Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Links über Skype und Mails werden verschickt - aber nicht von mir

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 10.09.2015, 12:04   #1
Martsch
 
Links über Skype und Mails werden verschickt - aber nicht von mir - Standard

Links über Skype und Mails werden verschickt - aber nicht von mir



Hallo ich habe ein Problem.

Seit einiger Zeit tauchen in meinem Mail-Eingang immer wieder Mails auf in denen steht, dass irgendwelche Nachrichten nicht zugestellt werden konnten. Diese Nachrichten habe ich aber nicht geschrieben. Die sind meistens mitten in der Nacht wann ich gar nicht online bin.
Vor ein paar Tagen hat Skype jetzt irgendwelche Links an meine Kontakte verschickt. Ein Freund meinte, dass ich wohl einen Virus habe.

Habe Norton schon laufen lassen, aber das hat wie üblich nur ein paar Tracking Cookies gefunden und entfernt.

Kann mir jemand helfen?

Schon mal vielen Dank und schöne Grüße

Hier die Logfiles
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 11:25 on 10/09/2015 (Martin)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         

FRST
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-09-2015
durchgeführt von Martin (Administrator) auf MARTIN-LAPTOP (10-09-2015 11:26:06)
Gestartet von C:\Users\Martin\Desktop
Geladene Profile: UpdatusUser & Martin (Verfügbare Profile: UpdatusUser & Martin)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS VivoBook\vivokey.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\N360.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\N360.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [79376 2013-07-31] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13776088 2014-12-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1391472 2014-12-11] (Realtek Semiconductor)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-04-26] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-04-24] (Atheros Communications)
HKU\S-1-5-21-3515464670-2770779577-3274627398-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-11-21] (Microsoft Corporation)
HKU\S-1-5-21-3515464670-2770779577-3274627398-1002\...\Run: [Dropbox Update] => C:\Users\Martin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-15] (Dropbox, Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-10] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\hpoddt01.exe.lnk [2014-07-21]
ShortcutTarget: hpoddt01.exe.lnk -> C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8610.lnk [2015-07-04]
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 8610.lnk -> C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{08FE31C7-FE0C-474C-9C6C-CCC50F44AABB}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{B9F03622-55EC-4EE5-81B5-0FB25A5E26C1}: [DhcpNameServer] 30.50.1.1 30.50.1.2

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0Bt1QtC6RCK2m_xhOoNdhT5HX80anbXrpXhx9ZMHv4UHqa3mV-Mbae8FYx677HOGI2CEmL6rtoxP0wNxDbf25PZ9zIrDaSwUP_c91DF6eVHWJFMa8z7Pmrq9gxjmKDOmw
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0Bt1QtC6RCK2m_xhOoNdhT5HX80anbXrpXhx9ZMHv4UHqa3mV-Mbae8FYx677HOGI2C0AKLnIJ5RTuZ7eLUbH38jx4juB95WT8n2Huoi98GeizMl5RTvpsCzx5KNvS-Ao&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0Bt1QtC6RCK2m_xhOoNdhT5HX80anbXrpXhx9ZMHv4UHqa3mV-Mbae8FYx677HOGI2C0AKLnIJ5RTuZ7eLUbH38jx4juB95WT8n2Huoi98GeizMl5RTvpsCzx5KNvS-Ao&q={searchTerms}
HKU\S-1-5-21-3515464670-2770779577-3274627398-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0Bt1QtC6RCK2m_xhOoNdhT5HX80anbXrpXhx9ZMHv4UHqa3mV-Mbae8FYx677HOGI2C0AKLnIJ5RTuZ7eLUbH38jx4juB95WT8n2Huoi98GeizMl5RTvpsCzx5KNvS-Ao&q={searchTerms}
HKU\S-1-5-21-3515464670-2770779577-3274627398-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0Bt1QtC6RCK2m_xhOoNdhT5HX80anbXrpXhx9ZMHv4UHqa3mV-Mbae8FYx677HOGI2CEmL6rtoxP0wNxDbf25PZ9zIrDaSwUP_c91DF6eVHWJFMa8z7Pmrq9gxjmKDOmw
HKU\S-1-5-21-3515464670-2770779577-3274627398-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
HKU\S-1-5-21-3515464670-2770779577-3274627398-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0Bt1QtC6RCK2m_xhOoNdhT5HX80anbXrpXhx9ZMHv4UHqa3mV-Mbae8FYx677HOGI2C0AKLnIJ5RTuZ7eLUbH38jx4juB95WT8n2Huoi98GeizMl5RTvpsCzx5KNvS-Ao&q={searchTerms}
HKU\S-1-5-21-3515464670-2770779577-3274627398-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}
HKU\S-1-5-21-3515464670-2770779577-3274627398-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://t.asus13.de.msn.com/?pc=asu2js&ocid=asudhp
HKU\S-1-5-21-3515464670-2770779577-3274627398-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
HKU\S-1-5-21-3515464670-2770779577-3274627398-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0Bt1QtC6RCK2m_xhOoNdhT5HX80anbXrpXhx9ZMHv4UHqa3mV-Mbae8FYx677HOGI2C0AKLnIJ5RTuZ7eLUbH38jx4juB95WT8n2Huoi98GeizMl5RTvpsCzx5KNvS-Ao&q={searchTerms}
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0Bt1QtC6RCK2m_xhOoNdhT5HX80anbXrpXhx9ZMHv4UHqa3mV-Mbae8FYx677HOGI2C0AKLnIJ5RTuZ7eLUbH38jx4juB95WT8n2Huoi98GeizMl5RTvpsCzx5KNvS-Ao&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0Bt1QtC6RCK2m_xhOoNdhT5HX80anbXrpXhx9ZMHv4UHqa3mV-Mbae8FYx677HOGI2C0AKLnIJ5RTuZ7eLUbH38jx4juB95WT8n2Huoi98GeizMl5RTvpsCzx5KNvS-Ao&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0Bt1QtC6RCK2m_xhOoNdhT5HX80anbXrpXhx9ZMHv4UHqa3mV-Mbae8FYx677HOGI2C0AKLnIJ5RTuZ7eLUbH38jx4juB95WT8n2Huoi98GeizMl5RTvpsCzx5KNvS-Ao&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3515464670-2770779577-3274627398-1001 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0Bt1QtC6RCK2m_xhOoNdhT5HX80anbXrpXhx9ZMHv4UHqa3mV-Mbae8FYx677HOGI2C0AKLnIJ5RTuZ7eLUbH38jx4juB95WT8n2Huoi98GeizMl5RTvpsCzx5KNvS-Ao&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3515464670-2770779577-3274627398-1001 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0Bt1QtC6RCK2m_xhOoNdhT5HX80anbXrpXhx9ZMHv4UHqa3mV-Mbae8FYx677HOGI2C0AKLnIJ5RTuZ7eLUbH38jx4juB95WT8n2Huoi98GeizMl5RTvpsCzx5KNvS-Ao&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3515464670-2770779577-3274627398-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-04-24] (Qualcomm Atheros Commnucations)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL Keine Datei
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
Toolbar: HKLM - Kein Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  Keine Datei
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
Toolbar: HKLM-x32 - Kein Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  Keine Datei
Toolbar: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\2q61wmip.default
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-04-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFPlgn [2015-09-10]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\Exts\Chrome.crx [2015-08-10]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\Exts\Chrome.crx [2015-08-10]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-07-23] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [310400 2013-04-24] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 cjpcsc; C:\WINDOWS\SysWOW64\cjpcsc.exe [557056 2015-06-16] (REINER SCT)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2765496 2015-07-14] (Microsoft Corporation)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [83032 2013-07-31] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [100032 2013-07-31] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [84568 2013-07-31] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [92864 2013-07-31] (Intel Corporation)
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [107944 2013-01-08] (Condusiv Technologies)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-08-08] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\N360.exe [282016 2015-07-16] (Symantec Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-04-24] (Atheros) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [69392 2013-08-08] (ASUS Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\BASHDefs\20150904.001\BHDrvx64.sys [1650936 2015-07-23] (Symantec Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-04-24] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1605020.00F\ccSetx64.sys [173808 2015-07-11] (Symantec Corporation)
S3 cjusb; C:\Windows\system32\DRIVERS\cjusb.sys [36112 2015-03-23] (REINER SCT)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [68072 2013-07-31] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [57216 2013-07-31] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [120256 2013-07-31] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [200808 2013-07-31] (Intel Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-07-27] (Symantec Corporation)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [26024 2013-01-08] (Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [112552 2013-01-08] (Condusiv Technologies)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\IPSDefs\20150909.001\IDSvia64.sys [767224 2015-08-29] (Symantec Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\VirusDefs\20150909.016\ENG64.SYS [138488 2015-05-20] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\VirusDefs\20150909.016\EX64.SYS [2146040 2015-05-20] (Symantec Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-07-23] (Windows (R) Win 7 DDK provider)
S3 scvad_simple; C:\Windows\system32\drivers\SplitCamAudio.sys [23552 2014-06-30] (Windows (R) Win 7 DDK provider)
S3 splitcam_hd_driver; C:\Windows\system32\DRIVERS\splitcam_hd_driver.sys [37496 2014-06-30] (Windows (R) Win 7 DDK provider)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1605020.00F\SRTSP64.SYS [926448 2015-07-11] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1605020.00F\SRTSPX64.SYS [50936 2015-07-11] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\N360x64\1605020.00F\SYMEFASI64.SYS [1620720 2015-07-11] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1605020.00F\SymELAM.sys [24192 2015-07-11] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-08-10] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1605020.00F\Ironx64.SYS [297720 2015-07-11] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1605020.00F\SYMNETS.SYS [576248 2015-07-11] (Symantec Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-10 11:26 - 2015-09-10 11:26 - 00030614 _____ C:\Users\Martin\Desktop\FRST.txt
2015-09-10 11:25 - 2015-09-10 11:25 - 00000474 _____ C:\Users\Martin\Desktop\defogger_disable.log
2015-09-10 10:30 - 2015-09-10 11:26 - 00000000 ____D C:\FRST
2015-09-10 10:29 - 2015-09-10 10:29 - 02190336 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2015-09-10 10:26 - 2015-09-10 10:26 - 00050477 _____ C:\Users\Martin\Desktop\Defogger.exe
2015-09-10 10:26 - 2015-09-10 10:26 - 00000000 _____ C:\Users\Martin\defogger_reenable
2015-09-09 22:52 - 2015-09-09 23:49 - 00000000 ____D C:\Users\Martin\AppData\Local\NPE
2015-09-09 13:50 - 2015-09-03 04:18 - 02531400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-09-09 13:50 - 2015-09-03 04:17 - 01903848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-09-09 13:50 - 2015-09-02 20:48 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-09-09 13:50 - 2015-09-02 19:09 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-09-09 13:50 - 2015-08-27 04:48 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-09-09 13:50 - 2015-08-26 20:00 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-09-09 13:50 - 2015-08-26 20:00 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-09-09 13:50 - 2015-08-26 20:00 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-09-09 13:50 - 2015-08-26 20:00 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-09-09 13:50 - 2015-08-26 16:46 - 03705344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-09 13:50 - 2015-08-26 16:29 - 02240512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-09-09 13:50 - 2015-08-26 16:27 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-09-09 13:50 - 2015-08-26 16:27 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-09-09 13:50 - 2015-08-26 16:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-09-09 13:50 - 2015-08-26 16:26 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-09-09 13:50 - 2015-08-26 16:26 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-09-09 13:50 - 2015-08-22 20:19 - 25188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-09 13:50 - 2015-08-22 19:35 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-09 13:50 - 2015-08-22 19:22 - 19856384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-09 13:50 - 2015-08-22 19:20 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-09-09 13:50 - 2015-08-22 18:50 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-09 13:50 - 2015-08-22 18:41 - 14451712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-09 13:50 - 2015-08-22 18:28 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-09-09 13:50 - 2015-08-22 18:26 - 02427392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-09-09 13:50 - 2015-08-22 18:22 - 12857344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-09 13:50 - 2015-07-30 19:18 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2015-09-09 13:50 - 2015-07-30 18:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2015-09-09 13:49 - 2015-09-02 04:56 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-09-09 13:49 - 2015-09-02 04:55 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-09 13:49 - 2015-09-02 04:50 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-09 13:49 - 2015-09-02 04:17 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-09 13:49 - 2015-09-02 04:13 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-09 13:49 - 2015-08-22 19:34 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-09 13:49 - 2015-08-22 19:21 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-09 13:49 - 2015-08-22 18:55 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-09 13:49 - 2015-08-22 18:50 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-09-09 13:49 - 2015-08-22 18:45 - 00665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-09 13:49 - 2015-08-22 18:44 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-09-09 13:49 - 2015-08-22 18:41 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-09-09 13:49 - 2015-08-22 18:41 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-09-09 13:49 - 2015-08-22 18:41 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-09-09 13:49 - 2015-08-22 18:39 - 02126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-09-09 13:49 - 2015-08-22 18:23 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-09-09 13:49 - 2015-08-22 18:20 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-09-09 13:49 - 2015-08-22 18:18 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-09-09 13:49 - 2015-08-22 18:18 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-09-09 13:49 - 2015-08-22 18:18 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-09-09 13:49 - 2015-08-22 18:14 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-09-09 13:49 - 2015-08-22 18:01 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-09-09 13:49 - 2015-08-22 18:00 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-09-09 13:49 - 2015-08-22 17:56 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-09-09 13:49 - 2015-08-22 17:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-09-09 13:49 - 2015-08-03 23:15 - 00074928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2015-09-09 13:49 - 2015-08-03 23:15 - 00065600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2015-09-09 13:49 - 2015-08-01 16:22 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2015-09-09 13:49 - 2015-08-01 05:47 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2015-09-09 13:49 - 2015-08-01 05:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2015-09-09 13:49 - 2015-08-01 05:38 - 01265152 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-09 13:49 - 2015-08-01 05:37 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2015-09-09 13:49 - 2015-08-01 05:37 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2015-09-09 13:49 - 2015-07-22 16:34 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-09 13:49 - 2015-07-22 16:33 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-09 13:49 - 2015-07-22 16:25 - 02461184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-09 13:49 - 2015-07-22 16:25 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-09 13:49 - 2015-07-18 20:31 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-09 13:49 - 2015-07-18 20:29 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-09 13:49 - 2015-07-18 20:29 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-09 13:49 - 2015-07-18 20:27 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-05 20:39 - 2015-09-05 20:39 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-25 11:36 - 2015-08-25 11:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-25 11:20 - 2015-08-27 15:42 - 00000000 ____D C:\Users\Martin\Desktop\Blühmischung Haselrain 2015
2015-08-22 14:16 - 2015-07-22 16:19 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-08-22 14:16 - 2015-07-22 15:52 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-08-22 14:16 - 2015-07-17 16:15 - 00951296 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-08-22 14:16 - 2015-07-17 16:10 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-08-22 14:16 - 2015-07-03 23:51 - 01380056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-08-22 14:16 - 2015-07-03 16:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-08-22 14:16 - 2015-06-27 13:47 - 00118616 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2015-08-22 14:16 - 2015-06-19 19:07 - 02819072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-08-22 14:15 - 2015-07-14 05:27 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzsync.exe
2015-08-22 14:15 - 2015-07-13 21:10 - 00411455 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-22 14:15 - 2015-07-10 21:06 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2015-08-22 14:15 - 2015-07-09 18:14 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-08-22 14:01 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-22 14:01 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-22 13:49 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-22 13:49 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-22 13:49 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-22 13:49 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-22 13:49 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-22 13:49 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-22 13:49 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-22 13:49 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-22 13:49 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-22 13:49 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-22 13:49 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-22 13:49 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-22 13:48 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-22 13:48 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-22 13:48 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-22 13:48 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-22 13:48 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-22 13:48 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-22 13:48 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-22 13:47 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-22 13:47 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-22 13:47 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-22 13:47 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-22 13:47 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-22 13:47 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-22 13:47 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-22 13:47 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-22 13:47 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-22 13:47 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-22 13:47 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-22 13:47 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-13 12:06 - 2015-08-25 16:43 - 00000000 ____D C:\Users\Martin\Desktop\BA Präsentation

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-10 11:23 - 2015-01-20 21:08 - 01375894 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-10 11:20 - 2014-03-21 17:29 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3515464670-2770779577-3274627398-1002
2015-09-10 11:08 - 2014-03-11 02:05 - 00000074 _____ C:\Users\Martin\AppData\Roaming\sp_data.sys
2015-09-10 11:06 - 2013-08-22 16:46 - 00355141 _____ C:\WINDOWS\setupact.log
2015-09-10 11:06 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-10 11:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-10 10:37 - 2015-07-15 14:26 - 00001256 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3515464670-2770779577-3274627398-1002UA.job
2015-09-10 10:37 - 2015-07-15 14:26 - 00001204 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3515464670-2770779577-3274627398-1002Core.job
2015-09-10 10:26 - 2015-01-20 21:15 - 00000000 ____D C:\Users\Martin
2015-09-10 09:35 - 2014-11-21 05:35 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-10 09:35 - 2014-11-21 04:45 - 00773008 _____ C:\WINDOWS\system32\perfh007.dat
2015-09-10 09:35 - 2014-11-21 04:45 - 00162310 _____ C:\WINDOWS\system32\perfc007.dat
2015-09-10 00:53 - 2012-07-26 10:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-09-09 23:47 - 2014-03-23 20:18 - 00000000 ____D C:\Program Files (x86)\Scoretec
2015-09-09 23:39 - 2014-11-20 20:24 - 00091630 _____ C:\WINDOWS\PFRO.log
2015-09-09 23:39 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-09-09 22:53 - 2014-03-21 19:13 - 00000000 ____D C:\ProgramData\Norton
2015-09-09 14:31 - 2013-08-22 16:44 - 00483672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-09 14:31 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-09-09 14:29 - 2014-11-21 05:13 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-09 14:29 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-09-09 14:01 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-09 13:55 - 2014-04-18 19:47 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-09 12:00 - 2015-05-15 12:01 - 00003474 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2015-09-09 12:00 - 2015-05-15 12:01 - 00003464 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2015-09-08 19:33 - 2014-07-01 16:17 - 00000000 ____D C:\Users\Martin\AppData\Local\CrashDumps
2015-09-08 16:49 - 2014-12-03 19:22 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Skype
2015-09-07 10:27 - 2015-08-03 17:32 - 00000000 ____D C:\Users\Martin\Desktop\KiBiWo 2015
2015-09-05 20:39 - 2014-07-18 18:33 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Dropbox
2015-09-05 20:14 - 2013-10-05 22:54 - 00000000 ____D C:\Program Files (x86)\Bluetooth Suite
2015-09-04 17:49 - 2014-03-11 02:05 - 00000000 ____D C:\Users\Martin\AppData\Local\Packages
2015-09-02 18:27 - 2014-04-27 15:49 - 00000000 ____D C:\Users\Martin\Documents\Kürbisschilder
2015-09-02 18:12 - 2014-04-27 15:50 - 00011294 _____ C:\Users\Martin\Documents\Verkaufsliste.xlsx
2015-08-29 10:25 - 2014-04-27 15:59 - 00000000 ____D C:\Users\Martin\Desktop\KGR
2015-08-27 16:07 - 2014-04-27 15:50 - 00000000 ____D C:\Users\Martin\Documents\Agrardieselvergütung
2015-08-27 10:50 - 2014-04-27 15:59 - 00000000 ____D C:\Users\Martin\Desktop\Kinderkirche
2015-08-26 18:37 - 2014-04-18 19:47 - 134753440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-25 11:36 - 2014-12-03 19:22 - 00002715 _____ C:\Users\Public\Desktop\Skype.lnk
2015-08-25 11:36 - 2014-12-03 19:22 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-25 11:36 - 2014-12-03 19:21 - 00000000 ____D C:\ProgramData\Skype
2015-08-22 14:05 - 2014-05-20 11:39 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-22 14:05 - 2014-05-20 11:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-22 14:04 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-22 14:04 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-22 14:04 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-22 14:04 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-22 14:00 - 2014-05-20 11:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-22 13:51 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-22 13:51 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-22 11:44 - 2014-03-21 17:30 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-08-20 17:23 - 2014-04-27 15:49 - 00000000 ____D C:\Users\Martin\Documents\Schnaps Etiketten
2015-08-20 10:28 - 2014-04-27 15:50 - 00000000 ____D C:\Users\Martin\Documents\Äcker und Wiesen
2015-08-19 19:13 - 2014-04-27 15:49 - 00000000 ____D C:\Users\Martin\Documents\Dokumentation von Pflanzenschutz
2015-08-14 15:07 - 2014-09-28 10:16 - 00000000 ____D C:\Users\Martin\AppData\Roaming\HpUpdate
2015-08-12 16:42 - 2014-10-24 15:45 - 00000000 ____D C:\Users\Martin\Documents\Semester 6
2015-08-12 12:20 - 2014-04-27 15:50 - 00000000 ____D C:\Users\Martin\Documents\Telekom Rechnungen

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-04-18 19:36 - 2014-04-18 19:36 - 0000235 _____ () C:\Users\Martin\AppData\Roaming\devices.xml
2014-04-18 19:36 - 2014-04-18 19:36 - 0000012 _____ () C:\Users\Martin\AppData\Roaming\settings.xml
2014-03-11 02:05 - 2015-09-10 11:08 - 0000074 _____ () C:\Users\Martin\AppData\Roaming\sp_data.sys
2015-03-01 16:01 - 2015-03-01 16:01 - 0001461 _____ () C:\Users\Martin\AppData\Local\recently-used.xbel
2014-09-28 10:14 - 2014-09-28 10:14 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-04-03 15:09 - 2015-04-03 15:09 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-04-18 18:59 - 2014-07-21 19:54 - 0000955 _____ () C:\ProgramData\hpzinstall.log
2013-04-26 01:15 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-04-26 01:15 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-04-26 01:15 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\SetStretch.VBS


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-09-09 23:34

==================== Ende von FRST.txt ============================
         

Addition
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-09-2015
durchgeführt von Martin (2015-09-10 11:27:15)
Gestartet von C:\Users\Martin\Desktop
Windows 8.1 (X64) (2015-01-20 19:36:44)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3515464670-2770779577-3274627398-500 - Administrator - Disabled)
Gast (S-1-5-21-3515464670-2770779577-3274627398-501 - Limited - Disabled)
Martin (S-1-5-21-3515464670-2770779577-3274627398-1002 - Administrator - Enabled) => C:\Users\Martin
UpdatusUser (S-1-5-21-3515464670-2770779577-3274627398-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Norton 360 Online (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 Online (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton 360 Online (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.5 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.2 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0018 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.5 - ASUS)
ASUS VivoBook (HKLM\...\{04FDBE69-F9FD-42A2-9008-E5CE7F60C6BE}) (Version: 1.0.31 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5520.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.5520.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.310 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0030 - ASUS)
AusweisApp2 (HKLM-x32\...\{1C785E05-CFC7-43BE-9A52-9FB39C180CB8}) (Version: 1.2.2 - Governikus GmbH & Co. KG)
Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.00495 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.00495 - Cisco Systems, Inc.) Hidden
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
cyberJack Base Components (HKLM-x32\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 7.2.0 - REINER SCT)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-3515464670-2770779577-3274627398-1001\...\Dropbox) (Version: 2.10.2 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-3515464670-2770779577-3274627398-1002\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)
ExpressCache (HKLM\...\{C123584F-9C84-45E8-AE5F-522328BB79A0}) (Version: 1.0.100.0 - Condusiv Technologies)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8610 - Grundlegende Software für das Gerät (HKLM\...\{C1586445-E3CA-45F0-A754-E6C2784CDDB7}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Officejet Pro 8610 Hilfe (HKLM-x32\...\{2466D8D5-4856-4492-BDEF-48A640F58866}) (Version: 32.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel Experience Center - Configuration (x32 Version: 1.9.0.8 - Intel) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.0.0.2023 - Intel Corporation)
Intel(R) Experience Center Desktop Software (HKLM-x32\...\{85de612b-ee05-476a-87cc-52e5740de420}) (Version: 1.9.0.8 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
i-port.de Bestellsoftware (HKLM-x32\...\{B4244B8D-0D9C-4EB0-BDF3-03A2060E96A8}}_is1) (Version: 3.5.7.5 - Foto Online Service GmbH)
LPT System Updater Service (x32 Version: 1.0.0.0 - LPT) Hidden <==== ACHTUNG
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4745.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3515464670-2770779577-3274627398-1002\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-3515464670-2770779577-3274627398-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
Norton 360 Online (HKLM-x32\...\N360) (Version: 22.5.2.15 - Symantec Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Peggle (x32 Version: 2.2.0.95 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.226 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.16.614.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7404 - Realtek Semiconductor Corp.)
Realtek USB Card Reader (HKLM-x32\...\{1E496A68-4943-424E-829D-5C3C85B7B8F2}) (Version: 6.2.9200.39041 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SigmaPlot 13.0 (HKLM-x32\...\{88B90FF3-D0D3-454A-AACE-9B026E2829E3}) (Version: 13.0 - Systat Software, Inc.)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Startfenster (HKLM-x32\...\Startfenster) (Version:  - Startfenster)
Studie zur Verbesserung von HP Officejet Pro 8610 (HKLM\...\{C597CC7C-D465-4761-8516-274F3713FE85}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.0.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
Windows Driver Package - ASUS (ATP) Mouse  (07/16/2013 1.0.0.181) (HKLM\...\16D5A24C881B7CEE31FBA6DD5EC1C194C188F85A) (Version: 07/16/2013 1.0.0.181 - ASUS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Martin\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Martin\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Martin\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Martin\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Martin\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

17-07-2015 19:48:17 Windows Update
25-07-2015 09:11:27 Windows Update
02-08-2015 16:32:20 Norton 360 Registry Clean
08-08-2015 10:31:12 Windows Update
22-08-2015 13:49:43 Windows Update
09-09-2015 13:50:19 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0D131646-A5B6-454C-971A-882CE4E00C8B} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-08-19] (ASUS)
Task: {158C4F9B-4D7F-4FDD-A95C-A76B7DA42A43} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-07-14] (Microsoft Corporation)
Task: {40A7D62C-5CB7-4581-A718-7946C23281FE} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2013-01-09] (ASUSTek Computer INC.)
Task: {414353C2-75C7-4589-95DA-2201D2EC6CCA} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-14] (Microsoft Corporation)
Task: {41FDFD20-DC8E-4263-B96A-A033ADF904D2} - System32\Tasks\HPCustParticipation HP Officejet Pro 8610 => C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP)
Task: {4609E992-5058-4FE5-BC46-C59781E3FAAC} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3515464670-2770779577-3274627398-1002Core => C:\Users\Martin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-15] (Dropbox, Inc.)
Task: {476214CB-C268-4E55-A39D-951D6F185618} - System32\Tasks\ASUS InstantOn Config => C:\Program Files\ASUS\P4G\InsOnCfg.exe
Task: {506915FB-00F1-4FB3-865E-FA1BD37788FC} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()
Task: {5EEFCB2D-EC58-446D-BBBD-9EE76B731A5C} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-08-08] (AsusTek)
Task: {7298831A-986B-4569-ABD0-31A22A5EB3BD} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {7E58A23E-DA0B-496C-A19B-C8CE0D4CF487} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {83016F80-86D4-4FA4-9072-4A48BE46F1E8} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-08-16] (ASUSTeK Computer Inc.)
Task: {8EEBD759-4DA4-4BEF-B46A-FC019794AE32} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\SymErr.exe [2015-05-19] (Symantec Corporation)
Task: {A54C85A3-480F-41E4-AAA9-89F9594A9E53} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360 Online\Upgrade.exe [2015-07-27] (Symantec Corporation)
Task: {AEC33DD3-D455-42C2-9C40-C60D7AF59A0A} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\WSCStub.exe [2015-07-16] (Symantec Corporation)
Task: {B619E8E9-7D21-436F-9C7B-85B29F4C2A91} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3515464670-2770779577-3274627398-1002UA => C:\Users\Martin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-15] (Dropbox, Inc.)
Task: {BBFD86CC-AEF2-4341-B3CC-0420A8AFEECD} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-07-09] ()
Task: {BD8526F5-7A39-4C04-BFC2-ACD114C5DB18} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\SymErr.exe [2015-05-19] (Symantec Corporation)
Task: {BEF3F9E0-2977-43D1-A730-07607EA5BE2F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-14] (Microsoft Corporation)
Task: {C2172E41-921E-4DB9-A45A-A91A0D04CAF8} - System32\Tasks\ASUS Vivokey => C:\Program Files\ASUS\ASUS VivoBook\vivokey.exe [2013-08-23] (ASUSTek Computer Inc.)
Task: {C5314E75-AC88-4F4B-BDB6-2D319DEF4932} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-12-11] (Realtek Semiconductor)
Task: {CE0C27F4-2FCB-4224-A851-9BD1D1327D56} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {D257DF6D-57BC-4886-8988-F80E5E861B54} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {D5EF0318-843C-4AC3-9C2B-21977C825E51} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-12-11] (Realtek Semiconductor)
Task: {E15AFF17-0D01-4F7D-8A02-9A1DD5BDA2E2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {E45FA079-0A84-4A35-864A-BC4CF4234544} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2013-08-09] (ASUSTek Computer Inc.)
Task: {EA889F9D-365D-40E3-A424-0D53B3B1F0AA} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {EBCE125A-C414-4B68-BA39-3A958F33F225} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {F0EAD2AE-6B34-4AD1-909C-B48CF1D887C5} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2013-07-23] (ASUS)
Task: {F2CB4B7A-9D1E-4752-8983-4BE0770C76D7} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3515464670-2770779577-3274627398-1002Core.job => C:\Users\Martin\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3515464670-2770779577-3274627398-1002UA.job => C:\Users\Martin\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-12-10 08:13 - 2013-12-10 08:13 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-01-20 21:08 - 2013-10-23 10:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-07-23 10:54 - 2013-07-23 10:54 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2012-12-19 08:10 - 2012-12-19 08:10 - 00072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
2014-04-18 20:05 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-04-24 17:09 - 2013-04-24 17:09 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-04-24 17:07 - 2013-04-24 17:07 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-04-24 17:12 - 2013-04-24 17:12 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2012-08-03 21:53 - 2012-08-03 21:53 - 00062968 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2013-08-19 18:16 - 2013-08-19 18:16 - 00015440 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2013-08-16 11:03 - 2013-08-16 11:03 - 00023040 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2013-12-10 08:13 - 2013-12-10 08:13 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2013-10-05 22:45 - 2013-08-08 14:23 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002\...\127.0.0.1 -> hxxp://127.0.0.1


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3515464670-2770779577-3274627398-1001\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-3515464670-2770779577-3274627398-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\ASUS\wallpapers\ASUS.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3515464670-2770779577-3274627398-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-3515464670-2770779577-3274627398-1002\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-3515464670-2770779577-3274627398-1002\...\StartupApproved\Run: => "Dropbox Update"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{751F841B-9D64-4C50-A018-BE9CA092A5D4}] => (Allow) C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{950877E4-82DD-4ED7-975E-2A7BB79C2351}] => (Allow) C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{85822F7D-18B7-4892-AF89-9B1B4698E078}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{10D9E59D-39F2-455B-90E9-E8BD360101B4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{3928848A-37F9-4D9C-A6B8-A6A885D8D78E}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{D2AC0B64-FA96-49B9-AE81-62AD4C0F9175}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{9CBDB688-1560-4EC3-B3C4-13B86FD1A88A}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{99AB5382-1059-45AC-AAEB-E32736E99DF9}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{08DF9207-336B-4D4F-B1FD-122BC45D324B}] => (Allow) LPort=1900
FirewallRules: [{CACDB418-5466-44CB-97EB-234638B11E8D}] => (Allow) LPort=2869
FirewallRules: [{8F742722-EB63-4B60-8280-435B83C49A8F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1B753360-4F37-4FE7-91C8-7B951E0BB4DF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5C96BA0C-C228-4D5D-B2AF-C807599DC021}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8C373356-43AD-42B1-A057-257449FA707E}] => (Allow) C:\Users\Martin\AppData\Local\Temp\7zS5C4C\HPDiagnosticCoreUI.exe
FirewallRules: [{2ACD19DF-50FB-4126-9924-18106E745FD3}] => (Allow) C:\Users\Martin\AppData\Local\Temp\7zS5C4C\HPDiagnosticCoreUI.exe
FirewallRules: [{A12D5A7A-548C-4D13-9750-5CE1C783ECAF}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\FaxApplications.exe
FirewallRules: [{B289DC0F-4830-432D-84A4-1A2541B4D1EB}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\DigitalWizards.exe
FirewallRules: [{190175D6-97F1-45CD-87F5-DA52B8783708}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\SendAFax.exe
FirewallRules: [{2B43AB12-80FC-4488-B064-4072CC2ABF09}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\Bin\DeviceSetup.exe
FirewallRules: [{B6617DA2-917E-4925-90A9-54EFFAF2C2EC}] => (Allow) LPort=5357
FirewallRules: [{18758A9E-399C-43A6-9BAE-6C5A8651EC9D}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{38AB1BD2-8933-4AF1-AE25-F75BD4FAF664}] => (Allow) C:\Users\Martin\AppData\Local\Temp\7zS68C6\HPDiagnosticCoreUI.exe
FirewallRules: [{5EFF3C30-5418-44BE-B752-DADF66A79672}] => (Allow) C:\Users\Martin\AppData\Local\Temp\7zS68C6\HPDiagnosticCoreUI.exe
FirewallRules: [{9B209BC0-BE38-43A1-8798-A669D23B7168}] => (Allow) C:\Users\Martin\AppData\Local\Temp\7zS693C\HPDiagnosticCoreUI.exe
FirewallRules: [{0E1DEA38-16FD-49FF-918F-54608336B1D0}] => (Allow) C:\Users\Martin\AppData\Local\Temp\7zS693C\HPDiagnosticCoreUI.exe
FirewallRules: [{C99C6943-96E7-41FE-A3C3-721B5CD6B873}] => (Allow) C:\Users\Martin\AppData\Local\Temp\7zS026A\HPDiagnosticCoreUI.exe
FirewallRules: [{D372B8AC-3B0C-4D7B-BF1C-B93378B8D281}] => (Allow) C:\Users\Martin\AppData\Local\Temp\7zS026A\HPDiagnosticCoreUI.exe
FirewallRules: [AusweisApp2-Firewall-Rule] => (Allow) C:\Program Files (x86)\AusweisApp2 1.2.2\AusweisApp2.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/09/2015 11:00:12 PM) (Source: MsiInstaller) (EventID: 11706) (User: Martin-Laptop)
Description: Product: LPT System Updater Service -- Error 1706. An installation package for the product LPT System Updater Service cannot be found. Try the installation again using a valid copy of the installation package 'LPTInstaller.msi'.

Error: (09/09/2015 10:59:45 PM) (Source: MsiInstaller) (EventID: 11706) (User: Martin-Laptop)
Description: Product: LPT System Updater Service -- Error 1706. An installation package for the product LPT System Updater Service cannot be found. Try the installation again using a valid copy of the installation package 'LPTInstaller.msi'.

Error: (09/09/2015 02:37:13 PM) (Source: Python Service) (EventID: 255) (User: )
Description: Exception : (1056, 'StartService', 'Es wird bereits eine Instanz des Dienstes ausgef\xfchrt.')

Error: (09/08/2015 07:32:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SplitCam.exe, Version: 6.9.4.1, Zeitstempel: 0x541675c3
Name des fehlerhaften Moduls: CLFLVSplitter.ax, Version: 1.0.0.3327, Zeitstempel: 0x4e817ba8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00007d16
ID des fehlerhaften Prozesses: 0x1810
Startzeit der fehlerhaften Anwendung: 0xSplitCam.exe0
Pfad der fehlerhaften Anwendung: SplitCam.exe1
Pfad des fehlerhaften Moduls: SplitCam.exe2
Berichtskennung: SplitCam.exe3
Vollständiger Name des fehlerhaften Pakets: SplitCam.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SplitCam.exe5

Error: (09/08/2015 04:21:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GWXUX.exe, Version: 6.3.9600.17924, Zeitstempel: 0x55959290
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17936, Zeitstempel: 0x55a68e0c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000003d86e
ID des fehlerhaften Prozesses: 0x2c08
Startzeit der fehlerhaften Anwendung: 0xGWXUX.exe0
Pfad der fehlerhaften Anwendung: GWXUX.exe1
Pfad des fehlerhaften Moduls: GWXUX.exe2
Berichtskennung: GWXUX.exe3
Vollständiger Name des fehlerhaften Pakets: GWXUX.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: GWXUX.exe5

Error: (09/08/2015 04:20:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GWXUX.exe, Version: 6.3.9600.17924, Zeitstempel: 0x55959290
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17936, Zeitstempel: 0x55a68e0c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000003d86e
ID des fehlerhaften Prozesses: 0x2c08
Startzeit der fehlerhaften Anwendung: 0xGWXUX.exe0
Pfad der fehlerhaften Anwendung: GWXUX.exe1
Pfad des fehlerhaften Moduls: GWXUX.exe2
Berichtskennung: GWXUX.exe3
Vollständiger Name des fehlerhaften Pakets: GWXUX.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: GWXUX.exe5

Error: (09/06/2015 11:03:45 AM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhostex (13304) IndexedDb: Bei Datenbankwiederherstellung trat ein unerwarteter Fehler -1216 auf.

Error: (09/06/2015 11:03:45 AM) (Source: ESENT) (EventID: 494) (User: )
Description: taskhostex (13304) IndexedDb: Bei der Datenbankwiederherstellung ist ein Fehler aufgetreten (Fehler -1216), da Verweise auf Datenbank "C:\Users\Martin\AppData\Local\Microsoft\Internet Explorer\Indexed DB\Internet.edb" festgestellt wurden, die nicht mehr vorhanden ist. Die Datenbank wurde nicht sauber heruntergefahren, bevor sie entfernt (oder möglicherweise verschoben oder umbenannt) wurde. Das Datenbankmodul lässt den Abschluss der Wiederherstellung für diese Instanz erst dann zu, wenn die fehlende Datenbank wieder verfügbar gemacht wird. Wenn die Datenbank tatsächlich nicht mehr verfügbar oder nicht mehr erforderlich ist, finden Sie Informationen zum Beheben dieses Fehlers in der Microsoft Knowledge Base oder unter dem Link "Weitere Informationen" am Ende dieser Meldung.

Error: (09/03/2015 07:08:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SplitCam.exe, Version: 6.9.4.1, Zeitstempel: 0x541675c3
Name des fehlerhaften Moduls: CLFLVSplitter.ax, Version: 1.0.0.3327, Zeitstempel: 0x4e817ba8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00007d16
ID des fehlerhaften Prozesses: 0xea0
Startzeit der fehlerhaften Anwendung: 0xSplitCam.exe0
Pfad der fehlerhaften Anwendung: SplitCam.exe1
Pfad des fehlerhaften Moduls: SplitCam.exe2
Berichtskennung: SplitCam.exe3
Vollständiger Name des fehlerhaften Pakets: SplitCam.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SplitCam.exe5

Error: (09/02/2015 10:36:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WSHost.exe, Version: 6.3.9600.17415, Zeitstempel: 0x545040f3
Name des fehlerhaften Moduls: WinStoreUI.dll, Version: 6.3.9600.17819, Zeitstempel: 0x554636a9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000569d9
ID des fehlerhaften Prozesses: 0x790
Startzeit der fehlerhaften Anwendung: 0xWSHost.exe0
Pfad der fehlerhaften Anwendung: WSHost.exe1
Pfad des fehlerhaften Moduls: WSHost.exe2
Berichtskennung: WSHost.exe3
Vollständiger Name des fehlerhaften Pakets: WSHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: WSHost.exe5


Systemfehler:
=============
Error: (09/10/2015 10:58:52 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (09/10/2015 10:58:52 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (09/10/2015 10:54:47 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (09/10/2015 10:54:47 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (09/10/2015 10:43:47 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (09/10/2015 10:43:47 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (09/10/2015 09:15:56 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40.

Error: (09/10/2015 09:15:56 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40.

Error: (09/10/2015 08:53:27 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (09/10/2015 08:53:27 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.


Microsoft Office:
=========================
Error: (09/09/2015 11:00:12 PM) (Source: MsiInstaller) (EventID: 11706) (User: Martin-Laptop)
Description: Product: LPT System Updater Service -- Error 1706. An installation package for the product LPT System Updater Service cannot be found. Try the installation again using a valid copy of the installation package 'LPTInstaller.msi'.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/09/2015 10:59:45 PM) (Source: MsiInstaller) (EventID: 11706) (User: Martin-Laptop)
Description: Product: LPT System Updater Service -- Error 1706. An installation package for the product LPT System Updater Service cannot be found. Try the installation again using a valid copy of the installation package 'LPTInstaller.msi'.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/09/2015 02:37:13 PM) (Source: Python Service) (EventID: 255) (User: )
Description: Exception : (1056, 'StartService', 'Es wird bereits eine Instanz des Dienstes ausgef\xfchrt.')

Error: (09/08/2015 07:32:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SplitCam.exe6.9.4.1541675c3CLFLVSplitter.ax1.0.0.33274e817ba8c000000500007d16181001d0ea54efef7c30C:\Program Files (x86)\SplitCam\SplitCam.exeC:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\CLFLVSplitter.axa4989800-564f-11e5-bed5-d850e6a0ba0c

Error: (09/08/2015 04:21:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GWXUX.exe6.3.9600.1792455959290ntdll.dll6.3.9600.1793655a68e0cc0000005000000000003d86e2c0801d0ea4194dc05d6C:\WINDOWS\System32\GWX\GWXUX.exeC:\WINDOWS\SYSTEM32\ntdll.dlld5fd1c75-5634-11e5-bed5-d850e6a0ba0c

Error: (09/08/2015 04:20:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GWXUX.exe6.3.9600.1792455959290ntdll.dll6.3.9600.1793655a68e0cc0000005000000000003d86e2c0801d0ea4194dc05d6C:\WINDOWS\System32\GWX\GWXUX.exeC:\WINDOWS\SYSTEM32\ntdll.dlld31ec67f-5634-11e5-bed5-d850e6a0ba0c

Error: (09/06/2015 11:03:45 AM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhostex13304IndexedDb: -1216

Error: (09/06/2015 11:03:45 AM) (Source: ESENT) (EventID: 494) (User: )
Description: taskhostex13304IndexedDb: -1216C:\Users\Martin\AppData\Local\Microsoft\Internet Explorer\Indexed DB\Internet.edb

Error: (09/03/2015 07:08:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SplitCam.exe6.9.4.1541675c3CLFLVSplitter.ax1.0.0.33274e817ba8c000000500007d16ea001d0e66ac8da1adcC:\Program Files (x86)\SplitCam\SplitCam.exeC:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\CLFLVSplitter.ax5c726c56-525e-11e5-bed5-d850e6a0ba0c

Error: (09/02/2015 10:36:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: WSHost.exe6.3.9600.17415545040f3WinStoreUI.dll6.3.9600.17819554636a9c000000500000000000569d979001d0e55a774dfb7fC:\WINDOWS\WinStore\WSHost.exeC:\WINDOWS\winstore\WinStoreUI.dllb742a953-514d-11e5-bed5-d850e6a0ba0c


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 8075.21 MB
Verfügbarer physikalischer RAM: 5219.31 MB
Summe virtueller Speicher: 9355.21 MB
Verfügbarer virtueller Speicher: 6637.12 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:372.16 GB) (Free:282.14 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive d: (Data) (Fixed) (Total:537.8 GB) (Free:537.64 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 57788C0B)

Partition: GPT.

========================================================
Disk: 1 (Size: 22.4 GB) (Disk ID: D6909034)

Partition: GPT.

==================== Ende von Addition.txt ============================
         

Gmer
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-09-10 11:38:56
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\00000034 WDC_WD10JPVX-80JC3T0 rev.01.01A01 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\Martin\AppData\Local\Temp\fxryakow.sys


---- User code sections - GMER 2.1 ----

.text   C:\WINDOWS\system32\dwm.exe[624] C:\WINDOWS\system32\KERNEL32.DLL!K32GetModuleInformation       00007ffffaf53e10 7 bytes JMP 00008000f9c602d0
.text   C:\WINDOWS\system32\dwm.exe[624] C:\WINDOWS\system32\KERNEL32.DLL!RegQueryValueExW              00007ffffaf53e20 7 bytes JMP 00008000f9c60308
.text   C:\WINDOWS\system32\dwm.exe[624] C:\WINDOWS\system32\KERNEL32.DLL!RegSetValueExW                00007ffffb0039b0 7 bytes JMP 00008000f9c603b0
.text   C:\WINDOWS\system32\dwm.exe[624] C:\WINDOWS\system32\KERNEL32.DLL!RegDeleteValueW               00007ffffb003ef0 7 bytes JMP 00008000f9c60340
.text   C:\WINDOWS\system32\dwm.exe[624] C:\WINDOWS\system32\KERNEL32.DLL!RegSetValueExA                00007ffffb003fe0 7 bytes JMP 00008000f9c60378
.text   C:\WINDOWS\system32\dwm.exe[624] C:\WINDOWS\system32\KERNEL32.DLL!K32EnumProcessModulesEx       00007ffffb0306c0 7 bytes JMP 00008000f9c60228
.text   C:\WINDOWS\system32\dwm.exe[624] C:\WINDOWS\system32\KERNEL32.DLL!K32GetMappedFileNameW         00007ffffb030730 7 bytes JMP 00008000f9c60298
.text   C:\WINDOWS\system32\dwm.exe[624] C:\WINDOWS\system32\KERNEL32.DLL!K32GetModuleFileNameExW       00007ffffb030760 7 bytes JMP 00008000f9c60260
.text   C:\WINDOWS\system32\dwm.exe[624] C:\WINDOWS\system32\KERNELBASE.dll!FreeLibrary                 00007ffff9c721d0 5 bytes JMP 00008000f9c60180
.text   C:\WINDOWS\system32\dwm.exe[624] C:\WINDOWS\system32\KERNELBASE.dll!GetModuleHandleW            00007ffff9c729d0 7 bytes JMP 00008000f9c600d8
.text   C:\WINDOWS\system32\dwm.exe[624] C:\WINDOWS\system32\KERNELBASE.dll!GetModuleHandleExW          00007ffff9c74310 5 bytes JMP 00008000f9c60110
.text   C:\WINDOWS\system32\dwm.exe[624] C:\WINDOWS\system32\KERNELBASE.dll!LoadLibraryExW              00007ffff9c78d80 5 bytes JMP 00008000f9c60148
.text   C:\WINDOWS\system32\dwm.exe[624] C:\WINDOWS\system32\USER32.dll!CreateWindowExW                 00007ffffa966d90 10 bytes JMP 00008000f9c60490
.text   C:\WINDOWS\system32\dwm.exe[624] C:\WINDOWS\system32\USER32.dll!EnumDisplayDevicesW             00007ffffa9774a0 5 bytes JMP 00008000f9c60458
.text   C:\WINDOWS\system32\dwm.exe[624] C:\WINDOWS\system32\USER32.dll!DisplayConfigGetDeviceInfo      00007ffffa977560 1 byte JMP 00008000f9c603e8
.text   C:\WINDOWS\system32\dwm.exe[624] C:\WINDOWS\system32\USER32.dll!DisplayConfigGetDeviceInfo + 2  00007ffffa977562 7 bytes {JMP 0xffffffffff2e8e88}
.text   C:\WINDOWS\system32\dwm.exe[624] C:\WINDOWS\system32\USER32.dll!EnumDisplayDevicesA             00007ffffa986b10 5 bytes JMP 00008000f9c60420
.text   C:\WINDOWS\system32\dwm.exe[624] C:\WINDOWS\system32\GDI32.dll!D3DKMTGetDisplayModeList         00007ffffc7f1500 8 bytes JMP 00008000f9c601b8
.text   C:\WINDOWS\system32\dwm.exe[624] C:\WINDOWS\system32\GDI32.dll!D3DKMTQueryAdapterInfo           00007ffffc7f1750 8 bytes JMP 00008000f9c601f0
.text   C:\WINDOWS\system32\dwm.exe[624] C:\WINDOWS\system32\dxgi.dll!CreateDXGIFactory                 00007ffff7527750 5 bytes JMP 00008000f73700d8
.text   C:\WINDOWS\system32\dwm.exe[624] C:\WINDOWS\system32\dxgi.dll!CreateDXGIFactory1                00007ffff7528ee0 5 bytes JMP 00008000f7370110

---- Threads - GMER 2.1 ----

Thread  C:\WINDOWS\system32\csrss.exe [740:772]                                                         fffff960009292d0

---- Disk sectors - GMER 2.1 ----

Disk    \Device\Harddisk0\DR0                                                                           unknown MBR code

---- EOF - GMER 2.1 ----
         

Alt 10.09.2015, 12:12   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Links über Skype und Mails werden verschickt - aber nicht von mir - Standard

Links über Skype und Mails werden verschickt - aber nicht von mir



hi,

Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    LPT System Updater Service


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 




Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________

Alt 10.09.2015, 14:12   #3
Martsch
 
Links über Skype und Mails werden verschickt - aber nicht von mir - Standard

Links über Skype und Mails werden verschickt - aber nicht von mir



Hi schrauber,

erstmal vielen Dank für deine wirklich schnelle Antwort!
Ich habe die von dir beschriebenen Schritte durchgeführt. Die mbar.exe hat aber kein Cleanup durchgeführt.

Hier poste ich die Logfiles:

mbar
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.2.1008
www.malwarebytes.org

Database version:
  main:    v2015.09.10.05
  rootkit: v2015.08.16.01

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.18036
Martin :: MARTIN-LAPTOP [administrator]

10.09.2015 12:44:37
mbar-log-2015-09-10 (12-44-37).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 420439
Time elapsed: 53 minute(s), 50 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Den vom TDSSKiller muss ich teilen
Code:
ATTFilter
13:50:48.0226 0x0618  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
13:50:48.0226 0x0618  UEFI system
13:50:52.0570 0x0618  ============================================================
13:50:52.0570 0x0618  Current date / time: 2015/09/10 13:50:52.0570
13:50:52.0570 0x0618  SystemInfo:
13:50:52.0570 0x0618  
13:50:52.0570 0x0618  OS Version: 6.3.9600 ServicePack: 0.0
13:50:52.0570 0x0618  Product type: Workstation
13:50:52.0570 0x0618  ComputerName: MARTIN*******
13:50:52.0570 0x0618  UserName: Martin
13:50:52.0570 0x0618  Windows directory: C:\WINDOWS
13:50:52.0570 0x0618  System windows directory: C:\WINDOWS
13:50:52.0570 0x0618  Running under WOW64
13:50:52.0570 0x0618  Processor architecture: Intel x64
13:50:52.0570 0x0618  Number of processors: 4
13:50:52.0570 0x0618  Page size: 0x1000
13:50:52.0570 0x0618  Boot type: Normal boot
13:50:52.0570 0x0618  ============================================================
13:50:52.0788 0x0618  KLMD registered as C:\WINDOWS\system32\drivers\65776336.sys
13:50:53.0195 0x0618  System UUID: {C5836172-D31E-B245-5277-0AEDF6ECFE36}
13:50:54.0460 0x0618  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:50:54.0460 0x0618  Drive \Device\Harddisk1\DR1 - Size: 0x5976F6000 ( 22.37 Gb ), SectorSize: 0x200, Cylinders: 0xB67, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:50:54.0460 0x0618  ============================================================
13:50:54.0460 0x0618  \Device\Harddisk0\DR0:
13:50:54.0460 0x0618  GPT partitions:
13:50:54.0460 0x0618  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {22DC5FB0-CDD8-463C-8E41-92E4795A3160}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
13:50:54.0460 0x0618  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {BA0B1FE6-FF09-49E1-9D4E-CA9C1DC945D8}, Name: Basic data partition, StartLBA 0x32800, BlocksNum 0x1C2000
13:50:54.0460 0x0618  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {D3B80B07-286C-486C-AB90-0399B622B6E8}, Name: Microsoft reserved partition, StartLBA 0x1F4800, BlocksNum 0x40000
13:50:54.0460 0x0618  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {4A3F6317-2475-49F5-8F12-E03B00398DE1}, Name: Basic data partition, StartLBA 0x234800, BlocksNum 0x2E853800
13:50:54.0460 0x0618  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {E3307A2A-5661-491E-AF8C-D806F551B3D9}, Name: , StartLBA 0x2EA88000, BlocksNum 0xE2000
13:50:54.0460 0x0618  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {19399632-76F5-4E5F-9B5B-6B13C8A1CF4A}, Name: Basic data partition, StartLBA 0x2EB6A000, BlocksNum 0x43397800
13:50:54.0460 0x0618  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {A8D87FDF-5C62-44CA-A5A4-E6C3392F240B}, Name: Basic data partition, StartLBA 0x71F01800, BlocksNum 0x2805000
13:50:54.0460 0x0618  MBR partitions:
13:50:54.0460 0x0618  \Device\Harddisk1\DR1:
13:50:54.0476 0x0618  GPT partitions:
13:50:54.0476 0x0618  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {B8CB5058-C187-4719-BAF0-379CA2D4C97E}, UniqueGUID: {4613EE39-4727-4347-8134-173F590F716F}, Name: HFS, StartLBA 0x800, BlocksNum 0x2CBA800
13:50:54.0476 0x0618  MBR partitions:
13:50:54.0476 0x0618  ============================================================
13:50:54.0538 0x0618  C: <-> \Device\Harddisk0\DR0\Partition4
13:50:54.0648 0x0618  D: <-> \Device\Harddisk0\DR0\Partition6
13:50:54.0648 0x0618  ============================================================
13:50:54.0648 0x0618  Initialize success
13:50:54.0648 0x0618  ============================================================
13:52:13.0446 0x1938  ============================================================
13:52:13.0446 0x1938  Scan started
13:52:13.0446 0x1938  Mode: Manual; SigCheck; TDLFS; 
13:52:13.0446 0x1938  ============================================================
13:52:13.0446 0x1938  KSN ping started
13:52:15.0915 0x1938  KSN ping finished: true
13:52:18.0524 0x1938  ================ Scan system memory ========================
13:52:18.0524 0x1938  System memory - ok
13:52:18.0524 0x1938  ================ Scan services =============================
13:52:18.0774 0x1938  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
13:52:18.0930 0x1938  1394ohci - ok
13:52:18.0961 0x1938  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
13:52:18.0993 0x1938  3ware - ok
13:52:19.0055 0x1938  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
13:52:19.0133 0x1938  ACPI - ok
13:52:19.0149 0x1938  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
13:52:19.0180 0x1938  acpiex - ok
13:52:19.0211 0x1938  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
13:52:19.0243 0x1938  acpipagr - ok
13:52:19.0290 0x1938  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
13:52:19.0321 0x1938  AcpiPmi - ok
13:52:19.0321 0x1938  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
13:52:19.0352 0x1938  acpitime - ok
13:52:19.0383 0x1938  [ E5568164C070A4988BD79C896920B3C6, A60F0ECEEC5D1E2298C4852803B66B92CE6EF44B9C3387BA6A94339BBE4D6D75 ] acsock          C:\WINDOWS\system32\DRIVERS\acsock64.sys
13:52:19.0430 0x1938  acsock - ok
13:52:19.0555 0x1938  [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:52:19.0571 0x1938  AdobeARMservice - ok
13:52:19.0649 0x1938  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
13:52:19.0727 0x1938  ADP80XX - ok
13:52:19.0790 0x1938  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
13:52:20.0024 0x1938  AeLookupSvc - ok
13:52:20.0149 0x1938  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
13:52:20.0211 0x1938  AFD - ok
13:52:20.0258 0x1938  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
13:52:20.0290 0x1938  agp440 - ok
13:52:20.0336 0x1938  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
13:52:20.0368 0x1938  ahcache - ok
13:52:20.0399 0x1938  [ 16F6F6B7903B913AB41AB848C8BB5658, 7304257048CB42E5274B3F6400F4A053A38E3B70A157662FE9D2B7C5979DE851 ] AiCharger       C:\WINDOWS\system32\DRIVERS\AiCharger.sys
13:52:20.0415 0x1938  AiCharger - ok
13:52:20.0446 0x1938  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\WINDOWS\System32\alg.exe
13:52:20.0477 0x1938  ALG - ok
13:52:20.0524 0x1938  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
13:52:20.0555 0x1938  AmdK8 - ok
13:52:20.0555 0x1938  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
13:52:20.0586 0x1938  AmdPPM - ok
13:52:20.0618 0x1938  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
13:52:20.0649 0x1938  amdsata - ok
13:52:20.0665 0x1938  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
13:52:20.0711 0x1938  amdsbs - ok
13:52:20.0743 0x1938  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
13:52:20.0774 0x1938  amdxata - ok
13:52:20.0805 0x1938  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\WINDOWS\system32\drivers\appid.sys
13:52:20.0836 0x1938  AppID - ok
13:52:20.0868 0x1938  [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
13:52:20.0899 0x1938  AppIDSvc - ok
13:52:20.0946 0x1938  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
13:52:21.0336 0x1938  Appinfo - ok
13:52:21.0383 0x1938  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
13:52:22.0165 0x1938  AppReadiness - ok
13:52:22.0399 0x1938  [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
13:52:22.0946 0x1938  AppXSvc - ok
13:52:22.0993 0x1938  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
13:52:23.0024 0x1938  arcsas - ok
13:52:23.0086 0x1938  [ DC2BA6926FA0CDCE273CC9897F05584A, CF35A55511C6241679FDB9D48DC43B61D86D071B974E7A668495E2021098E912 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
13:52:23.0102 0x1938  ASLDRService - ok
13:52:23.0133 0x1938  [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
13:52:23.0149 0x1938  ASMMAP64 - ok
13:52:23.0290 0x1938  [ 6A122B4F0E5293CACFA8A5F2CBA9B356, 9D69076B697BEE8742E32EBEF1802D829DEA6B1D93AF485D11CC89A08CA4D809 ] ASUS InstantOn  C:\Program Files\ASUS\P4G\InsOnSrv.exe
13:52:23.0321 0x1938  ASUS InstantOn - ok
13:52:23.0368 0x1938  [ AAE374280DDC307061A43ED9FAD1AD57, BFBE60D67B4283868D148C38502689FFE52CC7F13F4294E21F47B37D14FB5821 ] Asus WebStorage Windows Service C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
13:52:23.0383 0x1938  Asus WebStorage Windows Service - detected UnsignedFile.Multi.Generic ( 1 )
13:52:25.0852 0x1938  Detect skipped due to KSN trusted
13:52:25.0852 0x1938  Asus WebStorage Windows Service - ok
13:52:25.0883 0x1938  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
13:52:25.0915 0x1938  atapi - ok
13:52:25.0946 0x1938  [ 427A6D1397E826B370D025EE73A50E6E, FC8BAB3AA95B55D59B8DF9F97C87D1F3CEAB609A3E6C8BD576F3BF9047C6A120 ] AthBTPort       C:\WINDOWS\system32\DRIVERS\btath_flt.sys
13:52:25.0977 0x1938  AthBTPort - ok
13:52:26.0024 0x1938  [ 54D0CDDB72425D42F7B504EE392E9653, 925FC00DC1222ECC8D750E240E8C159CF46F0BDBAADCDB2108892CF2CD91ED79 ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
13:52:26.0071 0x1938  AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
13:52:28.0555 0x1938  Detect skipped due to KSN trusted
13:52:28.0555 0x1938  AtherosSvc - ok
13:52:28.0837 0x1938  [ A34167BD20D771B8E68F2C41CC85168C, 33E5ACA0D853918E1DE2B9544A6B0B616C09CA92013B1D99C7F48655B1DDB4A9 ] athr            C:\WINDOWS\system32\DRIVERS\athw8x.sys
13:52:29.0149 0x1938  athr - ok
13:52:29.0212 0x1938  [ DBC598E47E7A382E60E2A4745D41FEF9, A810AC197CA456B0285E2CAE6986D38B31F4ADA32BEB47EC7A48A2B2196BA639 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
13:52:29.0227 0x1938  ATKGFNEXSrv - ok
13:52:29.0290 0x1938  [ 41CEAFFCF3550785E59E3EC9BEE8D97A, 89FE604088B65B82AA794E1DA8429033CD2F05FFB2D7EFAAC7B967C7A83D1B1E ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
13:52:29.0508 0x1938  ATKWMIACPIIO - ok
13:52:29.0524 0x1938  [ A751FA39AEC7DBA5DCE0D64BB0E3E331, F0D7AE1E6EAD2DAC7EA4E37B4AB30E6ACE8F21CE3C49D2D01B854F36E72F77B5 ] ATP             C:\WINDOWS\System32\drivers\AsusTP.sys
13:52:29.0555 0x1938  ATP - ok
13:52:29.0602 0x1938  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
13:52:29.0633 0x1938  AudioEndpointBuilder - ok
13:52:29.0712 0x1938  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
13:52:29.0790 0x1938  Audiosrv - ok
13:52:29.0837 0x1938  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
13:52:29.0883 0x1938  AxInstSV - ok
13:52:29.0946 0x1938  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
13:52:30.0024 0x1938  b06bdrv - ok
13:52:30.0055 0x1938  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
13:52:30.0087 0x1938  BasicDisplay - ok
13:52:30.0102 0x1938  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
13:52:30.0133 0x1938  BasicRender - ok
13:52:30.0165 0x1938  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
13:52:30.0180 0x1938  bcmfn2 - ok
13:52:30.0258 0x1938  [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
13:52:30.0321 0x1938  BDESVC - ok
13:52:30.0352 0x1938  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
13:52:30.0883 0x1938  Beep - ok
13:52:30.0962 0x1938  [ 22A5582ACF0CEE97268D7868C69F35CE, 78A44C10966FE467D3FCC76BE37647AE2CC2BCA9DE5715AD9E643162B23C3A19 ] BFE             C:\WINDOWS\System32\bfe.dll
13:52:31.0133 0x1938  BFE - ok
13:52:31.0524 0x1938  [ 3E2882C7D02E34D5528BDDECD8CEF930, 39AEB34BD5BFD0BE6C8D0E37D5D5912B76B87A442C2AD91AC3E5F709D73C809C ] BHDrvx64        C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\BASHDefs\20150904.001\BHDrvx64.sys
13:52:31.0774 0x1938  BHDrvx64 - ok
13:52:31.0868 0x1938  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\WINDOWS\System32\qmgr.dll
13:52:32.0055 0x1938  BITS - ok
13:52:32.0071 0x1938  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
13:52:32.0102 0x1938  bowser - ok
13:52:32.0149 0x1938  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
13:52:32.0462 0x1938  BrokerInfrastructure - ok
13:52:32.0493 0x1938  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\WINDOWS\System32\browser.dll
13:52:32.0540 0x1938  Browser - ok
13:52:32.0587 0x1938  [ E9B6AC24CB3737D2F93C05590B4A9048, 7CFDF93947925EDF6D6C0AD9E3A31AF098E8F8574AFCD8C7B3242E29A1F38CDD ] BTATH_A2DP      C:\WINDOWS\system32\drivers\btath_a2dp.sys
13:52:32.0618 0x1938  BTATH_A2DP - ok
13:52:32.0649 0x1938  [ 2BD94FC9AB890A7A7CEF81E5F1A2D421, 0B572D0F6558CA37164A15A8D9DF13160BBF6DA119B8E92436B3DCFA19361E31 ] btath_avdt      C:\WINDOWS\system32\drivers\btath_avdt.sys
13:52:32.0665 0x1938  btath_avdt - ok
13:52:32.0696 0x1938  [ 4AF7C20F94DAC343C01ED671C82DCB99, 2AABD85D9D76461DE883E0F13F61C391BA81E6198FF88268B319474E25A196C8 ] BTATH_HCRP      C:\WINDOWS\System32\drivers\btath_hcrp.sys
13:52:32.0727 0x1938  BTATH_HCRP - ok
13:52:32.0759 0x1938  [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT     C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys
13:52:32.0774 0x1938  BTATH_LWFLT - ok
13:52:32.0805 0x1938  [ 31EC5FC3FC5CB273F2709AAF4AD88ED4, 804401CEBBB24443AE0A304FCF5CB6B0D7679BA7FC5DC3BFF968B0B44FE34EC1 ] BTATH_RCP       C:\WINDOWS\System32\drivers\btath_rcp.sys
13:52:32.0837 0x1938  BTATH_RCP - ok
13:52:32.0899 0x1938  [ 25B35FDD5FE5666DC49CCC0BC6A9AD81, 0F6A9783EF72AF53F20B19E51FE40A17F72FB9CC037670ADB77970AF9CA7E376 ] BtFilter        C:\WINDOWS\system32\DRIVERS\btfilter.sys
13:52:33.0227 0x1938  BtFilter - ok
13:52:33.0274 0x1938  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
13:52:33.0477 0x1938  BthAvrcpTg - ok
13:52:33.0493 0x1938  [ 12418846B057E4F92FC621F5C6CF737D, 0B8B0EADE4F2AD95D450A5C71C287C0F04F33897ABF27D3E3B6428A3C99C7B5D ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
13:52:33.0524 0x1938  BthEnum - ok
13:52:33.0571 0x1938  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
13:52:33.0868 0x1938  BthHFEnum - ok
13:52:33.0915 0x1938  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
13:52:33.0930 0x1938  bthhfhid - ok
13:52:34.0009 0x1938  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
13:52:34.0102 0x1938  BthHFSrv - ok
13:52:34.0134 0x1938  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
13:52:34.0243 0x1938  BthLEEnum - ok
13:52:34.0259 0x1938  [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
13:52:34.0305 0x1938  BTHMODEM - ok
13:52:34.0368 0x1938  [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
13:52:34.0415 0x1938  BthPan - ok
13:52:34.0524 0x1938  [ B810B2B39CCA90DC6BF42AF1658AE0D1, D184F927BCFBDE7063A0C9873BF2C174226E1AB5081A7108FCC66210CD117465 ] BTHPORT         C:\WINDOWS\System32\Drivers\BTHport.sys
13:52:34.0634 0x1938  BTHPORT - ok
13:52:34.0680 0x1938  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\WINDOWS\system32\bthserv.dll
13:52:34.0915 0x1938  bthserv - ok
13:52:34.0962 0x1938  [ 52A1B7ECAB4C9EF70FD41241691E09D3, F7A5BFE72D3151E73DD9922A76964C08AC1FDCB8460D9A17DCF8B7969006AD42 ] BTHUSB          C:\WINDOWS\System32\Drivers\BTHUSB.sys
13:52:35.0305 0x1938  BTHUSB - ok
13:52:35.0399 0x1938  [ 5A1C7DBDDB001BC6F1D1720E655445E2, 07A766C804D0709936FF18A2F67C49D6499BEF9CEEB1EF69F654A35268A11027 ] ccSet_N360      C:\WINDOWS\system32\drivers\N360x64\1605020.00F\ccSetx64.sys
13:52:35.0555 0x1938  ccSet_N360 - ok
13:52:35.0602 0x1938  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
13:52:35.0634 0x1938  cdfs - ok
13:52:35.0665 0x1938  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
13:52:35.0712 0x1938  cdrom - ok
13:52:35.0759 0x1938  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
13:52:35.0805 0x1938  CertPropSvc - ok
13:52:35.0837 0x1938  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
13:52:35.0852 0x1938  circlass - ok
13:52:36.0055 0x1938  [ 664AA28A1D92608BEF2F63AF008745B7, 71FF749A52D34D981716610D577C20DF876B15FA1BC039EF11ACAF2F09DFBC4A ] cjpcsc          C:\WINDOWS\SysWOW64\cjpcsc.exe
13:52:36.0118 0x1938  cjpcsc - ok
13:52:36.0165 0x1938  [ E3B86AB029D1C523981C3476DE859521, F787284359F6322DB7135FCDFD3DA3EFD92FBBB95F3DC5C9D77B881A8351B080 ] cjusb           C:\WINDOWS\system32\DRIVERS\cjusb.sys
13:52:36.0180 0x1938  cjusb - ok
13:52:36.0227 0x1938  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
13:52:36.0274 0x1938  CLFS - ok
13:52:36.0493 0x1938  [ EC44010BAFA116B6ED200AB18A29E560, 0261CBABF18158FB836DB4569201035F702A5CE27C64551E29C2AC4BC6C3851C ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
13:52:36.0696 0x1938  ClickToRunSvc - ok
13:52:36.0743 0x1938  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
13:52:36.0805 0x1938  CmBatt - ok
13:52:36.0884 0x1938  [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
13:52:37.0071 0x1938  CNG - ok
13:52:37.0102 0x1938  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
13:52:37.0227 0x1938  CompositeBus - ok
13:52:37.0243 0x1938  COMSysApp - ok
13:52:37.0274 0x1938  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
13:52:37.0321 0x1938  condrv - ok
13:52:37.0368 0x1938  [ F9693D45B0F1B346CCDEEC1F341AD389, 342C81EFB434EAC29865F8BB049051635C644D7EF355D0F5FB3ADD9DDCE55D82 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
13:52:37.0399 0x1938  cphs - ok
13:52:37.0462 0x1938  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
13:52:37.0493 0x1938  CryptSvc - ok
13:52:37.0524 0x1938  [ 389C998C64319CD97625B0550E52ECFA, DD0EDDD9C8412F78D2D2B648D67DA887C3040E05DF29F48F71299CB68FDDD0F8 ] dam             C:\WINDOWS\system32\drivers\dam.sys
13:52:37.0555 0x1938  dam - ok
13:52:37.0634 0x1938  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
13:52:37.0743 0x1938  DcomLaunch - ok
13:52:37.0837 0x1938  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
13:52:38.0259 0x1938  defragsvc - ok
13:52:38.0321 0x1938  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
13:52:39.0118 0x1938  DeviceAssociationService - ok
13:52:39.0149 0x1938  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
13:52:39.0399 0x1938  DeviceInstall - ok
13:52:39.0446 0x1938  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
13:52:39.0743 0x1938  Dfsc - ok
13:52:39.0790 0x1938  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
13:52:40.0040 0x1938  Dhcp - ok
13:52:40.0165 0x1938  [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
13:52:40.0555 0x1938  DiagTrack - ok
13:52:40.0587 0x1938  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
13:52:40.0634 0x1938  disk - ok
13:52:40.0665 0x1938  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
13:52:40.0696 0x1938  dmvsc - ok
13:52:40.0743 0x1938  [ E9AE4FAE83FB38A2962F9032B24CEB3C, CC7D2D8C97CB779791613D76D6E4AF5D628C948C28BAC584C3C7F6A5A6036FBA ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
13:52:40.0790 0x1938  Dnscache - ok
13:52:40.0821 0x1938  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
13:52:40.0884 0x1938  dot3svc - ok
13:52:40.0899 0x1938  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\WINDOWS\system32\dps.dll
13:52:40.0946 0x1938  DPS - ok
13:52:40.0962 0x1938  [ 68E2849CF59D54557F5CC6911EE5B26F, 902768EEB69EAADB7AB2935C5B283D48329FC91FD1BC2BE61993D2C31D05A54E ] DptfDevDram     C:\WINDOWS\system32\DRIVERS\DptfDevDram.sys
13:52:40.0993 0x1938  DptfDevDram - ok
13:52:41.0009 0x1938  [ 76C91DB88A8CEE7711F41ADF08128522, 584AFB7076D8C6D200444E5D376A8934285DF7D8A9B41C076E350F258D43B8EB ] DptfDevPch      C:\WINDOWS\system32\DRIVERS\DptfDevPch.sys
13:52:41.0024 0x1938  DptfDevPch - ok
13:52:41.0056 0x1938  [ 82D5BA44F3A32EE7D41D2E8B4361AD9B, BFC8059C4208E79E0A52F86A28A5E119F059DC1CD03564675A1554CE916AD5A5 ] DptfDevProc     C:\WINDOWS\system32\DRIVERS\DptfDevProc.sys
13:52:41.0087 0x1938  DptfDevProc - ok
13:52:41.0134 0x1938  [ 66AA3E34E06A32B60573926DD861D70E, 1888D8B35460E3D1F73B495D90BFA0D14AE405F50A010A8555558DFC6E233C7A ] DptfManager     C:\WINDOWS\system32\DRIVERS\DptfManager.sys
13:52:41.0165 0x1938  DptfManager - ok
13:52:41.0196 0x1938  [ 058388D2D86C28C6C345B52ECF251FF7, 81D0A652F419F1B95E10245480BDF168C74370760B574987F0F88D6C9097BCA9 ] DptfParticipantProcessorService C:\WINDOWS\system32\DptfParticipantProcessorService.exe
13:52:41.0227 0x1938  DptfParticipantProcessorService - ok
13:52:41.0290 0x1938  [ DD102BC049487894B5214E5CC890F7C7, 340A24CBB4961F5D50835597E418368D60E2BDFB6E9C89DC546E1D9C77066A99 ] DptfPolicyConfigTDPService C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe
13:52:41.0321 0x1938  DptfPolicyConfigTDPService - ok
13:52:41.0337 0x1938  [ 920DA0F094DDE55DF835FECD7304A0C1, 5EE88CE2F7BA292F60618B5EC4EC87C2417CD12A20306966B5DC68D7687EFDA0 ] DptfPolicyCriticalService C:\WINDOWS\system32\DptfPolicyCriticalService.exe
13:52:41.0352 0x1938  DptfPolicyCriticalService - ok
13:52:41.0384 0x1938  [ 4BA8E65371129900116259D8513644EB, A5DEE74D2C9DA0C1185333B4A3D22815104423682645BB4E2A5E8E7DB766D41E ] DptfPolicyLpmService C:\WINDOWS\system32\DptfPolicyLpmService.exe
13:52:41.0415 0x1938  DptfPolicyLpmService - ok
13:52:41.0446 0x1938  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
13:52:41.0462 0x1938  drmkaud - ok
13:52:41.0509 0x1938  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
13:52:41.0556 0x1938  DsmSvc - ok
13:52:41.0665 0x1938  [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
13:52:41.0805 0x1938  DXGKrnl - ok
13:52:41.0852 0x1938  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
13:52:42.0618 0x1938  Eaphost - ok
13:52:42.0884 0x1938  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
13:52:42.0993 0x1938  ebdrv - ok
13:52:43.0102 0x1938  [ 93EA893A8C2C561648A559E48C723412, 14F9AD8BCF423BC40F7B3D2D7BC0F795CD3C54800C854873BD170ADF2A735B64 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
13:52:43.0556 0x1938  eeCtrl - ok
13:52:43.0587 0x1938  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\WINDOWS\System32\lsass.exe
13:52:43.0618 0x1938  EFS - ok
13:52:43.0649 0x1938  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
13:52:43.0681 0x1938  EhStorClass - ok
13:52:43.0712 0x1938  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
13:52:43.0743 0x1938  EhStorTcgDrv - ok
13:52:43.0774 0x1938  [ 8400C9E33B68C556BF63AEF490EB145C, A840DF1A27C935DD427E53C5D2FFFE79E612D0B4074CE26AA992DA62D4925806 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
13:52:43.0806 0x1938  EraserUtilRebootDrv - ok
13:52:43.0837 0x1938  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
13:52:43.0852 0x1938  ErrDev - ok
13:52:43.0931 0x1938  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\WINDOWS\system32\es.dll
13:52:43.0993 0x1938  EventSystem - ok
13:52:44.0024 0x1938  [ EE8A4765D5EB30736E2E067A3E8907CB, E7FE4F3707E6EEE046BE0C20B75E59924B332CA2F35482B4A457A79D59F4BF4E ] excfs           C:\WINDOWS\system32\DRIVERS\excfs.sys
13:52:44.0040 0x1938  excfs - ok
13:52:44.0071 0x1938  [ 681426F5AFB40405FB596BF90199C484, D9DF2964B96805F61B90E4B862F9EAC5B1C682935A625F75862645E94D623DF4 ] excsd           C:\WINDOWS\system32\DRIVERS\excsd.sys
13:52:44.0102 0x1938  excsd - ok
13:52:44.0134 0x1938  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
13:52:44.0290 0x1938  exfat - ok
13:52:44.0368 0x1938  [ 0AE5D0CD28D26F4BC2BDCA96FC21F67F, F3EB803CE5B2D32212AE40A52C9DE074374709C296023109EAA6DF4012E7AB01 ] ExpressCache    C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
13:52:44.0384 0x1938  ExpressCache - ok
13:52:44.0415 0x1938  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
13:52:44.0806 0x1938  fastfat - ok
13:52:44.0868 0x1938  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\WINDOWS\system32\fxssvc.exe
13:52:44.0946 0x1938  Fax - ok
13:52:44.0993 0x1938  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
13:52:45.0009 0x1938  fdc - ok
13:52:45.0056 0x1938  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
13:52:45.0087 0x1938  fdPHost - ok
13:52:45.0087 0x1938  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
13:52:45.0118 0x1938  FDResPub - ok
13:52:45.0165 0x1938  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
13:52:45.0446 0x1938  fhsvc - ok
13:52:45.0477 0x1938  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
13:52:45.0509 0x1938  FileInfo - ok
13:52:45.0540 0x1938  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
13:52:45.0587 0x1938  Filetrace - ok
13:52:45.0602 0x1938  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
13:52:45.0634 0x1938  flpydisk - ok
13:52:45.0681 0x1938  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
13:52:45.0743 0x1938  FltMgr - ok
13:52:45.0868 0x1938  [ 1E93CBB75D167CDF85501A8C790097A8, C9E5DD090C94E7855939CE1F416460DB408EFF897C2CD52E0D52A734D8ED18B7 ] FontCache       C:\WINDOWS\system32\FntCache.dll
13:52:46.0852 0x1938  FontCache - ok
13:52:46.0946 0x1938  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:52:46.0977 0x1938  FontCache3.0.0.0 - ok
13:52:47.0009 0x1938  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
13:52:47.0040 0x1938  FsDepends - ok
13:52:47.0071 0x1938  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:52:47.0087 0x1938  Fs_Rec - ok
13:52:47.0134 0x1938  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
13:52:47.0399 0x1938  fvevol - ok
13:52:47.0431 0x1938  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
13:52:47.0462 0x1938  FxPPM - ok
13:52:47.0478 0x1938  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
13:52:47.0509 0x1938  gagp30kx - ok
13:52:47.0556 0x1938  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
13:52:47.0587 0x1938  GamesAppService - ok
13:52:47.0618 0x1938  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
13:52:47.0649 0x1938  gencounter - ok
13:52:47.0681 0x1938  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
13:52:47.0727 0x1938  GPIOClx0101 - ok
13:52:48.0009 0x1938  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
13:52:48.0134 0x1938  gpsvc - ok
13:52:48.0181 0x1938  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
13:52:48.0727 0x1938  HDAudBus - ok
13:52:48.0743 0x1938  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
13:52:48.0774 0x1938  HidBatt - ok
13:52:48.0806 0x1938  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
13:52:48.0946 0x1938  HidBth - ok
13:52:48.0978 0x1938  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
13:52:49.0009 0x1938  hidi2c - ok
13:52:49.0024 0x1938  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
13:52:49.0056 0x1938  HidIr - ok
13:52:49.0087 0x1938  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\WINDOWS\system32\hidserv.dll
13:52:49.0149 0x1938  hidserv - ok
13:52:49.0196 0x1938  [ 894D982CEAB8CD45A56AE2C9988E86C0, AA2DEB62CB69FF1AEF772989342F2CF77CA48F212C9489A92A4FF97FD46D3866 ] HIDSwitch       C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys
13:52:49.0212 0x1938  HIDSwitch - ok
13:52:49.0243 0x1938  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
13:52:49.0259 0x1938  HidUsb - ok
13:52:49.0306 0x1938  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
13:52:49.0446 0x1938  hkmsvc - ok
13:52:49.0493 0x1938  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
13:52:49.0915 0x1938  HomeGroupListener - ok
13:52:49.0962 0x1938  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
13:52:50.0024 0x1938  HomeGroupProvider - ok
13:52:50.0056 0x1938  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
13:52:50.0087 0x1938  HpSAMD - ok
13:52:50.0165 0x1938  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
13:52:50.0274 0x1938  HTTP - ok
13:52:50.0306 0x1938  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
13:52:50.0337 0x1938  hwpolicy - ok
13:52:50.0368 0x1938  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
13:52:50.0384 0x1938  hyperkbd - ok
13:52:50.0399 0x1938  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
13:52:50.0431 0x1938  HyperVideo - ok
13:52:50.0478 0x1938  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
13:52:50.0509 0x1938  i8042prt - ok
13:52:50.0540 0x1938  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
13:52:50.0556 0x1938  iaLPSSi_GPIO - ok
13:52:50.0587 0x1938  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
13:52:50.0602 0x1938  iaLPSSi_I2C - ok
13:52:50.0665 0x1938  [ 0A34D806EF2767E62CAFEA1A150A8830, 2C5C9C0924C6AE379E3CD071E6687885006843A17742B083CE14719F666F7FE6 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
13:52:50.0728 0x1938  iaStorA - ok
13:52:50.0774 0x1938  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
13:52:50.0837 0x1938  iaStorAV - ok
13:52:50.0884 0x1938  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
13:52:50.0931 0x1938  iaStorV - ok
13:52:51.0087 0x1938  [ B1CA6DD6534B546A2599187AE4BD9DD2, 0C56E2078FC812BD0C1E43154E3F86BCC1C4EDF36039A27F56AAC47424F635E5 ] IDSVia64        C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\IPSDefs\20150909.001\IDSvia64.sys
13:52:51.0274 0x1938  IDSVia64 - ok
13:52:51.0290 0x1938  IEEtwCollectorService - ok
13:52:51.0571 0x1938  [ 16D939A13CFB82DEE0B9DB12E45C7B4E, D09C57DE3EF7F6BEDD354FEEDB46260FDCF9F9A0F2D096FFD518509AD041AAC5 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
13:52:51.0868 0x1938  igfx - ok
13:52:52.0009 0x1938  [ 57322EBB67A59FB64E228F31A84CA43D, 258DA26BDFAB635F145E55CF65CDFCFE4EB91454E3F930489E92810250EF9FD7 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
13:52:52.0103 0x1938  IKEEXT - ok
13:52:52.0149 0x1938  [ DB65573521AB51941F4FA799D0968136, 418F5E3FE725B7B114F3DAEBDCEBCE7F4AD8ECAAFF572C02BA9ACCE86D55BFD8 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
13:52:52.0165 0x1938  intaud_WaveExtensible - ok
13:52:52.0884 0x1938  [ CC279B89A16615B8DD13422544F6B478, DFC6AF05670CA79D8CC2C89FB5FBD8EECC4FB159CD8EFE422F06BE2A272608B6 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
13:52:53.0212 0x1938  IntcAzAudAddService - ok
13:52:53.0306 0x1938  [ D6A22510D795928E8840619900D672B4, 296F232B0A6D42840A745E4706D2815F6D2E4279DBD90112CBFBFF8833B724AF ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
13:52:53.0368 0x1938  IntcDAud - ok
13:52:53.0493 0x1938  [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
13:52:53.0665 0x1938  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
13:52:56.0150 0x1938  Detect skipped due to KSN trusted
13:52:56.0150 0x1938  Intel(R) Capability Licensing Service Interface - ok
13:52:56.0228 0x1938  [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
13:52:56.0290 0x1938  Intel(R) Capability Licensing Service TCP IP Interface - ok
13:52:56.0368 0x1938  [ 57739E742ABC085C2A4340D4404B4A8B, B4B85C35AC96D11F5940AFCB15A2B2A41D70E3C392E1D4D9353899FA140FF281 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
13:52:56.0384 0x1938  Intel(R) ME Service - ok
13:52:56.0415 0x1938  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
13:52:56.0431 0x1938  intelide - ok
13:52:56.0478 0x1938  [ 7AA01AB1C110916825E6E1389F1B9AF2, E2885955AFA0908E194B1BC364C9582249B2B2AFFF93F17F3414F55B1E5F2C42 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
13:52:56.0509 0x1938  intelpep - ok
13:52:56.0540 0x1938  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
13:52:56.0571 0x1938  intelppm - ok
13:52:56.0603 0x1938  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:52:56.0649 0x1938  IpFilterDriver - ok
13:52:56.0728 0x1938  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
13:52:57.0134 0x1938  iphlpsvc - ok
13:52:57.0149 0x1938  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
13:52:57.0181 0x1938  IPMIDRV - ok
13:52:57.0212 0x1938  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
13:52:57.0259 0x1938  IPNAT - ok
13:52:57.0290 0x1938  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
13:52:57.0337 0x1938  IRENUM - ok
13:52:57.0353 0x1938  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
13:52:57.0384 0x1938  isapnp - ok
13:52:57.0431 0x1938  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
13:52:57.0462 0x1938  iScsiPrt - ok
13:52:57.0571 0x1938  [ 5C9B001D8970C2DA36254A916F3DA8F7, 625AC5C3DFAE52BD34EC3F93742D1D2C229785E4F0F3484CFB7B8728A1C830DF ] iumsvc          C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
13:52:57.0587 0x1938  iumsvc - ok
13:52:57.0618 0x1938  [ 2C04ACF9070282AC9AA837C52CA3C128, 2C68FE2E876E5089F27021038E868E21288F694F3ED0390AED5B4712CC7567EC ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
13:52:57.0634 0x1938  iwdbus - ok
13:52:57.0681 0x1938  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
13:52:57.0712 0x1938  jhi_service - ok
13:52:57.0743 0x1938  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
13:52:57.0774 0x1938  kbdclass - ok
13:52:57.0790 0x1938  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
13:52:57.0821 0x1938  kbdhid - ok
13:52:57.0853 0x1938  [ A8080BEBCDB7A16495CE1205921DCAC5, D4B0EF97B75BF75934A0BEEE48CACD20E8F505600C3A07243DF7627680EE8552 ] kbfiltr         C:\WINDOWS\System32\drivers\kbfiltr.sys
13:52:58.0134 0x1938  kbfiltr - ok
13:52:58.0165 0x1938  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
13:52:58.0196 0x1938  kdnic - ok
13:52:58.0212 0x1938  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\WINDOWS\system32\lsass.exe
13:52:58.0259 0x1938  KeyIso - ok
13:52:58.0290 0x1938  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
13:52:58.0321 0x1938  KSecDD - ok
13:52:58.0368 0x1938  [ 46711F40D0F9E63F786ED23F9BD5215E, 1FBC5101D843E5B43184C98B3D9AF3015C9409EEA6C7BB01B143FD08D4946FC0 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
13:52:58.0399 0x1938  KSecPkg - ok
13:52:58.0431 0x1938  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
13:52:58.0462 0x1938  ksthunk - ok
13:52:58.0556 0x1938  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
13:52:58.0618 0x1938  KtmRm - ok
13:52:58.0728 0x1938  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
13:52:58.0821 0x1938  LanmanServer - ok
13:52:58.0900 0x1938  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
13:52:59.0150 0x1938  LanmanWorkstation - ok
13:52:59.0196 0x1938  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
13:52:59.0384 0x1938  lfsvc - ok
13:52:59.0400 0x1938  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
13:52:59.0446 0x1938  lltdio - ok
13:52:59.0493 0x1938  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
13:52:59.0696 0x1938  lltdsvc - ok
13:52:59.0728 0x1938  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
13:52:59.0775 0x1938  lmhosts - ok
13:52:59.0837 0x1938  [ B16F2A40E738277AB75515D4B024305E, 38F48CCD72FA2B32DFD3123C0864AB724AC673414EEE09C6F582754177CD4B98 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:52:59.0868 0x1938  LMS - ok
13:52:59.0915 0x1938  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
13:52:59.0946 0x1938  LSI_SAS - ok
13:52:59.0962 0x1938  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
13:52:59.0993 0x1938  LSI_SAS2 - ok
13:53:00.0009 0x1938  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
13:53:00.0040 0x1938  LSI_SAS3 - ok
13:53:00.0056 0x1938  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
13:53:00.0087 0x1938  LSI_SSS - ok
13:53:00.0150 0x1938  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\WINDOWS\System32\lsm.dll
13:53:00.0446 0x1938  LSM - ok
13:53:00.0478 0x1938  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
13:53:00.0509 0x1938  luafv - ok
13:53:00.0540 0x1938  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
13:53:00.0571 0x1938  megasas - ok
13:53:00.0618 0x1938  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
13:53:00.0696 0x1938  megasr - ok
13:53:00.0728 0x1938  [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64          C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
13:53:00.0743 0x1938  MEIx64 - ok
13:53:00.0790 0x1938  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\WINDOWS\system32\mmcss.dll
13:53:01.0181 0x1938  MMCSS - ok
13:53:01.0212 0x1938  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
13:53:01.0243 0x1938  Modem - ok
13:53:01.0275 0x1938  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
13:53:01.0306 0x1938  monitor - ok
13:53:01.0321 0x1938  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
13:53:01.0353 0x1938  mouclass - ok
13:53:01.0384 0x1938  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
13:53:01.0415 0x1938  mouhid - ok
13:53:01.0462 0x1938  [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
13:53:01.0493 0x1938  mountmgr - ok
13:53:01.0525 0x1938  [ 22A7042C70F90F8261840740DDBB5176, AD0075C97D2D7C568D5CFB1C3A02DCE3BC01941844A759B29CD4DE4AF2F5FC45 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:53:01.0556 0x1938  MozillaMaintenance - ok
13:53:01.0587 0x1938  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
13:53:01.0618 0x1938  mpsdrv - ok
13:53:01.0696 0x1938  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
13:53:01.0900 0x1938  MpsSvc - ok
13:53:01.0962 0x1938  [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
13:53:02.0259 0x1938  MRxDAV - ok
13:53:02.0306 0x1938  [ 6FBDF2B1B025A8E6E069234362FFFFB7, CF1AFC088F59AD61037F4C4650F3BAEE7FE37C40B3A27B903475F005410F8155 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:53:02.0696 0x1938  mrxsmb - ok
13:53:02.0743 0x1938  [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
13:53:03.0212 0x1938  mrxsmb10 - ok
13:53:03.0243 0x1938  [ 57C2473D501331211D6885FD59F3E44B, 10253703DB32A32291C61B6962A79E374B5DF7DD14A6B6AFD08A99EF26206619 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
13:53:03.0618 0x1938  mrxsmb20 - ok
13:53:03.0650 0x1938  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
13:53:03.0681 0x1938  MsBridge - ok
13:53:03.0728 0x1938  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
13:53:03.0759 0x1938  MSDTC - ok
13:53:03.0806 0x1938  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
13:53:03.0837 0x1938  Msfs - ok
13:53:03.0853 0x1938  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
13:53:03.0868 0x1938  msgpiowin32 - ok
13:53:03.0900 0x1938  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
13:53:03.0931 0x1938  mshidkmdf - ok
13:53:03.0946 0x1938  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
13:53:03.0978 0x1938  mshidumdf - ok
13:53:04.0009 0x1938  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
13:53:04.0025 0x1938  msisadrv - ok
13:53:04.0071 0x1938  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
13:53:04.0181 0x1938  MSiSCSI - ok
13:53:04.0196 0x1938  msiserver - ok
13:53:04.0212 0x1938  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:53:04.0228 0x1938  MSKSSRV - ok
13:53:04.0259 0x1938  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
13:53:04.0384 0x1938  MsLldp - ok
13:53:04.0400 0x1938  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:53:04.0431 0x1938  MSPCLOCK - ok
13:53:04.0446 0x1938  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
13:53:04.0478 0x1938  MSPQM - ok
13:53:04.0540 0x1938  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
13:53:04.0634 0x1938  MsRPC - ok
13:53:04.0650 0x1938  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
13:53:04.0681 0x1938  mssmbios - ok
13:53:04.0712 0x1938  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
13:53:04.0743 0x1938  MSTEE - ok
13:53:04.0759 0x1938  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
13:53:04.0790 0x1938  MTConfig - ok
13:53:04.0822 0x1938  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
13:53:04.0853 0x1938  Mup - ok
13:53:04.0868 0x1938  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
13:53:04.0900 0x1938  mvumis - ok
13:53:05.0165 0x1938  [ 09EA30AD32C1B0B4581CB51D183164E4, 0EE238B87E048F4E44F04FA58C6351090C875016C158A2921598BCAED1BA05DF ] N360            C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\N360.exe
13:53:05.0196 0x1938  N360 - ok
13:53:05.0259 0x1938  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\WINDOWS\system32\qagentRT.dll
13:53:05.0618 0x1938  napagent - ok
13:53:05.0665 0x1938  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
13:53:05.0728 0x1938  NativeWifiP - ok
13:53:05.0790 0x1938  [ 5A4EC58A5F2E63DB2092B343CF1B2834, 33F957565E38A3A2842DDB16D7C969F93A4FB888DB5AFBBF5431A712FADE4E13 ] NAVENG          C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\VirusDefs\20150909.016\ENG64.SYS
13:53:06.0150 0x1938  NAVENG - ok
13:53:06.0509 0x1938  [ 526EA496D7F06B3746775046B33027C1, FEC0B860F49C28ED6ED721A09D19239BB1E20CE3A29697B24B2FE604AE0EB808 ] NAVEX15         C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\VirusDefs\20150909.016\EX64.SYS
13:53:06.0728 0x1938  NAVEX15 - ok
13:53:06.0790 0x1938  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
13:53:07.0025 0x1938  NcaSvc - ok
13:53:07.0040 0x1938  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\WINDOWS\System32\ncbservice.dll
13:53:07.0087 0x1938  NcbService - ok
13:53:07.0103 0x1938  [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
13:53:07.0134 0x1938  NcdAutoSetup - ok
13:53:07.0259 0x1938  [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
13:53:07.0368 0x1938  NDIS - ok
13:53:07.0415 0x1938  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
13:53:07.0446 0x1938  NdisCap - ok
13:53:07.0462 0x1938  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
13:53:07.0915 0x1938  NdisImPlatform - ok
13:53:07.0931 0x1938  [ DC1D9F692C2AD84C214584C28501C1F7, 96FC0D1EC48FED963E02648541A2AAC8E72ED00D797EA8E3D0ED02F5EB4816C5 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:53:08.0118 0x1938  NdisTapi - ok
13:53:08.0150 0x1938  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:53:08.0181 0x1938  Ndisuio - ok
13:53:08.0212 0x1938  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
13:53:08.0243 0x1938  NdisVirtualBus - ok
13:53:08.0275 0x1938  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:53:08.0322 0x1938  NdisWan - ok
13:53:08.0353 0x1938  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:53:08.0384 0x1938  NdisWanLegacy - ok
13:53:08.0415 0x1938  [ B8F36CBC72FC5C8B8A30AD850165EA8E, 478454B1399700B745265A64EC9C797C66BD0141471200BCF222F5EB15B0F40C ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
13:53:08.0556 0x1938  NDProxy - ok
13:53:08.0572 0x1938  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
13:53:08.0759 0x1938  Ndu - ok
13:53:08.0775 0x1938  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
13:53:08.0822 0x1938  NetBIOS - ok
13:53:08.0900 0x1938  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
13:53:08.0947 0x1938  NetBT - ok
13:53:08.0978 0x1938  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\WINDOWS\system32\lsass.exe
13:53:09.0009 0x1938  Netlogon - ok
13:53:09.0118 0x1938  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\WINDOWS\System32\netman.dll
13:53:09.0197 0x1938  Netman - ok
13:53:09.0259 0x1938  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
13:53:09.0322 0x1938  netprofm - ok
13:53:09.0400 0x1938  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:53:09.0478 0x1938  NetTcpPortSharing - ok
13:53:09.0509 0x1938  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\WINDOWS\System32\drivers\netvsc63.sys
13:53:09.0868 0x1938  netvsc - ok
13:53:09.0931 0x1938  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
13:53:09.0993 0x1938  NlaSvc - ok
13:53:10.0025 0x1938  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
13:53:10.0056 0x1938  Npfs - ok
13:53:10.0072 0x1938  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
13:53:10.0103 0x1938  npsvctrig - ok
13:53:10.0134 0x1938  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\WINDOWS\system32\nsisvc.dll
13:53:10.0290 0x1938  nsi - ok
13:53:10.0306 0x1938  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
13:53:10.0337 0x1938  nsiproxy - ok
13:53:10.0478 0x1938  [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
13:53:10.0868 0x1938  Ntfs - ok
13:53:10.0900 0x1938  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
13:53:10.0947 0x1938  Null - ok
13:53:11.0775 0x1938  [ E71E299FF15390E585BACF2C18F55078, 7A51D989DA55349B1761839DEAFD593B6E6F88C433B132E7B027467E050FBA67 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
13:53:12.0837 0x1938  nvlddmkm - ok
13:53:12.0947 0x1938  [ FCC3A3F875C8CF258F71BE2F2CAA2355, BD174C47329F0A15D821E51997E4CDAA68FB9BFD72A89A2F2A85A8603625EB18 ] nvpciflt        C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
13:53:12.0962 0x1938  nvpciflt - ok
13:53:12.0994 0x1938  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
13:53:13.0040 0x1938  nvraid - ok
13:53:13.0072 0x1938  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
13:53:13.0103 0x1938  nvstor - ok
13:53:13.0197 0x1938  [ 415695F5A54E91E869EEBFEA261361A6, 1829C15E07D902686171C8A66EB03040A037CAC1E00E24BF598030D9DA795CEC ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
13:53:13.0275 0x1938  nvsvc - ok
13:53:13.0415 0x1938  [ AA130938A27BB80A8B6438EF83232275, 7C5A4863CD22413723C9F7658855E34088A2F89DF740531ED7986F67A30935E0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
13:53:13.0509 0x1938  nvUpdatusService - ok
13:53:13.0556 0x1938  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
13:53:13.0587 0x1938  nv_agp - ok
13:53:13.0650 0x1938  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:53:14.0040 0x1938  ose - ok
13:53:14.0087 0x1938  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
13:53:14.0259 0x1938  p2pimsvc - ok
13:53:14.0322 0x1938  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
13:53:15.0275 0x1938  p2psvc - ok
13:53:15.0306 0x1938  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
13:53:15.0337 0x1938  Parport - ok
13:53:15.0369 0x1938  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
13:53:15.0400 0x1938  partmgr - ok
13:53:15.0462 0x1938  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
13:53:15.0556 0x1938  PcaSvc - ok
13:53:15.0603 0x1938  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys
13:53:15.0650 0x1938  pci - ok
13:53:15.0665 0x1938  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
13:53:15.0681 0x1938  pciide - ok
13:53:15.0697 0x1938  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
13:53:15.0728 0x1938  pcmcia - ok
13:53:15.0759 0x1938  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
13:53:15.0790 0x1938  pcw - ok
13:53:15.0822 0x1938  [ ED54A75050211DC77F9B98C41E026858, F92FB59ADE88469EAA50E91D43165C68CC32FDE11595A0069FD43103A674FE44 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
13:53:15.0853 0x1938  pdc - ok
13:53:15.0931 0x1938  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
13:53:16.0119 0x1938  PEAUTH - ok
13:53:16.0197 0x1938  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
13:53:16.0353 0x1938  PerfHost - ok
13:53:16.0478 0x1938  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\WINDOWS\system32\pla.dll
13:53:16.0900 0x1938  pla - ok
13:53:16.0978 0x1938  [ 650A060D264FDDB365513A31B0BF31B7, E5EE292D486063F70119013FE89C15953BD46795E001C8A71D612351BC26DF33 ] plctrl          C:\Program Files\ASUS\P4G\plctrl.sys
13:53:16.0994 0x1938  plctrl - ok
13:53:17.0025 0x1938  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
13:53:17.0072 0x1938  PlugPlay - ok
13:53:17.0103 0x1938  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
13:53:17.0197 0x1938  PNRPAutoReg - ok
13:53:17.0228 0x1938  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
13:53:17.0275 0x1938  PNRPsvc - ok
13:53:17.0337 0x1938  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
13:53:17.0400 0x1938  PolicyAgent - ok
13:53:17.0431 0x1938  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\WINDOWS\system32\umpo.dll
13:53:17.0478 0x1938  Power - ok
13:53:17.0712 0x1938  [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
13:53:18.0244 0x1938  PrintNotify - ok
13:53:18.0275 0x1938  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
13:53:18.0290 0x1938  Processor - ok
13:53:18.0322 0x1938  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
13:53:18.0384 0x1938  ProfSvc - ok
13:53:18.0415 0x1938  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
13:53:18.0447 0x1938  Psched - ok
13:53:18.0509 0x1938  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\WINDOWS\system32\qwave.dll
13:53:19.0337 0x1938  QWAVE - ok
13:53:19.0369 0x1938  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
13:53:19.0384 0x1938  QWAVEdrv - ok
13:53:19.0431 0x1938  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:53:19.0447 0x1938  RasAcd - ok
13:53:19.0494 0x1938  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
13:53:19.0525 0x1938  RasAuto - ok
13:53:19.0603 0x1938  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\WINDOWS\System32\rasmans.dll
13:53:19.0712 0x1938  RasMan - ok
13:53:19.0728 0x1938  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:53:19.0775 0x1938  RasPppoe - ok
13:53:19.0822 0x1938  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:53:19.0869 0x1938  rdbss - ok
13:53:19.0884 0x1938  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
13:53:19.0915 0x1938  rdpbus - ok
13:53:19.0947 0x1938  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
13:53:20.0119 0x1938  RDPDR - ok
13:53:20.0165 0x1938  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
13:53:20.0181 0x1938  RdpVideoMiniport - ok
13:53:20.0228 0x1938  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
13:53:20.0259 0x1938  rdyboost - ok
13:53:20.0353 0x1938  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
13:53:20.0650 0x1938  ReFS - ok
13:53:20.0697 0x1938  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
13:53:20.0822 0x1938  RemoteAccess - ok
13:53:20.0869 0x1938  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
13:53:21.0259 0x1938  RemoteRegistry - ok
13:53:21.0291 0x1938  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
13:53:21.0337 0x1938  RFCOMM - ok
13:53:21.0369 0x1938  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
13:53:21.0415 0x1938  RpcEptMapper - ok
13:53:21.0431 0x1938  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\WINDOWS\system32\locator.exe
13:53:21.0462 0x1938  RpcLocator - ok
13:53:21.0525 0x1938  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
13:53:21.0603 0x1938  RpcSs - ok
13:53:21.0634 0x1938  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
13:53:21.0681 0x1938  rspndr - ok
13:53:21.0728 0x1938  [ E7B780F2E7A124264AA487C13107BDFF, 2AE4E7227F3E28FCEF685AC54771D949845339D7881A7855810A6C33E9B179D7 ] RSUSBVSTOR      C:\WINDOWS\System32\Drivers\RtsUVStor.sys
13:53:21.0759 0x1938  RSUSBVSTOR - ok
13:53:21.0853 0x1938  [ 8B58D96C0C8CB3DB20C156C76AD06E1B, A6449305D9454C5CF21AAD0ABBF226621C0AA9C6904853F9A7C555D500752112 ] RTL8168         C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
13:53:21.0915 0x1938  RTL8168 - ok
13:53:21.0947 0x1938  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
13:53:21.0978 0x1938  s3cap - ok
13:53:22.0009 0x1938  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\WINDOWS\system32\lsass.exe
13:53:22.0040 0x1938  SamSs - ok
13:53:22.0072 0x1938  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
13:53:22.0119 0x1938  sbp2port - ok
13:53:22.0150 0x1938  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
13:53:22.0197 0x1938  SCardSvr - ok
13:53:22.0212 0x1938  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
13:53:22.0259 0x1938  ScDeviceEnum - ok
13:53:22.0291 0x1938  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
13:53:22.0322 0x1938  scfilter - ok
13:53:22.0447 0x1938  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
13:53:22.0572 0x1938  Schedule - ok
13:53:22.0603 0x1938  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
13:53:22.0650 0x1938  SCPolicySvc - ok
13:53:22.0681 0x1938  [ 1CA5A783B10EC897FCE91CF220D6C517, DCBCD9E90C73F883B9A55D972CF99F25373049B7684E6738E1E213A20369A5E6 ] scvad_simple    C:\WINDOWS\system32\drivers\SplitCamAudio.sys
13:53:22.0712 0x1938  scvad_simple - ok
13:53:22.0744 0x1938  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
13:53:22.0791 0x1938  sdbus - ok
13:53:22.0822 0x1938  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
13:53:22.0853 0x1938  sdstor - ok
13:53:22.0884 0x1938  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
13:53:22.0915 0x1938  secdrv - ok
13:53:22.0931 0x1938  [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon        C:\WINDOWS\system32\seclogon.dll
13:53:22.0962 0x1938  seclogon - ok
13:53:22.0994 0x1938  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\WINDOWS\System32\sens.dll
13:53:23.0025 0x1938  SENS - ok
13:53:23.0056 0x1938  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
13:53:23.0119 0x1938  SensrSvc - ok
13:53:23.0165 0x1938  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
13:53:23.0197 0x1938  SerCx - ok
13:53:23.0244 0x1938  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
13:53:23.0290 0x1938  SerCx2 - ok
13:53:23.0322 0x1938  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
13:53:23.0353 0x1938  Serenum - ok
13:53:23.0369 0x1938  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
13:53:23.0400 0x1938  Serial - ok
13:53:23.0431 0x1938  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
13:53:23.0462 0x1938  sermouse - ok
13:53:23.0525 0x1938  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
13:53:23.0806 0x1938  SessionEnv - ok
13:53:23.0837 0x1938  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
13:53:23.0869 0x1938  sfloppy - ok
13:53:23.0931 0x1938  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
13:53:24.0165 0x1938  SharedAccess - ok
13:53:24.0415 0x1938  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
13:53:24.0634 0x1938  ShellHWDetection - ok
13:53:24.0666 0x1938  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
13:53:24.0697 0x1938  SiSRaid2 - ok
13:53:24.0712 0x1938  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
13:53:24.0744 0x1938  SiSRaid4 - ok
13:53:24.0822 0x1938  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
13:53:24.0869 0x1938  SkypeUpdate - ok
13:53:24.0916 0x1938  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\WINDOWS\System32\smphost.dll
13:53:24.0931 0x1938  smphost - ok
13:53:24.0978 0x1938  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
13:53:25.0009 0x1938  SNMPTRAP - ok
13:53:25.0056 0x1938  [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
13:53:25.0369 0x1938  spaceport - ok
13:53:25.0400 0x1938  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
13:53:25.0431 0x1938  SpbCx - ok
13:53:25.0462 0x1938  [ 47C36D677B1E96B8F94D85C543DC5CA6, 3FE5F3F021DB36DA3672E906C83CB2A79C8F7FD3DC9643098ACDD47943F7F6BC ] splitcam_hd_driver C:\WINDOWS\system32\DRIVERS\splitcam_hd_driver.sys
13:53:25.0478 0x1938  splitcam_hd_driver - ok
13:53:25.0572 0x1938  [ 2E3976C857D7230EC8D2B2276E688255, C0A6A84369CB3E709A6FFEBED2B38AB62D731B79D052D6D6FA8EF855BC428778 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
13:53:25.0650 0x1938  Spooler - ok
13:53:26.0134 0x1938  [ 46549AF7CB672BC8138264CC4100E9F8, 6434249FADB07A033FD40C37DF2B775CF0617CF0C3E7C170F2984BD3CE423794 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
13:53:26.0744 0x1938  sppsvc - ok
13:53:26.0947 0x1938  [ 3361466E3C5353CAB7E978C236FADF3B, DEF6FD4EB35C4CA9E67843A324FF1A8D6A064CBC76FD3392E70BBAF85D9421BA ] SRTSP           C:\WINDOWS\System32\Drivers\N360x64\1605020.00F\SRTSP64.SYS
13:53:27.0134 0x1938  SRTSP - ok
13:53:27.0166 0x1938  [ BA2ABBEA69BD1866C973DE11CB0CE9F8, 7A04BC2F4DA9A69A996911CC429064D24CF51F4046A2EE688D4326B44C9EDAFB ] SRTSPX          C:\WINDOWS\system32\drivers\N360x64\1605020.00F\SRTSPX64.SYS
13:53:27.0197 0x1938  SRTSPX - ok
13:53:27.0291 0x1938  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
13:53:27.0337 0x1938  srv - ok
13:53:27.0509 0x1938  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
13:53:27.0572 0x1938  srv2 - ok
13:53:27.0619 0x1938  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
13:53:27.0666 0x1938  srvnet - ok
13:53:27.0712 0x1938  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
13:53:28.0009 0x1938  SSDPSRV - ok
13:53:28.0056 0x1938  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
13:53:28.0431 0x1938  SstpSvc - ok
13:53:28.0462 0x1938  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
13:53:28.0478 0x1938  stexstor - ok
13:53:28.0681 0x1938  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
13:53:28.0775 0x1938  stisvc - ok
13:53:28.0806 0x1938  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
13:53:28.0837 0x1938  storahci - ok
13:53:28.0869 0x1938  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
13:53:28.0900 0x1938  storflt - ok
13:53:28.0931 0x1938  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
13:53:28.0947 0x1938  stornvme - ok
13:53:28.0978 0x1938  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
13:53:29.0212 0x1938  StorSvc - ok
13:53:29.0244 0x1938  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
13:53:29.0275 0x1938  storvsc - ok
13:53:29.0322 0x1938  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\WINDOWS\system32\svsvc.dll
13:53:29.0666 0x1938  svsvc - ok
13:53:29.0697 0x1938  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
13:53:29.0728 0x1938  swenum - ok
13:53:30.0150 0x1938  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\WINDOWS\System32\swprv.dll
13:53:30.0556 0x1938  swprv - ok
13:53:30.0728 0x1938  [ C9EC22D5B3C6B32A7C8B4A73870A7379, BA530C64FDE63D9A4023BB9E667497D5248B2910BC1A214B592318CC64034735 ] SymEFASI        C:\WINDOWS\system32\drivers\N360x64\1605020.00F\SYMEFASI64.SYS
13:53:31.0041 0x1938  SymEFASI - ok
13:53:31.0087 0x1938  [ 1DE0CBF15AC67AE0E5B456ADEFB89493, C764815313BB4332279730AA02531A448A1D32F5B6D5689FF04549406A5B5212 ] SymELAM         C:\WINDOWS\system32\drivers\N360x64\1605020.00F\SymELAM.sys
13:53:31.0119 0x1938  SymELAM - ok
13:53:31.0150 0x1938  [ 6DF8F618B93C821630C9BAA8DA3FAAAF, 553972D63F3347291EC8370AB910F741EF1DA61BC74FBA4192EF6E1DF567FB99 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
13:53:31.0166 0x1938  SymEvent - ok
13:53:31.0212 0x1938  [ 0891E59A27208B9B727BAB863B853E80, 7BBDD53CB7AB003DF803D6D596A2B5216425DCC7FA8D3F311AE5BD4EC19FBB0A ] SymIRON         C:\WINDOWS\system32\drivers\N360x64\1605020.00F\Ironx64.SYS
13:53:31.0572 0x1938  SymIRON - ok
13:53:31.0666 0x1938  [ 5EA70535B2A6504278E14943867B1B39, 53F191DE2F1F692983BD9068DCF0A851111B7A08FCEDFE871FA0594B0C46FCB7 ] SymNetS         C:\WINDOWS\System32\Drivers\N360x64\1605020.00F\SYMNETS.SYS
13:53:32.0009 0x1938  SymNetS - ok
13:53:32.0119 0x1938  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\WINDOWS\system32\sysmain.dll
13:53:32.0291 0x1938  SysMain - ok
13:53:32.0369 0x1938  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
13:53:32.0416 0x1938  SystemEventsBroker - ok
13:53:32.0463 0x1938  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
13:53:32.0509 0x1938  TabletInputService - ok
13:53:32.0541 0x1938  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
13:53:32.0650 0x1938  TapiSrv - ok
13:53:32.0838 0x1938  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
13:53:33.0056 0x1938  Tcpip - ok
13:53:33.0244 0x1938  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:53:33.0463 0x1938  TCPIP6 - ok
13:53:33.0525 0x1938  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
13:53:33.0541 0x1938  tcpipreg - ok
13:53:33.0588 0x1938  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
13:53:33.0619 0x1938  tdx - ok
13:53:33.0634 0x1938  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
13:53:33.0666 0x1938  terminpt - ok
13:53:33.0759 0x1938  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\WINDOWS\System32\termsrv.dll
13:53:34.0150 0x1938  TermService - ok
13:53:34.0181 0x1938  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\WINDOWS\system32\themeservice.dll
13:53:34.0228 0x1938  Themes - ok
13:53:34.0259 0x1938  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
13:53:34.0291 0x1938  THREADORDER - ok
13:53:34.0322 0x1938  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
13:53:34.0650 0x1938  TimeBroker - ok
13:53:34.0681 0x1938  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
13:53:34.0713 0x1938  TPM - ok
13:53:34.0759 0x1938  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
13:53:34.0853 0x1938  TrkWks - ok
13:53:34.0916 0x1938  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
13:53:34.0963 0x1938  TrustedInstaller - ok
13:53:34.0978 0x1938  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
13:53:35.0025 0x1938  TsUsbFlt - ok
13:53:35.0041 0x1938  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
13:53:35.0291 0x1938  TsUsbGD - ok
13:53:35.0322 0x1938  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
13:53:35.0369 0x1938  tunnel - ok
13:53:35.0384 0x1938  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
13:53:35.0416 0x1938  uagp35 - ok
13:53:35.0431 0x1938  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
13:53:35.0463 0x1938  UASPStor - ok
13:53:35.0509 0x1938  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
13:53:35.0556 0x1938  UCX01000 - ok
13:53:35.0603 0x1938  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
13:53:35.0650 0x1938  udfs - ok
13:53:35.0666 0x1938  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
13:53:35.0697 0x1938  UEFI - ok
13:53:35.0744 0x1938  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
13:53:35.0775 0x1938  UI0Detect - ok
13:53:35.0791 0x1938  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
13:53:35.0822 0x1938  uliagpkx - ok
13:53:35.0853 0x1938  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
13:53:35.0884 0x1938  umbus - ok
13:53:35.0884 0x1938  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
13:53:35.0916 0x1938  UmPass - ok
13:53:35.0978 0x1938  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
13:53:36.0197 0x1938  UmRdpService - ok
13:53:36.0244 0x1938  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\WINDOWS\System32\upnphost.dll
13:53:36.0681 0x1938  upnphost - ok
13:53:36.0728 0x1938  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
13:53:36.0759 0x1938  usbccgp - ok
13:53:36.0806 0x1938  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
13:53:37.0072 0x1938  usbcir - ok
13:53:37.0088 0x1938  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
13:53:37.0119 0x1938  usbehci - ok
13:53:37.0197 0x1938  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
13:53:37.0259 0x1938  usbhub - ok
13:53:37.0322 0x1938  [ 95B0179BDA907252025DEEA183699FB3, A6BDFB93EE9418A83407024204A41640A08638C60E2BE75C249D102601DC1D80 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
13:53:37.0384 0x1938  USBHUB3 - ok
13:53:37.0400 0x1938  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
13:53:37.0431 0x1938  usbohci - ok
13:53:37.0447 0x1938  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
13:53:37.0634 0x1938  usbprint - ok
13:53:37.0666 0x1938  [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
13:53:37.0853 0x1938  usbscan - ok
13:53:37.0900 0x1938  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
13:53:37.0931 0x1938  USBSTOR - ok
         
__________________

Alt 10.09.2015, 14:13   #4
Martsch
 
Links über Skype und Mails werden verschickt - aber nicht von mir - Standard

Links über Skype und Mails werden verschickt - aber nicht von mir



Code:
ATTFilter
13:53:37.0947 0x1938  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
13:53:37.0978 0x1938  usbuhci - ok
13:53:38.0025 0x1938  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
13:53:38.0056 0x1938  usbvideo - ok
13:53:38.0150 0x1938  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
13:53:38.0197 0x1938  USBXHCI - ok
13:53:38.0228 0x1938  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\WINDOWS\system32\lsass.exe
13:53:38.0259 0x1938  VaultSvc - ok
13:53:38.0306 0x1938  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
13:53:38.0322 0x1938  vdrvroot - ok
13:53:38.0447 0x1938  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\WINDOWS\System32\vds.exe
13:53:38.0556 0x1938  vds - ok
13:53:38.0588 0x1938  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
13:53:38.0634 0x1938  VerifierExt - ok
13:53:38.0681 0x1938  [ F6ECFD6128A16A4851CFE98D4E01B011, C349893E8D7FB9B510A3FAD040F70C3C72B0ACDD5F6EB336951849F9E953717D ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
13:53:38.0744 0x1938  vhdmp - ok
13:53:38.0775 0x1938  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
13:53:38.0806 0x1938  viaide - ok
13:53:38.0822 0x1938  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
13:53:38.0853 0x1938  vmbus - ok
13:53:38.0869 0x1938  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
13:53:38.0900 0x1938  VMBusHID - ok
13:53:38.0963 0x1938  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
13:53:39.0025 0x1938  vmicguestinterface - ok
13:53:39.0072 0x1938  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
13:53:39.0134 0x1938  vmicheartbeat - ok
13:53:39.0166 0x1938  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
13:53:39.0228 0x1938  vmickvpexchange - ok
13:53:39.0259 0x1938  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
13:53:39.0322 0x1938  vmicrdv - ok
13:53:39.0353 0x1938  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
13:53:39.0416 0x1938  vmicshutdown - ok
13:53:39.0463 0x1938  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
13:53:39.0525 0x1938  vmictimesync - ok
13:53:39.0556 0x1938  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
13:53:39.0619 0x1938  vmicvss - ok
13:53:39.0650 0x1938  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
13:53:39.0681 0x1938  volmgr - ok
13:53:39.0713 0x1938  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
13:53:39.0759 0x1938  volmgrx - ok
13:53:39.0791 0x1938  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
13:53:39.0838 0x1938  volsnap - ok
13:53:39.0884 0x1938  [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
13:53:39.0900 0x1938  vpci - ok
13:53:39.0978 0x1938  [ 80E63B86C40C5E067475DC98F845A6DD, A9B5211E1038DCDDB35D2E4496DDE455B8610933918E705A8323E3F283E98A8D ] vpnagent        C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
13:53:40.0025 0x1938  vpnagent - ok
13:53:40.0056 0x1938  [ A8D4FED106B4BD337DF3DA20BA44E18E, 066F58895F9FF71E72852DB982C3CD2F7E92092411686CE972449B0123A04B1E ] vpnva           C:\WINDOWS\system32\DRIVERS\vpnva64.sys
13:53:40.0072 0x1938  vpnva - ok
13:53:40.0119 0x1938  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
13:53:40.0150 0x1938  vsmraid - ok
13:53:40.0291 0x1938  [ 3B7F9612439EA47151EC5EAB232C1C3F, CA08CCB14CB46512F72E2C20454242B18BC57E34C55B42A37B7EC27B79242CDC ] VSS             C:\WINDOWS\system32\vssvc.exe
13:53:41.0025 0x1938  VSS - ok
13:53:41.0088 0x1938  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
13:53:41.0135 0x1938  VSTXRAID - ok
13:53:41.0181 0x1938  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
13:53:41.0213 0x1938  vwifibus - ok
13:53:41.0244 0x1938  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
13:53:41.0275 0x1938  vwififlt - ok
13:53:41.0291 0x1938  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
13:53:41.0322 0x1938  vwifimp - ok
13:53:41.0369 0x1938  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\WINDOWS\system32\w32time.dll
13:53:41.0431 0x1938  W32Time - ok
13:53:41.0447 0x1938  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
13:53:41.0478 0x1938  WacomPen - ok
13:53:41.0635 0x1938  [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine        C:\WINDOWS\system32\wbengine.exe
13:53:42.0135 0x1938  wbengine - ok
13:53:42.0197 0x1938  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
13:53:42.0806 0x1938  WbioSrvc - ok
13:53:42.0838 0x1938  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
13:53:43.0056 0x1938  Wcmsvc - ok
13:53:43.0103 0x1938  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
13:53:43.0150 0x1938  wcncsvc - ok
13:53:43.0166 0x1938  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
13:53:43.0197 0x1938  WcsPlugInService - ok
13:53:43.0244 0x1938  [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
13:53:43.0260 0x1938  WdBoot - ok
13:53:43.0306 0x1938  [ D0335A55E5C3F812548E18300C2ACB62, 7EF7C3A21E97197E1A6D2956D0F5A7C23F2D590C9709708394426031634990A5 ] WDC_SAM         C:\WINDOWS\System32\drivers\wdcsam64.sys
13:53:43.0338 0x1938  WDC_SAM - ok
13:53:43.0416 0x1938  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
13:53:43.0494 0x1938  Wdf01000 - ok
13:53:43.0525 0x1938  [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
13:53:43.0572 0x1938  WdFilter - ok
13:53:43.0619 0x1938  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
13:53:43.0650 0x1938  WdiServiceHost - ok
13:53:43.0666 0x1938  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
13:53:43.0697 0x1938  WdiSystemHost - ok
13:53:43.0744 0x1938  [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
13:53:43.0775 0x1938  WdNisDrv - ok
13:53:43.0791 0x1938  WdNisSvc - ok
13:53:43.0838 0x1938  [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient       C:\WINDOWS\System32\webclnt.dll
13:53:43.0916 0x1938  WebClient - ok
13:53:43.0963 0x1938  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
13:53:44.0010 0x1938  Wecsvc - ok
13:53:44.0025 0x1938  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
13:53:44.0056 0x1938  WEPHOSTSVC - ok
13:53:44.0072 0x1938  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
13:53:44.0119 0x1938  wercplsupport - ok
13:53:44.0135 0x1938  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
13:53:44.0181 0x1938  WerSvc - ok
13:53:44.0228 0x1938  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
13:53:44.0260 0x1938  WFPLWFS - ok
13:53:44.0275 0x1938  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
13:53:44.0322 0x1938  WiaRpc - ok
13:53:44.0353 0x1938  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
13:53:44.0385 0x1938  WIMMount - ok
13:53:44.0385 0x1938  WinDefend - ok
13:53:44.0510 0x1938  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
13:53:44.0588 0x1938  WinHttpAutoProxySvc - ok
13:53:44.0650 0x1938  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
13:53:44.0916 0x1938  Winmgmt - ok
13:53:45.0119 0x1938  [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
13:53:45.0494 0x1938  WinRM - ok
13:53:45.0635 0x1938  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
13:53:45.0775 0x1938  WlanSvc - ok
13:53:45.0885 0x1938  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
13:53:46.0010 0x1938  wlidsvc - ok
13:53:46.0041 0x1938  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
13:53:46.0072 0x1938  WmiAcpi - ok
13:53:46.0103 0x1938  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
13:53:46.0338 0x1938  wmiApSrv - ok
13:53:46.0369 0x1938  WMPNetworkSvc - ok
13:53:46.0400 0x1938  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
13:53:46.0588 0x1938  Wof - ok
13:53:46.0728 0x1938  [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
13:53:47.0088 0x1938  workfolderssvc - ok
13:53:47.0135 0x1938  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
13:53:47.0166 0x1938  wpcfltr - ok
13:53:47.0197 0x1938  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
13:53:47.0228 0x1938  WPCSvc - ok
13:53:47.0260 0x1938  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
13:53:47.0541 0x1938  WPDBusEnum - ok
13:53:47.0556 0x1938  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
13:53:47.0588 0x1938  WpdUpFltr - ok
13:53:47.0619 0x1938  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
13:53:47.0650 0x1938  ws2ifsl - ok
13:53:47.0681 0x1938  [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
13:53:47.0713 0x1938  wscsvc - ok
13:53:47.0728 0x1938  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
13:53:47.0760 0x1938  WSDPrintDevice - ok
13:53:47.0791 0x1938  [ 58035FD3369879E02D65989C44D27450, B9245DB5C17F7CE94FAA20AB4B0D06A4DFB6133C6E82343758CDC713EB64DFEF ] WSDScan         C:\WINDOWS\system32\DRIVERS\WSDScan.sys
13:53:47.0822 0x1938  WSDScan - ok
13:53:47.0838 0x1938  WSearch - ok
13:53:48.0056 0x1938  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\WINDOWS\System32\WSService.dll
13:53:48.0744 0x1938  WSService - ok
13:53:48.0916 0x1938  [ 3F726FF7B1ACC7D5E89940EA5BFF0E61, DF84486870C677B30985005A909CFDF8446BD566F601A295FF29F258E1D1AFF4 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
13:53:49.0181 0x1938  wuauserv - ok
13:53:49.0228 0x1938  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
13:53:49.0635 0x1938  WudfPf - ok
13:53:49.0650 0x1938  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
13:53:50.0072 0x1938  WUDFRd - ok
13:53:50.0135 0x1938  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
13:53:50.0291 0x1938  wudfsvc - ok
13:53:50.0307 0x1938  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
13:53:50.0353 0x1938  WUDFWpdFs - ok
13:53:50.0463 0x1938  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
13:53:50.0932 0x1938  WwanSvc - ok
13:53:50.0994 0x1938  [ 86B8B1F5C1189D68B07666784BE882FE, 0DD8C627F3DDBDB61B1910540C465C0D62C9F8D84C7CBB6C80782DB02D535AF0 ] ZAtheros Bt and Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
13:53:51.0135 0x1938  ZAtheros Bt and Wlan Coex Agent - detected UnsignedFile.Multi.Generic ( 1 )
13:53:53.0650 0x1938  Detect skipped due to KSN trusted
13:53:53.0650 0x1938  ZAtheros Bt and Wlan Coex Agent - ok
13:53:53.0666 0x1938  ================ Scan global ===============================
13:53:53.0713 0x1938  [ 05B08C20B8428ECE088CB5635696A48D, 471642A2D0E5C3BB235962FC8D86A49AC30D7DDE80B97E348425BBFCDE4DCDC3 ] C:\WINDOWS\system32\basesrv.dll
13:53:53.0760 0x1938  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
13:53:54.0103 0x1938  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
13:53:54.0166 0x1938  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
13:53:54.0197 0x1938  [ Global ] - ok
13:53:54.0197 0x1938  ================ Scan MBR ==================================
13:53:54.0197 0x1938  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
13:53:54.0338 0x1938  \Device\Harddisk0\DR0 - ok
13:53:54.0510 0x1938  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
13:53:55.0104 0x1938  \Device\Harddisk1\DR1 - ok
13:53:55.0104 0x1938  ================ Scan VBR ==================================
13:53:55.0119 0x1938  [ A6283B5944C48D1BAEE0AE784F258D51 ] \Device\Harddisk0\DR0\Partition1
13:53:55.0166 0x1938  \Device\Harddisk0\DR0\Partition1 - ok
13:53:55.0182 0x1938  [ 97FAE432868BFCEAA2A704CF9253F80E ] \Device\Harddisk0\DR0\Partition2
13:53:55.0244 0x1938  \Device\Harddisk0\DR0\Partition2 - ok
13:53:55.0275 0x1938  [ 446ED579EBDF5303BCD1FE047B41C988 ] \Device\Harddisk0\DR0\Partition3
13:53:55.0291 0x1938  \Device\Harddisk0\DR0\Partition3 - ok
13:53:55.0307 0x1938  [ 25BF7D44F2FF0EEB5EB88CC8854975DF ] \Device\Harddisk0\DR0\Partition4
13:53:55.0369 0x1938  \Device\Harddisk0\DR0\Partition4 - ok
13:53:55.0385 0x1938  [ 945D99E325685EB0E9096DD44950B7EB ] \Device\Harddisk0\DR0\Partition5
13:53:55.0478 0x1938  \Device\Harddisk0\DR0\Partition5 - ok
13:53:55.0510 0x1938  [ 5B7F4CAF404F99E7898B3C340CEA2E6A ] \Device\Harddisk0\DR0\Partition6
13:53:55.0604 0x1938  \Device\Harddisk0\DR0\Partition6 - ok
13:53:55.0650 0x1938  [ 5D323FE3C1576E2AB90E5035C5642513 ] \Device\Harddisk0\DR0\Partition7
13:53:55.0682 0x1938  \Device\Harddisk0\DR0\Partition7 - ok
13:53:55.0697 0x1938  [ 36375F6B34533DC74379956ACE27E827 ] \Device\Harddisk1\DR1\Partition1
13:53:55.0697 0x1938  \Device\Harddisk1\DR1\Partition1 - ok
13:53:55.0697 0x1938  ================ Scan generic autorun ======================
13:53:55.0728 0x1938  [ 33ECE216B2B85850BD00CAD23046C200, 36B5915C213DA22B92C615E944195D628F5A2243969EF7810EC3739EA5655F2A ] C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe
13:53:55.0744 0x1938  DptfPolicyLpmServiceHelper - ok
13:53:56.0650 0x1938  [ C6EBBCA79931B19F7C2D4A1B494D4B98, 2E146B8761000E12E29D0BC819BFC9DC7F3589080613773BBB1BA37984EB5C67 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
13:53:57.0369 0x1938  RTHDVCPL - ok
13:53:57.0432 0x1938  [ 1E7EBBF7D89DE7979308494FE98EB393, 84619B1A27F72FB5B412528AC247FA1CC174056BB08BF9B2B4749625BFE2688A ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
13:53:57.0478 0x1938  RtHDVBg - ok
13:53:57.0510 0x1938  [ CFF4C979AA720C73EC93918D9730B9E9, 0DC04ACD258DD5FC4A7EA81AC3F8876675424EC35F7ECB996B7C132BAB430A33 ] C:\WINDOWS\system32\igfxtray.exe
13:53:57.0541 0x1938  IgfxTray - ok
13:53:57.0619 0x1938  [ 4B9D449ED9880477DEFBA85D512E05F9, B50C589A1F8953617FAD961363CA3538F6C0539FA06D7FAA2EA88320410C7F43 ] C:\WINDOWS\system32\hkcmd.exe
13:53:57.0697 0x1938  HotKeysCmds - ok
13:53:57.0775 0x1938  [ 2498449B5CA65A640125164EE0019B14, F4EF4EA34A656984C83DB3BFCD8390ACD76C922A1C253335104C31D371EEDA17 ] C:\WINDOWS\system32\igfxpers.exe
13:53:57.0838 0x1938  Persistence - ok
13:53:58.0088 0x1938  [ 2362B857693DA580E04ECE28F7D67E7E, EABF4B6502A06B94D07E25D78D8CEF8862B7FE5D117F7F145268B95688A02E62 ] C:\Program Files (x86)\ASUS\APRP\APRP.EXE
13:53:58.0338 0x1938  ASUSPRP - detected UnsignedFile.Multi.Generic ( 1 )
13:54:00.0838 0x1938  Detect skipped due to KSN trusted
13:54:00.0838 0x1938  ASUSPRP - ok
13:54:01.0666 0x1938  [ B15880A58755DA0FADB15923013A7957, 4090342AF93538C5F3157605164CF5EC051B6D767B1B7FCCF3265F1D426E88AA ] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe
13:54:01.0775 0x1938  ASUSWebStorage - ok
13:54:01.0822 0x1938  [ C049C40CAEE8900130BD5F80B594CC7B, F54FC31662A9B8032B380793D534F34A0C63FED9C84DE313D17A61612EB31DC4 ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
13:54:01.0838 0x1938  RemoteControl10 - ok
13:54:01.0885 0x1938  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
13:54:01.0885 0x1938  HP Software Update - ok
13:54:01.0963 0x1938  [ 369993D4B8C009393A2F9BCBB7BD2587, DD9FBF8C32BB3A29F7062BABA23B84FB9F7395A4AB3FB7001071154CDE92F7D5 ] C:\Program Files (x86)\Windows Mail\wab.exe
13:54:02.0932 0x1938  WAB Migrate - ok
13:54:03.0041 0x1938  [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\Martin\AppData\Local\Dropbox\Update\DropboxUpdate.exe
13:54:03.0072 0x1938  Dropbox Update - ok
13:54:03.0072 0x1938  Waiting for KSN requests completion. In queue: 11
13:54:04.0088 0x1938  Waiting for KSN requests completion. In queue: 5
13:54:05.0104 0x1938  Waiting for KSN requests completion. In queue: 5
13:54:06.0135 0x1938  AV detected via SS2: Norton 360 Online, C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\WSCStub.exe ( 22.5.0.0 ), 0x51000 ( enabled : updated )
13:54:06.0135 0x1938  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
13:54:06.0135 0x1938  FW detected via SS2: Norton 360 Online, C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\WSCStub.exe ( 22.5.0.0 ), 0x51010 ( enabled )
13:54:08.0807 0x1938  ============================================================
13:54:08.0807 0x1938  Scan finished
13:54:08.0807 0x1938  ============================================================
13:54:08.0822 0x1854  Detected object count: 0
13:54:08.0822 0x1854  Actual detected object count: 0
         

Alt 11.09.2015, 07:22   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Links über Skype und Mails werden verschickt - aber nicht von mir - Standard

Links über Skype und Mails werden verschickt - aber nicht von mir



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 11.09.2015, 12:24   #6
Martsch
 
Links über Skype und Mails werden verschickt - aber nicht von mir - Standard

Links über Skype und Mails werden verschickt - aber nicht von mir



Hey schrauber,

habe deine Schritte durchgeführt.
Hier sind die Logs.

mbam
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 11.09.2015
Suchlaufzeit: 10:53
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.09.11.03
Rootkit-Datenbank: v2015.08.16.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Martin

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 416176
Abgelaufene Zeit: 32 Min., 8 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 5
PUP.Optional.SnapDo, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}, In Quarantäne, [3f60ff2f1f6cd561fa2e24b7f60c738d], 
PUP.Optional.SnapDo, HKU\S-1-5-21-3515464670-2770779577-3274627398-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5}, In Quarantäne, [3f60ff2f1f6cd561fa2e24b7f60c738d], 
PUP.Optional.SnapDo, HKU\S-1-5-21-3515464670-2770779577-3274627398-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5}, In Quarantäne, [3f60ff2f1f6cd561fa2e24b7f60c738d], 
PUP.Optional.SnapDo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5}, In Quarantäne, [3f60ff2f1f6cd561fa2e24b7f60c738d], 
PUP.Optional.SnapDo, HKU\S-1-5-21-3515464670-2770779577-3274627398-1002\SOFTWARE\SMARTBAR, In Quarantäne, [d2cd5bd3bad1181ef51ae9cb0afa53ad], 

Registrierungswerte: 9
PUP.Optional.SmartBar, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, In Quarantäne, [f9a68aa47a11181e44992e0848bb926e]
PUP.Optional.SnapDo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}|URL, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0Bt1QtC6RCK2m_xhOoNdhT5HX80anbXrpXhx9ZMHv4UHqa3mV-Mbae8FYx677HOGI2C0AKLnIJ5RTuZ7eLUbH38jx4juB95WT8n2Huoi98GeizMl5RTvpsCzx5KNvS-Ao&q={searchTerms}, In Quarantäne, [f7a89f8f305b92a4b55c6450a75d8080]
PUP.Optional.SmartBar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, In Quarantäne, [6f309b939fec3402885592a4ce35fc04]
PUP.Optional.SnapDo, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {006ee092-9658-4fd6-bd8e-a21a348e59f5}, In Quarantäne, [069948e69eed39fd8fb7661635cfa759]
PUP.Optional.SnapDo, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}|URL, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0Bt1QtC6RCK2m_xhOoNdhT5HX80anbXrpXhx9ZMHv4UHqa3mV-Mbae8FYx677HOGI2C0AKLnIJ5RTuZ7eLUbH38jx4juB95WT8n2Huoi98GeizMl5RTvpsCzx5KNvS-Ao&q={searchTerms}, In Quarantäne, [c5daf5392e5d06303dd06252d72d6f91]
PUP.Optional.SnapDo, HKU\S-1-5-21-3515464670-2770779577-3274627398-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {006ee092-9658-4fd6-bd8e-a21a348e59f5}, In Quarantäne, [cbd4be701b70a49276d0027a956f3cc4]
PUP.Optional.SnapDo, HKU\S-1-5-21-3515464670-2770779577-3274627398-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}|URL, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0Bt1QtC6RCK2m_xhOoNdhT5HX80anbXrpXhx9ZMHv4UHqa3mV-Mbae8FYx677HOGI2C0AKLnIJ5RTuZ7eLUbH38jx4juB95WT8n2Huoi98GeizMl5RTvpsCzx5KNvS-Ao&q={searchTerms}, In Quarantäne, [9a05949a68233402010c9e1612f2f907]
PUP.Optional.SnapDo, HKU\S-1-5-21-3515464670-2770779577-3274627398-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {006ee092-9658-4fd6-bd8e-a21a348e59f5}, In Quarantäne, [1a8553db5c2ff04694b2fb813fc5e719]
PUP.Optional.SnapDo, HKU\S-1-5-21-3515464670-2770779577-3274627398-1002\SOFTWARE\SMARTBAR|publisher, SnapdoOCYB, In Quarantäne, [d2cd5bd3bad1181ef51ae9cb0afa53ad]

Registrierungsdaten: 8
PUP.Optional.SnapDo, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0Bt1QtC6RCK2m_xhOoNdhT5HX80anbXrpXhx9ZMHv4UHqa3mV-Mbae8FYx677HOGI2CEmL6rtoxP0wNxDbf25PZ9zIrDaSwUP_c91DF6eVHWJFMa8z7Pmrq9gxjmKDOmw, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0Bt1QtC6RCK2m_xhOoNdhT5HX80anbXrpXhx9ZMHv4UHqa3mV-Mbae8FYx677HOGI2CEmL6rtoxP0wNxDbf25PZ9zIrDaSwUP_c91DF6eVHWJFMa8z7Pmrq9gxjmKDOmw),Ersetzt,[178819153c4f84b243ab08626c99ee12]
PUP.Optional.SnapDo, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0Bt1QtC6RCK2m_xhOoNdhT5HX80anbXrpXhx9ZMHv4UHqa3mV-Mbae8FYx677HOGI2C0AKLnIJ5RTuZ7eLUbH38jx4juB95WT8n2Huoi98GeizMl5RTvpsCzx5KNvS-Ao&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0Bt1QtC6RCK2m_xhOoNdhT5HX80anbXrpXhx9ZMHv4UHqa3mV-Mbae8FYx677HOGI2C0AKLnIJ5RTuZ7eLUbH38jx4juB95WT8n2Huoi98GeizMl5RTvpsCzx5KNvS-Ao&q={searchTerms}),Ersetzt,[603fed41ef9c5bdb3eb065050bfa2cd4]
PUP.Optional.SnapDo, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0Bt1QtC6RCK2m_xhOoNdhT5HX80anbXrpXhx9ZMHv4UHqa3mV-Mbae8FYx677HOGI2C0AKLnIJ5RTuZ7eLUbH38jx4juB95WT8n2Huoi98GeizMl5RTvpsCzx5KNvS-Ao&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0Bt1QtC6RCK2m_xhOoNdhT5HX80anbXrpXhx9ZMHv4UHqa3mV-Mbae8FYx677HOGI2C0AKLnIJ5RTuZ7eLUbH38jx4juB95WT8n2Huoi98GeizMl5RTvpsCzx5KNvS-Ao&q={searchTerms}),Ersetzt,[801ff03e7f0cee48549adb8f32d37a86]
PUP.Optional.SnapDo, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0Bt1QtC6RCK2m_xhOoNdhT5HX80anbXrpXhx9ZMHv4UHqa3mV-Mbae8FYx677HOGI2C0AKLnIJ5RTuZ7eLUbH38jx4juB95WT8n2Huoi98GeizMl5RTvpsCzx5KNvS-Ao&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0Bt1QtC6RCK2m_xhOoNdhT5HX80anbXrpXhx9ZMHv4UHqa3mV-Mbae8FYx677HOGI2C0AKLnIJ5RTuZ7eLUbH38jx4juB95WT8n2Huoi98GeizMl5RTvpsCzx5KNvS-Ao&q={searchTerms}),Ersetzt,[9609fc3203883bfb12dd0169ec1918e8]
PUP.Optional.SnapDo, HKU\S-1-5-21-3515464670-2770779577-3274627398-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0Bt1QtC6RCK2m_xhOoNdhT5HX80anbXrpXhx9ZMHv4UHqa3mV-Mbae8FYx677HOGI2C0AKLnIJ5RTuZ7eLUbH38jx4juB95WT8n2Huoi98GeizMl5RTvpsCzx5KNvS-Ao&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0Bt1QtC6RCK2m_xhOoNdhT5HX80anbXrpXhx9ZMHv4UHqa3mV-Mbae8FYx677HOGI2C0AKLnIJ5RTuZ7eLUbH38jx4juB95WT8n2Huoi98GeizMl5RTvpsCzx5KNvS-Ao&q={searchTerms}),Ersetzt,[118e4fdf8704a98d717d86e4ff06b64a]
PUP.Optional.SnapDo, HKU\S-1-5-21-3515464670-2770779577-3274627398-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0Bt1QtC6RCK2m_xhOoNdhT5HX80anbXrpXhx9ZMHv4UHqa3mV-Mbae8FYx677HOGI2CEmL6rtoxP0wNxDbf25PZ9zIrDaSwUP_c91DF6eVHWJFMa8z7Pmrq9gxjmKDOmw, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0Bt1QtC6RCK2m_xhOoNdhT5HX80anbXrpXhx9ZMHv4UHqa3mV-Mbae8FYx677HOGI2CEmL6rtoxP0wNxDbf25PZ9zIrDaSwUP_c91DF6eVHWJFMa8z7Pmrq9gxjmKDOmw),Ersetzt,[bae51c12a3e85ed86985dd8db64fc23e]
PUP.Optional.SnapDo, HKU\S-1-5-21-3515464670-2770779577-3274627398-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0Bt1QtC6RCK2m_xhOoNdhT5HX80anbXrpXhx9ZMHv4UHqa3mV-Mbae8FYx677HOGI2C0AKLnIJ5RTuZ7eLUbH38jx4juB95WT8n2Huoi98GeizMl5RTvpsCzx5KNvS-Ao&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0Bt1QtC6RCK2m_xhOoNdhT5HX80anbXrpXhx9ZMHv4UHqa3mV-Mbae8FYx677HOGI2C0AKLnIJ5RTuZ7eLUbH38jx4juB95WT8n2Huoi98GeizMl5RTvpsCzx5KNvS-Ao&q={searchTerms}),Ersetzt,[dcc377b7a1ea24126a8459113ec715eb]
PUP.Optional.SnapDo, HKU\S-1-5-21-3515464670-2770779577-3274627398-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0Bt1QtC6RCK2m_xhOoNdhT5HX80anbXrpXhx9ZMHv4UHqa3mV-Mbae8FYx677HOGI2C0AKLnIJ5RTuZ7eLUbH38jx4juB95WT8n2Huoi98GeizMl5RTvpsCzx5KNvS-Ao&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0Bt1QtC6RCK2m_xhOoNdhT5HX80anbXrpXhx9ZMHv4UHqa3mV-Mbae8FYx677HOGI2C0AKLnIJ5RTuZ7eLUbH38jx4juB95WT8n2Huoi98GeizMl5RTvpsCzx5KNvS-Ao&q={searchTerms}),Ersetzt,[8718ea4499f2cc6a8867006a3ec732ce]

Ordner: 3
PUP.Optional.OpenCandy, C:\Users\Martin\AppData\Roaming\OpenCandy, In Quarantäne, [158aca648dfef343442c7182d32f9769], 
PUP.Optional.OpenCandy, C:\Users\Martin\AppData\Roaming\OpenCandy\577025B4A111493286467D45239E4E02, In Quarantäne, [158aca648dfef343442c7182d32f9769], 
PUP.Optional.OpenCandy, C:\Users\Martin\AppData\Roaming\OpenCandy\EFA822651D6E468D926AA489BD2B5910, In Quarantäne, [158aca648dfef343442c7182d32f9769], 

Dateien: 3
PUP.Optional.SmartBar, C:\Windows\Installer\4461df54.msi, In Quarantäne, [d8c71b13dcaf0531d9cedf58c040a55b], 
PUP.Optional.OpenCandy, C:\Users\Martin\AppData\Roaming\OpenCandy\577025B4A111493286467D45239E4E02\Installer.exe, In Quarantäne, [158aca648dfef343442c7182d32f9769], 
PUP.Optional.OpenCandy, C:\Users\Martin\AppData\Roaming\OpenCandy\EFA822651D6E468D926AA489BD2B5910\TuneUpUtilities2014_de-DE.exe, In Quarantäne, [158aca648dfef343442c7182d32f9769], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
AdwCleaner
Code:
ATTFilter
# AdwCleaner v5.007 - Bericht erstellt am 11/09/2015 um 11:41:46
# Aktualisiert am 08/09/2015 von Xplode
# Datenbank : 2015-09-10.1 [Server]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : Martin - MARTIN-LAPTOP
# Gestartet von : C:\Users\Martin\Desktop\AdwCleaner_5.007.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}

***** [ Dateien ] *****


***** [ Verknüpfungen ] *****

[-] Verknüpfung Desinfiziert : C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk

***** [ Geplante Tasks ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
[-] Daten Wiederhergestellt : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
[-] Daten Wiederhergestellt : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
[!] Daten Nicht Wiederhergestellt : HKU\S-1-5-21-3515464670-2770779577-3274627398-1001\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
[!] Daten Nicht Wiederhergestellt : HKU\S-1-5-21-3515464670-2770779577-3274627398-1001\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
[-] Daten Wiederhergestellt : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
[-] Daten Wiederhergestellt : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Search [SearchAssistant]

***** [ Internetbrowser ] *****


*************************

:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2557 Bytes] ##########
         
JRT
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.0 (08.31.2015:1)
OS: Windows 8.1 x64
Ran by Martin on 11.09.2015 at 11:48:30,07
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\Users\Martin\AppData\Roaming\sp_data.sys



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.09.2015 at 11:54:38,61
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
FRST
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:10-09-2015 01
durchgeführt von Martin (Administrator) auf MARTIN-LAPTOP (11-09-2015 12:07:44)
Gestartet von C:\Users\Martin\Desktop
Geladene Profile: Martin (Verfügbare Profile: UpdatusUser & Martin)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\N360.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\N360.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [79376 2013-07-31] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13776088 2014-12-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1391472 2014-12-11] (Realtek Semiconductor)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-04-26] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-04-24] (Atheros Communications)
HKU\S-1-5-21-3515464670-2770779577-3274627398-1002\...\Run: [Dropbox Update] => C:\Users\Martin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-15] (Dropbox, Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-10] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\hpoddt01.exe.lnk [2014-07-21]
ShortcutTarget: hpoddt01.exe.lnk -> C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8610.lnk [2015-07-04]
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 8610.lnk -> C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{08FE31C7-FE0C-474C-9C6C-CCC50F44AABB}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{B9F03622-55EC-4EE5-81B5-0FB25A5E26C1}: [DhcpNameServer] 30.50.1.1 30.50.1.2

Internet Explorer:
==================
HKU\S-1-5-21-3515464670-2770779577-3274627398-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}
HKU\S-1-5-21-3515464670-2770779577-3274627398-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://t.asus13.de.msn.com/?pc=asu2js&ocid=asudhp
HKU\S-1-5-21-3515464670-2770779577-3274627398-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
HKU\S-1-5-21-3515464670-2770779577-3274627398-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
SearchScopes: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-04-24] (Qualcomm Atheros Commnucations)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL Keine Datei
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\2q61wmip.default
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-04-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFPlgn [2015-09-11]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\Exts\Chrome.crx [2015-08-10]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\Exts\Chrome.crx [2015-08-10]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-07-23] (ASUS)
S2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [Datei ist nicht signiert]
S2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [310400 2013-04-24] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
S2 cjpcsc; C:\WINDOWS\SysWOW64\cjpcsc.exe [557056 2015-06-16] (REINER SCT)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2765496 2015-07-14] (Microsoft Corporation)
S2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [83032 2013-07-31] (Intel Corporation)
S2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [100032 2013-07-31] (Intel Corporation)
S2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [84568 2013-07-31] (Intel Corporation)
S2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [92864 2013-07-31] (Intel Corporation)
S2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [107944 2013-01-08] (Condusiv Technologies)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-08-08] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\N360.exe [282016 2015-07-16] (Symantec Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-04-24] (Atheros) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [69392 2013-08-08] (ASUS Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\BASHDefs\20150904.001\BHDrvx64.sys [1650936 2015-07-23] (Symantec Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-04-24] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1605020.00F\ccSetx64.sys [173808 2015-07-11] (Symantec Corporation)
S3 cjusb; C:\Windows\system32\DRIVERS\cjusb.sys [36112 2015-03-23] (REINER SCT)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [68072 2013-07-31] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [57216 2013-07-31] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [120256 2013-07-31] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [200808 2013-07-31] (Intel Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-07-27] (Symantec Corporation)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [26024 2013-01-08] (Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [112552 2013-01-08] (Condusiv Technologies)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\IPSDefs\20150910.001\IDSvia64.sys [767224 2015-08-29] (Symantec Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\VirusDefs\20150910.001\ENG64.SYS [138488 2015-05-20] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\VirusDefs\20150910.001\EX64.SYS [2146040 2015-05-20] (Symantec Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-07-23] (Windows (R) Win 7 DDK provider)
S3 scvad_simple; C:\Windows\system32\drivers\SplitCamAudio.sys [23552 2014-06-30] (Windows (R) Win 7 DDK provider)
S3 splitcam_hd_driver; C:\Windows\system32\DRIVERS\splitcam_hd_driver.sys [37496 2014-06-30] (Windows (R) Win 7 DDK provider)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1605020.00F\SRTSP64.SYS [926448 2015-07-11] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1605020.00F\SRTSPX64.SYS [50936 2015-07-11] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\N360x64\1605020.00F\SYMEFASI64.SYS [1620720 2015-07-11] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1605020.00F\SymELAM.sys [24192 2015-07-11] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-08-10] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1605020.00F\Ironx64.SYS [297720 2015-07-11] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1605020.00F\SYMNETS.SYS [576248 2015-07-11] (Symantec Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-11 12:07 - 2015-09-11 12:07 - 00022572 _____ C:\Users\Martin\Desktop\FRST.txt
2015-09-11 12:01 - 2015-09-11 12:03 - 00000000 ____D C:\Users\Martin\Desktop\FRST-OlderVersion
2015-09-11 11:54 - 2015-09-11 11:54 - 00000793 _____ C:\Users\Martin\Desktop\JRT.txt
2015-09-11 11:46 - 2015-09-11 11:46 - 01799392 _____ (Malwarebytes Corporation) C:\Users\Martin\Desktop\JRT_7600.exe
2015-09-11 11:44 - 2015-09-11 11:44 - 00002648 _____ C:\Users\Martin\Desktop\AdwCleaner[C1].txt
2015-09-11 11:39 - 2015-09-11 11:41 - 00000000 ____D C:\AdwCleaner
2015-09-11 11:35 - 2015-09-11 11:35 - 01660416 _____ C:\Users\Martin\Desktop\AdwCleaner_5.007.exe
2015-09-11 11:32 - 2015-09-11 11:32 - 00010559 _____ C:\Users\Martin\Desktop\mbam.txt
2015-09-11 10:51 - 2015-09-11 10:51 - 00001120 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-09-11 10:51 - 2015-09-11 10:51 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-09-11 10:51 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-09-11 10:51 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-09-10 14:08 - 2015-09-10 14:09 - 00121389 _____ C:\Users\Martin\Desktop\TDSSKiller.txt
2015-09-10 13:49 - 2015-09-10 13:49 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Martin\Desktop\tdsskiller.exe
2015-09-10 12:44 - 2015-09-11 11:29 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-09-10 12:44 - 2015-09-11 10:51 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-10 12:44 - 2015-09-10 13:47 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-09-10 12:42 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-09-10 12:41 - 2015-09-10 13:47 - 00000000 ____D C:\Users\Martin\Desktop\mbar
2015-09-10 12:40 - 2015-09-10 12:40 - 16563304 _____ (Malwarebytes Corp.) C:\Users\Martin\Desktop\mbar-1.09.2.1008.exe
2015-09-10 12:30 - 2015-09-10 12:30 - 00001286 _____ C:\Users\Martin\Desktop\Revo Uninstaller.lnk
2015-09-10 12:30 - 2015-09-10 12:30 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-09-10 11:41 - 2015-09-10 11:41 - 00266776 _____ C:\Users\Martin\Desktop\Norton.txt
2015-09-10 11:38 - 2015-09-10 11:38 - 00003829 _____ C:\Users\Martin\Desktop\Gmer.txt
2015-09-10 11:32 - 2015-09-10 11:32 - 00380416 _____ C:\Users\Martin\Desktop\Gmer-19357.exe
2015-09-10 11:25 - 2015-09-11 12:01 - 00000474 _____ C:\Users\Martin\Desktop\defogger_disable.log
2015-09-10 10:30 - 2015-09-11 12:07 - 00000000 ____D C:\FRST
2015-09-10 10:29 - 2015-09-11 12:01 - 02190848 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2015-09-10 10:26 - 2015-09-10 10:26 - 00050477 _____ C:\Users\Martin\Desktop\Defogger.exe
2015-09-10 10:26 - 2015-09-10 10:26 - 00000000 _____ C:\Users\Martin\defogger_reenable
2015-09-09 22:52 - 2015-09-09 23:49 - 00000000 ____D C:\Users\Martin\AppData\Local\NPE
2015-09-09 13:50 - 2015-09-03 04:18 - 02531400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-09-09 13:50 - 2015-09-03 04:17 - 01903848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-09-09 13:50 - 2015-09-02 20:48 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-09-09 13:50 - 2015-09-02 19:09 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-09-09 13:50 - 2015-08-27 04:48 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-09-09 13:50 - 2015-08-26 20:00 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-09-09 13:50 - 2015-08-26 20:00 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-09-09 13:50 - 2015-08-26 20:00 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-09-09 13:50 - 2015-08-26 20:00 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-09-09 13:50 - 2015-08-26 16:46 - 03705344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-09 13:50 - 2015-08-26 16:29 - 02240512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-09-09 13:50 - 2015-08-26 16:27 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-09-09 13:50 - 2015-08-26 16:27 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-09-09 13:50 - 2015-08-26 16:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-09-09 13:50 - 2015-08-26 16:26 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-09-09 13:50 - 2015-08-26 16:26 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-09-09 13:50 - 2015-08-22 20:19 - 25188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-09 13:50 - 2015-08-22 19:35 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-09 13:50 - 2015-08-22 19:22 - 19856384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-09 13:50 - 2015-08-22 19:20 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-09-09 13:50 - 2015-08-22 18:50 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-09 13:50 - 2015-08-22 18:41 - 14451712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-09 13:50 - 2015-08-22 18:28 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-09-09 13:50 - 2015-08-22 18:26 - 02427392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-09-09 13:50 - 2015-08-22 18:22 - 12857344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-09 13:50 - 2015-07-30 19:18 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2015-09-09 13:50 - 2015-07-30 18:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2015-09-09 13:49 - 2015-09-02 04:56 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-09-09 13:49 - 2015-09-02 04:55 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-09 13:49 - 2015-09-02 04:50 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-09 13:49 - 2015-09-02 04:17 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-09 13:49 - 2015-09-02 04:13 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-09 13:49 - 2015-08-22 19:34 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-09 13:49 - 2015-08-22 19:21 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-09 13:49 - 2015-08-22 18:55 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-09 13:49 - 2015-08-22 18:50 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-09-09 13:49 - 2015-08-22 18:45 - 00665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-09 13:49 - 2015-08-22 18:44 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-09-09 13:49 - 2015-08-22 18:41 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-09-09 13:49 - 2015-08-22 18:41 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-09-09 13:49 - 2015-08-22 18:41 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-09-09 13:49 - 2015-08-22 18:39 - 02126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-09-09 13:49 - 2015-08-22 18:23 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-09-09 13:49 - 2015-08-22 18:20 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-09-09 13:49 - 2015-08-22 18:18 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-09-09 13:49 - 2015-08-22 18:18 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-09-09 13:49 - 2015-08-22 18:18 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-09-09 13:49 - 2015-08-22 18:14 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-09-09 13:49 - 2015-08-22 18:01 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-09-09 13:49 - 2015-08-22 18:00 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-09-09 13:49 - 2015-08-22 17:56 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-09-09 13:49 - 2015-08-22 17:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-09-09 13:49 - 2015-08-03 23:15 - 00074928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2015-09-09 13:49 - 2015-08-03 23:15 - 00065600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2015-09-09 13:49 - 2015-08-01 16:22 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2015-09-09 13:49 - 2015-08-01 05:47 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2015-09-09 13:49 - 2015-08-01 05:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2015-09-09 13:49 - 2015-08-01 05:38 - 01265152 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-09 13:49 - 2015-08-01 05:37 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2015-09-09 13:49 - 2015-08-01 05:37 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2015-09-09 13:49 - 2015-07-22 16:34 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-09 13:49 - 2015-07-22 16:33 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-09 13:49 - 2015-07-22 16:25 - 02461184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-09 13:49 - 2015-07-22 16:25 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-09 13:49 - 2015-07-18 20:31 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-09 13:49 - 2015-07-18 20:29 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-09 13:49 - 2015-07-18 20:29 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-09 13:49 - 2015-07-18 20:27 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-05 20:39 - 2015-09-05 20:39 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-25 11:36 - 2015-08-25 11:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-25 11:20 - 2015-08-27 15:42 - 00000000 ____D C:\Users\Martin\Desktop\Blühmischung Haselrain 2015
2015-08-22 14:16 - 2015-07-22 16:19 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-08-22 14:16 - 2015-07-22 15:52 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-08-22 14:16 - 2015-07-17 16:15 - 00951296 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-08-22 14:16 - 2015-07-17 16:10 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-08-22 14:16 - 2015-07-03 23:51 - 01380056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-08-22 14:16 - 2015-07-03 16:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-08-22 14:16 - 2015-06-27 13:47 - 00118616 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2015-08-22 14:16 - 2015-06-19 19:07 - 02819072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-08-22 14:15 - 2015-07-14 05:27 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzsync.exe
2015-08-22 14:15 - 2015-07-13 21:10 - 00411455 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-22 14:15 - 2015-07-10 21:06 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2015-08-22 14:15 - 2015-07-09 18:14 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-08-22 14:01 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-22 14:01 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-22 13:49 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-22 13:49 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-22 13:49 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-22 13:49 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-22 13:49 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-22 13:49 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-22 13:49 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-22 13:49 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-22 13:49 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-22 13:49 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-22 13:49 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-22 13:49 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-22 13:48 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-22 13:48 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-22 13:48 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-22 13:48 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-22 13:48 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-22 13:48 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-22 13:48 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-22 13:47 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-22 13:47 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-22 13:47 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-22 13:47 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-22 13:47 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-22 13:47 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-22 13:47 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-22 13:47 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-22 13:47 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-22 13:47 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-22 13:47 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-22 13:47 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-13 12:06 - 2015-08-25 16:43 - 00000000 ____D C:\Users\Martin\Desktop\BA Präsentation

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-11 12:00 - 2015-05-15 12:01 - 00003474 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2015-09-11 12:00 - 2015-05-15 12:01 - 00003464 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2015-09-11 12:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-11 11:55 - 2015-01-20 21:08 - 01467049 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-11 11:47 - 2014-03-21 17:29 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3515464670-2770779577-3274627398-1002
2015-09-11 11:42 - 2014-11-20 20:24 - 00094040 _____ C:\WINDOWS\PFRO.log
2015-09-11 11:42 - 2013-08-22 16:46 - 00355372 _____ C:\WINDOWS\setupact.log
2015-09-11 11:42 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-11 11:41 - 2014-06-02 18:13 - 00001118 _____ C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2015-09-11 11:37 - 2015-07-15 14:26 - 00001256 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3515464670-2770779577-3274627398-1002UA.job
2015-09-11 11:27 - 2012-07-26 10:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-09-11 11:27 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\TAPI
2015-09-11 09:28 - 2014-11-21 05:35 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-11 09:28 - 2014-11-21 04:45 - 00773008 _____ C:\WINDOWS\system32\perfh007.dat
2015-09-11 09:28 - 2014-11-21 04:45 - 00162310 _____ C:\WINDOWS\system32\perfc007.dat
2015-09-10 14:35 - 2015-01-21 11:45 - 00000000 ____D C:\WINDOWS\Minidump
2015-09-10 14:35 - 2014-03-11 01:33 - 00232642 ____N C:\WINDOWS\Minidump\091015-68250-01.dmp
2015-09-10 10:37 - 2015-07-15 14:26 - 00001204 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3515464670-2770779577-3274627398-1002Core.job
2015-09-10 10:26 - 2015-01-20 21:15 - 00000000 ____D C:\Users\Martin
2015-09-09 23:47 - 2014-03-23 20:18 - 00000000 ____D C:\Program Files (x86)\Scoretec
2015-09-09 23:39 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-09-09 22:53 - 2014-03-21 19:13 - 00000000 ____D C:\ProgramData\Norton
2015-09-09 14:31 - 2013-08-22 16:44 - 00483672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-09 14:31 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-09-09 14:29 - 2014-11-21 05:13 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-09 14:29 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-09-09 14:01 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-09 13:55 - 2014-04-18 19:47 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-08 19:33 - 2014-07-01 16:17 - 00000000 ____D C:\Users\Martin\AppData\Local\CrashDumps
2015-09-08 16:49 - 2014-12-03 19:22 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Skype
2015-09-07 10:27 - 2015-08-03 17:32 - 00000000 ____D C:\Users\Martin\Desktop\KiBiWo 2015
2015-09-05 20:39 - 2014-07-18 18:33 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Dropbox
2015-09-05 20:14 - 2013-10-05 22:54 - 00000000 ____D C:\Program Files (x86)\Bluetooth Suite
2015-09-04 17:49 - 2014-03-11 02:05 - 00000000 ____D C:\Users\Martin\AppData\Local\Packages
2015-09-02 18:27 - 2014-04-27 15:49 - 00000000 ____D C:\Users\Martin\Documents\Kürbisschilder
2015-09-02 18:12 - 2014-04-27 15:50 - 00011294 _____ C:\Users\Martin\Documents\Verkaufsliste.xlsx
2015-08-29 10:25 - 2014-04-27 15:59 - 00000000 ____D C:\Users\Martin\Desktop\KGR
2015-08-27 16:07 - 2014-04-27 15:50 - 00000000 ____D C:\Users\Martin\Documents\Agrardieselvergütung
2015-08-27 10:50 - 2014-04-27 15:59 - 00000000 ____D C:\Users\Martin\Desktop\Kinderkirche
2015-08-26 18:37 - 2014-04-18 19:47 - 134753440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-25 11:36 - 2014-12-03 19:22 - 00002715 _____ C:\Users\Public\Desktop\Skype.lnk
2015-08-25 11:36 - 2014-12-03 19:22 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-25 11:36 - 2014-12-03 19:21 - 00000000 ____D C:\ProgramData\Skype
2015-08-22 14:05 - 2014-05-20 11:39 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-22 14:05 - 2014-05-20 11:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-22 14:04 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-22 14:04 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-22 14:04 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-22 14:04 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-22 14:00 - 2014-05-20 11:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-22 13:51 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-22 13:51 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-22 11:44 - 2014-03-21 17:30 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-08-20 17:23 - 2014-04-27 15:49 - 00000000 ____D C:\Users\Martin\Documents\Schnaps Etiketten
2015-08-20 10:28 - 2014-04-27 15:50 - 00000000 ____D C:\Users\Martin\Documents\Äcker und Wiesen
2015-08-19 19:13 - 2014-04-27 15:49 - 00000000 ____D C:\Users\Martin\Documents\Dokumentation von Pflanzenschutz
2015-08-14 15:07 - 2014-09-28 10:16 - 00000000 ____D C:\Users\Martin\AppData\Roaming\HpUpdate
2015-08-12 16:42 - 2014-10-24 15:45 - 00000000 ____D C:\Users\Martin\Documents\Semester 6
2015-08-12 12:20 - 2014-04-27 15:50 - 00000000 ____D C:\Users\Martin\Documents\Telekom Rechnungen

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-04-18 19:36 - 2014-04-18 19:36 - 0000235 _____ () C:\Users\Martin\AppData\Roaming\devices.xml
2014-04-18 19:36 - 2014-04-18 19:36 - 0000012 _____ () C:\Users\Martin\AppData\Roaming\settings.xml
2015-03-01 16:01 - 2015-03-01 16:01 - 0001461 _____ () C:\Users\Martin\AppData\Local\recently-used.xbel
2014-09-28 10:14 - 2014-09-28 10:14 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-04-03 15:09 - 2015-04-03 15:09 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-04-18 18:59 - 2014-07-21 19:54 - 0000955 _____ () C:\ProgramData\hpzinstall.log
2013-04-26 01:15 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-04-26 01:15 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-04-26 01:15 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\SetStretch.VBS


Einige Dateien in TEMP:
====================
C:\Users\Martin\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-09-10 13:35

==================== Ende von FRST.txt ============================
         
Addition
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:10-09-2015 01
durchgeführt von Martin (2015-09-11 12:08:50)
Gestartet von C:\Users\Martin\Desktop
Windows 8.1 (X64) (2015-01-20 19:36:44)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3515464670-2770779577-3274627398-500 - Administrator - Disabled)
Gast (S-1-5-21-3515464670-2770779577-3274627398-501 - Limited - Disabled)
Martin (S-1-5-21-3515464670-2770779577-3274627398-1002 - Administrator - Enabled) => C:\Users\Martin
UpdatusUser (S-1-5-21-3515464670-2770779577-3274627398-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Norton 360 Online (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 Online (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton 360 Online (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.5 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.2 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0018 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.5 - ASUS)
ASUS VivoBook (HKLM\...\{04FDBE69-F9FD-42A2-9008-E5CE7F60C6BE}) (Version: 1.0.31 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5520.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.5520.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.310 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0030 - ASUS)
AusweisApp2 (HKLM-x32\...\{1C785E05-CFC7-43BE-9A52-9FB39C180CB8}) (Version: 1.2.2 - Governikus GmbH & Co. KG)
Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.00495 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.00495 - Cisco Systems, Inc.) Hidden
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
cyberJack Base Components (HKLM-x32\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 7.2.0 - REINER SCT)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-3515464670-2770779577-3274627398-1002\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)
ExpressCache (HKLM\...\{C123584F-9C84-45E8-AE5F-522328BB79A0}) (Version: 1.0.100.0 - Condusiv Technologies)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8610 - Grundlegende Software für das Gerät (HKLM\...\{C1586445-E3CA-45F0-A754-E6C2784CDDB7}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Officejet Pro 8610 Hilfe (HKLM-x32\...\{2466D8D5-4856-4492-BDEF-48A640F58866}) (Version: 32.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel Experience Center - Configuration (x32 Version: 1.9.0.8 - Intel) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.0.0.2023 - Intel Corporation)
Intel(R) Experience Center Desktop Software (HKLM-x32\...\{85de612b-ee05-476a-87cc-52e5740de420}) (Version: 1.9.0.8 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
i-port.de Bestellsoftware (HKLM-x32\...\{B4244B8D-0D9C-4EB0-BDF3-03A2060E96A8}}_is1) (Version: 3.5.7.5 - Foto Online Service GmbH)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4745.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3515464670-2770779577-3274627398-1002\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
Norton 360 Online (HKLM-x32\...\N360) (Version: 22.5.2.15 - Symantec Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Peggle (x32 Version: 2.2.0.95 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.226 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.16.614.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7404 - Realtek Semiconductor Corp.)
Realtek USB Card Reader (HKLM-x32\...\{1E496A68-4943-424E-829D-5C3C85B7B8F2}) (Version: 6.2.9200.39041 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SigmaPlot 13.0 (HKLM-x32\...\{88B90FF3-D0D3-454A-AACE-9B026E2829E3}) (Version: 13.0 - Systat Software, Inc.)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Startfenster (HKLM-x32\...\Startfenster) (Version:  - Startfenster)
Studie zur Verbesserung von HP Officejet Pro 8610 (HKLM\...\{C597CC7C-D465-4761-8516-274F3713FE85}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.0.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
Windows Driver Package - ASUS (ATP) Mouse  (07/16/2013 1.0.0.181) (HKLM\...\16D5A24C881B7CEE31FBA6DD5EC1C194C188F85A) (Version: 07/16/2013 1.0.0.181 - ASUS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Martin\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Martin\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Martin\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Martin\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Martin\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

25-07-2015 09:11:27 Windows Update
02-08-2015 16:32:20 Norton 360 Registry Clean
08-08-2015 10:31:12 Windows Update
22-08-2015 13:49:43 Windows Update
09-09-2015 13:50:19 Windows Update
11-09-2015 11:48:34 JRT Pre-Junkware Removal

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0D131646-A5B6-454C-971A-882CE4E00C8B} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-08-19] (ASUS)
Task: {158C4F9B-4D7F-4FDD-A95C-A76B7DA42A43} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-07-14] (Microsoft Corporation)
Task: {1B812889-119A-41FF-BA69-A0008357548E} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {40A7D62C-5CB7-4581-A718-7946C23281FE} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2013-01-09] (ASUSTek Computer INC.)
Task: {414353C2-75C7-4589-95DA-2201D2EC6CCA} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-14] (Microsoft Corporation)
Task: {41FDFD20-DC8E-4263-B96A-A033ADF904D2} - System32\Tasks\HPCustParticipation HP Officejet Pro 8610 => C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP)
Task: {4609E992-5058-4FE5-BC46-C59781E3FAAC} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3515464670-2770779577-3274627398-1002Core => C:\Users\Martin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-15] (Dropbox, Inc.)
Task: {476214CB-C268-4E55-A39D-951D6F185618} - System32\Tasks\ASUS InstantOn Config => C:\Program Files\ASUS\P4G\InsOnCfg.exe
Task: {506915FB-00F1-4FB3-865E-FA1BD37788FC} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()
Task: {5300B797-EDA9-4DF3-B920-FDFAB19CB9B0} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {5EEFCB2D-EC58-446D-BBBD-9EE76B731A5C} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-08-08] (AsusTek)
Task: {758EDA08-946B-42A3-9B92-7344EFBF5F05} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {83016F80-86D4-4FA4-9072-4A48BE46F1E8} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-08-16] (ASUSTeK Computer Inc.)
Task: {8EEBD759-4DA4-4BEF-B46A-FC019794AE32} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\SymErr.exe [2015-05-19] (Symantec Corporation)
Task: {A54C85A3-480F-41E4-AAA9-89F9594A9E53} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360 Online\Upgrade.exe [2015-07-27] (Symantec Corporation)
Task: {AEC33DD3-D455-42C2-9C40-C60D7AF59A0A} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\WSCStub.exe [2015-07-16] (Symantec Corporation)
Task: {B619E8E9-7D21-436F-9C7B-85B29F4C2A91} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3515464670-2770779577-3274627398-1002UA => C:\Users\Martin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-15] (Dropbox, Inc.)
Task: {BBFD86CC-AEF2-4341-B3CC-0420A8AFEECD} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-07-09] ()
Task: {BD8526F5-7A39-4C04-BFC2-ACD114C5DB18} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\SymErr.exe [2015-05-19] (Symantec Corporation)
Task: {BEF3F9E0-2977-43D1-A730-07607EA5BE2F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-14] (Microsoft Corporation)
Task: {C2172E41-921E-4DB9-A45A-A91A0D04CAF8} - System32\Tasks\ASUS Vivokey => C:\Program Files\ASUS\ASUS VivoBook\vivokey.exe [2013-08-23] (ASUSTek Computer Inc.)
Task: {C5314E75-AC88-4F4B-BDB6-2D319DEF4932} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-12-11] (Realtek Semiconductor)
Task: {CE0C27F4-2FCB-4224-A851-9BD1D1327D56} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {D257DF6D-57BC-4886-8988-F80E5E861B54} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {D5EF0318-843C-4AC3-9C2B-21977C825E51} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-12-11] (Realtek Semiconductor)
Task: {E45FA079-0A84-4A35-864A-BC4CF4234544} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2013-08-09] (ASUSTek Computer Inc.)
Task: {EA889F9D-365D-40E3-A424-0D53B3B1F0AA} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {EBCE125A-C414-4B68-BA39-3A958F33F225} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {F0EAD2AE-6B34-4AD1-909C-B48CF1D887C5} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2013-07-23] (ASUS)
Task: {F2CB4B7A-9D1E-4752-8983-4BE0770C76D7} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3515464670-2770779577-3274627398-1002Core.job => C:\Users\Martin\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3515464670-2770779577-3274627398-1002UA.job => C:\Users\Martin\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-12-10 08:13 - 2013-12-10 08:13 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-04-18 20:05 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-12-10 08:13 - 2013-12-10 08:13 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2013-10-05 22:45 - 2013-08-08 14:23 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2012-08-03 21:53 - 2012-08-03 21:53 - 00062968 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2013-04-27 10:24 - 2013-04-27 10:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002\...\127.0.0.1 -> hxxp://127.0.0.1


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3515464670-2770779577-3274627398-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\ASUS\wallpapers\ASUS.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3515464670-2770779577-3274627398-1002\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-3515464670-2770779577-3274627398-1002\...\StartupApproved\Run: => "Dropbox Update"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{751F841B-9D64-4C50-A018-BE9CA092A5D4}] => (Allow) C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{950877E4-82DD-4ED7-975E-2A7BB79C2351}] => (Allow) C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{85822F7D-18B7-4892-AF89-9B1B4698E078}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{10D9E59D-39F2-455B-90E9-E8BD360101B4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{3928848A-37F9-4D9C-A6B8-A6A885D8D78E}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{D2AC0B64-FA96-49B9-AE81-62AD4C0F9175}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{9CBDB688-1560-4EC3-B3C4-13B86FD1A88A}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{99AB5382-1059-45AC-AAEB-E32736E99DF9}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{08DF9207-336B-4D4F-B1FD-122BC45D324B}] => (Allow) LPort=1900
FirewallRules: [{CACDB418-5466-44CB-97EB-234638B11E8D}] => (Allow) LPort=2869
FirewallRules: [{8F742722-EB63-4B60-8280-435B83C49A8F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1B753360-4F37-4FE7-91C8-7B951E0BB4DF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5C96BA0C-C228-4D5D-B2AF-C807599DC021}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8C373356-43AD-42B1-A057-257449FA707E}] => (Allow) C:\Users\Martin\AppData\Local\Temp\7zS5C4C\HPDiagnosticCoreUI.exe
FirewallRules: [{2ACD19DF-50FB-4126-9924-18106E745FD3}] => (Allow) C:\Users\Martin\AppData\Local\Temp\7zS5C4C\HPDiagnosticCoreUI.exe
FirewallRules: [{A12D5A7A-548C-4D13-9750-5CE1C783ECAF}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\FaxApplications.exe
FirewallRules: [{B289DC0F-4830-432D-84A4-1A2541B4D1EB}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\DigitalWizards.exe
FirewallRules: [{190175D6-97F1-45CD-87F5-DA52B8783708}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\SendAFax.exe
FirewallRules: [{2B43AB12-80FC-4488-B064-4072CC2ABF09}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\Bin\DeviceSetup.exe
FirewallRules: [{B6617DA2-917E-4925-90A9-54EFFAF2C2EC}] => (Allow) LPort=5357
FirewallRules: [{18758A9E-399C-43A6-9BAE-6C5A8651EC9D}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{38AB1BD2-8933-4AF1-AE25-F75BD4FAF664}] => (Allow) C:\Users\Martin\AppData\Local\Temp\7zS68C6\HPDiagnosticCoreUI.exe
FirewallRules: [{5EFF3C30-5418-44BE-B752-DADF66A79672}] => (Allow) C:\Users\Martin\AppData\Local\Temp\7zS68C6\HPDiagnosticCoreUI.exe
FirewallRules: [{9B209BC0-BE38-43A1-8798-A669D23B7168}] => (Allow) C:\Users\Martin\AppData\Local\Temp\7zS693C\HPDiagnosticCoreUI.exe
FirewallRules: [{0E1DEA38-16FD-49FF-918F-54608336B1D0}] => (Allow) C:\Users\Martin\AppData\Local\Temp\7zS693C\HPDiagnosticCoreUI.exe
FirewallRules: [{C99C6943-96E7-41FE-A3C3-721B5CD6B873}] => (Allow) C:\Users\Martin\AppData\Local\Temp\7zS026A\HPDiagnosticCoreUI.exe
FirewallRules: [{D372B8AC-3B0C-4D7B-BF1C-B93378B8D281}] => (Allow) C:\Users\Martin\AppData\Local\Temp\7zS026A\HPDiagnosticCoreUI.exe
FirewallRules: [AusweisApp2-Firewall-Rule] => (Allow) C:\Program Files (x86)\AusweisApp2 1.2.2\AusweisApp2.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/10/2015 12:35:16 PM) (Source: MsiInstaller) (EventID: 11706) (User: Martin-Laptop)
Description: Product: LPT System Updater Service -- Error 1706. An installation package for the product LPT System Updater Service cannot be found. Try the installation again using a valid copy of the installation package 'LPTInstaller.msi'.

Error: (09/09/2015 11:00:12 PM) (Source: MsiInstaller) (EventID: 11706) (User: Martin-Laptop)
Description: Product: LPT System Updater Service -- Error 1706. An installation package for the product LPT System Updater Service cannot be found. Try the installation again using a valid copy of the installation package 'LPTInstaller.msi'.

Error: (09/09/2015 10:59:45 PM) (Source: MsiInstaller) (EventID: 11706) (User: Martin-Laptop)
Description: Product: LPT System Updater Service -- Error 1706. An installation package for the product LPT System Updater Service cannot be found. Try the installation again using a valid copy of the installation package 'LPTInstaller.msi'.

Error: (09/09/2015 02:37:13 PM) (Source: Python Service) (EventID: 255) (User: )
Description: Exception : (1056, 'StartService', 'Es wird bereits eine Instanz des Dienstes ausgef\xfchrt.')

Error: (09/08/2015 07:32:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SplitCam.exe, Version: 6.9.4.1, Zeitstempel: 0x541675c3
Name des fehlerhaften Moduls: CLFLVSplitter.ax, Version: 1.0.0.3327, Zeitstempel: 0x4e817ba8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00007d16
ID des fehlerhaften Prozesses: 0x1810
Startzeit der fehlerhaften Anwendung: 0xSplitCam.exe0
Pfad der fehlerhaften Anwendung: SplitCam.exe1
Pfad des fehlerhaften Moduls: SplitCam.exe2
Berichtskennung: SplitCam.exe3
Vollständiger Name des fehlerhaften Pakets: SplitCam.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SplitCam.exe5

Error: (09/08/2015 04:21:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GWXUX.exe, Version: 6.3.9600.17924, Zeitstempel: 0x55959290
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17936, Zeitstempel: 0x55a68e0c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000003d86e
ID des fehlerhaften Prozesses: 0x2c08
Startzeit der fehlerhaften Anwendung: 0xGWXUX.exe0
Pfad der fehlerhaften Anwendung: GWXUX.exe1
Pfad des fehlerhaften Moduls: GWXUX.exe2
Berichtskennung: GWXUX.exe3
Vollständiger Name des fehlerhaften Pakets: GWXUX.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: GWXUX.exe5

Error: (09/08/2015 04:20:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GWXUX.exe, Version: 6.3.9600.17924, Zeitstempel: 0x55959290
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17936, Zeitstempel: 0x55a68e0c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000003d86e
ID des fehlerhaften Prozesses: 0x2c08
Startzeit der fehlerhaften Anwendung: 0xGWXUX.exe0
Pfad der fehlerhaften Anwendung: GWXUX.exe1
Pfad des fehlerhaften Moduls: GWXUX.exe2
Berichtskennung: GWXUX.exe3
Vollständiger Name des fehlerhaften Pakets: GWXUX.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: GWXUX.exe5

Error: (09/06/2015 11:03:45 AM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhostex (13304) IndexedDb: Bei Datenbankwiederherstellung trat ein unerwarteter Fehler -1216 auf.

Error: (09/06/2015 11:03:45 AM) (Source: ESENT) (EventID: 494) (User: )
Description: taskhostex (13304) IndexedDb: Bei der Datenbankwiederherstellung ist ein Fehler aufgetreten (Fehler -1216), da Verweise auf Datenbank "C:\Users\Martin\AppData\Local\Microsoft\Internet Explorer\Indexed DB\Internet.edb" festgestellt wurden, die nicht mehr vorhanden ist. Die Datenbank wurde nicht sauber heruntergefahren, bevor sie entfernt (oder möglicherweise verschoben oder umbenannt) wurde. Das Datenbankmodul lässt den Abschluss der Wiederherstellung für diese Instanz erst dann zu, wenn die fehlende Datenbank wieder verfügbar gemacht wird. Wenn die Datenbank tatsächlich nicht mehr verfügbar oder nicht mehr erforderlich ist, finden Sie Informationen zum Beheben dieses Fehlers in der Microsoft Knowledge Base oder unter dem Link "Weitere Informationen" am Ende dieser Meldung.

Error: (09/03/2015 07:08:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SplitCam.exe, Version: 6.9.4.1, Zeitstempel: 0x541675c3
Name des fehlerhaften Moduls: CLFLVSplitter.ax, Version: 1.0.0.3327, Zeitstempel: 0x4e817ba8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00007d16
ID des fehlerhaften Prozesses: 0xea0
Startzeit der fehlerhaften Anwendung: 0xSplitCam.exe0
Pfad der fehlerhaften Anwendung: SplitCam.exe1
Pfad des fehlerhaften Moduls: SplitCam.exe2
Berichtskennung: SplitCam.exe3
Vollständiger Name des fehlerhaften Pakets: SplitCam.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SplitCam.exe5


Systemfehler:
=============
Error: (09/11/2015 11:50:02 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/11/2015 11:50:02 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Update Service Daemon" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/11/2015 11:50:02 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/11/2015 11:50:02 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) ME Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/11/2015 11:49:57 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ZAtheros Bt and Wlan Coex Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/11/2015 11:49:56 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Capability Licensing Service Interface" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/11/2015 11:49:56 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ExpressCache" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/11/2015 11:49:56 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Platform and Thermal Framework Low Power Mode Service Application" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/11/2015 11:49:56 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Platform and Thermal Framework Critical Service Application" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/11/2015 11:49:55 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Platform and Thermal Framework Config TDP Service Application" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office:
=========================
Error: (09/10/2015 12:35:16 PM) (Source: MsiInstaller) (EventID: 11706) (User: Martin-Laptop)
Description: Product: LPT System Updater Service -- Error 1706. An installation package for the product LPT System Updater Service cannot be found. Try the installation again using a valid copy of the installation package 'LPTInstaller.msi'.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/09/2015 11:00:12 PM) (Source: MsiInstaller) (EventID: 11706) (User: Martin-Laptop)
Description: Product: LPT System Updater Service -- Error 1706. An installation package for the product LPT System Updater Service cannot be found. Try the installation again using a valid copy of the installation package 'LPTInstaller.msi'.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/09/2015 10:59:45 PM) (Source: MsiInstaller) (EventID: 11706) (User: Martin-Laptop)
Description: Product: LPT System Updater Service -- Error 1706. An installation package for the product LPT System Updater Service cannot be found. Try the installation again using a valid copy of the installation package 'LPTInstaller.msi'.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/09/2015 02:37:13 PM) (Source: Python Service) (EventID: 255) (User: )
Description: Exception : (1056, 'StartService', 'Es wird bereits eine Instanz des Dienstes ausgef\xfchrt.')

Error: (09/08/2015 07:32:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SplitCam.exe6.9.4.1541675c3CLFLVSplitter.ax1.0.0.33274e817ba8c000000500007d16181001d0ea54efef7c30C:\Program Files (x86)\SplitCam\SplitCam.exeC:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\CLFLVSplitter.axa4989800-564f-11e5-bed5-d850e6a0ba0c

Error: (09/08/2015 04:21:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GWXUX.exe6.3.9600.1792455959290ntdll.dll6.3.9600.1793655a68e0cc0000005000000000003d86e2c0801d0ea4194dc05d6C:\WINDOWS\System32\GWX\GWXUX.exeC:\WINDOWS\SYSTEM32\ntdll.dlld5fd1c75-5634-11e5-bed5-d850e6a0ba0c

Error: (09/08/2015 04:20:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GWXUX.exe6.3.9600.1792455959290ntdll.dll6.3.9600.1793655a68e0cc0000005000000000003d86e2c0801d0ea4194dc05d6C:\WINDOWS\System32\GWX\GWXUX.exeC:\WINDOWS\SYSTEM32\ntdll.dlld31ec67f-5634-11e5-bed5-d850e6a0ba0c

Error: (09/06/2015 11:03:45 AM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhostex13304IndexedDb: -1216

Error: (09/06/2015 11:03:45 AM) (Source: ESENT) (EventID: 494) (User: )
Description: taskhostex13304IndexedDb: -1216C:\Users\Martin\AppData\Local\Microsoft\Internet Explorer\Indexed DB\Internet.edb

Error: (09/03/2015 07:08:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SplitCam.exe6.9.4.1541675c3CLFLVSplitter.ax1.0.0.33274e817ba8c000000500007d16ea001d0e66ac8da1adcC:\Program Files (x86)\SplitCam\SplitCam.exeC:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\CLFLVSplitter.ax5c726c56-525e-11e5-bed5-d850e6a0ba0c


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Prozentuale Nutzung des RAM: 32%
Installierter physikalischer RAM: 8075.21 MB
Verfügbarer physikalischer RAM: 5457.65 MB
Summe virtueller Speicher: 16267.21 MB
Verfügbarer virtueller Speicher: 13737.77 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:372.16 GB) (Free:276.77 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive d: (Data) (Fixed) (Total:537.8 GB) (Free:537.64 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 57788C0B)

Partition: GPT.

========================================================
Disk: 1 (Size: 22.4 GB) (Disk ID: D6909034)

Partition: GPT.

==================== Ende von Addition.txt ============================
         
Gruß,
Martsch

Alt 12.09.2015, 10:37   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Links über Skype und Mails werden verschickt - aber nicht von mir - Standard

Links über Skype und Mails werden verschickt - aber nicht von mir




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 12.09.2015, 15:09   #8
Martsch
 
Links über Skype und Mails werden verschickt - aber nicht von mir - Standard

Links über Skype und Mails werden verschickt - aber nicht von mir



Hi Schrauber,
hier die Logfiles.

ESET
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=31ab2c61cd9f614eb38068ad58192018
# end=init
# utc_time=2015-09-12 09:36:30
# local_time=2015-09-12 11:36:30 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 25726
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=31ab2c61cd9f614eb38068ad58192018
# end=updated
# utc_time=2015-09-12 09:42:22
# local_time=2015-09-12 11:42:22 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=31ab2c61cd9f614eb38068ad58192018
# engine=25726
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-09-12 09:52:44
# local_time=2015-09-12 11:52:44 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=3589 16777213 100 57 5565 204648149 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 1806494 47916536 0 0
# scanned=4527
# found=0
# cleaned=0
# scan_time=621
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=31ab2c61cd9f614eb38068ad58192018
# end=init
# utc_time=2015-09-12 09:53:52
# local_time=2015-09-12 11:53:52 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=53251
Update Finalize
Updated modules version: 25726
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=31ab2c61cd9f614eb38068ad58192018
# end=updated
# utc_time=2015-09-12 09:54:30
# local_time=2015-09-12 11:54:30 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=31ab2c61cd9f614eb38068ad58192018
# engine=25726
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-09-12 12:38:46
# local_time=2015-09-12 02:38:46 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=3589 16777213 100 57 15527 204658111 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 1816456 47926498 0 0
# scanned=263542
# found=0
# cleaned=0
# scan_time=9855
         
Securitycheck
Code:
ATTFilter
 Results of screen317's Security Check version 1.008  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Norton 360 Online   
Windows Defender    
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Adobe Reader XI  
 Mozilla Firefox (39.0) 
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         
FRST
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:10-09-2015 01
durchgeführt von Martin (Administrator) auf MARTIN-LAPTOP (12-09-2015 14:53:28)
Gestartet von C:\Users\Martin\Desktop
Geladene Profile: Martin (Verfügbare Profile: UpdatusUser & Martin)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\N360.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\N360.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS VivoBook\vivokey.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [79376 2013-07-31] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13776088 2014-12-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1391472 2014-12-11] (Realtek Semiconductor)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-04-26] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-04-24] (Atheros Communications)
HKU\S-1-5-21-3515464670-2770779577-3274627398-1002\...\Run: [Dropbox Update] => C:\Users\Martin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-15] (Dropbox, Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-10] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\hpoddt01.exe.lnk [2014-07-21]
ShortcutTarget: hpoddt01.exe.lnk -> C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8610.lnk [2015-07-04]
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 8610.lnk -> C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{08FE31C7-FE0C-474C-9C6C-CCC50F44AABB}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{B9F03622-55EC-4EE5-81B5-0FB25A5E26C1}: [DhcpNameServer] 30.50.1.1 30.50.1.2

Internet Explorer:
==================
HKU\S-1-5-21-3515464670-2770779577-3274627398-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}
HKU\S-1-5-21-3515464670-2770779577-3274627398-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://t.asus13.de.msn.com/?pc=asu2js&ocid=asudhp
HKU\S-1-5-21-3515464670-2770779577-3274627398-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
HKU\S-1-5-21-3515464670-2770779577-3274627398-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
SearchScopes: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-04-24] (Qualcomm Atheros Commnucations)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL Keine Datei
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\2q61wmip.default
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-04-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFPlgn [2015-09-11]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\Exts\Chrome.crx [2015-08-10]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\Exts\Chrome.crx [2015-08-10]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-07-23] (ASUS)
S2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [Datei ist nicht signiert]
S2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [310400 2013-04-24] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
S2 cjpcsc; C:\WINDOWS\SysWOW64\cjpcsc.exe [557056 2015-06-16] (REINER SCT)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2765496 2015-07-14] (Microsoft Corporation)
S2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [83032 2013-07-31] (Intel Corporation)
S2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [100032 2013-07-31] (Intel Corporation)
S2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [84568 2013-07-31] (Intel Corporation)
S2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [92864 2013-07-31] (Intel Corporation)
S2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [107944 2013-01-08] (Condusiv Technologies)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-08-08] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\N360.exe [282016 2015-07-16] (Symantec Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-04-24] (Atheros) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [69392 2013-08-08] (ASUS Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\BASHDefs\20150904.001\BHDrvx64.sys [1650936 2015-07-23] (Symantec Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-04-24] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1605020.00F\ccSetx64.sys [173808 2015-07-11] (Symantec Corporation)
S3 cjusb; C:\Windows\system32\DRIVERS\cjusb.sys [36112 2015-03-23] (REINER SCT)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [68072 2013-07-31] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [57216 2013-07-31] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [120256 2013-07-31] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [200808 2013-07-31] (Intel Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-07-27] (Symantec Corporation)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [26024 2013-01-08] (Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [112552 2013-01-08] (Condusiv Technologies)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\IPSDefs\20150911.003\IDSvia64.sys [767224 2015-08-29] (Symantec Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\VirusDefs\20150911.017\ENG64.SYS [138488 2015-05-20] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\VirusDefs\20150911.017\EX64.SYS [2146040 2015-05-20] (Symantec Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-07-23] (Windows (R) Win 7 DDK provider)
S3 scvad_simple; C:\Windows\system32\drivers\SplitCamAudio.sys [23552 2014-06-30] (Windows (R) Win 7 DDK provider)
S3 splitcam_hd_driver; C:\Windows\system32\DRIVERS\splitcam_hd_driver.sys [37496 2014-06-30] (Windows (R) Win 7 DDK provider)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1605020.00F\SRTSP64.SYS [926448 2015-07-11] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1605020.00F\SRTSPX64.SYS [50936 2015-07-11] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\N360x64\1605020.00F\SYMEFASI64.SYS [1620720 2015-07-11] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1605020.00F\SymELAM.sys [24192 2015-07-11] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-08-10] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1605020.00F\Ironx64.SYS [297720 2015-07-11] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1605020.00F\SYMNETS.SYS [576248 2015-07-11] (Symantec Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-12 14:53 - 2015-09-12 14:53 - 00024402 _____ C:\Users\Martin\Desktop\FRST.txt
2015-09-12 14:48 - 2015-09-12 14:48 - 00000672 _____ C:\Users\Martin\Desktop\checkup.txt
2015-09-12 14:47 - 2015-09-12 14:47 - 00852704 _____ C:\Users\Martin\Desktop\SecurityCheck.exe
2015-09-12 14:43 - 2015-09-12 14:38 - 00002801 _____ C:\Users\Martin\Desktop\ESET.txt
2015-09-12 11:35 - 2015-09-12 11:35 - 02870984 _____ (ESET) C:\Users\Martin\Desktop\esetsmartinstaller_deu.exe
2015-09-11 19:29 - 2015-09-12 11:31 - 00000074 _____ C:\Users\Martin\AppData\Roaming\sp_data.sys
2015-09-11 11:54 - 2015-09-11 11:54 - 00000793 _____ C:\Users\Martin\Desktop\JRT.txt
2015-09-11 11:46 - 2015-09-11 11:46 - 01799392 _____ (Malwarebytes Corporation) C:\Users\Martin\Desktop\JRT_7600.exe
2015-09-11 11:44 - 2015-09-11 11:44 - 00002648 _____ C:\Users\Martin\Desktop\AdwCleaner[C1].txt
2015-09-11 11:39 - 2015-09-11 11:41 - 00000000 ____D C:\AdwCleaner
2015-09-11 11:35 - 2015-09-11 11:35 - 01660416 _____ C:\Users\Martin\Desktop\AdwCleaner_5.007.exe
2015-09-11 11:32 - 2015-09-11 11:32 - 00010559 _____ C:\Users\Martin\Desktop\mbam.txt
2015-09-11 10:51 - 2015-09-11 10:51 - 00001120 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-09-11 10:51 - 2015-09-11 10:51 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-09-11 10:51 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-09-11 10:51 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-09-10 14:08 - 2015-09-10 14:09 - 00121389 _____ C:\Users\Martin\Desktop\TDSSKiller.txt
2015-09-10 13:49 - 2015-09-10 13:49 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Martin\Desktop\tdsskiller.exe
2015-09-10 12:44 - 2015-09-12 11:32 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-09-10 12:44 - 2015-09-11 10:51 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-10 12:44 - 2015-09-10 13:47 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-09-10 12:42 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-09-10 12:41 - 2015-09-10 13:47 - 00000000 ____D C:\Users\Martin\Desktop\mbar
2015-09-10 12:40 - 2015-09-10 12:40 - 16563304 _____ (Malwarebytes Corp.) C:\Users\Martin\Desktop\mbar-1.09.2.1008.exe
2015-09-10 12:30 - 2015-09-10 12:30 - 00001286 _____ C:\Users\Martin\Desktop\Revo Uninstaller.lnk
2015-09-10 12:30 - 2015-09-10 12:30 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-09-10 11:41 - 2015-09-10 11:41 - 00266776 _____ C:\Users\Martin\Desktop\Norton.txt
2015-09-10 11:38 - 2015-09-10 11:38 - 00003829 _____ C:\Users\Martin\Desktop\Gmer.txt
2015-09-10 11:32 - 2015-09-10 11:32 - 00380416 _____ C:\Users\Martin\Desktop\Gmer-19357.exe
2015-09-10 11:25 - 2015-09-12 14:51 - 00000474 _____ C:\Users\Martin\Desktop\defogger_disable.log
2015-09-10 10:30 - 2015-09-12 14:53 - 00000000 ____D C:\FRST
2015-09-10 10:29 - 2015-09-11 12:01 - 02190848 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2015-09-10 10:26 - 2015-09-10 10:26 - 00050477 _____ C:\Users\Martin\Desktop\Defogger.exe
2015-09-10 10:26 - 2015-09-10 10:26 - 00000000 _____ C:\Users\Martin\defogger_reenable
2015-09-09 22:52 - 2015-09-09 23:49 - 00000000 ____D C:\Users\Martin\AppData\Local\NPE
2015-09-09 13:50 - 2015-09-03 04:18 - 02531400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-09-09 13:50 - 2015-09-03 04:17 - 01903848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-09-09 13:50 - 2015-09-02 20:48 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-09-09 13:50 - 2015-09-02 19:09 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-09-09 13:50 - 2015-08-27 04:48 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-09-09 13:50 - 2015-08-26 20:00 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-09-09 13:50 - 2015-08-26 20:00 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-09-09 13:50 - 2015-08-26 20:00 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-09-09 13:50 - 2015-08-26 20:00 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-09-09 13:50 - 2015-08-26 16:46 - 03705344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-09 13:50 - 2015-08-26 16:29 - 02240512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-09-09 13:50 - 2015-08-26 16:27 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-09-09 13:50 - 2015-08-26 16:27 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-09-09 13:50 - 2015-08-26 16:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-09-09 13:50 - 2015-08-26 16:26 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-09-09 13:50 - 2015-08-26 16:26 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-09-09 13:50 - 2015-08-22 20:19 - 25188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-09 13:50 - 2015-08-22 19:35 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-09 13:50 - 2015-08-22 19:22 - 19856384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-09 13:50 - 2015-08-22 19:20 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-09-09 13:50 - 2015-08-22 18:50 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-09 13:50 - 2015-08-22 18:41 - 14451712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-09 13:50 - 2015-08-22 18:28 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-09-09 13:50 - 2015-08-22 18:26 - 02427392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-09-09 13:50 - 2015-08-22 18:22 - 12857344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-09 13:50 - 2015-07-30 19:18 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2015-09-09 13:50 - 2015-07-30 18:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2015-09-09 13:49 - 2015-09-02 04:56 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-09-09 13:49 - 2015-09-02 04:55 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-09 13:49 - 2015-09-02 04:50 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-09 13:49 - 2015-09-02 04:17 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-09 13:49 - 2015-09-02 04:13 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-09 13:49 - 2015-08-22 19:34 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-09 13:49 - 2015-08-22 19:21 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-09 13:49 - 2015-08-22 18:55 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-09 13:49 - 2015-08-22 18:50 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-09-09 13:49 - 2015-08-22 18:45 - 00665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-09 13:49 - 2015-08-22 18:44 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-09-09 13:49 - 2015-08-22 18:41 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-09-09 13:49 - 2015-08-22 18:41 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-09-09 13:49 - 2015-08-22 18:41 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-09-09 13:49 - 2015-08-22 18:39 - 02126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-09-09 13:49 - 2015-08-22 18:23 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-09-09 13:49 - 2015-08-22 18:20 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-09-09 13:49 - 2015-08-22 18:18 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-09-09 13:49 - 2015-08-22 18:18 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-09-09 13:49 - 2015-08-22 18:18 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-09-09 13:49 - 2015-08-22 18:14 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-09-09 13:49 - 2015-08-22 18:01 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-09-09 13:49 - 2015-08-22 18:00 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-09-09 13:49 - 2015-08-22 17:56 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-09-09 13:49 - 2015-08-22 17:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-09-09 13:49 - 2015-08-03 23:15 - 00074928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2015-09-09 13:49 - 2015-08-03 23:15 - 00065600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2015-09-09 13:49 - 2015-08-01 16:22 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2015-09-09 13:49 - 2015-08-01 05:47 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2015-09-09 13:49 - 2015-08-01 05:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2015-09-09 13:49 - 2015-08-01 05:38 - 01265152 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-09 13:49 - 2015-08-01 05:37 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2015-09-09 13:49 - 2015-08-01 05:37 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2015-09-09 13:49 - 2015-07-22 16:34 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-09 13:49 - 2015-07-22 16:33 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-09 13:49 - 2015-07-22 16:25 - 02461184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-09 13:49 - 2015-07-22 16:25 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-09 13:49 - 2015-07-18 20:31 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-09 13:49 - 2015-07-18 20:29 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-09 13:49 - 2015-07-18 20:29 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-09 13:49 - 2015-07-18 20:27 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-05 20:39 - 2015-09-05 20:39 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-25 11:36 - 2015-08-25 11:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-25 11:20 - 2015-08-27 15:42 - 00000000 ____D C:\Users\Martin\Desktop\Blühmischung Haselrain 2015
2015-08-22 14:16 - 2015-07-22 16:19 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-08-22 14:16 - 2015-07-22 15:52 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-08-22 14:16 - 2015-07-17 16:15 - 00951296 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-08-22 14:16 - 2015-07-17 16:10 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-08-22 14:16 - 2015-07-03 23:51 - 01380056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-08-22 14:16 - 2015-07-03 16:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-08-22 14:16 - 2015-06-27 13:47 - 00118616 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2015-08-22 14:16 - 2015-06-19 19:07 - 02819072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-08-22 14:15 - 2015-07-14 05:27 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzsync.exe
2015-08-22 14:15 - 2015-07-13 21:10 - 00411455 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-22 14:15 - 2015-07-10 21:06 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2015-08-22 14:15 - 2015-07-09 18:14 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-08-22 14:01 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-22 14:01 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-22 13:49 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-22 13:49 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-22 13:49 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-22 13:49 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-22 13:49 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-22 13:49 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-22 13:49 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-22 13:49 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-22 13:49 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-22 13:49 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-22 13:49 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-22 13:49 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-22 13:48 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-22 13:48 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-22 13:48 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-22 13:48 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-22 13:48 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-22 13:48 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-22 13:48 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-22 13:47 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-22 13:47 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-22 13:47 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-22 13:47 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-22 13:47 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-22 13:47 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-22 13:47 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-22 13:47 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-22 13:47 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-22 13:47 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-22 13:47 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-22 13:47 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-13 12:06 - 2015-08-25 16:43 - 00000000 ____D C:\Users\Martin\Desktop\BA Präsentation

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-12 14:37 - 2015-07-15 14:26 - 00001256 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3515464670-2770779577-3274627398-1002UA.job
2015-09-12 14:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-12 12:00 - 2015-05-15 12:01 - 00003474 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2015-09-12 12:00 - 2015-05-15 12:01 - 00003464 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2015-09-12 11:50 - 2015-01-20 21:08 - 01539999 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-12 11:37 - 2014-11-21 05:35 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-12 11:37 - 2014-11-21 04:45 - 00773008 _____ C:\WINDOWS\system32\perfh007.dat
2015-09-12 11:37 - 2014-11-21 04:45 - 00162310 _____ C:\WINDOWS\system32\perfc007.dat
2015-09-12 11:35 - 2014-03-21 17:29 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3515464670-2770779577-3274627398-1002
2015-09-11 11:42 - 2014-11-20 20:24 - 00094040 _____ C:\WINDOWS\PFRO.log
2015-09-11 11:42 - 2013-08-22 16:46 - 00355372 _____ C:\WINDOWS\setupact.log
2015-09-11 11:42 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-11 11:41 - 2014-06-02 18:13 - 00001118 _____ C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2015-09-11 11:27 - 2012-07-26 10:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-09-11 11:27 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\TAPI
2015-09-10 14:35 - 2015-01-21 11:45 - 00000000 ____D C:\WINDOWS\Minidump
2015-09-10 14:35 - 2014-03-11 01:33 - 00232642 ____N C:\WINDOWS\Minidump\091015-68250-01.dmp
2015-09-10 10:37 - 2015-07-15 14:26 - 00001204 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3515464670-2770779577-3274627398-1002Core.job
2015-09-10 10:26 - 2015-01-20 21:15 - 00000000 ____D C:\Users\Martin
2015-09-09 23:47 - 2014-03-23 20:18 - 00000000 ____D C:\Program Files (x86)\Scoretec
2015-09-09 23:39 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-09-09 22:53 - 2014-03-21 19:13 - 00000000 ____D C:\ProgramData\Norton
2015-09-09 14:31 - 2013-08-22 16:44 - 00483672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-09 14:31 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-09-09 14:29 - 2014-11-21 05:13 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-09 14:29 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-09-09 14:01 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-09 13:55 - 2014-04-18 19:47 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-08 19:33 - 2014-07-01 16:17 - 00000000 ____D C:\Users\Martin\AppData\Local\CrashDumps
2015-09-08 16:49 - 2014-12-03 19:22 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Skype
2015-09-07 10:27 - 2015-08-03 17:32 - 00000000 ____D C:\Users\Martin\Desktop\KiBiWo 2015
2015-09-05 20:39 - 2014-07-18 18:33 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Dropbox
2015-09-05 20:14 - 2013-10-05 22:54 - 00000000 ____D C:\Program Files (x86)\Bluetooth Suite
2015-09-04 17:49 - 2014-03-11 02:05 - 00000000 ____D C:\Users\Martin\AppData\Local\Packages
2015-09-02 18:27 - 2014-04-27 15:49 - 00000000 ____D C:\Users\Martin\Documents\Kürbisschilder
2015-09-02 18:12 - 2014-04-27 15:50 - 00011294 _____ C:\Users\Martin\Documents\Verkaufsliste.xlsx
2015-08-29 10:25 - 2014-04-27 15:59 - 00000000 ____D C:\Users\Martin\Desktop\KGR
2015-08-27 16:07 - 2014-04-27 15:50 - 00000000 ____D C:\Users\Martin\Documents\Agrardieselvergütung
2015-08-27 10:50 - 2014-04-27 15:59 - 00000000 ____D C:\Users\Martin\Desktop\Kinderkirche
2015-08-26 18:37 - 2014-04-18 19:47 - 134753440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-25 11:36 - 2014-12-03 19:22 - 00002715 _____ C:\Users\Public\Desktop\Skype.lnk
2015-08-25 11:36 - 2014-12-03 19:22 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-25 11:36 - 2014-12-03 19:21 - 00000000 ____D C:\ProgramData\Skype
2015-08-22 14:05 - 2014-05-20 11:39 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-22 14:05 - 2014-05-20 11:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-22 14:04 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-22 14:04 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-22 14:04 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-22 14:04 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-22 14:00 - 2014-05-20 11:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-22 13:51 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-22 13:51 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-22 11:44 - 2014-03-21 17:30 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-08-20 17:23 - 2014-04-27 15:49 - 00000000 ____D C:\Users\Martin\Documents\Schnaps Etiketten
2015-08-20 10:28 - 2014-04-27 15:50 - 00000000 ____D C:\Users\Martin\Documents\Äcker und Wiesen
2015-08-19 19:13 - 2014-04-27 15:49 - 00000000 ____D C:\Users\Martin\Documents\Dokumentation von Pflanzenschutz
2015-08-14 15:07 - 2014-09-28 10:16 - 00000000 ____D C:\Users\Martin\AppData\Roaming\HpUpdate

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-04-18 19:36 - 2014-04-18 19:36 - 0000235 _____ () C:\Users\Martin\AppData\Roaming\devices.xml
2014-04-18 19:36 - 2014-04-18 19:36 - 0000012 _____ () C:\Users\Martin\AppData\Roaming\settings.xml
2015-09-11 19:29 - 2015-09-12 11:31 - 0000074 _____ () C:\Users\Martin\AppData\Roaming\sp_data.sys
2015-03-01 16:01 - 2015-03-01 16:01 - 0001461 _____ () C:\Users\Martin\AppData\Local\recently-used.xbel
2014-09-28 10:14 - 2014-09-28 10:14 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-04-03 15:09 - 2015-04-03 15:09 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-04-18 18:59 - 2014-07-21 19:54 - 0000955 _____ () C:\ProgramData\hpzinstall.log
2013-04-26 01:15 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-04-26 01:15 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-04-26 01:15 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\SetStretch.VBS


Einige Dateien in TEMP:
====================
C:\Users\Martin\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-09-10 13:35

==================== Ende von FRST.txt ============================
         
Addition
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:10-09-2015 01
durchgeführt von Martin (2015-09-12 14:54:24)
Gestartet von C:\Users\Martin\Desktop
Windows 8.1 (X64) (2015-01-20 19:36:44)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3515464670-2770779577-3274627398-500 - Administrator - Disabled)
Gast (S-1-5-21-3515464670-2770779577-3274627398-501 - Limited - Disabled)
Martin (S-1-5-21-3515464670-2770779577-3274627398-1002 - Administrator - Enabled) => C:\Users\Martin
UpdatusUser (S-1-5-21-3515464670-2770779577-3274627398-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Norton 360 Online (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 Online (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton 360 Online (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.5 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.2 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0018 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.5 - ASUS)
ASUS VivoBook (HKLM\...\{04FDBE69-F9FD-42A2-9008-E5CE7F60C6BE}) (Version: 1.0.31 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5520.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.5520.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.310 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0030 - ASUS)
AusweisApp2 (HKLM-x32\...\{1C785E05-CFC7-43BE-9A52-9FB39C180CB8}) (Version: 1.2.2 - Governikus GmbH & Co. KG)
Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.00495 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.00495 - Cisco Systems, Inc.) Hidden
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
cyberJack Base Components (HKLM-x32\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 7.2.0 - REINER SCT)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-3515464670-2770779577-3274627398-1002\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)
ExpressCache (HKLM\...\{C123584F-9C84-45E8-AE5F-522328BB79A0}) (Version: 1.0.100.0 - Condusiv Technologies)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8610 - Grundlegende Software für das Gerät (HKLM\...\{C1586445-E3CA-45F0-A754-E6C2784CDDB7}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Officejet Pro 8610 Hilfe (HKLM-x32\...\{2466D8D5-4856-4492-BDEF-48A640F58866}) (Version: 32.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel Experience Center - Configuration (x32 Version: 1.9.0.8 - Intel) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.0.0.2023 - Intel Corporation)
Intel(R) Experience Center Desktop Software (HKLM-x32\...\{85de612b-ee05-476a-87cc-52e5740de420}) (Version: 1.9.0.8 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
i-port.de Bestellsoftware (HKLM-x32\...\{B4244B8D-0D9C-4EB0-BDF3-03A2060E96A8}}_is1) (Version: 3.5.7.5 - Foto Online Service GmbH)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4745.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3515464670-2770779577-3274627398-1002\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
Norton 360 Online (HKLM-x32\...\N360) (Version: 22.5.2.15 - Symantec Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Peggle (x32 Version: 2.2.0.95 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.226 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.16.614.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7404 - Realtek Semiconductor Corp.)
Realtek USB Card Reader (HKLM-x32\...\{1E496A68-4943-424E-829D-5C3C85B7B8F2}) (Version: 6.2.9200.39041 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SigmaPlot 13.0 (HKLM-x32\...\{88B90FF3-D0D3-454A-AACE-9B026E2829E3}) (Version: 13.0 - Systat Software, Inc.)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Startfenster (HKLM-x32\...\Startfenster) (Version:  - Startfenster)
Studie zur Verbesserung von HP Officejet Pro 8610 (HKLM\...\{C597CC7C-D465-4761-8516-274F3713FE85}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.0.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
Windows Driver Package - ASUS (ATP) Mouse  (07/16/2013 1.0.0.181) (HKLM\...\16D5A24C881B7CEE31FBA6DD5EC1C194C188F85A) (Version: 07/16/2013 1.0.0.181 - ASUS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Martin\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Martin\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Martin\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Martin\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Martin\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

25-07-2015 09:11:27 Windows Update
02-08-2015 16:32:20 Norton 360 Registry Clean
08-08-2015 10:31:12 Windows Update
22-08-2015 13:49:43 Windows Update
09-09-2015 13:50:19 Windows Update
11-09-2015 11:48:34 JRT Pre-Junkware Removal

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0D131646-A5B6-454C-971A-882CE4E00C8B} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-08-19] (ASUS)
Task: {158C4F9B-4D7F-4FDD-A95C-A76B7DA42A43} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-07-14] (Microsoft Corporation)
Task: {40A7D62C-5CB7-4581-A718-7946C23281FE} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2013-01-09] (ASUSTek Computer INC.)
Task: {414353C2-75C7-4589-95DA-2201D2EC6CCA} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-14] (Microsoft Corporation)
Task: {41FDFD20-DC8E-4263-B96A-A033ADF904D2} - System32\Tasks\HPCustParticipation HP Officejet Pro 8610 => C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP)
Task: {4316F57C-F1D6-41D1-8AB5-41CA9DA993F2} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {4609E992-5058-4FE5-BC46-C59781E3FAAC} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3515464670-2770779577-3274627398-1002Core => C:\Users\Martin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-15] (Dropbox, Inc.)
Task: {476214CB-C268-4E55-A39D-951D6F185618} - System32\Tasks\ASUS InstantOn Config => C:\Program Files\ASUS\P4G\InsOnCfg.exe
Task: {506915FB-00F1-4FB3-865E-FA1BD37788FC} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()
Task: {5EEFCB2D-EC58-446D-BBBD-9EE76B731A5C} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-08-08] (AsusTek)
Task: {758EDA08-946B-42A3-9B92-7344EFBF5F05} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {83016F80-86D4-4FA4-9072-4A48BE46F1E8} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-08-16] (ASUSTeK Computer Inc.)
Task: {8EEBD759-4DA4-4BEF-B46A-FC019794AE32} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\SymErr.exe [2015-05-19] (Symantec Corporation)
Task: {9F4ED208-CB89-46A3-BBD0-6D91F7D6B1D5} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {A54C85A3-480F-41E4-AAA9-89F9594A9E53} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360 Online\Upgrade.exe [2015-07-27] (Symantec Corporation)
Task: {AEC33DD3-D455-42C2-9C40-C60D7AF59A0A} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\WSCStub.exe [2015-07-16] (Symantec Corporation)
Task: {B619E8E9-7D21-436F-9C7B-85B29F4C2A91} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3515464670-2770779577-3274627398-1002UA => C:\Users\Martin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-15] (Dropbox, Inc.)
Task: {BBFD86CC-AEF2-4341-B3CC-0420A8AFEECD} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-07-09] ()
Task: {BD8526F5-7A39-4C04-BFC2-ACD114C5DB18} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\SymErr.exe [2015-05-19] (Symantec Corporation)
Task: {BEF3F9E0-2977-43D1-A730-07607EA5BE2F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-14] (Microsoft Corporation)
Task: {C2172E41-921E-4DB9-A45A-A91A0D04CAF8} - System32\Tasks\ASUS Vivokey => C:\Program Files\ASUS\ASUS VivoBook\vivokey.exe [2013-08-23] (ASUSTek Computer Inc.)
Task: {C5314E75-AC88-4F4B-BDB6-2D319DEF4932} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-12-11] (Realtek Semiconductor)
Task: {CE0C27F4-2FCB-4224-A851-9BD1D1327D56} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {D257DF6D-57BC-4886-8988-F80E5E861B54} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {D5EF0318-843C-4AC3-9C2B-21977C825E51} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-12-11] (Realtek Semiconductor)
Task: {E45FA079-0A84-4A35-864A-BC4CF4234544} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2013-08-09] (ASUSTek Computer Inc.)
Task: {EA889F9D-365D-40E3-A424-0D53B3B1F0AA} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {EBCE125A-C414-4B68-BA39-3A958F33F225} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {F0EAD2AE-6B34-4AD1-909C-B48CF1D887C5} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2013-07-23] (ASUS)
Task: {F2CB4B7A-9D1E-4752-8983-4BE0770C76D7} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3515464670-2770779577-3274627398-1002Core.job => C:\Users\Martin\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3515464670-2770779577-3274627398-1002UA.job => C:\Users\Martin\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-04-18 20:05 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-12-10 08:13 - 2013-12-10 08:13 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-07-23 10:54 - 2013-07-23 10:54 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2013-04-24 17:09 - 2013-04-24 17:09 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-04-24 17:07 - 2013-04-24 17:07 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-04-24 17:12 - 2013-04-24 17:12 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2015-01-20 21:08 - 2013-10-23 10:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-10-05 22:45 - 2013-08-08 14:23 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2012-08-03 21:53 - 2012-08-03 21:53 - 00062968 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2013-12-10 08:13 - 2013-12-10 08:13 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2013-08-19 18:16 - 2013-08-19 18:16 - 00015440 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2013-08-16 11:03 - 2013-08-16 11:03 - 00023040 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2013-04-27 10:24 - 2013-04-27 10:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-3515464670-2770779577-3274627398-1002\...\127.0.0.1 -> hxxp://127.0.0.1


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3515464670-2770779577-3274627398-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\ASUS\wallpapers\ASUS.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3515464670-2770779577-3274627398-1002\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-3515464670-2770779577-3274627398-1002\...\StartupApproved\Run: => "Dropbox Update"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{751F841B-9D64-4C50-A018-BE9CA092A5D4}] => (Allow) C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{950877E4-82DD-4ED7-975E-2A7BB79C2351}] => (Allow) C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{85822F7D-18B7-4892-AF89-9B1B4698E078}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{10D9E59D-39F2-455B-90E9-E8BD360101B4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{3928848A-37F9-4D9C-A6B8-A6A885D8D78E}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{D2AC0B64-FA96-49B9-AE81-62AD4C0F9175}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{9CBDB688-1560-4EC3-B3C4-13B86FD1A88A}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{99AB5382-1059-45AC-AAEB-E32736E99DF9}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{08DF9207-336B-4D4F-B1FD-122BC45D324B}] => (Allow) LPort=1900
FirewallRules: [{CACDB418-5466-44CB-97EB-234638B11E8D}] => (Allow) LPort=2869
FirewallRules: [{8F742722-EB63-4B60-8280-435B83C49A8F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1B753360-4F37-4FE7-91C8-7B951E0BB4DF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5C96BA0C-C228-4D5D-B2AF-C807599DC021}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8C373356-43AD-42B1-A057-257449FA707E}] => (Allow) C:\Users\Martin\AppData\Local\Temp\7zS5C4C\HPDiagnosticCoreUI.exe
FirewallRules: [{2ACD19DF-50FB-4126-9924-18106E745FD3}] => (Allow) C:\Users\Martin\AppData\Local\Temp\7zS5C4C\HPDiagnosticCoreUI.exe
FirewallRules: [{A12D5A7A-548C-4D13-9750-5CE1C783ECAF}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\FaxApplications.exe
FirewallRules: [{B289DC0F-4830-432D-84A4-1A2541B4D1EB}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\DigitalWizards.exe
FirewallRules: [{190175D6-97F1-45CD-87F5-DA52B8783708}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\SendAFax.exe
FirewallRules: [{2B43AB12-80FC-4488-B064-4072CC2ABF09}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\Bin\DeviceSetup.exe
FirewallRules: [{B6617DA2-917E-4925-90A9-54EFFAF2C2EC}] => (Allow) LPort=5357
FirewallRules: [{18758A9E-399C-43A6-9BAE-6C5A8651EC9D}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{38AB1BD2-8933-4AF1-AE25-F75BD4FAF664}] => (Allow) C:\Users\Martin\AppData\Local\Temp\7zS68C6\HPDiagnosticCoreUI.exe
FirewallRules: [{5EFF3C30-5418-44BE-B752-DADF66A79672}] => (Allow) C:\Users\Martin\AppData\Local\Temp\7zS68C6\HPDiagnosticCoreUI.exe
FirewallRules: [{9B209BC0-BE38-43A1-8798-A669D23B7168}] => (Allow) C:\Users\Martin\AppData\Local\Temp\7zS693C\HPDiagnosticCoreUI.exe
FirewallRules: [{0E1DEA38-16FD-49FF-918F-54608336B1D0}] => (Allow) C:\Users\Martin\AppData\Local\Temp\7zS693C\HPDiagnosticCoreUI.exe
FirewallRules: [{C99C6943-96E7-41FE-A3C3-721B5CD6B873}] => (Allow) C:\Users\Martin\AppData\Local\Temp\7zS026A\HPDiagnosticCoreUI.exe
FirewallRules: [{D372B8AC-3B0C-4D7B-BF1C-B93378B8D281}] => (Allow) C:\Users\Martin\AppData\Local\Temp\7zS026A\HPDiagnosticCoreUI.exe
FirewallRules: [AusweisApp2-Firewall-Rule] => (Allow) C:\Program Files (x86)\AusweisApp2 1.2.2\AusweisApp2.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/12/2015 02:41:03 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.

Error: (09/12/2015 11:53:46 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.

Error: (09/12/2015 11:53:44 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.

Error: (09/12/2015 11:53:27 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.

Error: (09/12/2015 11:36:22 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.

Error: (09/12/2015 11:36:19 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.

Error: (09/12/2015 11:36:15 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.

Error: (09/12/2015 11:36:15 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.

Error: (09/12/2015 11:35:44 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.

Error: (09/12/2015 11:35:17 AM) (Source: DptfEvent) (EventID: 2) (User: )
Description: DptfPolicyLpmServiceHelper
WinMain:  CreateSharedMemory() failed.
Session ID = 2


Systemfehler:
=============
Error: (09/12/2015 11:40:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (09/12/2015 11:40:33 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Martin\AppData\Local\Temp\ehdrv.sys

Error: (09/12/2015 11:40:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (09/12/2015 11:40:33 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Martin\AppData\Local\Temp\ehdrv.sys

Error: (09/12/2015 11:40:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (09/12/2015 11:40:33 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Martin\AppData\Local\Temp\ehdrv.sys

Error: (09/12/2015 10:04:48 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (09/12/2015 10:04:48 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (09/11/2015 11:50:02 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/11/2015 11:50:02 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Update Service Daemon" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office:
=========================
Error: (09/12/2015 02:41:03 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (09/12/2015 11:53:46 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Users\Martin\Desktop\esetsmartinstaller_deu.exe

Error: (09/12/2015 11:53:44 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Users\Martin\Desktop\esetsmartinstaller_deu.exe

Error: (09/12/2015 11:53:27 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\$Recycle.Bin\S-1-5-21-3515464670-2770779577-3274627398-1002\$RS89PDC.exe

Error: (09/12/2015 11:36:22 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Users\Martin\Desktop\esetsmartinstaller_deu.exe

Error: (09/12/2015 11:36:19 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Users\Martin\Desktop\esetsmartinstaller_deu.exe

Error: (09/12/2015 11:36:15 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Users\Martin\Desktop\esetsmartinstaller_deu.exe

Error: (09/12/2015 11:36:15 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Users\Martin\Desktop\esetsmartinstaller_deu.exe

Error: (09/12/2015 11:35:44 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Users\Martin\Desktop\esetsmartinstaller_deu.exe

Error: (09/12/2015 11:35:17 AM) (Source: DptfEvent) (EventID: 2) (User: )
Description: DptfPolicyLpmServiceHelperWinMain:  CreateSharedMemory() failed.Session ID = 2


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Prozentuale Nutzung des RAM: 28%
Installierter physikalischer RAM: 8075.21 MB
Verfügbarer physikalischer RAM: 5778.08 MB
Summe virtueller Speicher: 16267.21 MB
Verfügbarer virtueller Speicher: 14079.32 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:372.16 GB) (Free:276.22 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive d: (Data) (Fixed) (Total:537.8 GB) (Free:537.64 GB) NTFS
Drive f: (My Passport) (Fixed) (Total:931.48 GB) (Free:841.65 GB) NTFS
Drive g: () (Removable) (Total:29.8 GB) (Free:0.09 GB) FAT32
Drive h: (FLASH DRIVE) (Removable) (Total:3.72 GB) (Free:0.51 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 57788C0B)

Partition: GPT.

========================================================
Disk: 1 (Size: 22.4 GB) (Disk ID: D6909034)

Partition: GPT.

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: C5830A6C)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 29.8 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 3.7 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=3.7 GB) - (Type=0C)

==================== Ende von Addition.txt ============================
         
Habe beim ESET meine Externe und 2 USB-Sticks angeschlossen. Wurden die dann auch überprüft?
Kann ich jetzt davon ausgehen, dass alle Bedrohungen und so weiter von meinem Laptop weg sind und die ganzen Programme wieder löschen?

Schon mal danke ... und sorry, aber habe von solchen Sachen wirklich wenig Ahnung

Gruß,
Martsch

Alt 13.09.2015, 10:10   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Links über Skype und Mails werden verschickt - aber nicht von mir - Standard

Links über Skype und Mails werden verschickt - aber nicht von mir



Ja, alles gut

Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren .
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:

Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie .
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 13.09.2015, 12:45   #10
Martsch
 
Links über Skype und Mails werden verschickt - aber nicht von mir - Standard

Links über Skype und Mails werden verschickt - aber nicht von mir



Perfekt!

Danke für Deine Hilfe und die Tipps

Gruß,
Martsch

Alt 14.09.2015, 06:45   #11
schrauber
/// the machine
/// TB-Ausbilder
 

Links über Skype und Mails werden verschickt - aber nicht von mir - Standard

Links über Skype und Mails werden verschickt - aber nicht von mir



Gern Geschehen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Links über Skype und Mails werden verschickt - aber nicht von mir
adobe, computer, cpu, defender, dnsapi.dll, email account versendet spammails, error, explorer, firewall, installation, monitor, mozilla, officejet, onedrive, prozesse, realtek, registry, rundll, scan, services.exe, skype spam, software, svchost.exe, symantec, system, updates, virus, windows, winlogon.exe, wlan



Ähnliche Themen: Links über Skype und Mails werden verschickt - aber nicht von mir


  1. Skype verschickt automatisch Links an alle meine Kontakte
    Plagegeister aller Art und deren Bekämpfung - 14.10.2015 (12)
  2. Spam Mails werden von meinem Mailacount verschickt
    Plagegeister aller Art und deren Bekämpfung - 18.09.2015 (15)
  3. WEB.de Mails werden ungewollt verschickt
    Plagegeister aller Art und deren Bekämpfung - 12.09.2015 (8)
  4. Skype verschickt Nachrichten mit Links an meine Kontakte
    Plagegeister aller Art und deren Bekämpfung - 03.09.2015 (3)
  5. Skype Verschickt automatisch Links an Kontakte (wahrscheinlich Trojaner)
    Plagegeister aller Art und deren Bekämpfung - 31.08.2015 (10)
  6. Skype verschickt komische Nachrichten-{hi}Benutzername!{mess}{links}usw.
    Smartphone, Tablet & Handy Security - 08.07.2015 (2)
  7. E-Mails mit Links von AOL Konto verschickt
    Plagegeister aller Art und deren Bekämpfung - 22.04.2014 (18)
  8. Computer verschickt offensichtlich Spam-Mails über t-online-account
    Log-Analyse und Auswertung - 23.10.2013 (2)
  9. Spam E-Mails werden automatisch über GMX-Account verschickt
    Plagegeister aller Art und deren Bekämpfung - 19.06.2012 (1)
  10. Über meinen GMX Account werden Spam E-Mails verschickt
    Plagegeister aller Art und deren Bekämpfung - 08.05.2012 (1)
  11. PC verschickt Spam-Mails über Yahoo-Konto
    Log-Analyse und Auswertung - 19.01.2012 (10)
  12. unbekannte Mails werden von meinem web.de account verschickt
    Plagegeister aller Art und deren Bekämpfung - 09.01.2012 (40)
  13. Facebookvirus verschickt über meinen Account Links
    Log-Analyse und Auswertung - 12.12.2011 (29)
  14. Windows Mail verschickt Spam-Mails über meinen Account
    Plagegeister aller Art und deren Bekämpfung - 19.10.2011 (26)
  15. Virus der Sich über Skype verschickt
    Log-Analyse und Auswertung - 26.09.2010 (21)
  16. Virus der sich über skype verschickt! h**p://facebook.twitterbizzer.com/photo_id.php
    Log-Analyse und Auswertung - 27.08.2010 (17)
  17. Mails werden in meinem Namen verschickt
    Plagegeister aller Art und deren Bekämpfung - 18.05.2005 (1)

Zum Thema Links über Skype und Mails werden verschickt - aber nicht von mir - Hallo ich habe ein Problem. Seit einiger Zeit tauchen in meinem Mail-Eingang immer wieder Mails auf in denen steht, dass irgendwelche Nachrichten nicht zugestellt werden konnten. Diese Nachrichten habe ich - Links über Skype und Mails werden verschickt - aber nicht von mir...
Archiv
Du betrachtest: Links über Skype und Mails werden verschickt - aber nicht von mir auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.