-08-17 14:36	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-08-17 14:36 . 2015-08-17 14:36	--------	d-----w-	c:\users\Christine\AppData\Local\temp
2015-08-17 14:36 . 2015-08-17 14:36	--------	d-----w-	c:\users\Admi_günter\AppData\Local\temp
2015-08-16 18:20 . 2015-08-16 19:27	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-08-15 16:36 . 2015-08-15 16:47	--------	d-----w-	C:\FRST
2015-08-15 15:46 . 2015-08-15 15:46	--------	d-----w-	c:\program files\Common Files\AV
2015-08-12 20:02 . 2015-07-30 13:13	103120	----a-w-	c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 20:02 . 2015-07-30 13:13	124624	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 06:30 . 2015-07-28 20:05	774656	----a-w-	c:\windows\system32\invagent.dll
2015-08-12 06:30 . 2015-07-28 20:05	743424	----a-w-	c:\windows\system32\generaltel.dll
2015-08-12 06:30 . 2015-07-28 20:05	437760	----a-w-	c:\windows\system32\devinv.dll
2015-08-12 06:30 . 2015-07-28 20:05	1116672	----a-w-	c:\windows\system32\appraiser.dll
2015-08-12 06:30 . 2015-07-28 20:05	69120	----a-w-	c:\windows\system32\acmigration.dll
2015-08-12 06:30 . 2015-07-28 19:55	1148416	----a-w-	c:\windows\system32\aeinv.dll
2015-08-12 06:30 . 2015-07-28 20:09	17344	----a-w-	c:\windows\system32\CompatTelRunner.exe
2015-08-12 06:30 . 2015-07-28 20:05	227328	----a-w-	c:\windows\system32\aepdu.dll
2015-08-12 06:27 . 2015-07-01 20:49	260096	----a-w-	c:\windows\system32\WebClnt.dll
2015-08-12 06:25 . 2015-07-09 17:57	193536	----a-w-	c:\windows\system32\notepad.exe
2015-07-25 21:36 . 2015-07-25 21:36	--------	d-----w-	c:\programdata\PC-Doctor for Windows
2015-07-25 21:36 . 2015-07-25 21:36	--------	d-----w-	c:\program files\Dell Support Center
2015-07-25 21:36 . 2015-07-25 21:36	--------	d-----w-	c:\program files\Dell
2015-07-25 21:28 . 2015-07-25 21:28	--------	d-----w-	c:\users\Günter\AppData\Local\Dell Edoc Viewer
2015-07-22 19:15 . 2015-07-22 19:15	74703	----a-w-	c:\windows\SysWow64\mfc45.dat
2015-07-22 19:15 . 2015-07-22 19:15	--------	d-----w-	c:\programdata\iolo
2015-07-22 19:15 . 2015-07-22 19:15	--------	d-----w-	c:\program files (x86)\iolo
2015-07-22 16:37 . 2015-07-22 16:37	2689680	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\VBA\VBA7\VBE7.DLL
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-08-16 18:20 . 2015-03-21 19:38	136408	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-08-16 18:19 . 2015-03-21 19:38	107736	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-08-12 19:47 . 2011-06-10 20:26	132483416	----a-w-	c:\windows\system32\MRT.exe
2015-08-12 17:05 . 2012-04-09 08:39	778440	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-08-12 17:05 . 2011-06-19 12:29	142536	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-28 11:19 . 2015-01-24 16:21	162528	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2015-07-28 11:19 . 2015-01-24 16:21	141416	----a-w-	c:\windows\system32\drivers\avipbb.sys
2015-07-15 17:54 . 2015-08-12 06:28	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-07-04 18:07 . 2015-07-15 01:36	2087424	----a-w-	c:\windows\system32\ole32.dll
2015-07-04 17:48 . 2015-07-15 01:36	1414656	----a-w-	c:\windows\SysWow64\ole32.dll
2015-06-23 23:29 . 2015-06-23 23:29	1217192	----a-w-	c:\windows\SysWow64\FM20.DLL
2015-06-18 06:41 . 2015-03-21 19:38	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2015-06-18 06:41 . 2015-03-21 19:38	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2015-06-17 17:47 . 2015-07-15 01:37	404992	----a-w-	c:\windows\system32\gdi32.dll
2015-06-17 17:37 . 2015-07-15 01:37	312320	----a-w-	c:\windows\SysWow64\gdi32.dll
2015-06-16 22:23 . 2015-06-16 22:23	94208	----a-w-	c:\windows\SysWow64\QuickTimeVR.qtx
2015-06-16 22:23 . 2015-06-16 22:23	69632	----a-w-	c:\windows\SysWow64\QuickTime.qts
2015-06-15 21:50 . 2015-07-15 01:36	112064	----a-w-	c:\windows\system32\consent.exe
2015-06-15 21:45 . 2015-07-15 01:36	504320	----a-w-	c:\windows\system32\msihnd.dll
2015-06-15 21:45 . 2015-07-15 01:36	3242496	----a-w-	c:\windows\system32\msi.dll
2015-06-15 21:45 . 2015-07-15 01:36	70656	----a-w-	c:\windows\system32\appinfo.dll
2015-06-15 21:45 . 2015-07-15 01:36	1941504	----a-w-	c:\windows\system32\authui.dll
2015-06-15 21:44 . 2015-07-15 01:36	128000	----a-w-	c:\windows\system32\msiexec.exe
2015-06-15 21:43 . 2015-07-15 01:36	337408	----a-w-	c:\windows\SysWow64\msihnd.dll
2015-06-15 21:43 . 2015-07-15 01:36	2364416	----a-w-	c:\windows\SysWow64\msi.dll
2015-06-15 21:43 . 2015-07-15 01:36	1805824	----a-w-	c:\windows\SysWow64\authui.dll
2015-06-15 21:42 . 2015-07-15 01:36	73216	----a-w-	c:\windows\SysWow64\msiexec.exe
2015-06-15 21:42 . 2015-07-15 01:36	25088	----a-w-	c:\windows\system32\msimsg.dll
2015-06-15 21:37 . 2015-07-15 01:36	25088	----a-w-	c:\windows\SysWow64\msimsg.dll
2015-06-09 18:03 . 2015-07-15 01:37	3180544	----a-w-	c:\windows\system32\rdpcorets.dll
2015-06-09 18:03 . 2015-07-15 01:37	16384	----a-w-	c:\windows\system32\RdpGroupPolicyExtension.dll
2015-06-02 00:07 . 2015-07-15 01:37	254976	----a-w-	c:\windows\system32\cewmdm.dll
2015-06-01 23:47 . 2015-07-15 01:37	210432	----a-w-	c:\windows\SysWow64\cewmdm.dll
2015-05-25 18:19 . 2015-06-10 05:28	1255424	----a-w-	c:\windows\system32\diagtrack.dll
2015-05-25 18:19 . 2015-06-10 05:28	879104	----a-w-	c:\windows\system32\tdh.dll
2015-05-25 18:19 . 2015-06-10 05:28	113664	----a-w-	c:\windows\system32\sechost.dll
2015-05-25 18:18 . 2015-06-10 05:28	879104	----a-w-	c:\windows\system32\advapi32.dll
2015-05-25 18:18 . 2015-06-10 05:28	404992	----a-w-	c:\windows\system32\tracerpt.exe
2015-05-25 18:18 . 2015-06-10 05:28	47104	----a-w-	c:\windows\system32\typeperf.exe
2015-05-25 18:18 . 2015-06-10 05:28	43008	----a-w-	c:\windows\system32\relog.exe
2015-05-25 18:18 . 2015-06-10 05:28	104448	----a-w-	c:\windows\system32\logman.exe
2015-05-25 18:18 . 2015-06-10 05:28	19456	----a-w-	c:\windows\system32\diskperf.exe
2015-05-25 18:01 . 2015-06-10 05:28	635392	----a-w-	c:\windows\SysWow64\tdh.dll
2015-05-25 18:01 . 2015-06-10 05:28	92160	----a-w-	c:\windows\SysWow64\sechost.dll
2015-05-25 18:01 . 2015-06-10 05:28	641536	----a-w-	c:\windows\SysWow64\advapi32.dll
2015-05-25 18:00 . 2015-06-10 05:28	40448	----a-w-	c:\windows\SysWow64\typeperf.exe
2015-05-25 18:00 . 2015-06-10 05:28	364544	----a-w-	c:\windows\SysWow64\tracerpt.exe
2015-05-25 18:00 . 2015-06-10 05:28	37888	----a-w-	c:\windows\SysWow64\relog.exe
2015-05-25 18:00 . 2015-06-10 05:28	82944	----a-w-	c:\windows\SysWow64\logman.exe
2015-05-25 18:00 . 2015-06-10 05:28	17408	----a-w-	c:\windows\SysWow64\diskperf.exe
2015-05-25 17:00 . 2015-06-10 05:28	36864	----a-w-	c:\windows\system32\UtcResources.dll
2015-05-21 13:19 . 2015-06-05 07:40	193536	----a-w-	c:\windows\system32\aepic.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Vid"="c:\program files (x86)\Logitech\Vid HD\Vid.exe" [2011-01-13 6129496]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"DataSync Outlook"="c:\program files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe" [2009-12-07 720896]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-12-11 30877280]
"KSS"="c:\program files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe" [2014-06-15 202080]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-12-12 7394584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]
"ShwiconXP9106"="c:\program files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe" [2010-03-10 237568]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" [2009-12-01 963584]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-10 90112]
"RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2010-10-01 87336]
"PDVD9LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD9\Language\Language.exe" [2010-09-17 50472]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared Files\brs.exe" [2010-10-27 75048]
"Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-25 1117528]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2015-06-26 40336]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2015-07-28 782008]
"Avira Systray"="c:\program files (x86)\Avira\Launcher\Avira.Systray.exe" [2015-07-02 134368]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2015-06-16 421888]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\program files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe" [2010-08-11 163040]
.
c:\users\Günter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-6-25 228552]
.
c:\users\Admi_günter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-6-25 228552]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-7-21 1132320]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
R2 AntiVirMailService;Avira Email-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe [x]
R2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
R2 CLKMSVC10_9EC60124;CyberLink Product - 2011/06/07 16:33;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 cjusb;REINER SCT cyberJack USB Driver;c:\windows\system32\DRIVERS\cjusb.sys;c:\windows\SYSNATIVE\DRIVERS\cjusb.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys;c:\windows\SYSNATIVE\drivers\Impcd.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\F492.tmp;c:\windows\SYSNATIVE\F492.tmp [x]
R3 pmxdrv;pmxdrv;c:\windows\system32\drivers\pmxdrv.sys;c:\windows\SYSNATIVE\drivers\pmxdrv.sys [x]
R3 PSKMAD;PSKMAD;c:\windows\system32\DRIVERS\PSKMAD.sys;c:\windows\SYSNATIVE\DRIVERS\PSKMAD.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Avira.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 KSS;Kaspersky Security Scan Service;c:\program files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [x]
S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]
S2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files (x86)\PDF Architect\HelperService.exe;c:\program files (x86)\PDF Architect\HelperService.exe [x]
S2 PDF Architect Service;PDF Architect Service;c:\program files (x86)\PDF Architect\ConversionService.exe;c:\program files (x86)\PDF Architect\ConversionService.exe [x]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys;c:\windows\SYSNATIVE\drivers\HCW85BDA.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech Webcam Pro 9000(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - CLKMDRV10_9EC60124
.
Inhalt des "geplante Tasks" Ordners
.
2015-08-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 17:05]
.
2015-08-16 c:\windows\Tasks\Defraggler Volume C Task.job
- c:\program files\Defraggler\df64.exe [2014-02-05 09:22]
.
2015-08-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-20 17:16]
.
2015-08-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-20 17:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-23 10920552]
"RunDLLEntry_THXCfg"="c:\windows\system32\THXCfg64.dll" [2009-10-15 17920]
"RunDLLEntry_EptMon"="c:\windows\system32\EptMon64.dll" [2009-10-15 21504]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://ixquick.com/deu/?
uDefault_Search_URL = www.google.com
mStart Page = www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = www.google.com
mDefault_Page_URL = www.google.com
mDefault_Search_URL = www.google.com
uSearchAssistant = www.google.com
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: dell.com
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
c:\users\Admi_günter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Versandhelfer.lnk - c:\program files (x86)\Versandhelfer\Versandhelfer.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
AddRemove-OpenFietsMap (BNL) - c:\garmin\Openstreetmap\OpenFietsMap\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\F492.tmp"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_232_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_232_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.18"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000001
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-08-17  16:49:34
ComboFix-quarantined-files.txt  2015-08-17 14:49
.
Vor Suchlauf: 18 Verzeichnis(se), 1.699.407.564.800 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 1.698.954.952.704 Bytes frei
.
- - End Of File - - 39B74F2D05ECF13F2A9107D56613DED6
         
jetzt bin ich erst mal 3:30 Std. außer Haus

Gruß! - günni42

Alt 18.08.2015, 10:50   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Email- Konto gehackt? - Standard

Email- Konto gehackt?



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 18.08.2015, 19:54   #8
günni42
 
Email- Konto gehackt? - Standard

Email- Konto gehackt?



Hallo schrauber,

heute Nacht waren wieder ein paar Mails unterwegs.
Aber ich hab' meine Hausaufgaben gemacht - hoffentlich so wie Du es Dir wünscht - und dann werden wir sicher ein Stück weiter kommen.

MBAM

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 18.08.2015
Suchlaufzeit: 15:58
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.08.18.04
Rootkit-Datenbank: v2015.08.16.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Admi_günter

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 564563
Abgelaufene Zeit: 16 Min., 16 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Bei AdwCleaner gab es eine Fehlermeldung:

'Line 16270 (File "C:\...\AdwCleaner_5.001.exe"):
Error: Variable used without being declared.'

Aber den log konnte ich dann doch noch finden:

Code:
ATTFilter
# AdwCleaner v5.001 - Bericht erstellt 18/08/2015 um 16:39:06
# Aktualisiert 17/08/2015 von Xplode
# Datenbank : 2015-08-16.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Admi_günter - RECHNER_***
# Gestarted von : C:\Users\Günter\Downloads\AdwCleaner_5.001.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\ProgramData\apn
[-] Ordner Gelöscht : C:\ProgramData\PC Drivers HeadQuarters
[-] Ordner Gelöscht : C:\Users\Admi_günter\AppData\Local\PC_Drivers_Headquarters
[-] Ordner Gelöscht : C:\Users\Admi_günter\AppData\Roaming\pdfforge
[-] Ordner Gelöscht : C:\Users\Günter\AppData\LocalLow\weDownload Manager Pro
[-] Ordner Gelöscht : C:\Users\Günter\AppData\Roaming\pdfforge

***** [ Dateien ] *****


***** [ Verknüpfungen ] *****

[-] Verknüpfung Desinfiziert : C:\Users\Admi_günter\Desktop\WWW_Internet Explorer.lnk
[-] Verknüpfung Desinfiziert : C:\Users\Admi_günter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[-] Verknüpfung Desinfiziert : C:\Users\Admi_günter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
[-] Verknüpfung Desinfiziert : C:\Users\Admi_günter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[-] Verknüpfung Desinfiziert : C:\Users\Admi_günter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Search.lnk

***** [ Geplante Tasks ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
[-] Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\OCS
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-1916591956-2551971433-4189181994-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E935E8C2-8F33-448E-8292-885736E481FE}
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E935E8C2-8F33-448E-8292-885736E481FE}

***** [ Internetbrowser ] *****

[-] [C:\Users\Christine\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : de.ask.com
[-] [C:\Users\Günter\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : de.ask.com

*************************

:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht

########## EOF - \AdwCleaner[C1].txt - [6273 Bytes] ##########
         
Junkware Removal Tool:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.6 (08.10.2015:1)
OS: Windows 7 Home Premium x64
Ran by Admi_gnter on 18.08.2015 at 17:06:35,27
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks

Successfully deleted: [Task] C:\Windows\system32\tasks\PCDEventLauncherTask
Successfully deleted: [Task] C:\Windows\system32\tasks\PCDoctorBackgroundMonitorTask



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3A2D5EBA-F86D-4BD3-A177-019765996711}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}



~~~ Files

Successfully deleted: [File] C:\Users\Admi_gnter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\search.lnk



~~~ Folders

Successfully deleted: [Folder] C:\ProgramData\esellerate





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18.08.2015 at 17:08:23,37
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
und ein frisches FRST log:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:17-08-2015
durchgeführt von Admi_günter (Administrator) auf RECHNER_*** (18-08-2015 17:22:13)
Gestartet von C:\Users\Günter\Downloads
Geladene Profile: Günter & Admi_günter &  (Verfügbare Profile: Günter & Admi_günter & Christine)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_18_0_0_232_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-23] (Realtek Semiconductor)
HKLM\...\Run: [RunDLLEntry_THXCfg] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM\...\Run: [RunDLLEntry_EptMon] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\EptMon64.dll,RunDLLEntry EptMon64
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ShwiconXP9106] => C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe [237568 2010-03-10] (Alcor Micro Corp.)
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe [963584 2009-12-01] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-10-01] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-09-17] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe [75048 2010-10-27] (cyberlink)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-06-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-07-28] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-07-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKLM-x32\...\RunOnce: [Launcher] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe [163040 2010-08-11] (Softthinks)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [CAHeadless] => c:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe [615808 2009-09-18] (Adobe Systems Incorporated)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6129496 2011-01-13] (Logitech Inc.)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1084800 2012-04-25] (Nokia)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [DataSync Outlook] => C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe [720896 2009-12-07] (O3SIS AG)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [Amazon Cloud Player] => C:\Users\Günter\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2014-05-08] ()
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CAHeadless] => c:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe [615808 2009-09-18] (Adobe Systems Incorporated)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6129496 2011-01-13] (Logitech Inc.)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1084800 2012-04-25] (Nokia)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DataSync Outlook] => C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe [720896 2009-12-07] (O3SIS AG)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Amazon Cloud Player] => C:\Users\Günter\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2014-05-08] ()
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6129496 2011-01-13] (Logitech Inc.)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\...\Run: [DataSync Outlook] => C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe [720896 2009-12-07] (O3SIS AG)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202080 2014-06-16] (Kaspersky Lab ZAO)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6129496 2011-01-13] (Logitech Inc.)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DataSync Outlook] => C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe [720896 2009-12-07] (O3SIS AG)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202080 2014-06-16] (Kaspersky Lab ZAO)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6129496 2011-01-13] (Logitech Inc.)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DataSync Outlook] => C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe [720896 2009-12-07] (O3SIS AG)
Startup: C:\Users\Admi_günter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2011-06-15]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2011-06-07]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Günter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2011-06-13]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicyScripts-x32: Gruppenrichtline erkannt <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1916591956-2551971433-4189181994-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1000 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1000 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = 
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = 
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1003 -> DefaultScope {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = 
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {E935E8C2-8F33-448E-8292-885736E481FE} URL = hxxp://ixquick.com/do/metasearch.pl?query={searchTerms}&cat=web&pl=ie&language=deutsch
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
DPF: HKLM-x32 {0742B9EF-8C83-41CA-BFBA-830A59E23533} hxxps://oas.support.microsoft.com/ActiveX/MSDcode.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/3,0,0,6538/mcfscan.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{D1A003C6-1664-4416-B03E-A904900A29D8}: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\system32\npDeployJava1.dll [2013-02-13] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-04-04] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2012-04-25] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-14] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-08-27]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-07-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-07-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-07-28] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-07-28] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [218816 2015-07-02] (Avira Operations GmbH & Co. KG)
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [236016 2010-10-26] (CyberLink)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
R2 KSS; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202080 2014-06-16] (Kaspersky Lab ZAO)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
S2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162528 2015-07-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-04] (Avira Operations GmbH & Co. KG)
S3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [34672 2011-03-29] (REINER SCT)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir3.sys [33792 2010-06-03] (Hauppauge Computer Works, Inc.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 MEMSWEEP2; C:\Windows\system32\F492.tmp [6144 2011-05-12] (Sophos Plc) [Datei ist nicht signiert]
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2014-08-06] ()
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-18 17:14 - 2015-08-18 17:14 - 00000000 ____D C:\Users\Günter\Downloads\FRST-OlderVersion
2015-08-18 17:08 - 2015-08-18 17:08 - 00001656 _____ C:\Users\Admi_günter\Desktop\JRT.txt
2015-08-18 16:57 - 2015-08-18 16:57 - 01791580 _____ (Malwarebytes Corporation) C:\Users\Günter\Downloads\JRT.exe
2015-08-18 16:43 - 2015-08-18 16:43 - 00001201 _____ C:\Users\Günter\Downloads\Downloads - Verknüpfung (2).lnk
2015-08-18 16:39 - 2015-08-18 16:39 - 00006387 _____ C:\AdwCleaner[C1].txt
2015-08-18 16:36 - 2015-08-18 16:39 - 00000000 ____D C:\AdwCleaner
2015-08-18 16:36 - 2015-08-18 16:36 - 00006879 _____ C:\AdwCleaner[S1].txt
2015-08-18 16:31 - 2015-08-18 16:31 - 01573888 _____ C:\Users\Günter\Downloads\AdwCleaner_5.001.exe
2015-08-18 15:50 - 2015-08-18 15:50 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Günter\Downloads\mbam-setup-2.1.8.1057.exe
2015-08-17 22:23 - 2015-08-18 07:51 - 00001951 _____ C:\Users\Günter\Desktop\Computer, Treiber, Internet - Verknüpfung.lnk
2015-08-17 20:45 - 2015-08-17 20:45 - 00000909 _____ C:\Users\Günter\Desktop\Email- Konto gehackt.url
2015-08-17 16:49 - 2015-08-17 16:49 - 00030376 _____ C:\ComboFix.txt
2015-08-17 16:23 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-08-17 16:23 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-08-17 16:23 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-08-17 16:23 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-08-17 16:23 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-08-17 16:23 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-08-17 16:23 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-08-17 16:23 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-08-17 16:14 - 2015-08-17 16:50 - 00000000 ____D C:\Qoobox
2015-08-17 16:14 - 2015-08-17 16:46 - 00000000 ____D C:\Windows\erdnt
2015-08-17 15:58 - 2015-08-17 15:58 - 05635195 ____R (Swearware) C:\Users\Günter\Downloads\ComboFix.exe
2015-08-16 22:01 - 2015-08-16 22:01 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Günter\Downloads\tdsskiller.exe
2015-08-16 20:20 - 2015-08-16 21:27 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-08-16 20:19 - 2015-08-16 22:48 - 00000000 ____D C:\Users\Admi_günter\Desktop\mbar
2015-08-16 18:51 - 2015-08-16 18:51 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Günter\Downloads\mbar-1.09.1.1004.exe
2015-08-15 22:21 - 2015-08-15 22:21 - 00001142 _____ C:\Users\Günter\Desktop\Avira.lnk
2015-08-15 19:02 - 2015-08-15 19:02 - 00380416 _____ C:\Users\Günter\Downloads\hz1tj6o4.exe
2015-08-15 18:57 - 2015-08-15 18:57 - 00380416 _____ C:\Users\Günter\Downloads\Gmer-19357.exe
2015-08-15 18:38 - 2015-08-15 18:39 - 00038767 _____ C:\Users\Günter\Downloads\Addition.txt
2015-08-15 18:37 - 2015-08-18 17:22 - 00024731 _____ C:\Users\Günter\Downloads\FRST.txt
2015-08-15 18:36 - 2015-08-18 17:22 - 00000000 ____D C:\FRST
2015-08-15 18:30 - 2015-08-18 17:14 - 02173440 _____ (Farbar) C:\Users\Günter\Downloads\FRST64.exe
2015-08-15 18:26 - 2015-08-15 18:26 - 00000484 _____ C:\Users\Günter\Desktop\defogger_disable.log
2015-08-15 18:26 - 2015-08-15 18:26 - 00000000 _____ C:\Users\Admi_günter\defogger_reenable
2015-08-15 18:23 - 2015-08-15 18:25 - 00050477 _____ C:\Users\Günter\Downloads\Defogger.exe
2015-08-15 17:46 - 2015-08-15 17:46 - 00000000 ____D C:\Program Files\Common Files\AV
2015-08-15 17:46 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-08-14 16:26 - 2015-08-14 16:26 - 00000000 ____D C:\Users\Günter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2015-08-13 07:50 - 2015-08-13 07:50 - 00001022 _____ C:\Users\Günter\Desktop\E-Mail.url
2015-08-12 22:02 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 22:02 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 08:30 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 08:30 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 08:30 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 08:30 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 08:30 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 08:30 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-12 08:30 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 08:30 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 08:28 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-12 08:28 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-12 08:28 - 2015-07-16 23:14 - 25192448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-12 08:28 - 2015-07-16 22:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-12 08:28 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-12 08:28 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-12 08:28 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 08:28 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 08:28 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-12 08:28 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 08:28 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-12 08:28 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 08:28 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 08:28 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-12 08:28 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 08:28 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 08:28 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-12 08:28 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 08:28 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-12 08:28 - 2015-07-16 22:20 - 19870208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-12 08:28 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-12 08:28 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 08:28 - 2015-07-16 22:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-12 08:28 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 08:28 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-12 08:28 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 08:28 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 08:28 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 08:28 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-12 08:28 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 08:28 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-12 08:28 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-12 08:28 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 08:28 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 08:28 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-12 08:28 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 08:28 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 08:28 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 08:28 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-12 08:28 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 08:28 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-12 08:28 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 08:28 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-12 08:28 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 08:28 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 08:28 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-12 08:28 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-12 08:28 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 08:28 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 08:28 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 08:28 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 08:28 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 08:28 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-12 08:28 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-12 08:28 - 2015-07-16 21:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 08:28 - 2015-07-16 21:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-12 08:28 - 2015-07-16 21:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-12 08:28 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 08:28 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 08:28 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 08:28 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-12 08:28 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 08:28 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 08:28 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 08:28 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 08:28 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 08:28 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 08:28 - 2015-07-15 20:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-12 08:28 - 2015-07-15 20:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-12 08:28 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 08:28 - 2015-07-15 20:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 08:28 - 2015-07-15 20:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-12 08:28 - 2015-07-15 20:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-12 08:28 - 2015-07-15 20:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-12 08:28 - 2015-07-15 20:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-12 08:28 - 2015-07-15 20:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-12 08:28 - 2015-07-15 20:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-12 08:28 - 2015-07-15 20:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-12 08:28 - 2015-07-15 20:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 08:28 - 2015-07-15 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-12 08:28 - 2015-07-15 20:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-12 08:28 - 2015-07-15 20:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-12 08:28 - 2015-07-15 20:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-12 08:28 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-12 08:28 - 2015-07-15 19:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 08:28 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-12 08:28 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-12 08:28 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-12 08:28 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-12 08:28 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-12 08:28 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-12 08:28 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-12 08:28 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-12 08:28 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-12 08:28 - 2015-07-15 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-12 08:28 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-12 08:28 - 2015-07-15 19:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-12 08:28 - 2015-07-15 19:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-12 08:28 - 2015-07-15 19:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-12 08:28 - 2015-07-15 19:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-12 08:28 - 2015-07-15 19:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-12 08:28 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-12 08:28 - 2015-07-15 19:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-12 08:28 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-12 08:28 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-12 08:28 - 2015-07-15 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-12 08:28 - 2015-07-15 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-12 08:28 - 2015-07-15 18:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-12 08:28 - 2015-07-15 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-12 08:28 - 2015-07-15 18:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 18:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 18:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 18:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 08:28 - 2015-07-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-08-12 08:27 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-12 08:27 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 08:27 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 08:27 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-12 08:27 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 08:27 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-12 08:27 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-12 08:27 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 08:27 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 08:27 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 08:27 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 08:27 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 08:27 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-12 08:27 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-12 08:27 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 08:27 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 08:27 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-12 08:27 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-12 08:27 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 08:27 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 08:27 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 08:27 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 08:25 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 08:25 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-12 08:25 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 08:25 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 08:25 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 08:25 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 08:25 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-12 08:25 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 08:25 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-12 08:25 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 08:25 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 08:25 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 08:25 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-31 22:22 - 2015-07-31 22:40 - 00000000 ____D C:\Users\Public\Documents\QV7_Data
2015-07-28 20:08 - 2015-07-28 20:28 - 3268147200 _____ C:\Users\Günter\Downloads\WIN_7_HOME_MAR_64.iso
2015-07-25 23:36 - 2015-07-25 23:36 - 00003236 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest
2015-07-25 23:36 - 2015-07-25 23:36 - 00000000 ____D C:\ProgramData\PC-Doctor for Windows
2015-07-25 23:36 - 2015-07-25 23:36 - 00000000 ____D C:\Program Files\Dell Support Center
2015-07-25 23:36 - 2015-07-25 23:36 - 00000000 ____D C:\Program Files\Dell
2015-07-25 23:28 - 2015-07-25 23:28 - 00000000 ____D C:\Users\Günter\AppData\Local\Dell Edoc Viewer
2015-07-22 21:15 - 2015-07-22 21:15 - 00074703 _____ C:\Windows\SysWOW64\mfc45.dat
2015-07-22 21:15 - 2015-07-22 21:15 - 00001181 _____ C:\Users\Admi_günter\Desktop\System Checkup.lnk
2015-07-22 21:15 - 2015-07-22 21:15 - 00000000 ____D C:\ProgramData\iolo
2015-07-22 21:15 - 2015-07-22 21:15 - 00000000 ____D C:\Program Files (x86)\iolo

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-18 17:05 - 2012-08-24 00:41 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-18 16:47 - 2011-12-20 20:28 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-18 16:39 - 2014-08-06 11:59 - 00000981 _____ C:\Users\Admi_günter\Desktop\WWW_Internet Explorer.lnk
2015-08-18 16:39 - 2011-06-12 17:32 - 00001011 _____ C:\Users\Admi_günter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-18 15:57 - 2015-03-21 21:38 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-18 15:56 - 2015-03-21 21:38 - 00001108 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-08-18 15:56 - 2015-03-21 21:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-08-18 15:56 - 2015-03-21 21:38 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-08-18 15:50 - 2009-07-14 06:45 - 00028128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-18 15:50 - 2009-07-14 06:45 - 00028128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-18 15:45 - 2011-06-17 14:09 - 00000000 _____ C:\Windows\system32\Drivers\lvuvc.hs
2015-08-18 10:14 - 2011-06-15 17:24 - 00000000 ____D C:\Users\Admi_günter\Documents\Outlook-Dateien
2015-08-18 10:09 - 2011-06-07 16:17 - 01889368 _____ C:\Windows\WindowsUpdate.log
2015-08-18 09:59 - 2011-06-14 15:32 - 00000000 ____D C:\Users\Günter\Documents\Outlook-Dateien
2015-08-18 09:58 - 2010-11-21 08:50 - 00702964 _____ C:\Windows\system32\perfh007.dat
2015-08-18 09:58 - 2010-11-21 08:50 - 00150604 _____ C:\Windows\system32\perfc007.dat
2015-08-18 09:58 - 2009-07-14 07:13 - 01629436 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-18 09:57 - 2011-12-20 20:28 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-18 09:51 - 2015-04-11 07:14 - 00009129 _____ C:\Windows\setupact.log
2015-08-18 09:51 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-17 21:11 - 2015-04-26 16:55 - 00027168 _____ C:\Windows\PFRO.log
2015-08-17 21:11 - 2013-04-18 22:52 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-17 16:49 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-08-17 16:36 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-08-17 16:22 - 2013-04-18 22:52 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-08-17 07:24 - 2012-05-06 17:30 - 00003966 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{C33D8848-18DE-459E-8709-DEAC61BCC9A7}
2015-08-16 21:58 - 2014-05-28 11:16 - 00000000 ____D C:\Users\Admi_günter\AppData\Roaming\Skype
2015-08-16 20:58 - 2011-06-07 16:43 - 00000000 ____D C:\ProgramData\Sonic
2015-08-16 20:58 - 2009-07-14 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-16 20:56 - 2011-06-12 17:32 - 00000000 ____D C:\Users\Admi_günter\AppData\Local\SoftThinks
2015-08-16 13:37 - 2015-02-16 00:27 - 00000430 _____ C:\Windows\Tasks\Defraggler Volume C Task.job
2015-08-15 18:26 - 2011-06-12 17:32 - 00000000 ____D C:\Users\Admi_günter
2015-08-14 14:17 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-08-13 15:39 - 2013-09-03 15:45 - 00000219 _____ C:\Users\Günter\Desktop\www_ixquick Suche.url
2015-08-12 23:27 - 2015-05-30 21:06 - 00000458 _____ C:\Users\Günter\Desktop\www_PayPal.url
2015-08-12 22:26 - 2009-07-14 06:45 - 00489808 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-12 22:24 - 2014-12-11 16:36 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-12 22:24 - 2014-05-06 22:34 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-12 22:02 - 2013-03-13 00:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 22:02 - 2013-03-13 00:40 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-12 22:02 - 2013-03-13 00:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-12 22:01 - 2011-06-13 01:33 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-12 21:57 - 2013-08-15 21:53 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 21:57 - 2009-07-14 04:34 - 00000510 _____ C:\Windows\win.ini
2015-08-12 21:47 - 2011-06-10 22:26 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-12 19:05 - 2012-08-24 00:41 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-12 19:05 - 2012-04-09 10:39 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-12 19:05 - 2011-06-19 14:29 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-06 20:10 - 2011-06-16 21:23 - 00000000 ____D C:\Users\Günter\Documents\Computer, Treiber, Internet
2015-08-05 17:58 - 2011-06-16 21:28 - 00000000 ____D C:\Users\Günter\Documents\Telekom
2015-08-01 00:16 - 2013-09-08 23:50 - 00000000 ____D C:\Program Files (x86)\TTQV4
2015-07-31 22:44 - 2011-06-14 21:28 - 00000064 _____ C:\Windows\control.ini
2015-07-31 22:22 - 2015-02-28 00:50 - 00001074 _____ C:\Users\Admi_günter\Desktop\QuoVadis 7.lnk
2015-07-31 22:22 - 2015-02-28 00:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuoVadis 7
2015-07-31 22:22 - 2013-09-15 12:21 - 00000000 ____D C:\Program Files (x86)\QuoVadis7
2015-07-30 21:56 - 2015-01-24 18:20 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-30 21:56 - 2015-01-24 18:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-07-28 20:51 - 2011-06-10 18:54 - 00000000 ____D C:\Users\Günter\AppData\Roaming\Roxio
2015-07-28 13:19 - 2015-01-24 18:21 - 00162528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-07-28 13:19 - 2015-01-24 18:21 - 00141416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-07-28 08:23 - 2011-02-11 19:13 - 00000000 ____D C:\Windows\panther
2015-07-28 08:17 - 2015-07-10 19:28 - 00000000 ____D C:\$Windows.~BT
2015-07-25 23:43 - 2011-06-17 14:09 - 00099106 _____ C:\Windows\system32\lvcoinst.log
2015-07-25 23:37 - 2012-05-06 16:53 - 00000000 ____D C:\Users\Admi_günter\AppData\Roaming\PCDr
2015-07-25 23:36 - 2011-06-12 17:00 - 00000000 ____D C:\ProgramData\PCDr
2015-07-25 23:36 - 2011-06-07 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-07-25 22:34 - 2015-04-04 23:37 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-21 17:47 - 2014-12-12 08:40 - 00002021 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2015-07-21 17:47 - 2011-06-07 16:41 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-07-21 17:45 - 2015-05-17 23:22 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-20 17:55 - 2015-04-04 23:37 - 00000000 ___SD C:\Windows\SysWOW64\GWX

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2012-04-13 23:18 - 2012-04-13 23:18 - 0000361 _____ () C:\Users\Admi_günter\AppData\Roaming\dpdhl.versandhelfer_state.xml
2011-11-05 19:48 - 2011-11-30 16:16 - 0124657 _____ () C:\Users\Admi_günter\AppData\Local\ars.cache
2011-11-05 19:48 - 2011-11-30 16:16 - 0920400 _____ () C:\Users\Admi_günter\AppData\Local\census.cache
2013-07-31 10:43 - 2013-07-31 10:43 - 0003584 _____ () C:\Users\Admi_günter\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-11-05 19:41 - 2011-11-05 19:41 - 0000036 _____ () C:\Users\Admi_günter\AppData\Local\housecall.guid.cache
2011-06-29 12:18 - 2015-05-17 23:45 - 0007646 _____ () C:\Users\Admi_günter\AppData\Local\Resmon.ResmonCfg
2013-05-02 22:40 - 2013-05-02 22:40 - 0000152 _____ () C:\ProgramData\3mj1ol.reg
2013-05-02 22:40 - 2013-05-02 22:49 - 0000000 _____ () C:\ProgramData\as98213.txt
2011-06-22 15:58 - 2011-06-22 15:58 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\3mj1ol.reg


Einige Dateien in TEMP:
====================
C:\Users\Admi_günter\AppData\Local\temp\sqlite3.dll
C:\Users\Günter\AppData\Local\temp\avgnt.exe
C:\Users\Günter\AppData\Local\temp\NOSEventMessages.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-14 14:09

==================== Ende von Ergebnis ============================
         

Gruß! - günni42

Alt 19.08.2015, 09:40   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Email- Konto gehackt? - Standard

Email- Konto gehackt?




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 20.08.2015, 01:27   #10
günni42
 
Email- Konto gehackt? - Standard

Email- Konto gehackt?



Hallo Schrauber,

heute Nacht, also vor dem ESET- Scan, wurden wieder etliche Mails verschickt, bzw. vom Mailer Daemon zurückgeschickt (wg. SPAM).

Code:
ATTFilter
Von	Betreff	Erhalten	Größe	Kategorien	
Mail Delivery System	Mail Delivery Failure	Di 23:03	14 KB		
Mail Delivery System	Mail Delivery Failure	Di 23:03	14 KB		
Mail Delivery System	Mail Delivery Failure	Di 23:03	14 KB		
Mail Delivery System	Mail Delivery Failure	Di 23:03	14 KB		
Mail Delivery System	Mail Delivery Failure	Di 23:03	14 KB		
Mail Delivery System	Mail Delivery Failure	Di 23:03	14 KB		
Mail Delivery System	Mail Delivery Failure	Di 23:03	11 KB		
*******@t-online.de	*SPAM* Fw: important	Di 23:03	30 KB		
*******@t-online.de	*SPAM* Fw: important	Di 23:03	30 KB		
Mail Delivery System	Mail Delivery Failure	Di 23:03	14 KB		
Mail Delivery System	Mail Delivery Failure	Di 23:03	14 KB		
Mail Delivery System	Mail Delivery Failure	Di 23:03	14 KB		
Mail Delivery System	Mail Delivery Failure	Di 23:03	14 KB		
Mail Delivery System	Mail Delivery Failure	Di 23:03	14 KB		
Mail Delivery System	Mail Delivery Failure	Di 23:03	14 KB		
Mail Delivery System	Mail Delivery Failure	Di 23:03	14 KB		
Mail Delivery System	Mail Delivery Failure	Di 23:03	14 KB		
Mail Delivery System	Mail Delivery Failure	Di 23:03	11 KB		
*******@t-online.de	*SPAM* Fw: important	Di 23:03	30 KB		
*******@t-online.de	*SPAM* Fw: important	Di 23:03	30 KB		
Pauline	*SPAM*               Fw: important	              Di 23:03	10 KB		
Mail Delivery System	Undelivered Mail Returned to Sender	Di 23:03	51 KB		
*****@t-online.de	*SPAM* Fw: important	Di 3:13	15 KB		
Mail Delivery System	*SPAM* Mail konnte nicht zugestellt werden / Undelivered Mail Returned to Sender	Di 3:13	64 KB		
Mail Delivery Service	Delivery Status Notification	Di 3:11	32 KB		
Mail Delivery Service	Delivery Status Notification	Di 3:11	38 KB		
*******@t-online.de	*SPAM* Fw: important   	Di 3:11	26 KB		
Mail Delivery System	Mail delivery failed: returning message to sender	Di 3:08	31 KB		
Pauline	*SPAM* Fw: important	Di 3:08	11 KB
         


ESET schickte beim Installationsversuch eine Fehlermeldung:

'Updates funktionieren nicht. Ist ein Proxy eingerichtet?'
'Hinweis: Eset Online Scanner wurde auf diesem Computer bereits ausgeführt.
Es werden... ' ---
Ach ja:
Ich hatte die Internet Verbindung gekappt wg. Deaktivierung von Avira/ Firewall. Nach der Aktualisierung hab' ich wieder den Stecker gezogen. (Ist das ok?).

ESET


Code:
ATTFilter
ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=edb04f82199e9d42a5ede181fce5c57b
# engine=23019
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-03-22 07:24:14
# local_time=2015-03-22 08:24:14 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 4896095 178638904 0 0
# scanned=26222
# found=0
# cleaned=0
# scan_time=572
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=edb04f82199e9d42a5ede181fce5c57b
# end=init
# utc_time=2015-08-19 09:38:08
# local_time=2015-08-19 11:38:08 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=45315
Update Finalize
Updated modules version: 23019
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=45315
Update Finalize
Updated modules version: 23019
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=45315
Update Finalize
Updated modules version: 23019
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=45315
Update Finalize
Updated modules version: 23019
Update Init
Update Download
Update Finalize
Updated modules version: 25346
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=edb04f82199e9d42a5ede181fce5c57b
# end=updated
# utc_time=2015-08-19 10:05:51
# local_time=2015-08-19 12:05:51 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=edb04f82199e9d42a5ede181fce5c57b
# engine=25346
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-08-19 05:08:11
# local_time=2015-08-19 07:08:11 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 17891132 191633941 0 0
# scanned=679419
# found=30
# cleaned=0
# scan_time=25340
sh=C2CE7FE6ADA46C11A1006F7D4F9E0C4457443393 ft=1 fh=3cf6a2e5af2a0045 vn="Variante von Win32/Adware.AdvPCTweak Anwendung" ac=I fn="C:\Users\Günter\Documents\AdvancedPCTweaker_Setup.exe"
sh=39CBE0732ADA69A3D33EE0CF2D3D99CF103952CF ft=1 fh=c2f98b2cb92ce22d vn="Win32/Toolbar.AskSBar evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe"
sh=05B477178F0306274216373DBE85EDE1865F0B86 ft=1 fh=1abf0d6f1d510bb8 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\Panda\SoftonicDownloader_fuer_panda-anti-rootkit.exe"
sh=6994FC133F3D99F1B1257370C9BC01BD54AF5D30 ft=1 fh=d1eb868415c0b931 vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zaSetup_92_058_000_de.exe"
sh=44E4D7AEDCA905466F69913241BCDC7A753213E1 ft=1 fh=930c7438f78acb51 vn="Variante von Win32/AdInstaller evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe"
sh=39CBE0732ADA69A3D33EE0CF2D3D99CF103952CF ft=1 fh=c2f98b2cb92ce22d vn="Win32/Toolbar.AskSBar evtl. unerwünschte Anwendung" ac=I fn="J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe"
sh=05B477178F0306274216373DBE85EDE1865F0B86 ft=1 fh=1abf0d6f1d510bb8 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\Panda\SoftonicDownloader_fuer_panda-anti-rootkit.exe"
sh=6994FC133F3D99F1B1257370C9BC01BD54AF5D30 ft=1 fh=d1eb868415c0b931 vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung" ac=I fn="J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zaSetup_92_058_000_de.exe"
sh=44E4D7AEDCA905466F69913241BCDC7A753213E1 ft=1 fh=930c7438f78acb51 vn="Variante von Win32/AdInstaller evtl. unerwünschte Anwendung" ac=I fn="J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe"
sh=D7303D8BF9B04401D9BD5E487197290816E42FE1 ft=0 fh=0000000000000000 vn="Variante von Win32/Adware.AdvPCTweak Anwendung" ac=I fn="J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 1.zip"
sh=FC2B0293AAB3F22D4402CCC0F0805CD3381DCD64 ft=0 fh=0000000000000000 vn="Win32/Toolbar.AskSBar evtl. unerwünschte Anwendung" ac=I fn="J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 50.zip"
sh=F2812205487D126E17F73B07AB0B2D2D270E41D5 ft=0 fh=0000000000000000 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 6.zip"
sh=EFFE1DE19E85CBD1C482E14CD448B8FB67974C3C ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung" ac=I fn="J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 8.zip"
sh=E25AE9B9A55E600C7FD821B3549EF0395058B13B ft=0 fh=0000000000000000 vn="Variante von Win32/Adware.AdvPCTweak Anwendung" ac=I fn="K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 1.zip"
sh=0DB3E2BBFC2E9533D014B3C147BD4501E20E6269 ft=0 fh=0000000000000000 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 6.zip"
sh=1283A4CCC148159CD08515CC6BB87CE1884E2F5E ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung" ac=I fn="K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 8.zip"
sh=BC73519E747B2A94B82A897D36FCF93378DB884A ft=0 fh=0000000000000000 vn="Variante von Win32/AdInstaller evtl. unerwünschte Anwendung" ac=I fn="K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 9.zip"
sh=23DB09F75970AC738A036CC31487090746ADAA1B ft=0 fh=0000000000000000 vn="Win32/Toolbar.AskSBar evtl. unerwünschte Anwendung" ac=I fn="K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 50.zip"
sh=44E4D7AEDCA905466F69913241BCDC7A753213E1 ft=1 fh=930c7438f78acb51 vn="Variante von Win32/AdInstaller evtl. unerwünschte Anwendung" ac=I fn="K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe"
sh=39CBE0732ADA69A3D33EE0CF2D3D99CF103952CF ft=1 fh=c2f98b2cb92ce22d vn="Win32/Toolbar.AskSBar evtl. unerwünschte Anwendung" ac=I fn="K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe"
sh=44E4D7AEDCA905466F69913241BCDC7A753213E1 ft=1 fh=930c7438f78acb51 vn="Variante von Win32/AdInstaller evtl. unerwünschte Anwendung" ac=I fn="K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe"
sh=39CBE0732ADA69A3D33EE0CF2D3D99CF103952CF ft=1 fh=c2f98b2cb92ce22d vn="Win32/Toolbar.AskSBar evtl. unerwünschte Anwendung" ac=I fn="K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe"
sh=44E4D7AEDCA905466F69913241BCDC7A753213E1 ft=1 fh=930c7438f78acb51 vn="Variante von Win32/AdInstaller evtl. unerwünschte Anwendung" ac=I fn="K:\BKP_EigeneDokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe"
sh=39CBE0732ADA69A3D33EE0CF2D3D99CF103952CF ft=1 fh=c2f98b2cb92ce22d vn="Win32/Toolbar.AskSBar evtl. unerwünschte Anwendung" ac=I fn="K:\BKP_EigeneDokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe"
sh=44E4D7AEDCA905466F69913241BCDC7A753213E1 ft=1 fh=930c7438f78acb51 vn="Variante von Win32/AdInstaller evtl. unerwünschte Anwendung" ac=I fn="K:\BKP_EigeneDokumente_01\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe"
sh=39CBE0732ADA69A3D33EE0CF2D3D99CF103952CF ft=1 fh=c2f98b2cb92ce22d vn="Win32/Toolbar.AskSBar evtl. unerwünschte Anwendung" ac=I fn="K:\BKP_EigeneDokumente_01\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe"
sh=6994FC133F3D99F1B1257370C9BC01BD54AF5D30 ft=1 fh=d1eb868415c0b931 vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung" ac=I fn="K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zaSetup_92_058_000_de.exe"
sh=44E4D7AEDCA905466F69913241BCDC7A753213E1 ft=1 fh=930c7438f78acb51 vn="Variante von Win32/AdInstaller evtl. unerwünschte Anwendung" ac=I fn="K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe"
sh=05B477178F0306274216373DBE85EDE1865F0B86 ft=1 fh=1abf0d6f1d510bb8 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Panda\SoftonicDownloader_fuer_panda-anti-rootkit.exe"
sh=39CBE0732ADA69A3D33EE0CF2D3D99CF103952CF ft=1 fh=c2f98b2cb92ce22d vn="Win32/Toolbar.AskSBar evtl. unerwünschte Anwendung" ac=I fn="K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe"
         
22:55 ich erfahre gerade:
‘Trügerischer Absender
Deutsche Telekom warnt vor gefährlichem Spam
19.08.2015, 16:02 Uhr | Deutsche Telekom, t-online.de ‘



Security Check
Code:
ATTFilter
 Results of screen317's Security Check version 1.006  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Antivirus   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Panda Cloud Cleaner   
 Adobe Reader 10.1.15 Adobe Reader out of Date!  
````````Process Check: objlist.exe by Laurent````````  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
 Kaspersky Lab Kaspersky Security Scan 2.0 kss.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
frisches FRST log

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:20-08-2015
durchgeführt von Admi_günter (Administrator) auf RECHNER_**** (19-08-2015 23:47:08)
Gestartet von C:\Users\Günter\Downloads
Geladene Profile: Günter & Admi_günter (Verfügbare Profile: Günter & Admi_günter & Christine)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(O3SIS AG) C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Users\Günter\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Alcor Micro Corp.) C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
() C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_18_0_0_232_ActiveX.exe
(Microsoft Corporation) C:\Windows\winsxs\amd64_microsoft-windows-s..-downlevel.binaries_31bf3856ad364e35_6.3.9600.17959_none_5f900bc2ff54de5e\MsSpellCheckingFacility.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-23] (Realtek Semiconductor)
HKLM\...\Run: [RunDLLEntry_THXCfg] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM\...\Run: [RunDLLEntry_EptMon] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\EptMon64.dll,RunDLLEntry EptMon64
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ShwiconXP9106] => C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe [237568 2010-03-10] (Alcor Micro Corp.)
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe [963584 2009-12-01] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-10-01] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-09-17] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe [75048 2010-10-27] (cyberlink)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-06-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-07-28] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-07-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKLM-x32\...\RunOnce: [Launcher] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe [163040 2010-08-11] (Softthinks)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [CAHeadless] => c:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe [615808 2009-09-18] (Adobe Systems Incorporated)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6129496 2011-01-13] (Logitech Inc.)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1084800 2012-04-25] (Nokia)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [DataSync Outlook] => C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe [720896 2009-12-07] (O3SIS AG)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [Amazon Cloud Player] => C:\Users\Günter\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2014-05-08] ()
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6129496 2011-01-13] (Logitech Inc.)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\...\Run: [DataSync Outlook] => C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe [720896 2009-12-07] (O3SIS AG)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202080 2014-06-16] (Kaspersky Lab ZAO)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
Startup: C:\Users\Admi_günter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2011-06-15]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2011-06-07]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Günter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2011-06-13]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicyScripts-x32: Gruppenrichtline erkannt <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
HKU\S-1-5-21-1916591956-2551971433-4189181994-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1000 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1000 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = 
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1003 -> DefaultScope {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = 
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
DPF: HKLM-x32 {0742B9EF-8C83-41CA-BFBA-830A59E23533} hxxps://oas.support.microsoft.com/ActiveX/MSDcode.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/3,0,0,6538/mcfscan.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{D1A003C6-1664-4416-B03E-A904900A29D8}: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\system32\npDeployJava1.dll [2013-02-13] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-04-04] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2012-04-25] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-14] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-08-27]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-07-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-07-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-07-28] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-07-28] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [218816 2015-07-02] (Avira Operations GmbH & Co. KG)
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [236016 2010-10-26] (CyberLink)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
R2 KSS; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202080 2014-06-16] (Kaspersky Lab ZAO)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R5 ACPI; C:\Windows\System32\drivers\ACPI.sys [334208 2010-11-21] (Microsoft Corporation)
R5 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2011-03-11] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162528 2015-07-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-04] (Avira Operations GmbH & Co. KG)
S3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [34672 2011-03-29] (REINER SCT)
R5 CLFS; C:\Windows\System32\CLFS.sys [367552 2015-03-04] (Microsoft Corporation)
R5 CNG; C:\Windows\System32\Drivers\cng.sys [459336 2015-01-31] (Microsoft Corporation)
R5 Disk; C:\Windows\System32\drivers\disk.sys [73280 2009-07-14] (Microsoft Corporation)
R5 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-14] (Microsoft Corporation)
R5 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-21] (Microsoft Corporation)
U5 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2012-03-01] (Microsoft Corporation)
R5 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223752 2013-01-24] (Microsoft Corporation)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir3.sys [33792 2010-06-03] (Hauppauge Computer Works, Inc.)
R5 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-21] (Microsoft Corporation)
R5 iaStor; C:\Windows\System32\drivers\iaStor.sys [437272 2010-09-14] (Intel Corporation)
R5 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95680 2015-07-15] (Microsoft Corporation)
R5 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [155584 2015-07-15] (Microsoft Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 MEMSWEEP2; C:\Windows\system32\F492.tmp [6144 2011-05-12] (Sophos Plc) [Datei ist nicht signiert]
R5 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94656 2015-07-15] (Microsoft Corporation)
R5 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-14] (Microsoft Corporation)
R5 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-14] (Microsoft Corporation)
R5 NDIS; C:\Windows\System32\drivers\ndis.sys [950128 2012-08-22] (Microsoft Corporation)
R5 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2012-03-17] (Microsoft Corporation)
R5 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-21] (Microsoft Corporation)
R5 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-14] (Microsoft Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2014-08-06] ()
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.)
R5 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [55856 2010-03-19] (Sonic Solutions)
R5 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-21] (Microsoft Corporation)
R5 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-14] (Microsoft Corporation)
R5 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1903552 2014-04-05] (Microsoft Corporation)
R5 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-14] (Microsoft Corporation)
R5 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-21] (Microsoft Corporation)
R5 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-21] (Microsoft Corporation)
R5 volsnap; C:\Windows\System32\drivers\volsnap.sys [295808 2010-11-21] (Microsoft Corporation)
R5 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2013-06-26] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-19 23:40 - 2015-08-19 23:47 - 00025492 _____ C:\Users\Günter\Downloads\FRST.txt
2015-08-19 23:05 - 2015-08-19 23:05 - 00852684 _____ C:\Users\Günter\Downloads\SecurityCheck.exe
2015-08-19 11:35 - 2015-08-19 11:35 - 02870984 _____ (ESET) C:\Users\Günter\Downloads\esetsmartinstaller_deu.exe
2015-08-19 07:50 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 07:50 - 2015-08-11 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-19 07:50 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-19 07:50 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-18 17:14 - 2015-08-19 23:40 - 00000000 ____D C:\Users\Günter\Downloads\FRST-OlderVersion
2015-08-18 17:08 - 2015-08-18 17:08 - 00001656 _____ C:\Users\Admi_günter\Desktop\JRT.txt
2015-08-18 16:57 - 2015-08-18 16:57 - 01791580 _____ (Malwarebytes Corporation) C:\Users\Günter\Downloads\JRT.exe
2015-08-18 16:43 - 2015-08-18 16:43 - 00001201 _____ C:\Users\Günter\Downloads\Downloads - Verknüpfung (2).lnk
2015-08-18 16:36 - 2015-08-18 16:39 - 00000000 ____D C:\AdwCleaner
2015-08-18 16:31 - 2015-08-18 16:31 - 01573888 _____ C:\Users\Günter\Downloads\AdwCleaner_5.001.exe
2015-08-18 15:50 - 2015-08-18 15:50 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Günter\Downloads\mbam-setup-2.1.8.1057.exe
2015-08-17 22:23 - 2015-08-18 07:51 - 00001951 _____ C:\Users\Günter\Desktop\Computer, Treiber, Internet - Verknüpfung.lnk
2015-08-17 20:45 - 2015-08-17 20:45 - 00000909 _____ C:\Users\Günter\Desktop\Email- Konto gehackt.url
2015-08-17 16:49 - 2015-08-17 16:49 - 00030376 _____ C:\ComboFix.txt
2015-08-17 16:23 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-08-17 16:23 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-08-17 16:23 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-08-17 16:23 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-08-17 16:23 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-08-17 16:23 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-08-17 16:23 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-08-17 16:23 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-08-17 16:14 - 2015-08-17 16:50 - 00000000 ____D C:\Qoobox
2015-08-17 16:14 - 2015-08-17 16:46 - 00000000 ____D C:\Windows\erdnt
2015-08-17 15:58 - 2015-08-17 15:58 - 05635195 ____R (Swearware) C:\Users\Günter\Downloads\ComboFix.exe
2015-08-16 22:01 - 2015-08-16 22:01 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Günter\Downloads\tdsskiller.exe
2015-08-16 20:20 - 2015-08-16 21:27 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-08-16 20:19 - 2015-08-16 22:48 - 00000000 ____D C:\Users\Admi_günter\Desktop\mbar
2015-08-16 18:51 - 2015-08-16 18:51 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Günter\Downloads\mbar-1.09.1.1004.exe
2015-08-15 22:21 - 2015-08-15 22:21 - 00001142 _____ C:\Users\Günter\Desktop\Avira.lnk
2015-08-15 19:02 - 2015-08-15 19:02 - 00380416 _____ C:\Users\Günter\Downloads\hz1tj6o4.exe
2015-08-15 18:57 - 2015-08-15 18:57 - 00380416 _____ C:\Users\Günter\Downloads\Gmer-19357.exe
2015-08-15 18:38 - 2015-08-15 18:39 - 00038767 _____ C:\Users\Günter\Downloads\Addition.txt
2015-08-15 18:37 - 2015-08-18 17:22 - 00068935 _____ C:\Users\Günter\Downloads\FRST_150818.txt
2015-08-15 18:36 - 2015-08-19 23:47 - 00000000 ____D C:\FRST
2015-08-15 18:30 - 2015-08-19 23:40 - 02173952 _____ (Farbar) C:\Users\Günter\Downloads\FRST64.exe
2015-08-15 18:26 - 2015-08-15 18:26 - 00000484 _____ C:\Users\Günter\Desktop\defogger_disable.log
2015-08-15 18:26 - 2015-08-15 18:26 - 00000000 _____ C:\Users\Admi_günter\defogger_reenable
2015-08-15 18:23 - 2015-08-15 18:25 - 00050477 _____ C:\Users\Günter\Downloads\Defogger.exe
2015-08-15 17:46 - 2015-08-15 17:46 - 00000000 ____D C:\Program Files\Common Files\AV
2015-08-15 17:46 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-08-14 16:26 - 2015-08-14 16:26 - 00000000 ____D C:\Users\Günter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2015-08-13 07:50 - 2015-08-13 07:50 - 00001022 _____ C:\Users\Günter\Desktop\E-Mail.url
2015-08-12 22:02 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 22:02 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 08:30 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 08:30 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 08:30 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 08:30 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 08:30 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 08:30 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-12 08:30 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 08:30 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 08:28 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-12 08:28 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-12 08:28 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-12 08:28 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-12 08:28 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 08:28 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 08:28 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-12 08:28 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 08:28 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-12 08:28 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 08:28 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 08:28 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-12 08:28 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 08:28 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 08:28 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-12 08:28 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 08:28 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-12 08:28 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-12 08:28 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 08:28 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 08:28 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-12 08:28 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 08:28 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 08:28 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 08:28 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-12 08:28 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 08:28 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-12 08:28 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-12 08:28 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 08:28 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 08:28 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-12 08:28 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 08:28 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 08:28 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 08:28 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-12 08:28 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 08:28 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-12 08:28 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 08:28 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-12 08:28 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 08:28 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 08:28 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-12 08:28 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-12 08:28 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 08:28 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 08:28 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 08:28 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 08:28 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 08:28 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-12 08:28 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-12 08:28 - 2015-07-16 21:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 08:28 - 2015-07-16 21:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-12 08:28 - 2015-07-16 21:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-12 08:28 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 08:28 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 08:28 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 08:28 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-12 08:28 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 08:28 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 08:28 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 08:28 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 08:28 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 08:28 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 08:28 - 2015-07-15 20:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-12 08:28 - 2015-07-15 20:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-12 08:28 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 08:28 - 2015-07-15 20:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 08:28 - 2015-07-15 20:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-12 08:28 - 2015-07-15 20:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-12 08:28 - 2015-07-15 20:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-12 08:28 - 2015-07-15 20:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-12 08:28 - 2015-07-15 20:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-12 08:28 - 2015-07-15 20:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-12 08:28 - 2015-07-15 20:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-12 08:28 - 2015-07-15 20:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 08:28 - 2015-07-15 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-12 08:28 - 2015-07-15 20:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-12 08:28 - 2015-07-15 20:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-12 08:28 - 2015-07-15 20:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-12 08:28 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-12 08:28 - 2015-07-15 19:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 08:28 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-12 08:28 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-12 08:28 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-12 08:28 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-12 08:28 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-12 08:28 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-12 08:28 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-12 08:28 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-12 08:28 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-12 08:28 - 2015-07-15 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-12 08:28 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-12 08:28 - 2015-07-15 19:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-12 08:28 - 2015-07-15 19:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-12 08:28 - 2015-07-15 19:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-12 08:28 - 2015-07-15 19:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-12 08:28 - 2015-07-15 19:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-12 08:28 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-12 08:28 - 2015-07-15 19:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-12 08:28 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-12 08:28 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-12 08:28 - 2015-07-15 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-12 08:28 - 2015-07-15 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-12 08:28 - 2015-07-15 18:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-12 08:28 - 2015-07-15 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-12 08:28 - 2015-07-15 18:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 18:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 18:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 18:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-12 08:28 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 08:28 - 2015-07-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-08-12 08:27 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-12 08:27 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 08:27 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 08:27 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-12 08:27 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 08:27 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-12 08:27 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-12 08:27 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 08:27 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 08:27 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 08:27 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 08:27 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 08:27 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-12 08:27 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-12 08:27 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 08:27 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 08:27 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-12 08:27 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-12 08:27 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 08:27 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 08:27 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 08:27 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 08:25 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 08:25 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-12 08:25 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 08:25 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 08:25 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 08:25 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 08:25 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-12 08:25 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 08:25 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-12 08:25 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 08:25 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 08:25 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 08:25 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-31 22:22 - 2015-07-31 22:40 - 00000000 ____D C:\Users\Public\Documents\QV7_Data
2015-07-28 20:08 - 2015-07-28 20:28 - 3268147200 _____ C:\Users\Günter\Downloads\WIN_7_HOME_MAR_64.iso
2015-07-25 23:36 - 2015-07-25 23:36 - 00003236 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest
2015-07-25 23:36 - 2015-07-25 23:36 - 00000000 ____D C:\ProgramData\PC-Doctor for Windows
2015-07-25 23:36 - 2015-07-25 23:36 - 00000000 ____D C:\Program Files\Dell Support Center
2015-07-25 23:36 - 2015-07-25 23:36 - 00000000 ____D C:\Program Files\Dell
2015-07-25 23:28 - 2015-07-25 23:28 - 00000000 ____D C:\Users\Günter\AppData\Local\Dell Edoc Viewer
2015-07-22 21:15 - 2015-07-22 21:15 - 00074703 _____ C:\Windows\SysWOW64\mfc45.dat
2015-07-22 21:15 - 2015-07-22 21:15 - 00001181 _____ C:\Users\Admi_günter\Desktop\System Checkup.lnk
2015-07-22 21:15 - 2015-07-22 21:15 - 00000000 ____D C:\ProgramData\iolo
2015-07-22 21:15 - 2015-07-22 21:15 - 00000000 ____D C:\Program Files (x86)\iolo

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-19 23:47 - 2011-12-20 20:28 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-19 23:47 - 2011-06-14 15:32 - 00000000 ____D C:\Users\Günter\Documents\Outlook-Dateien
2015-08-19 23:11 - 2009-07-14 06:45 - 00028128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-19 23:11 - 2009-07-14 06:45 - 00028128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-19 23:05 - 2012-08-24 00:41 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-19 22:47 - 2011-12-20 20:28 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-19 20:11 - 2011-06-07 16:17 - 01950640 _____ C:\Windows\WindowsUpdate.log
2015-08-19 13:17 - 2011-06-17 14:09 - 00000000 _____ C:\Windows\system32\Drivers\lvuvc.hs
2015-08-19 11:44 - 2011-06-15 17:24 - 00000000 ____D C:\Users\Admi_günter\Documents\Outlook-Dateien
2015-08-19 11:42 - 2010-11-21 08:50 - 00702964 _____ C:\Windows\system32\perfh007.dat
2015-08-19 11:42 - 2010-11-21 08:50 - 00150604 _____ C:\Windows\system32\perfc007.dat
2015-08-19 11:42 - 2009-07-14 07:13 - 01629436 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-19 07:52 - 2015-04-11 07:14 - 00009465 _____ C:\Windows\setupact.log
2015-08-19 07:52 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-18 21:46 - 2013-09-08 23:50 - 00000000 ____D C:\Program Files (x86)\TTQV4
2015-08-18 21:46 - 2011-06-14 21:28 - 00000063 _____ C:\Windows\control.ini
2015-08-18 16:39 - 2014-08-06 11:59 - 00000981 _____ C:\Users\Admi_günter\Desktop\WWW_Internet Explorer.lnk
2015-08-18 16:39 - 2011-06-12 17:32 - 00001011 _____ C:\Users\Admi_günter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-18 15:57 - 2015-03-21 21:38 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-18 15:56 - 2015-03-21 21:38 - 00001108 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-08-18 15:56 - 2015-03-21 21:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-08-18 15:56 - 2015-03-21 21:38 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-08-17 21:11 - 2015-04-26 16:55 - 00027168 _____ C:\Windows\PFRO.log
2015-08-17 21:11 - 2013-04-18 22:52 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-17 16:49 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-08-17 16:36 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-08-17 16:22 - 2013-04-18 22:52 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-08-17 07:24 - 2012-05-06 17:30 - 00003966 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{C33D8848-18DE-459E-8709-DEAC61BCC9A7}
2015-08-16 21:58 - 2014-05-28 11:16 - 00000000 ____D C:\Users\Admi_günter\AppData\Roaming\Skype
2015-08-16 20:58 - 2011-06-07 16:43 - 00000000 ____D C:\ProgramData\Sonic
2015-08-16 20:58 - 2009-07-14 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-16 20:56 - 2011-06-12 17:32 - 00000000 ____D C:\Users\Admi_günter\AppData\Local\SoftThinks
2015-08-16 13:37 - 2015-02-16 00:27 - 00000430 _____ C:\Windows\Tasks\Defraggler Volume C Task.job
2015-08-15 18:26 - 2011-06-12 17:32 - 00000000 ____D C:\Users\Admi_günter
2015-08-14 14:17 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-08-13 15:39 - 2013-09-03 15:45 - 00000219 _____ C:\Users\Günter\Desktop\www_ixquick Suche.url
2015-08-12 23:27 - 2015-05-30 21:06 - 00000458 _____ C:\Users\Günter\Desktop\www_PayPal.url
2015-08-12 22:26 - 2009-07-14 06:45 - 00489808 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-12 22:24 - 2014-12-11 16:36 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-12 22:24 - 2014-05-06 22:34 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-12 22:02 - 2013-03-13 00:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 22:02 - 2013-03-13 00:40 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-12 22:02 - 2013-03-13 00:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-12 22:01 - 2011-06-13 01:33 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-12 21:57 - 2013-08-15 21:53 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 21:57 - 2009-07-14 04:34 - 00000510 _____ C:\Windows\win.ini
2015-08-12 21:47 - 2011-06-10 22:26 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-12 19:05 - 2012-08-24 00:41 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-12 19:05 - 2012-04-09 10:39 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-12 19:05 - 2011-06-19 14:29 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-06 20:10 - 2011-06-16 21:23 - 00000000 ____D C:\Users\Günter\Documents\Computer, Treiber, Internet
2015-08-05 17:58 - 2011-06-16 21:28 - 00000000 ____D C:\Users\Günter\Documents\Telekom
2015-07-31 22:22 - 2015-02-28 00:50 - 00001074 _____ C:\Users\Admi_günter\Desktop\QuoVadis 7.lnk
2015-07-31 22:22 - 2015-02-28 00:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuoVadis 7
2015-07-31 22:22 - 2013-09-15 12:21 - 00000000 ____D C:\Program Files (x86)\QuoVadis7
2015-07-30 21:56 - 2015-01-24 18:20 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-30 21:56 - 2015-01-24 18:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-07-28 20:51 - 2011-06-10 18:54 - 00000000 ____D C:\Users\Günter\AppData\Roaming\Roxio
2015-07-28 13:19 - 2015-01-24 18:21 - 00162528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-07-28 13:19 - 2015-01-24 18:21 - 00141416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-07-28 08:23 - 2011-02-11 19:13 - 00000000 ____D C:\Windows\panther
2015-07-28 08:17 - 2015-07-10 19:28 - 00000000 ____D C:\$Windows.~BT
2015-07-25 23:43 - 2011-06-17 14:09 - 00099106 _____ C:\Windows\system32\lvcoinst.log
2015-07-25 23:37 - 2012-05-06 16:53 - 00000000 ____D C:\Users\Admi_günter\AppData\Roaming\PCDr
2015-07-25 23:36 - 2011-06-12 17:00 - 00000000 ____D C:\ProgramData\PCDr
2015-07-25 23:36 - 2011-06-07 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-07-25 22:34 - 2015-04-04 23:37 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-21 17:47 - 2014-12-12 08:40 - 00002021 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2015-07-21 17:47 - 2011-06-07 16:41 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-07-21 17:45 - 2015-05-17 23:22 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-20 17:55 - 2015-04-04 23:37 - 00000000 ___SD C:\Windows\SysWOW64\GWX

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2012-04-13 23:18 - 2012-04-13 23:18 - 0000361 _____ () C:\Users\Admi_günter\AppData\Roaming\dpdhl.versandhelfer_state.xml
2011-11-05 19:48 - 2011-11-30 16:16 - 0124657 _____ () C:\Users\Admi_günter\AppData\Local\ars.cache
2011-11-05 19:48 - 2011-11-30 16:16 - 0920400 _____ () C:\Users\Admi_günter\AppData\Local\census.cache
2013-07-31 10:43 - 2013-07-31 10:43 - 0003584 _____ () C:\Users\Admi_günter\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-11-05 19:41 - 2011-11-05 19:41 - 0000036 _____ () C:\Users\Admi_günter\AppData\Local\housecall.guid.cache
2011-06-29 12:18 - 2015-05-17 23:45 - 0007646 _____ () C:\Users\Admi_günter\AppData\Local\Resmon.ResmonCfg
2013-05-02 22:40 - 2013-05-02 22:40 - 0000152 _____ () C:\ProgramData\3mj1ol.reg
2013-05-02 22:40 - 2013-05-02 22:49 - 0000000 _____ () C:\ProgramData\as98213.txt
2011-06-22 15:58 - 2011-06-22 15:58 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\3mj1ol.reg


Einige Dateien in TEMP:
====================
C:\Users\Admi_günter\AppData\Local\temp\sqlite3.dll
C:\Users\Günter\AppData\Local\temp\avgnt.exe
C:\Users\Günter\AppData\Local\temp\NOSEventMessages.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-14 14:09

==================== Ende von Ergebnis ============================
         
Ich glaube, daß ich jetzt alles gesammelt habe!

Gruß! - günni42

Alt 20.08.2015, 16:26   #11
schrauber
/// the machine
/// TB-Ausbilder
 

Email- Konto gehackt? - Standard

Email- Konto gehackt?



Adobe updaten.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\Users\Günter\Documents\AdvancedPCTweaker_Setup.exe

C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe

C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\Panda\SoftonicDownloader_fuer_panda-anti-rootkit.exe

C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zaSetup_92_058_000_de.exe

C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe

J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe

J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\Panda\SoftonicDownloader_fuer_panda-anti-rootkit.exe

J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zaSetup_92_058_000_de.exe

J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe

J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 1.zip

J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 50.zip

J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 6.zip

J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 8.zip

K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 1.zip

K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 6.zip

K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 8.zip

K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 9.zip

K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 50.zip

K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe

K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe

K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe

K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe

K:\BKP_EigeneDokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe

K:\BKP_EigeneDokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe

K:\BKP_EigeneDokumente_01\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe

K:\BKP_EigeneDokumente_01\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe

K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zaSetup_92_058_000_de.exe

K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe

K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Panda\SoftonicDownloader_fuer_panda-anti-rootkit.exe

K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe
Emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Passwort zum Account geändert?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 22.08.2015, 11:35   #12
günni42
 
Email- Konto gehackt? - Standard

Email- Konto gehackt?



Hallo schrauber,

ich war bis jetzt anderweitig eingespannt, dann ging mir gestern Abend auch noch der Text meiner Antwort verloren, weil ich erst geschrieben und mich dann erst eingeloggt habe.

Nach unseren Bereinigungen arbeitet mein Drucker nicht mehr: die Druckaufträge bleiben in der Warteschlange hängen und kommen offenbar nicht beim Drucker an. Nach einem Neustart des PC's kann es sein, daß ein Druckauftrag ausgeführt (teilweise) wird.

Beim Versuch der Aktualisierung des Adobe Reader X bekomme ich die Meldung:
‚Kein Update verfügbar. Installiert: Adobe Reader X (10.1.15) MUI‘

Kann es sein, daß man auf Adobe Acrobat Reader DC wechseln muß und Adobe Reader X nicht mehr gewartet wird? - Ich habe Adobe Reader X erst einmal deinstalliert. (zeitlich nach der Fixlog.txt)

Hier Fixlog.txt

Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:20-08-2015
durchgeführt von Admi_günter (2015-08-20 17:33:32) Run:2
Gestartet von C:\Users\Günter\Documents\Computer, Treiber, Internet\Probleme_Sicherheit\Spam_Probleme_150815
Geladene Profile: Günter & Admi_günter (Verfügbare Profile: Günter & Admi_günter & Christine)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
C:\Users\Günter\Documents\AdvancedPCTweaker_Setup.exe

C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe

C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\Panda\SoftonicDownloader_fuer_panda-anti-rootkit.exe

C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zaSetup_92_058_000_de.exe

C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe

J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe

J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\Panda\SoftonicDownloader_fuer_panda-anti-rootkit.exe

J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zaSetup_92_058_000_de.exe

J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe

J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 1.zip

J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 50.zip

J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 6.zip

J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 8.zip

K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 1.zip

K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 6.zip

K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 8.zip

K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 9.zip

K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 50.zip

K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe

K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe

K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe

K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe

K:\BKP_EigeneDokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe

K:\BKP_EigeneDokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe

K:\BKP_EigeneDokumente_01\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe

K:\BKP_EigeneDokumente_01\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe

K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zaSetup_92_058_000_de.exe

K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe

K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Panda\SoftonicDownloader_fuer_panda-anti-rootkit.exe

K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe
Emptytemp:
         

*****************

"C:\Users\Günter\Documents\AdvancedPCTweaker_Setup.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\Panda\SoftonicDownloader_fuer_panda-anti-rootkit.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zaSetup_92_058_000_de.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe" => Datei/Ordner nicht gefunden.
"J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe" => Datei/Ordner nicht gefunden.
"J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\Panda\SoftonicDownloader_fuer_panda-anti-rootkit.exe" => Datei/Ordner nicht gefunden.
"J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zaSetup_92_058_000_de.exe" => Datei/Ordner nicht gefunden.
"J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe" => Datei/Ordner nicht gefunden.
"J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 1.zip" => Datei/Ordner nicht gefunden.
"J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 50.zip" => Datei/Ordner nicht gefunden.
"J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 6.zip" => Datei/Ordner nicht gefunden.
"J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 8.zip" => Datei/Ordner nicht gefunden.
"K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 1.zip" => Datei/Ordner nicht gefunden.
"K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 6.zip" => Datei/Ordner nicht gefunden.
"K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 8.zip" => Datei/Ordner nicht gefunden.
"K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 9.zip" => Datei/Ordner nicht gefunden.
"K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 50.zip" => Datei/Ordner nicht gefunden.
"K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe" => Datei/Ordner nicht gefunden.
"K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe" => Datei/Ordner nicht gefunden.
"K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe" => Datei/Ordner nicht gefunden.
"K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe" => Datei/Ordner nicht gefunden.
"K:\BKP_EigeneDokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe" => Datei/Ordner nicht gefunden.
"K:\BKP_EigeneDokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe" => Datei/Ordner nicht gefunden.
"K:\BKP_EigeneDokumente_01\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe" => Datei/Ordner nicht gefunden.
"K:\BKP_EigeneDokumente_01\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe" => Datei/Ordner nicht gefunden.
"K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zaSetup_92_058_000_de.exe" => Datei/Ordner nicht gefunden.
"K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe" => Datei/Ordner nicht gefunden.
"K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Panda\SoftonicDownloader_fuer_panda-anti-rootkit.exe" => Datei/Ordner nicht gefunden.
"K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe" => Datei/Ordner nicht gefunden.
EmptyTemp: => 320.8 MB temporäre Dateien entfernt.


Das System musste neu gestartet werden.. 

==== Ende von Fixlog 17:33:42 ====
         
Das Passwort zum Email- Account wurde erfolgreich geändert.

Das hat einige Zeit gebraucht, weil ich da erst etwas falsch gemacht habe ("Webkennwort für das Emailcenter" und "Emailpasswort" verwechselt/ vertauscht).

Jetzt muß ich die Wirkung abwarten und morgen früh nach unerwünschten Emails forschen.

Gruß! - günni42

Hallo schrauber,

jetzt hab' ich richtig Bockmist gebaut, entschuldige vielmals:

da im Fixlog immer wieder auftauchte '... Ordner nicht gefunden' hab' ich gedacht, ich hätte die Festplatten, während FRST lief, nicht angeschlossen. Deshalb habe ich die Prozedur, ohne groß nachzudenken, wiederholt. Das hätte ich nicht machen sollen und dürfen, ohne Deine Anordnung. Den daraus resultierenden Fixlog hab' ich noch gespeichert und stelle ihn bei Bedarf hier ein.

Seitdem gibt's bei Word u. Outlook die Fehlermeldung:

'Die Arbeitsdatei konnte nicht erstellt werden. Überprüfen Sie die Temp- Umgebungsvariable.'

In der Hoffnung, daß der Zusatz- Aufwand nicht allzu groß wird.

Gruß! - Günter

Alt 23.08.2015, 06:57   #13
schrauber
/// the machine
/// TB-Ausbilder
 

Email- Konto gehackt? - Standard

Email- Konto gehackt?



Hi,

ja Adobe Reader DC installieren.

Poste mal das Fixlog sowie ein frisches FRST Log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 23.08.2015, 08:29   #14
günni42
 
Email- Konto gehackt? - Standard

Email- Konto gehackt?



Guten Tag schrauber,

Adobe installieren klappt im Augenblick nicht, es kommt nichts von der Website runter. Oder liegt's an der 'Umgebungsvariable'?

Hier das frische FRST

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:20-08-2015
durchgeführt von Günter (ACHTUNG: der angemeldete Benutzer ist kein Administrator) auf RECHNER_RUG (23-08-2015 08:11:34)
Gestartet von C:\Users\Günter\Documents\Computer, Treiber, Internet\Probleme_Sicherheit\Spam_Probleme_150815
Geladene Profile: Günter (Verfügbare Profile: Günter & Admi_günter & Christine)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

konnte nicht auf den Prozess zugreifen -> smss.exe
konnte nicht auf den Prozess zugreifen -> csrss.exe
konnte nicht auf den Prozess zugreifen -> wininit.exe
konnte nicht auf den Prozess zugreifen -> csrss.exe
konnte nicht auf den Prozess zugreifen -> services.exe
konnte nicht auf den Prozess zugreifen -> lsass.exe
konnte nicht auf den Prozess zugreifen -> lsm.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> winlogon.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> atiesrxx.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> UMVPFSrv.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> spoolsv.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> atieclxx.exe
konnte nicht auf den Prozess zugreifen -> sched.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> PhotoshopElementsFileAgent.exe
konnte nicht auf den Prozess zugreifen -> avguard.exe
konnte nicht auf den Prozess zugreifen -> btwdins.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> kss.exe
konnte nicht auf den Prozess zugreifen -> NOBuAgent.exe
konnte nicht auf den Prozess zugreifen -> HelperService.exe
konnte nicht auf den Prozess zugreifen -> ConversionService.exe
konnte nicht auf den Prozess zugreifen -> SftService.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> WLIDSVC.EXE
konnte nicht auf den Prozess zugreifen -> Avira.ServiceHost.exe
konnte nicht auf den Prozess zugreifen -> WLIDSVCM.EXE
konnte nicht auf den Prozess zugreifen -> avshadow.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> GoogleCrashHandler.exe
konnte nicht auf den Prozess zugreifen -> GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(O3SIS AG) C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Alcor Micro Corp.) C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
konnte nicht auf den Prozess zugreifen -> ServiceLayer.exe
() C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManager.exe
konnte nicht auf den Prozess zugreifen -> SearchIndexer.exe
konnte nicht auf den Prozess zugreifen -> wmpnetwk.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> IAStorDataMgrSvc.exe
konnte nicht auf den Prozess zugreifen -> dllhost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> OSPPSVC.EXE
konnte nicht auf den Prozess zugreifen -> TrustedInstaller.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 8.0\PhotoshopElementsEditor.exe
konnte nicht auf den Prozess zugreifen -> FNPLicensingService.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe
konnte nicht auf den Prozess zugreifen -> NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_18_0_0_232_ActiveX.exe
konnte nicht auf den Prozess zugreifen -> WmiPrvSE.exe
konnte nicht auf den Prozess zugreifen -> SearchProtocolHost.exe
konnte nicht auf den Prozess zugreifen -> SearchFilterHost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-23] (Realtek Semiconductor)
HKLM\...\Run: [RunDLLEntry_THXCfg] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM\...\Run: [RunDLLEntry_EptMon] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\EptMon64.dll,RunDLLEntry EptMon64
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ShwiconXP9106] => C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe [237568 2010-03-10] (Alcor Micro Corp.)
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe [963584 2009-12-01] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-10-01] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-09-17] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe [75048 2010-10-27] (cyberlink)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-07-28] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-07-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM\...\RunOnce: [*EmptyTemp] => cmd /c rd /q/s C:\FRST\Temp
HKLM-x32\...\RunOnce: [Launcher] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe [163040 2010-08-11] (Softthinks)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [CAHeadless] => c:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe [615808 2009-09-18] (Adobe Systems Incorporated)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6129496 2011-01-13] (Logitech Inc.)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1084800 2012-04-25] (Nokia)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [DataSync Outlook] => C:\Program Files (x86)\Deutsche Telekom\DataSync Outlook\DataSync Outlook.exe [720896 2009-12-07] (O3SIS AG)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [Amazon Cloud Player] => C:\Users\Günter\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2014-05-08] ()
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2011-06-07]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Günter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2011-06-13]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicyScripts-x32: Gruppenrichtline erkannt <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-1916591956-2551971433-4189181994-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1000 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1000 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = 
SearchScopes: HKU\S-1-5-21-1916591956-2551971433-4189181994-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
DPF: HKLM-x32 {0742B9EF-8C83-41CA-BFBA-830A59E23533} hxxps://oas.support.microsoft.com/ActiveX/MSDcode.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/3,0,0,6538/mcfscan.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{D1A003C6-1664-4416-B03E-A904900A29D8}: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\system32\npDeployJava1.dll [2013-02-13] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-04-04] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2012-04-25] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-14] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-08-27]

Chrome: 
=======
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.95\ppGoogleNaClPluginChrome.dll Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.95\pdf.dll Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.95\gcswf32.dll Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll Keine Datei
CHR Plugin: (Java Deployment Toolkit 6.0.240.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll Keine Datei
CHR Plugin: (Java(TM) Platform SE 6 U24) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll Keine Datei
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll Keine Datei
CHR Plugin: (Panda ActiveScan 2.0) - C:\Program Files (x86)\Panda Security\ActiveScan 2.0\npwrapper.dll Keine Datei
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll Keine Datei
CHR Plugin: (Default Plug-in) - default_plugin Keine Datei
CHR Profile: C:\Users\Günter\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Günter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-20]
CHR Extension: (Google Search) - C:\Users\Günter\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-20]
CHR Extension: (Gmail) - C:\Users\Günter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-20]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-07-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-07-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-07-28] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-07-28] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [218816 2015-07-02] (Avira Operations GmbH & Co. KG)
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [236016 2010-10-26] (CyberLink)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
R2 KSS; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202080 2014-06-16] (Kaspersky Lab ZAO)
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R5 ACPI; C:\Windows\System32\drivers\ACPI.sys [334208 2010-11-21] (Microsoft Corporation)
R5 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2011-03-11] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162528 2015-07-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-04] (Avira Operations GmbH & Co. KG)
S3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [34672 2011-03-29] (REINER SCT)
R5 CLFS; C:\Windows\System32\CLFS.sys [367552 2015-03-04] (Microsoft Corporation)
R5 CNG; C:\Windows\System32\Drivers\cng.sys [459336 2015-01-31] (Microsoft Corporation)
R5 Disk; C:\Windows\System32\drivers\disk.sys [73280 2009-07-14] (Microsoft Corporation)
R5 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-14] (Microsoft Corporation)
R5 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-21] (Microsoft Corporation)
U5 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2012-03-01] (Microsoft Corporation)
R5 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223752 2013-01-24] (Microsoft Corporation)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir3.sys [33792 2010-06-03] (Hauppauge Computer Works, Inc.)
R5 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-21] (Microsoft Corporation)
R5 iaStor; C:\Windows\System32\drivers\iaStor.sys [437272 2010-09-14] (Intel Corporation)
R5 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95680 2015-07-23] (Microsoft Corporation)
R5 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [155584 2015-07-23] (Microsoft Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 MEMSWEEP2; C:\Windows\system32\F492.tmp [6144 2011-05-12] (Sophos Plc) [Datei ist nicht signiert]
R5 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94656 2015-07-15] (Microsoft Corporation)
R5 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-14] (Microsoft Corporation)
R5 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-14] (Microsoft Corporation)
R5 NDIS; C:\Windows\System32\drivers\ndis.sys [950128 2012-08-22] (Microsoft Corporation)
R5 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2012-03-17] (Microsoft Corporation)
R5 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-21] (Microsoft Corporation)
R5 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-14] (Microsoft Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2014-08-06] ()
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.)
R5 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [55856 2010-03-19] (Sonic Solutions)
R5 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-21] (Microsoft Corporation)
R5 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-14] (Microsoft Corporation)
R5 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1903552 2014-04-05] (Microsoft Corporation)
R5 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-14] (Microsoft Corporation)
R5 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-21] (Microsoft Corporation)
R5 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-21] (Microsoft Corporation)
R5 volsnap; C:\Windows\System32\drivers\volsnap.sys [295808 2010-11-21] (Microsoft Corporation)
R5 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2013-06-26] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-22 18:00 - 2015-08-22 18:03 - 00001146 _____ C:\Users\Günter\Desktop\Finanzamt - Verknüpfung (2).lnk
2015-08-21 23:15 - 2015-08-21 23:15 - 00001747 _____ C:\Users\Günter\Desktop\Spam_Probleme_150815 - Verknüpfung.lnk
2015-08-21 23:15 - 2015-08-21 23:15 - 00001747 _____ C:\Users\Günter\Desktop\Spam_Probleme_150815 - Verknüpfung (2).lnk
2015-08-21 21:36 - 2015-08-21 21:36 - 28754952 _____ (pdfforge GmbH) C:\Users\Günter\Downloads\PDFCreator-2_1_2-setup.exe
2015-08-21 19:46 - 2015-07-23 02:06 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-21 19:46 - 2015-07-23 02:06 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-21 19:46 - 2015-07-23 02:06 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-21 19:46 - 2015-07-23 02:03 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-21 19:46 - 2015-07-23 02:03 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-21 19:46 - 2015-07-23 02:03 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-21 19:46 - 2015-07-23 02:03 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-21 19:46 - 2015-07-23 02:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-21 19:46 - 2015-07-23 02:02 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-21 19:46 - 2015-07-23 02:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-21 19:46 - 2015-07-23 02:02 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-21 19:46 - 2015-07-23 02:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-21 19:46 - 2015-07-23 02:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-21 19:46 - 2015-07-23 02:01 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-21 19:46 - 2015-07-23 01:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-21 19:46 - 2015-07-23 01:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-21 19:46 - 2015-07-23 01:51 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-21 19:46 - 2015-07-22 19:57 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-21 19:46 - 2015-07-22 19:57 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-21 19:46 - 2015-07-22 19:54 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-21 19:46 - 2015-07-22 19:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-08-21 19:46 - 2015-07-22 19:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-08-21 19:46 - 2015-07-22 19:53 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-21 19:46 - 2015-07-22 19:53 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-21 19:46 - 2015-07-22 19:53 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-21 19:46 - 2015-07-22 19:53 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-21 19:46 - 2015-07-22 19:53 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-21 19:46 - 2015-07-22 19:53 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-21 19:46 - 2015-07-22 19:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-21 19:46 - 2015-07-22 19:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-21 19:46 - 2015-07-22 19:53 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-21 19:46 - 2015-07-22 19:53 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-21 19:46 - 2015-07-22 19:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-21 19:46 - 2015-07-22 19:52 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-21 19:46 - 2015-07-22 19:52 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-21 19:46 - 2015-07-22 19:52 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-21 19:46 - 2015-07-22 19:52 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-21 19:46 - 2015-07-22 19:52 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-21 19:46 - 2015-07-22 19:52 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-21 19:46 - 2015-07-22 19:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-21 19:46 - 2015-07-22 19:47 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-21 19:46 - 2015-07-22 19:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 18:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-08-21 19:46 - 2015-07-22 18:45 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-21 19:46 - 2015-07-22 18:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-21 19:46 - 2015-07-22 18:44 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-21 19:46 - 2015-07-22 18:34 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-21 19:46 - 2015-07-22 18:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-21 19:46 - 2015-07-22 18:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 18:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-21 19:46 - 2015-07-22 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-21 19:46 - 2015-07-15 05:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-08-21 19:46 - 2015-07-15 04:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-08-21 19:46 - 2015-07-09 19:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-08-21 19:46 - 2015-07-09 19:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-08-21 19:46 - 2015-07-09 19:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-08-21 19:46 - 2015-07-09 19:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-08-21 19:46 - 2015-06-25 12:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-08-21 19:46 - 2015-06-25 12:01 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-08-21 19:46 - 2015-06-25 12:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-08-21 19:46 - 2015-06-25 11:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-08-21 11:48 - 2015-08-21 11:48 - 00001847 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2015-08-21 11:48 - 2015-08-21 11:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-08-21 11:48 - 2015-08-21 11:48 - 00000000 ____D C:\ProgramData\Apple Computer
2015-08-21 11:48 - 2015-08-21 11:48 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-08-20 17:00 - 2015-08-20 17:00 - 00000776 _____ C:\Users\Günter\Desktop\Deutsche Telekom warnt vor Spam-Welle  Forum - heise online.url
2015-08-19 07:50 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 07:50 - 2015-08-11 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-19 07:50 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-19 07:50 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-18 17:14 - 2015-08-19 23:40 - 00000000 ____D C:\Users\Günter\Downloads\FRST-OlderVersion
2015-08-18 17:08 - 2015-08-18 17:08 - 00001656 _____ C:\Users\Admi_günter\Desktop\JRT.txt
2015-08-18 16:36 - 2015-08-18 16:39 - 00000000 ____D C:\AdwCleaner
2015-08-17 22:23 - 2015-08-18 07:51 - 00001951 _____ C:\Users\Günter\Desktop\Computer, Treiber, Internet - Verknüpfung.lnk
2015-08-17 20:45 - 2015-08-17 20:45 - 00000909 _____ C:\Users\Günter\Desktop\Email- Konto gehackt.url
2015-08-17 16:49 - 2015-08-17 16:49 - 00030376 _____ C:\ComboFix.txt
2015-08-17 16:23 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-08-17 16:23 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-08-17 16:23 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-08-17 16:23 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-08-17 16:23 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-08-17 16:23 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-08-17 16:23 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-08-17 16:23 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-08-17 16:14 - 2015-08-17 16:50 - 00000000 ____D C:\Qoobox
2015-08-17 16:14 - 2015-08-17 16:46 - 00000000 ____D C:\Windows\erdnt
2015-08-16 20:20 - 2015-08-16 21:27 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-08-16 20:19 - 2015-08-16 22:48 - 00000000 ____D C:\Users\Admi_günter\Desktop\mbar
2015-08-15 22:21 - 2015-08-15 22:21 - 00001142 _____ C:\Users\Günter\Desktop\SYS_Avira.lnk
2015-08-15 18:36 - 2015-08-23 08:11 - 00000000 ____D C:\FRST
2015-08-15 18:26 - 2015-08-15 18:26 - 00000484 _____ C:\Users\Günter\Desktop\defogger_disable.log
2015-08-15 18:26 - 2015-08-15 18:26 - 00000000 _____ C:\Users\Admi_günter\defogger_reenable
2015-08-15 17:46 - 2015-08-15 17:46 - 00000000 ____D C:\Program Files\Common Files\AV
2015-08-15 17:46 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-08-14 16:26 - 2015-08-14 16:26 - 00000000 ____D C:\Users\Günter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2015-08-13 07:50 - 2015-08-13 07:50 - 00001022 _____ C:\Users\Günter\Desktop\E-Mail.url
2015-08-12 22:02 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 22:02 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 08:30 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 08:30 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 08:30 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 08:30 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 08:30 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 08:30 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-12 08:30 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 08:30 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 08:28 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-12 08:28 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-12 08:28 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-12 08:28 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-12 08:28 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 08:28 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 08:28 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-12 08:28 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 08:28 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-12 08:28 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 08:28 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 08:28 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-12 08:28 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 08:28 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 08:28 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-12 08:28 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 08:28 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-12 08:28 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-12 08:28 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 08:28 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 08:28 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-12 08:28 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 08:28 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 08:28 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 08:28 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-12 08:28 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 08:28 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-12 08:28 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-12 08:28 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 08:28 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 08:28 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-12 08:28 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 08:28 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 08:28 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 08:28 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-12 08:28 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 08:28 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-12 08:28 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 08:28 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-12 08:28 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 08:28 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 08:28 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-12 08:28 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-12 08:28 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 08:28 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 08:28 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 08:28 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 08:28 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 08:28 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-12 08:28 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-12 08:28 - 2015-07-16 21:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 08:28 - 2015-07-16 21:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-12 08:28 - 2015-07-16 21:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-12 08:28 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 08:28 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 08:28 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 08:28 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-12 08:28 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 08:28 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 08:28 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 08:28 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 08:28 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 08:28 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 08:28 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 08:28 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 08:28 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 08:28 - 2015-07-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-08-12 08:27 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-12 08:27 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-12 08:27 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 08:27 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 08:27 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-12 08:27 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 08:27 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-12 08:27 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-12 08:27 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 08:27 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 08:27 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 08:27 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 08:27 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 08:27 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-12 08:27 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-12 08:27 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 08:27 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 08:27 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-12 08:27 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-12 08:27 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 08:27 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 08:27 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 08:27 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 08:25 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 08:25 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-12 08:25 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-12 08:25 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 08:25 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 08:25 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 08:25 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 08:25 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-12 08:25 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 08:25 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-12 08:25 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 08:25 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 08:25 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 08:25 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-06 11:43 - 2015-08-06 11:43 - 00094208 _____ (Apple Inc.) C:\Windows\SysWOW64\QuickTimeVR.qtx
2015-08-06 11:43 - 2015-08-06 11:43 - 00069632 _____ (Apple Inc.) C:\Windows\SysWOW64\QuickTime.qts
2015-07-31 22:22 - 2015-07-31 22:40 - 00000000 ____D C:\Users\Public\Documents\QV7_Data
2015-07-28 20:08 - 2015-07-28 20:28 - 3268147200 _____ C:\Users\Günter\Downloads\WIN_7_HOME_MAR_64.iso
2015-07-25 23:36 - 2015-07-25 23:36 - 00000000 ____D C:\ProgramData\PC-Doctor for Windows
2015-07-25 23:36 - 2015-07-25 23:36 - 00000000 ____D C:\Program Files\Dell Support Center
2015-07-25 23:36 - 2015-07-25 23:36 - 00000000 ____D C:\Program Files\Dell
2015-07-25 23:28 - 2015-07-25 23:28 - 00000000 ____D C:\Users\Günter\AppData\Local\Dell Edoc Viewer

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-23 08:10 - 2011-06-07 16:17 - 01156334 _____ C:\Windows\WindowsUpdate.log
2015-08-23 08:05 - 2012-08-24 00:41 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-23 08:05 - 2009-07-14 06:45 - 00028128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-23 08:05 - 2009-07-14 06:45 - 00028128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-23 08:00 - 2011-12-20 20:28 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-23 07:59 - 2011-06-17 14:09 - 00000000 _____ C:\Windows\system32\Drivers\lvuvc.hs
2015-08-22 23:39 - 2011-06-14 15:32 - 00000000 ____D C:\Users\Günter\Documents\Outlook-Dateien
2015-08-22 22:47 - 2011-12-20 20:28 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-22 10:50 - 2011-06-15 17:24 - 00000000 ____D C:\Users\Admi_günter\Documents\Outlook-Dateien
2015-08-22 08:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-08-21 22:34 - 2013-09-08 23:50 - 00000000 ____D C:\Program Files (x86)\TTQV4
2015-08-21 22:34 - 2011-06-14 21:28 - 00000065 _____ C:\Windows\control.ini
2015-08-21 22:27 - 2010-11-21 08:50 - 00702964 _____ C:\Windows\system32\perfh007.dat
2015-08-21 22:27 - 2010-11-21 08:50 - 00150604 _____ C:\Windows\system32\perfc007.dat
2015-08-21 22:27 - 2009-07-14 07:13 - 01629436 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-21 22:24 - 2015-04-11 07:14 - 00010697 _____ C:\Windows\setupact.log
2015-08-21 22:22 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-21 19:14 - 2015-04-26 16:55 - 00031568 _____ C:\Windows\PFRO.log
2015-08-21 19:09 - 2011-06-07 16:24 - 00000000 ____D C:\ProgramData\Adobe
2015-08-21 19:09 - 2011-06-07 16:24 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-08-21 08:14 - 2011-06-16 21:22 - 00000000 ____D C:\Users\Günter\Documents\Adressen, Briefe, E-Mails, Etiketten
2015-08-18 16:39 - 2014-08-06 11:59 - 00000981 _____ C:\Users\Admi_günter\Desktop\WWW_Internet Explorer.lnk
2015-08-18 15:57 - 2015-03-21 21:38 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-18 15:56 - 2015-03-21 21:38 - 00001108 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-08-18 15:56 - 2015-03-21 21:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-08-18 15:56 - 2015-03-21 21:38 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-08-17 21:11 - 2013-04-18 22:52 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-17 16:49 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-08-17 16:36 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-08-17 16:22 - 2013-04-18 22:52 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-08-16 21:58 - 2014-05-28 11:16 - 00000000 ____D C:\Users\Admi_günter\AppData\Roaming\Skype
2015-08-16 20:58 - 2011-06-07 16:43 - 00000000 ____D C:\ProgramData\Sonic
2015-08-16 20:58 - 2009-07-14 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-16 13:37 - 2015-02-16 00:27 - 00000430 _____ C:\Windows\Tasks\Defraggler Volume C Task.job
2015-08-15 18:26 - 2011-06-12 17:32 - 00000000 ____D C:\Users\Admi_günter
2015-08-13 15:39 - 2013-09-03 15:45 - 00000219 _____ C:\Users\Günter\Desktop\www_ixquick Suche.url
2015-08-12 23:27 - 2015-05-30 21:06 - 00000458 _____ C:\Users\Günter\Desktop\www_PayPal.url
2015-08-12 22:26 - 2009-07-14 06:45 - 00489808 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-12 22:24 - 2014-12-11 16:36 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-12 22:24 - 2014-05-06 22:34 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-12 22:02 - 2013-03-13 00:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 22:02 - 2013-03-13 00:40 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-12 22:02 - 2013-03-13 00:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-12 22:01 - 2011-06-13 01:33 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-12 21:57 - 2013-08-15 21:53 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 21:57 - 2009-07-14 04:34 - 00000510 _____ C:\Windows\win.ini
2015-08-12 21:47 - 2011-06-10 22:26 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-12 19:05 - 2012-04-09 10:39 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-12 19:05 - 2011-06-19 14:29 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-06 20:10 - 2011-06-16 21:23 - 00000000 ____D C:\Users\Günter\Documents\Computer, Treiber, Internet
2015-08-05 17:58 - 2011-06-16 21:28 - 00000000 ____D C:\Users\Günter\Documents\Telekom
2015-07-31 22:22 - 2015-02-28 00:50 - 00001074 _____ C:\Users\Admi_günter\Desktop\QuoVadis 7.lnk
2015-07-31 22:22 - 2015-02-28 00:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuoVadis 7
2015-07-31 22:22 - 2013-09-15 12:21 - 00000000 ____D C:\Program Files (x86)\QuoVadis7
2015-07-30 21:56 - 2015-01-24 18:20 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-30 21:56 - 2015-01-24 18:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-07-28 20:51 - 2011-06-10 18:54 - 00000000 ____D C:\Users\Günter\AppData\Roaming\Roxio
2015-07-28 13:19 - 2015-01-24 18:21 - 00162528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-07-28 13:19 - 2015-01-24 18:21 - 00141416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-07-28 08:23 - 2011-02-11 19:13 - 00000000 ____D C:\Windows\panther
2015-07-28 08:17 - 2015-07-10 19:28 - 00000000 ____D C:\$Windows.~BT
2015-07-25 23:43 - 2011-06-17 14:09 - 00099106 _____ C:\Windows\system32\lvcoinst.log
2015-07-25 23:37 - 2012-05-06 16:53 - 00000000 ____D C:\Users\Admi_günter\AppData\Roaming\PCDr
2015-07-25 23:36 - 2011-06-12 17:00 - 00000000 ____D C:\ProgramData\PCDr
2015-07-25 23:36 - 2011-06-07 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-07-25 22:34 - 2015-04-04 23:37 - 00000000 ___SD C:\Windows\system32\GWX

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2012-12-18 19:48 - 2014-12-11 10:06 - 0000354 _____ () C:\Users\Günter\AppData\Roaming\dpdhl.versandhelfer_state.xml
2012-12-18 21:20 - 2014-04-23 13:15 - 0038485 _____ () C:\Users\Günter\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
2012-10-19 15:35 - 2012-10-19 15:41 - 0038458 _____ () C:\Users\Günter\AppData\Roaming\Microsoft Excel 97-2003.ADR
2012-12-18 21:12 - 2012-12-18 21:12 - 0038439 _____ () C:\Users\Günter\AppData\Roaming\Tabulatorgetrennte Werte (Windows).ADR
2011-06-13 12:49 - 2013-04-15 23:43 - 0034304 _____ () C:\Users\Günter\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-06-10 21:36 - 2011-06-10 21:36 - 0007602 _____ () C:\Users\Günter\AppData\Local\Resmon.ResmonCfg
2013-05-02 22:40 - 2013-05-02 22:40 - 0000152 _____ () C:\ProgramData\3mj1ol.reg
2013-05-02 22:40 - 2013-05-02 22:49 - 0000000 _____ () C:\ProgramData\as98213.txt
2011-06-22 15:58 - 2011-06-22 15:58 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\3mj1ol.reg


Einige Dateien in TEMP:
====================
C:\Users\Günter\AppData\Local\Temp\avgnt.exe
C:\Users\Günter\AppData\Local\Temp\NOSEventMessages.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


ACHTUNG: ==> Auf den BCD konnte nicht zugegriffen werden. Der Benutzer ist kein Administrator.

==================== Ende von Ergebnis ============================
         
Hier das fixlog nach dem 'Bockmist'

Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:20-08-2015
durchgeführt von Günter (2015-08-21 22:03:44) Run:3
Gestartet von C:\Users\Günter\Documents\Computer, Treiber, Internet\Probleme_Sicherheit\Spam_Probleme_150815
Geladene Profile: Günter (Verfügbare Profile: Günter & Admi_günter & Christine)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
C:\Users\Günter\Documents\AdvancedPCTweaker_Setup.exe

C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe

C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\Panda\SoftonicDownloader_fuer_panda-anti-rootkit.exe

C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zaSetup_92_058_000_de.exe

C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe

J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe

J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\Panda\SoftonicDownloader_fuer_panda-anti-rootkit.exe

J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zaSetup_92_058_000_de.exe

J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe

J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 1.zip

J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 50.zip

J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 6.zip

J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 8.zip

K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 1.zip

K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 6.zip

K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 8.zip

K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 9.zip

K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 50.zip

K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe

K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe

K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe

K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe

K:\BKP_EigeneDokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe

K:\BKP_EigeneDokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe

K:\BKP_EigeneDokumente_01\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe

K:\BKP_EigeneDokumente_01\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe

K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zaSetup_92_058_000_de.exe

K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe

K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Panda\SoftonicDownloader_fuer_panda-anti-rootkit.exe

K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe
Emptytemp:
         
*****************

"C:\Users\Günter\Documents\AdvancedPCTweaker_Setup.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\Panda\SoftonicDownloader_fuer_panda-anti-rootkit.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zaSetup_92_058_000_de.exe" => Datei/Ordner nicht gefunden.
"C:\Users\Günter\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe" => Datei/Ordner nicht gefunden.
J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe => erfolgreich verschoben
J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\Panda\SoftonicDownloader_fuer_panda-anti-rootkit.exe => erfolgreich verschoben
J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zaSetup_92_058_000_de.exe => erfolgreich verschoben
J:\BKP_110914\Documents\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe => erfolgreich verschoben
"J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 1.zip" => Datei/Ordner nicht gefunden.
"J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 50.zip" => Datei/Ordner nicht gefunden.
"J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 6.zip" => Datei/Ordner nicht gefunden.
"J:\RECHNER_****\Backup Set 2015-03-11 223833\Backup Files 2015-03-11 223833\Backup files 8.zip" => Datei/Ordner nicht gefunden.
"K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 1.zip" => Datei/Ordner nicht gefunden.
"K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 6.zip" => Datei/Ordner nicht gefunden.
"K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 8.zip" => Datei/Ordner nicht gefunden.
"K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 9.zip" => Datei/Ordner nicht gefunden.
"K:\RECHNER_****\Backup Set 2014-11-05 075124\Backup Files 2014-11-05 075124\Backup files 50.zip" => Datei/Ordner nicht gefunden.
K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe => erfolgreich verschoben
K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe => erfolgreich verschoben
K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe => erfolgreich verschoben
K:\BKP_Eigene Dokumente u Einstellungen\Eigene Dokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe => erfolgreich verschoben
K:\BKP_EigeneDokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe => erfolgreich verschoben
K:\BKP_EigeneDokumente\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe => erfolgreich verschoben
K:\BKP_EigeneDokumente_01\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe => erfolgreich verschoben
K:\BKP_EigeneDokumente_01\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe => erfolgreich verschoben
K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zaSetup_92_058_000_de.exe => erfolgreich verschoben
K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\zonealarm\zlsSetup_70_483_000_de.exe => erfolgreich verschoben
K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Panda\SoftonicDownloader_fuer_panda-anti-rootkit.exe => erfolgreich verschoben
K:\BKP_D_Eigene Dokumente\D Eigene Dokumente (D)\Eigene Dokumente\Computer, Treiber, Internet\Treiber, Downloads\Nero\Nero 7\Update\Nero-7.10.1.0_deu_update.exe => erfolgreich verschoben
EmptyTemp: => 128.4 MB temporäre Dateien entfernt.


Das System musste neu gestartet werden.. 

==== Ende von Fixlog 22:04:42 ====
         
Heute morgen habe ich (noch) keine Mails von mir selbst oder irgendwelchen Servern bekommen, aber ich glaube, es ist zu früh zum Jubeln.

Gruß! - günni42

Alt 23.08.2015, 20:22   #15
schrauber
/// the machine
/// TB-Ausbilder
 

Email- Konto gehackt? - Standard

Email- Konto gehackt?



FRST nochmal, das Programm braucht Adminrechte
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Email- Konto gehackt?
antivir, antivirus, bluescreen, computer, converter, desktop, dnsapi.dll, email, flash player, google, home, kaspersky, maus, programm, realtek, registry, rundll, security, services.exe, software, svchost.exe, trojaner, udp, usb, warnung, win10, windows, win_7



Ähnliche Themen: Email- Konto gehackt?


  1. Unbekannter scheint Zugriff auf mein Email Konto zu haben?
    Alles rund um Mac OSX & Linux - 13.09.2015 (5)
  2. Email Account gehackt: Email Versand an meine Kontakte mit meinem Namen, aber anderer Email Adresse.
    Log-Analyse und Auswertung - 29.07.2015 (3)
  3. Email-Konto gehackt?
    Plagegeister aller Art und deren Bekämpfung - 02.06.2014 (2)
  4. Email-Konto gehackt?
    Plagegeister aller Art und deren Bekämpfung - 16.05.2014 (1)
  5. E-Mail Konto wurde anscheinend gehackt
    Plagegeister aller Art und deren Bekämpfung - 04.03.2014 (6)
  6. E-Mail Konto gehackt
    Plagegeister aller Art und deren Bekämpfung - 02.02.2014 (11)
  7. E-mail Konto gehackt
    Plagegeister aller Art und deren Bekämpfung - 27.01.2014 (17)
  8. Amazon-Konto gehackt! Ist mein PC infiziert?
    Log-Analyse und Auswertung - 10.04.2013 (1)
  9. FB konto wurde gehackt / keylooger?
    Plagegeister aller Art und deren Bekämpfung - 06.04.2013 (15)
  10. Amazon-Konto gehackt, Passwort geändert
    Log-Analyse und Auswertung - 02.11.2012 (12)
  11. PayPal Konto gehackt!
    Log-Analyse und Auswertung - 08.10.2012 (23)
  12. Paypal Konto gehackt trojh gen
    Plagegeister aller Art und deren Bekämpfung - 03.09.2012 (1)
  13. eMail konto verschickt Spam mails
    Plagegeister aller Art und deren Bekämpfung - 26.07.2012 (3)
  14. Wurde mein MSN Konto gehackt?
    Alles rund um Windows - 28.01.2011 (1)
  15. eBay und Sparkassen Konto gehackt
    Plagegeister aller Art und deren Bekämpfung - 15.10.2010 (9)
  16. paypal konto gehackt?
    Überwachung, Datenschutz und Spam - 26.06.2010 (1)
  17. zugriff auf email konto?
    Plagegeister aller Art und deren Bekämpfung - 26.11.2008 (1)

Zum Thema Email- Konto gehackt? - Hallo Trojanerteam, gestern bekam ich einen Anruf von einem Freund, der mich fragte, was ich ihm denn für eine Mail geschickt habe, mit einem Link (nach Polen), den er leichtsinnigerweise - Email- Konto gehackt?...
Archiv
Du betrachtest: Email- Konto gehackt? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.