Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Bank Austria Onlinebanking, falsche Webseite

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 23.10.2015, 08:28   #1
ferdimax
 
Bank Austria Onlinebanking, falsche Webseite - Standard

Bank Austria Onlinebanking, falsche Webseite



Hallo!
Bin zum Ersten Mal hier, bitte um Nachsicht!
Hab mein Problem unter dem bereits ereldigtem Thread
"Bank Austria Onlinebanking - Trojaner" am Board gefunden!
http://www.trojaner-board.de/169030-...-trojaner.html
Da ich hier nicht sonderlich versiert bin meine Frage ob ich das ganze Prozedere so abarbeiten soll od. ob sich dabei geklärt hat wo ich nun direkt ansetzten kann um den Trojaner weg zu bekommen!

Danke für eure Hilfe!

Alt 23.10.2015, 08:51   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Bank Austria Onlinebanking, falsche Webseite - Standard

Bank Austria Onlinebanking, falsche Webseite



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 07.11.2015, 11:00   #3
ferdimax
 
Bank Austria Onlinebanking, falsche Webseite - Standard

Bank Austria Onlinebanking, falsche Webseite



Hallo!
Hat ein wenig gedauert, aber jetzt!

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-11-2015
durchgeführt von Herbert.Bruckmueller (Administrator) auf HERBERT-HP (07-11-2015 11:50:06)
Gestartet von C:\Users\herbert.bruckmueller\Downloads
Geladene Profile: Herbert.Bruckmueller (Verfügbare Profile: Herbert.Bruckmueller & herbert & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Remote Monitoring) C:\Program Files (x86)\Advanced Monitoring Agent\winagent.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Bitdefender) C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\EndpointIntegration.exe
(Bitdefender) C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\EndpointService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files (x86)\ownCloud\owncloud.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(GFI Software Development Ltd.) C:\Program Files (x86)\Advanced Monitoring Agent\patchman\lnssatt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Bitdefender) C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\UpdateService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Bitdefender) C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\Console.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(LogicNow Ltd) C:\Program Files\Advanced Monitoring Agent Network Management\NetworkManagement.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(LogicNow Ltd) C:\Program Files\Managed Antivirus\Managed Antivirus Master Service\ManagedAntivirus.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2919992 2011-01-27] (Hewlett-Packard Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2803496 2011-06-24] (Synaptics Incorporated)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [615584 2011-01-06] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2011-01-06] (Atheros Commnucations)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [835072 2011-01-27] (IDT, Inc.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [299576 2011-01-28] (Hewlett-Packard Company)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation)
HKLM-x32\...\Run: [HPConnectionManager] => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [94264 2011-04-05] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\...\Run: [ownCloud] => C:\Program Files (x86)\ownCloud\owncloud.exe [1704974 2015-10-21] ()
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\...\MountPoints2: {7e879ff7-2927-11e5-8933-68a3c4f13d1d} - G:\AutoRun.exe
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\...\MountPoints2: {7e87a00c-2927-11e5-8933-68a3c4f13d1d} - G:\AutoRun.exe
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\...\MountPoints2: {e96b72f9-391d-11e5-aa11-68a3c4f13d1d} - G:\AutoRun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\windows\System32\SPReview\SPReview.exe [301568 2015-03-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCErrorShared] -> {0960F091-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCSyncShared] -> {0960F095-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCWarningShared] -> {0960F097-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Outlook 2010.lnk [2015-03-05]
ShortcutTarget: Microsoft Outlook 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe ()
Startup: C:\Users\herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\aBMainFX - Verknüpfung.lnk [2015-03-05]
ShortcutTarget: aBMainFX - Verknüpfung.lnk -> \\SRVBER\artBase\aB-Agenta Programm\aBMainFX.exe (Keine Datei)
Startup: C:\Users\herbert.bruckmueller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\aBMainFX - Verknüpfung.lnk [2015-03-05]
ShortcutTarget: aBMainFX - Verknüpfung.lnk -> \\SRVBER\artBase\aB-Agenta Programm\aBMainFX.exe (Keine Datei)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

AutoConfigURL: [S-1-5-21-2274497662-1395199413-223734523-1123] => hxxps://tonnelrock.net/tonnel.js
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{4D81B0A2-95DD-45B4-88CE-7F88B7454444}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{666BA3F3-F79E-49C5-BBB4-558596EF1C92}: [DhcpNameServer] 192.168.3.10
Tcpip\..\Interfaces\{C72A97B7-69C3-42BF-90C4-A85317D8F4EB}: [NameServer]  
Tcpip\..\Interfaces\{C72A97B7-69C3-42BF-90C4-A85317D8F4EB}: [DhcpNameServer] 194.48.128.199 194.48.139.254
Tcpip\..\Interfaces\{CBA08DEB-ACD3-4B93-9CDF-84E237E532BE}: [NameServer] 194.48.139.254 194.48.128.199

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: PDFXChange 2012 -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} -> C:\Program Files\Tracker Software\PDF-XChange 5\Win32\PXCIEaddin5.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-22] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-06] (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-22] (Oracle Corporation)
Toolbar: HKLM-x32 - PDFXChange 2012 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange 5\Win32\PXCIEaddin5.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)

FireFox:
========
FF ProfilePath: C:\Users\herbert.bruckmueller\AppData\Roaming\Mozilla\Firefox\Profiles\otkxoekz.default
FF SearchEngineOrder.1: Ask Search
FF SelectedSearchEngine: Google
FF Homepage: hxxps://www.google.at/?gws_rd=ssl
FF NetworkProxy: "autoconfig_url", "https://tonnelrock.net/tonnel.js"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-18] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2274497662-1395199413-223734523-1123: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)

Chrome: 
=======
CHR Profile: C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-26]
CHR Extension: (Docs) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-26]
CHR Extension: (Google Drive) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-27]
CHR Extension: (YouTube) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-26]
CHR Extension: (Google-Suche) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-27]
CHR Extension: (Google Tabellen) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-26]
CHR Extension: (Google Präsentationen) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-21]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-27]
CHR Extension: (Google Mail) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-27]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Advanced Monitoring Agent; C:\Program Files (x86)\Advanced Monitoring Agent\winagent.exe [8523264 2015-10-21] (Remote Monitoring) [Datei ist nicht signiert]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-01-06] (Atheros) [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [53920 2011-01-06] (Atheros Commnucations) [Datei ist nicht signiert]
R2 EndpointIntegration; C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\EndpointIntegration.exe [398480 2015-05-20] (Bitdefender)
R2 EndpointService; C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\EndpointService.exe [398480 2015-05-20] (Bitdefender)
S2 epag; C:\Program Files\Common Files\IT@WORK GmbH Antivirus\Endpoint Agent\epag.exe [3580632 2015-06-12] (Bitdefender)
R2 gfi_lanss11_attservice; C:\Program Files (x86)\Advanced Monitoring Agent\patchman\lnssatt.exe [118640 2012-07-17] (GFI Software Development Ltd.)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [281656 2011-01-28] (Hewlett-Packard Company)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 ManagedAntivirus; C:\Program Files\Managed Antivirus\Managed Antivirus Master Service\ManagedAntivirus.exe [278248 2015-11-03] (LogicNow Ltd)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [655712 2012-05-09] ()
R2 NetworkManagement; C:\Program Files\Advanced Monitoring Agent Network Management\NetworkManagement.exe [191208 2015-10-21] (LogicNow Ltd)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5490448 2015-06-18] (TeamViewer GmbH)
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
R2 UpdateService; C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\UpdateService.exe [398480 2015-05-20] (Bitdefender)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1369288 2015-05-28] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [747120 2015-05-28] (BitDefender)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2015-02-11] (GFI Software)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [161592 2015-07-22] (BitDefender LLC)
S3 hitmanpro37; C:\windows\system32\drivers\hitmanpro37.sys [41080 2015-10-13] ()
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [238080 2012-04-23] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1826048 2010-12-21] ()
R2 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-16] (BitDefender S.R.L.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-07 11:50 - 2015-11-07 11:51 - 00025322 _____ C:\Users\herbert.bruckmueller\Downloads\FRST.txt
2015-11-07 11:48 - 2015-11-07 11:50 - 00000000 ____D C:\FRST
2015-11-07 11:48 - 2015-11-07 11:48 - 02198528 _____ (Farbar) C:\Users\herbert.bruckmueller\Downloads\FRST64.exe
2015-11-04 13:29 - 2015-11-04 13:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-02 11:41 - 2015-11-02 11:41 - 00028806 _____ C:\Users\herbert.bruckmueller\Desktop\Kopie von Herbert Kunden Report 2015.xlsx
2015-10-29 09:13 - 2015-10-29 09:14 - 00000000 ____D C:\Users\herbert.bruckmueller\Desktop\Katzinger
2015-10-27 10:30 - 2015-10-27 10:30 - 00000376 _____ C:\windows\PFRO.log
2015-10-19 08:46 - 2015-10-19 08:46 - 00026500 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(5).aspx
2015-10-19 08:46 - 2015-10-19 08:46 - 00026500 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(4).aspx
2015-10-19 08:45 - 2015-10-19 08:45 - 00026299 _____ C:\Users\herbert.bruckmueller\Downloads\FileView.aspx
2015-10-19 08:45 - 2015-10-19 08:45 - 00026299 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(3).aspx
2015-10-19 08:45 - 2015-10-19 08:45 - 00026299 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(2).aspx
2015-10-19 08:45 - 2015-10-19 08:45 - 00026299 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(1).aspx
2015-10-15 10:01 - 2015-10-15 10:01 - 00001251 _____ C:\Users\herbert.bruckmueller\Desktop\SIVAG Wiki.lnk
2015-10-15 09:58 - 2015-11-07 11:51 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\Local\ownCloud
2015-10-15 09:58 - 2015-10-27 10:32 - 00000000 ____D C:\Users\herbert.bruckmueller\SIVAG Wiki
2015-10-15 09:57 - 2015-10-29 09:15 - 00001019 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ownCloud.lnk
2015-10-15 09:57 - 2015-10-29 09:15 - 00001007 _____ C:\Users\Public\Desktop\ownCloud.lnk
2015-10-15 09:56 - 2015-10-29 09:15 - 00000000 ____D C:\Program Files (x86)\ownCloud
2015-10-15 09:50 - 2015-10-15 09:52 - 39174288 _____ (ownCloud) C:\Users\herbert.bruckmueller\Downloads\ownCloud-2.0.1.5446-setup.exe
2015-10-13 12:32 - 2015-10-13 12:32 - 00041080 _____ C:\windows\system32\Drivers\hitmanpro37.sys
2015-10-13 09:27 - 2015-10-13 12:34 - 00000000 ____D C:\Program Files\HitmanPro
2015-10-13 09:27 - 2015-10-13 10:20 - 00000000 ____D C:\ProgramData\HitmanPro
2015-10-13 09:24 - 2015-10-13 09:24 - 13380715 _____ C:\Users\herbert.bruckmueller\Downloads\HitmanPro_3.7.9.242.zip
2015-10-13 09:22 - 2015-10-22 10:44 - 00000000 ____D C:\Users\herbert.bruckmueller\.oracle_jre_usage
2015-10-13 09:22 - 2015-10-13 09:22 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\Roaming\Sun
2015-10-13 09:22 - 2015-10-13 09:22 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\LocalLow\Sun
2015-10-13 09:21 - 2015-10-22 10:44 - 00000000 ____D C:\ProgramData\Oracle
2015-10-13 09:21 - 2015-10-22 10:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-13 09:21 - 2015-10-22 10:43 - 00097888 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2015-10-13 09:21 - 2015-10-22 10:43 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-13 09:20 - 2015-10-13 09:20 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\LocalLow\Oracle
2015-10-13 09:19 - 2015-10-13 09:19 - 00584288 _____ (Oracle Corporation) C:\Users\herbert.bruckmueller\Downloads\jxpiinstall.exe
2015-10-13 09:14 - 2015-10-13 09:14 - 01457952 _____ C:\Users\herbert.bruckmueller\Downloads\HitmanPro Alert - CHIP-Installer.exe
2015-10-12 18:25 - 2015-10-13 00:53 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2015-10-12 15:21 - 2015-11-03 18:29 - 00000616 _____ C:\windows\setupact.log
2015-10-12 15:21 - 2015-10-12 15:21 - 00000000 _____ C:\windows\setuperr.log
2015-10-12 15:09 - 2015-10-13 07:55 - 00000000 ____D C:\AdwCleaner
2015-10-12 15:08 - 2015-10-12 15:08 - 01682432 _____ C:\Users\herbert.bruckmueller\Downloads\adwcleaner_5.013.exe
2015-10-12 13:35 - 2015-07-30 14:13 - 00124624 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-10-12 13:35 - 2015-07-30 14:13 - 00103120 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-10-12 12:54 - 2015-07-23 01:06 - 05568960 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-10-12 12:54 - 2015-07-23 01:03 - 01730496 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-10-12 12:54 - 2015-07-23 01:03 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-10-12 12:54 - 2015-07-23 01:03 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-10-12 12:54 - 2015-07-23 01:03 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-10-12 12:54 - 2015-07-23 01:03 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 01390592 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-10-12 12:54 - 2015-07-23 01:02 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-10-12 12:54 - 2015-07-23 01:02 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-10-12 12:54 - 2015-07-23 01:01 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-10-12 12:54 - 2015-07-23 00:52 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:57 - 03989952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-10-12 12:54 - 2015-07-22 18:57 - 03934656 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-10-12 12:54 - 2015-07-22 18:54 - 01311768 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-10-12 12:54 - 2015-07-22 18:53 - 00641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2015-10-12 12:54 - 2015-07-22 18:53 - 00635392 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2015-10-12 12:54 - 2015-07-22 18:53 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-10-12 12:54 - 2015-07-22 18:53 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-10-12 12:54 - 2015-07-22 18:52 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-10-12 12:54 - 2015-07-22 18:52 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-10-12 12:54 - 2015-07-22 18:52 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-10-12 12:54 - 2015-07-22 18:52 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 17:48 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2015-10-12 12:54 - 2015-07-22 17:34 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-10-12 12:54 - 2015-07-22 17:34 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-10-12 12:54 - 2015-07-22 17:31 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 17:31 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 17:31 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 17:31 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-12 12:54 - 2015-07-15 04:19 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\basesrv.dll
2015-10-12 12:54 - 2015-06-09 19:03 - 03180544 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2015-10-12 12:54 - 2015-06-09 19:03 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2015-10-12 12:53 - 2015-07-30 19:06 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2015-10-12 12:53 - 2015-07-30 19:06 - 01648128 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-10-12 12:53 - 2015-07-30 19:06 - 01180160 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-10-12 12:53 - 2015-07-30 18:57 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2015-10-12 12:53 - 2015-07-30 18:57 - 01251328 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2015-10-12 12:53 - 2015-07-15 19:15 - 00094656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2015-10-12 12:53 - 2015-07-15 19:10 - 01743360 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2015-10-12 12:53 - 2015-07-15 19:10 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2015-10-12 12:53 - 2015-07-15 04:17 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2015-10-12 12:53 - 2015-07-15 03:54 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2015-10-12 12:53 - 2015-06-02 01:07 - 00254976 _____ (Microsoft Corporation) C:\windows\system32\cewmdm.dll
2015-10-12 12:53 - 2015-06-02 00:47 - 00210432 _____ (Microsoft Corporation) C:\windows\SysWOW64\cewmdm.dll
2015-10-12 12:52 - 2015-08-05 19:02 - 00157016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-10-12 12:52 - 2015-08-05 19:02 - 00097112 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-10-12 12:52 - 2015-08-05 18:56 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 01216512 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 01110016 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00729088 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\icaapi.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-10-12 12:52 - 2015-08-05 18:55 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-10-12 12:52 - 2015-08-05 18:55 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-10-12 12:52 - 2015-08-05 18:50 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-10-12 12:52 - 2015-08-05 18:50 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-10-12 12:52 - 2015-08-05 18:46 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-10-12 12:52 - 2015-08-05 18:41 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-10-12 12:52 - 2015-08-05 18:41 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-10-12 12:52 - 2015-08-05 18:41 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-10-12 12:52 - 2015-08-05 18:41 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-10-12 12:52 - 2015-08-05 18:40 - 00552960 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-10-12 12:52 - 2015-08-05 18:40 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-10-12 12:52 - 2015-08-05 18:40 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-10-12 12:52 - 2015-08-05 18:40 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll
2015-10-12 12:52 - 2015-08-05 18:40 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2015-10-12 12:52 - 2015-08-05 18:40 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-10-12 12:52 - 2015-08-05 18:39 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2015-10-12 12:52 - 2015-08-05 18:39 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-10-12 12:52 - 2015-08-05 18:39 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-10-12 12:52 - 2015-08-05 18:34 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-10-12 12:52 - 2015-08-05 18:34 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-10-12 12:52 - 2015-08-05 18:30 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-10-12 12:52 - 2015-08-05 18:06 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2015-10-12 12:52 - 2015-08-05 17:38 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2015-10-12 12:52 - 2015-08-05 17:37 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2015-10-12 12:52 - 2015-08-05 17:37 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2015-10-12 12:52 - 2015-08-04 19:03 - 00692672 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2015-10-12 12:52 - 2015-08-04 19:00 - 00616360 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2015-10-12 12:52 - 2015-08-04 18:56 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2015-10-12 12:52 - 2015-08-04 18:56 - 00059392 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2015-10-12 12:52 - 2015-08-04 18:56 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2015-10-12 12:52 - 2015-08-04 18:55 - 00147456 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2015-10-12 12:52 - 2015-08-04 18:55 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2015-10-12 12:52 - 2015-08-04 18:47 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2015-10-12 12:52 - 2015-08-04 17:58 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2015-10-12 12:52 - 2015-07-16 20:12 - 06131200 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2015-10-12 12:52 - 2015-07-16 20:12 - 00856064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2015-10-12 12:52 - 2015-07-16 20:12 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2015-10-12 12:52 - 2015-07-16 20:11 - 07077376 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-10-12 12:52 - 2015-07-16 20:11 - 01057792 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2015-10-12 12:52 - 2015-07-16 20:11 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2015-10-12 12:52 - 2015-07-11 14:15 - 00429568 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2015-10-12 12:52 - 2015-06-25 11:06 - 00115136 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2015-10-12 12:52 - 2015-06-25 11:01 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2015-10-12 12:52 - 2015-06-25 11:01 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2015-10-12 12:52 - 2015-06-25 10:44 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2015-10-12 12:51 - 2015-09-25 19:07 - 03168768 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-10-12 12:51 - 2015-09-25 19:07 - 02607104 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-10-12 12:51 - 2015-09-25 19:07 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-10-12 12:51 - 2015-09-25 19:07 - 00192512 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-10-12 12:51 - 2015-09-25 19:07 - 00098816 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-10-12 12:51 - 2015-09-25 19:07 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-10-12 12:51 - 2015-09-25 19:07 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-10-12 12:51 - 2015-09-25 19:06 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-10-12 12:51 - 2015-09-25 19:06 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-10-12 12:51 - 2015-09-25 19:06 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-10-12 12:51 - 2015-09-25 19:06 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-10-12 12:51 - 2015-09-25 18:59 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-10-12 12:51 - 2015-09-25 18:59 - 00174080 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-10-12 12:51 - 2015-09-25 18:59 - 00093696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-10-12 12:51 - 2015-09-25 18:59 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-10-12 12:51 - 2015-09-25 18:58 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-10-12 12:51 - 2015-09-18 20:22 - 00025432 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2015-10-12 12:51 - 2015-09-18 20:19 - 01291264 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-10-12 12:51 - 2015-09-18 20:19 - 00766464 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-10-12 12:51 - 2015-09-18 20:19 - 00700416 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-10-12 12:51 - 2015-09-18 20:19 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-10-12 12:51 - 2015-09-18 20:19 - 00073216 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-10-12 12:51 - 2015-09-18 20:09 - 01163776 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-10-12 12:51 - 2015-07-09 18:57 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\notepad.exe
2015-10-12 12:51 - 2015-07-09 18:57 - 00193536 _____ (Microsoft Corporation) C:\windows\notepad.exe
2015-10-12 12:51 - 2015-07-09 18:42 - 00179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\notepad.exe
2015-10-12 12:51 - 2015-07-04 19:07 - 02087424 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2015-10-12 12:51 - 2015-07-04 18:48 - 01414656 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2015-10-12 12:51 - 2015-07-01 21:49 - 00260096 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2015-10-12 12:51 - 2015-07-01 21:48 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2015-10-12 12:51 - 2015-07-01 21:30 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2015-10-12 12:51 - 2015-07-01 21:30 - 00082432 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
2015-10-12 12:51 - 2015-06-17 18:47 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-10-12 12:51 - 2015-06-17 18:37 - 00312320 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2015-10-12 12:51 - 2015-06-15 22:45 - 03242496 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2015-10-12 12:51 - 2015-06-15 22:45 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2015-10-12 12:51 - 2015-06-15 22:44 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2015-10-12 12:51 - 2015-06-15 22:43 - 02364416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2015-10-12 12:51 - 2015-06-15 22:43 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2015-10-12 12:51 - 2015-06-15 22:42 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2015-10-12 12:51 - 2015-06-15 22:42 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2015-10-12 12:51 - 2015-06-15 22:37 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
2015-10-12 12:36 - 2015-08-18 02:42 - 00393304 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-10-12 12:36 - 2015-08-18 02:14 - 00344168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-10-12 12:36 - 2015-08-15 07:48 - 25190400 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-10-12 12:36 - 2015-08-15 07:34 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-10-12 12:36 - 2015-08-15 07:33 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-10-12 12:36 - 2015-08-15 07:18 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-10-12 12:36 - 2015-08-15 07:18 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-10-12 12:36 - 2015-08-15 07:17 - 02886144 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-10-12 12:36 - 2015-08-15 07:17 - 00585216 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-10-12 12:36 - 2015-08-15 07:17 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-10-12 12:36 - 2015-08-15 07:17 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-10-12 12:36 - 2015-08-15 07:10 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-10-12 12:36 - 2015-08-15 07:09 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-10-12 12:36 - 2015-08-15 07:06 - 19856896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-10-12 12:36 - 2015-08-15 07:06 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-10-12 12:36 - 2015-08-15 07:04 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-10-12 12:36 - 2015-08-15 07:04 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-10-12 12:36 - 2015-08-15 07:04 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-10-12 12:36 - 2015-08-15 07:04 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-10-12 12:36 - 2015-08-15 07:00 - 05923328 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-10-12 12:36 - 2015-08-15 06:57 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-10-12 12:36 - 2015-08-15 06:53 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-10-12 12:36 - 2015-08-15 06:53 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-10-12 12:36 - 2015-08-15 06:46 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-10-12 12:36 - 2015-08-15 06:42 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-10-12 12:36 - 2015-08-15 06:41 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-10-12 12:36 - 2015-08-15 06:40 - 00504832 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-10-12 12:36 - 2015-08-15 06:40 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-10-12 12:36 - 2015-08-15 06:39 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-10-12 12:36 - 2015-08-15 06:39 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-10-12 12:36 - 2015-08-15 06:39 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-10-12 12:36 - 2015-08-15 06:38 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-10-12 12:36 - 2015-08-15 06:35 - 02279424 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-10-12 12:36 - 2015-08-15 06:33 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-10-12 12:36 - 2015-08-15 06:32 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-10-12 12:36 - 2015-08-15 06:30 - 00479232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-10-12 12:36 - 2015-08-15 06:29 - 00665600 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-10-12 12:36 - 2015-08-15 06:29 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-10-12 12:36 - 2015-08-15 06:29 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-10-12 12:36 - 2015-08-15 06:24 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-10-12 12:36 - 2015-08-15 06:23 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-10-12 12:36 - 2015-08-15 06:22 - 02126336 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-10-12 12:36 - 2015-08-15 06:22 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-10-12 12:36 - 2015-08-15 06:21 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-10-12 12:36 - 2015-08-15 06:16 - 14451712 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-10-12 12:36 - 2015-08-15 06:16 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-12 12:36 - 2015-08-15 06:14 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-10-12 12:36 - 2015-08-15 06:12 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-10-12 12:36 - 2015-08-15 06:11 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-10-12 12:36 - 2015-08-15 06:10 - 04520448 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-10-12 12:36 - 2015-08-15 06:07 - 02427392 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-10-12 12:36 - 2015-08-15 06:04 - 12857344 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-10-12 12:36 - 2015-08-15 06:02 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-10-12 12:36 - 2015-08-15 06:01 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-10-12 12:36 - 2015-08-15 06:01 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-10-12 12:36 - 2015-08-15 05:55 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-10-12 12:36 - 2015-08-15 05:43 - 01951232 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-10-12 12:36 - 2015-08-15 05:43 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-10-12 12:36 - 2015-08-15 05:39 - 01310720 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-10-12 12:36 - 2015-08-15 05:37 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00984448 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00901264 _____ (Microsoft Corporation) C:\windows\SysWOW64\ucrtbase.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00066400 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00063840 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00022368 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00020832 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-12 12:36 - 2015-07-09 18:58 - 01632256 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2015-10-12 12:36 - 2015-07-09 18:58 - 00082944 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2015-10-12 12:36 - 2015-07-09 18:42 - 01372160 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2015-10-12 12:36 - 2015-07-09 18:42 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmapi.dll
2015-10-12 12:31 - 2015-08-27 19:18 - 02004480 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2015-10-12 12:31 - 2015-08-27 19:18 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-10-12 12:31 - 2015-08-27 19:13 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2015-10-12 12:31 - 2015-08-27 19:13 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-10-12 12:31 - 2015-08-27 18:58 - 01391104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2015-10-12 12:31 - 2015-08-27 18:58 - 01241088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2015-10-12 12:31 - 2015-08-27 18:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2015-10-12 12:31 - 2015-08-27 18:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2015-10-12 12:31 - 2015-07-10 18:51 - 14177280 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-10-12 12:31 - 2015-07-10 18:34 - 12875776 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2015-10-12 12:22 - 2015-09-02 04:04 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-10-12 12:22 - 2015-09-02 04:04 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-10-12 12:22 - 2015-09-02 04:04 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-10-12 12:22 - 2015-09-02 04:04 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-10-12 12:22 - 2015-09-02 03:48 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2015-10-12 12:22 - 2015-09-02 03:48 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-10-12 12:22 - 2015-09-02 03:48 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2015-10-12 12:22 - 2015-09-02 03:47 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2015-10-12 12:22 - 2015-09-02 02:51 - 03209216 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-10-12 12:22 - 2015-09-02 02:47 - 00372736 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-10-12 12:22 - 2015-09-02 02:33 - 00299520 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-10-12 12:05 - 2015-10-12 12:05 - 00000000 ____D C:\Program Files\Common Files\AV
2015-10-12 12:02 - 2015-10-12 12:02 - 00000000 ____D C:\windows\System32\Tasks\Safer-Networking
2015-10-12 12:01 - 2015-10-12 13:07 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-10-12 12:01 - 2015-10-12 12:16 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-10-12 12:01 - 2015-10-12 12:01 - 00001391 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-10-12 12:01 - 2015-10-12 12:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-10-12 12:01 - 2013-09-20 09:49 - 00021040 _____ (Safer Networking Limited) C:\windows\system32\sdnclean64.exe
2015-10-12 11:54 - 2015-10-12 11:54 - 01457952 _____ C:\Users\herbert.bruckmueller\Downloads\SpyBot Search Destroy - CHIP-Installer.exe
2015-10-12 11:53 - 2015-10-12 11:53 - 06677440 _____ (Piriform Ltd) C:\Users\herbert.bruckmueller\Downloads\ccsetup510.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-07 11:50 - 2015-09-07 07:36 - 419922944 _____ C:\Users\herbert.bruckmueller\Documents\herbert.bruckmueller@sivag.at
2015-11-07 11:50 - 2015-03-26 19:39 - 00001110 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-07 11:47 - 2015-03-05 20:49 - 01358562 _____ C:\windows\WindowsUpdate.log
2015-11-07 11:43 - 2011-05-03 19:08 - 00705108 _____ C:\windows\system32\perfh007.dat
2015-11-07 11:43 - 2011-05-03 19:08 - 00151476 _____ C:\windows\system32\perfc007.dat
2015-11-07 11:43 - 2009-07-14 06:13 - 01629436 _____ C:\windows\system32\PerfStringBackup.INI
2015-11-07 11:41 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-07 11:41 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-07 11:39 - 2015-03-26 19:39 - 00001106 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-07 11:34 - 2015-04-08 07:07 - 00003222 _____ C:\windows\System32\Tasks\HPCeeScheduleForHERBERT-HP$
2015-11-07 11:34 - 2015-04-08 07:07 - 00000346 _____ C:\windows\Tasks\HPCeeScheduleForHERBERT-HP$.job
2015-11-07 11:34 - 2015-03-06 12:41 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-11-07 11:34 - 2015-03-05 15:30 - 00000000 ____D C:\Program Files (x86)\Advanced Monitoring Agent
2015-11-07 11:34 - 2015-03-05 13:37 - 00000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini
2015-11-04 13:34 - 2015-03-05 14:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-03 19:31 - 2011-05-03 19:23 - 00000000 ____D C:\ProgramData\PDFC
2015-11-03 18:29 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-11-03 09:53 - 2015-03-05 13:43 - 00000128 _____ C:\windows\system32\config\netlogon.ftl
2015-11-02 18:20 - 2015-03-11 13:21 - 00000000 ____D C:\Users\herbert.bruckmueller\Documents\Bluetooth Folder
2015-10-29 17:58 - 2015-08-31 08:21 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-10-29 10:57 - 2015-09-16 07:49 - 00000000 ____D C:\Users\herbert.bruckmueller\Desktop\PRO MAKLER
2015-10-28 09:24 - 2015-03-23 10:28 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\Local\CrashDumps
2015-10-27 10:52 - 2015-03-26 19:40 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-23 12:07 - 2015-08-31 08:21 - 00000000 ____D C:\Program Files\Advanced Monitoring Agent Network Management
2015-10-22 12:43 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\NDF
2015-10-22 08:48 - 2015-09-03 08:14 - 00000000 ____D C:\ProgramData\ManagedAntivirus
2015-10-20 11:15 - 2015-03-05 14:10 - 00000000 ____D C:\Users\herbert.bruckmueller\Documents\Eigene Dateien
2015-10-18 17:53 - 2015-03-06 12:41 - 00780488 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-10-18 17:53 - 2015-03-06 12:41 - 00142536 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-18 17:53 - 2015-03-06 12:41 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-10-15 09:58 - 2015-03-11 13:21 - 00000000 ____D C:\Users\herbert.bruckmueller
2015-10-15 09:57 - 2015-07-02 08:31 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-13 07:30 - 2015-09-28 08:55 - 00113880 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-12 16:04 - 2015-03-05 20:55 - 00000000 ____D C:\windows\rescache
2015-10-12 14:54 - 2015-03-05 15:45 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-10-12 14:54 - 2015-03-05 15:45 - 00000000 ____D C:\Program Files\CCleaner
2015-10-12 14:38 - 2015-03-11 13:21 - 00000000 ___RD C:\Users\herbert.bruckmueller\Virtual Machines
2015-10-12 14:22 - 2015-03-05 16:39 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-10-12 14:22 - 2015-03-05 16:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-10-12 14:22 - 2009-07-14 05:45 - 00410232 _____ C:\windows\system32\FNTCACHE.DAT
2015-10-12 14:18 - 2015-04-15 14:48 - 00000000 ___SD C:\windows\system32\CompatTel
2015-10-12 14:18 - 2015-04-15 14:48 - 00000000 ____D C:\windows\system32\appraiser
2015-10-12 14:18 - 2015-04-07 10:33 - 00000000 ___SD C:\windows\SysWOW64\GWX
2015-10-12 14:18 - 2015-04-07 10:33 - 00000000 ___SD C:\windows\system32\GWX
2015-10-12 14:18 - 2009-07-27 15:36 - 00000000 ____D C:\Program Files\Windows Journal
2015-10-12 14:18 - 2009-07-14 04:20 - 00000000 ____D C:\windows\PolicyDefinitions
2015-10-12 13:39 - 2015-03-05 13:58 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-12 13:31 - 2015-03-06 12:44 - 00000000 ____D C:\windows\system32\MRT
2015-10-12 13:08 - 2009-07-14 03:34 - 00000478 _____ C:\windows\win.ini
2015-10-12 09:16 - 2015-03-05 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-09-03 08:19 - 2015-09-03 08:19 - 0233697 _____ () C:\ProgramData\1441264588.bdinstall.bin

Einige Dateien in TEMP:
====================
C:\Users\herbert\AppData\Local\Temp\CpqMC.dll
C:\Users\herbert\AppData\Local\Temp\HPSWF.EXE
C:\Users\herbert\AppData\Local\Temp\MSN2952.exe
C:\Users\herbert\AppData\Local\Temp\SWHelperQueryW.dll
C:\Users\herbert.bruckmueller\AppData\Local\Temp\HitmanPro.exe
C:\Users\herbert.bruckmueller\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\herbert.bruckmueller\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-10-31 12:52

==================== Ende von FRST.txt ============================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-11-2015
durchgeführt von Herbert.Bruckmueller (2015-11-07 11:51:42)
Gestartet von C:\Users\herbert.bruckmueller\Downloads
Windows 7 Professional Service Pack 1 (X64) (2015-03-05 10:58:29)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3356595372-2875079322-2432392346-500 - Administrator - Enabled) => C:\Users\Administrator.herbert-HP
Gast (S-1-5-21-3356595372-2875079322-2432392346-501 - Limited - Disabled)
herbert (S-1-5-21-3356595372-2875079322-2432392346-1001 - Administrator - Enabled) => C:\Users\herbert

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Managed Antivirus-Anti-Malware (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Managed Antivirus-Anti-Malware (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Advanced Monitoring Agent (HKLM-x32\...\Advanced Monitoring Agent_is1) (Version:  - )
Advanced Monitoring Agent Network Management (HKLM\...\{F88FE7C0-2B64-405B-9197-25F8BE135460}_is1) (Version: 9.0.0.707 - LogicNow, Ltd.)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
ArcSoft TotalMedia (HKLM-x32\...\ArcSoft TotalMedia) (Version: 2.0.39.12 - ArcSoft)
ArcSoft TotalMedia (x32 Version: 1.0.48.25 - ArcSoft) Hidden
ArcSoft Webcam Sharing Manager (HKLM-x32\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 2.0.0.30 - ArcSoft)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{63E42DE7-C468-31B0-E373-173C67C87B88}) (Version: 3.0.820.0 - ATI Technologies, Inc.)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.02.000.55 - Atheros Communications)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-Lot - The Elizabethan Era (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Endpoint (Version: 5.3.23 - Bitdefender) Hidden
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
Evernote v. 4.2.2 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.2.3979 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Free YouTube to MP3 Converter version 3.12.57.324 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.57.324 - DVDVideoSoft Ltd.)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GFI LanGuard 11 Agent (x32 Version: 11.0.2012.0717 - GFI Software Ltd) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HP 3D DriveGuard (HKLM\...\{EE971BDB-D883-4711-8F95-600E53103283}) (Version: 4.1.4.1 - Hewlett-Packard Company)
HP Connection Manager (HKLM-x32\...\{4B21E4B2-89B8-499D-803A-34ABF929401E}) (Version: 4.1.10.1 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{6A9C9BE1-14A3-42ED-A388-42E30A1412E9}) (Version: 1.2.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{CFC1988A-F492-4BC5-B6F7-683A95718AE9}) (Version: 1.1.11.1 - Hewlett-Packard Company)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)
HP HotKey Support (HKLM\...\{7D1C63D1-6520-49DA-B738-958133526E80}) (Version: 4.0.10.1 - Hewlett-Packard Company)
HP Power Assistant (HKLM\...\{3D8EDF72-13CC-4E51-AAB6-32A20524D2E0}) (Version: 2.0.2.0 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{20976B1F-E910-404D-9261-C16EE7E12DC8}) (Version: 3.0.0.9057 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{03046EBB-CB7C-4B98-BEFB-690EB955DA22}) (Version: 8.5.4526.3645 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{344A1AA2-AC8E-4741-BDB0-65B68FDA883C}) (Version: 3.2.0.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{B7F60A16-7A7B-41FB-9AE3-DE9E324FBA06}) (Version: 4.0.112.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{531000B3-DBEE-4115-BBF3-DA48B67C053F}) (Version: 8.2.1.1 - Hewlett-Packard Company)
HP System Default Settings (HKLM-x32\...\{54C65FE7-83BD-4A5B-A9B4-41F793C5F241}) (Version: 2.1.2 - Hewlett-Packard Company)
HP Wallpaper (HKLM-x32\...\{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}) (Version: 2.00 - Hewlett-Packard Company)
HP Webcam Driver (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50058.0 - Sonix)
HPAsset component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6325.0 - IDT)
Insaniquarium Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel(R) Identity Protection Technology 1.0.71.0 (HKLM-x32\...\{2C43790E-8470-1027-82D3-DF319F3C410F}) (Version: 1.0.71.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Jewel Quest II (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.57.2 - JMicron Technology Corp.)
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Managed Antivirus (HKLM\...\Endpoint Security) (Version: 5.3.23.713 - IT@WORK GmbH Antivirus)
Managed Antivirus Master Service (HKLM\...\{F88FE7C0-2B64-405B-9197-25F8BE135459}_is1) (Version: 14.0.0.845 - LogicNow, Inc.)
Maschinenschreiben Deluxe 1.2.42 (HKLM-x32\...\Maschinenschreiben Deluxe_is1) (Version:  - Sergej Vinarski)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{DF2035BE-5820-4965-BD97-7FAF8D4A7879}) (Version: 1.0.0 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 23.003.07.01.801 - Huawei Technologies Co.,Ltd)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
ownCloud (HKLM-x32\...\ownCloud) (Version: 2.0.2.5569 - ownCloud)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.33 - PDF Complete, Inc)
pdfFactory Pro (HKLM\...\pdfFactory Pro) (Version: 4.81 - FinePrint Software, LLC)
PDF-XChange 2012 Pro (HKLM\...\{F92F0AAB-2EF6-412C-8BF4-0B11EB535280}_is1) (Version: 5.5.308.2 - Tracker Software Products Ltd)
PDF-XChange Editor (HKLM-x32\...\{87738bc6-bdf0-4e55-86b5-32ddece8f51d}) (Version: 5.5.308.2 - Tracker Software Products (Canada) Ltd.)
PDF-XChange Editor (Version: 5.5.308.2 - Tracker Software Products (Canada) Ltd.) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 1.12.0016 - Realtek)
SDK (x32 Version: 2.24.025 - Portrait Displays, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.13.0 - Synaptics Incorporated)
Take Control Viewer 6.0 (HKLM-x32\...\Take Control Viewer_is1) (Version:  - )
TeamViewer 10 Host (HKLM-x32\...\TeamViewer) (Version: 10.0.43879 - TeamViewer)
Validity Fingerprint Sensor Driver (HKLM\...\{FFC3E41D-2C2B-45B7-9AD9-5EA19572DD26}) (Version: 4.3.117.0 - Validity Sensors, Inc.)
VIP Access SDK x64(1.0.0.50)  (HKLM-x32\...\VIP Access SDK) (Version: 1.0.0.50 - Symantec Inc.)
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Xobni Core (x32 Version: 1.0.0 - Xobni, Inc.) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

12-10-2015 12:55:45 Windows Update
15-10-2015 09:56:59 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
29-10-2015 09:14:45 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0665D523-1B20-425E-9A76-CDC5882D349F} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-18] (Adobe Systems Incorporated)
Task: {29B35C2F-5000-4B36-BB76-D4E2710E1D4F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {445B7214-A18E-420C-BC33-EB7D2C6BBFE9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-26] (Google Inc.)
Task: {45F2B70B-3477-407D-B843-4E83B0D92C43} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-26] (Google Inc.)
Task: {55298305-2873-44B8-A750-3828D2FD061F} - System32\Tasks\HPCeeScheduleForHERBERT-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {5562CAA4-7188-4A74-B354-C8BB849C7362} - System32\Tasks\Hewlett-Packard\HP Support Assistant\First Boot => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe
Task: {7DF669F2-B174-43EF-972D-7FB3DA5247F8} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {BA222F15-D8C3-449E-8ECB-AB6FE82E3D69} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForHERBERT-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-09-11 08:35 - 2007-02-09 03:41 - 00014848 _____ () C:\windows\System32\KOAZHJAL.dll
2015-09-03 08:18 - 2013-09-04 17:18 - 00265080 _____ () C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\txmlutil.dll
2015-06-19 02:31 - 2015-06-19 02:31 - 00059392 _____ () C:\Program Files (x86)\ownCloud\shellext\OCUtil_x64.dll
2011-01-27 06:11 - 2011-01-27 06:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-10-21 09:36 - 2015-10-21 09:36 - 01704974 _____ () C:\Program Files (x86)\ownCloud\owncloud.exe
2011-01-27 02:14 - 2011-01-27 02:14 - 00036408 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Remote.dll
2015-09-16 20:33 - 2015-09-16 20:33 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2011-03-14 16:27 - 2011-03-14 16:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2015-07-27 18:28 - 2012-05-09 02:11 - 00655712 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
2011-03-22 19:17 - 2011-03-22 19:17 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-03-14 19:16 - 2011-03-14 19:16 - 00024576 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingResources.dll
2011-03-28 20:44 - 2011-03-28 20:44 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-01-27 02:13 - 2011-01-27 02:13 - 00080440 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\HardwareAccess.dll
2011-01-27 02:13 - 2011-01-27 02:13 - 00047160 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\Graphs.dll
2011-05-03 19:25 - 2011-01-27 01:34 - 01083392 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.dll
2010-06-24 03:21 - 2010-06-24 03:21 - 01102336 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\System.Data.SQLite.dll
2015-08-31 08:21 - 2015-10-21 12:38 - 00236776 _____ () C:\Program Files\Advanced Monitoring Agent Network Management\agentCommon.dll
2015-08-31 08:21 - 2015-10-21 12:38 - 00038120 _____ () C:\Program Files\Advanced Monitoring Agent Network Management\agentCloudCommon.dll
2015-08-31 08:21 - 2015-10-21 12:38 - 00069864 _____ () C:\Program Files\Advanced Monitoring Agent Network Management\agentCloudSharedCode.dll
2015-08-31 08:21 - 2015-10-21 12:38 - 00418536 _____ () C:\Program Files\Advanced Monitoring Agent Network Management\DiscoveryLibrary.dll
2015-08-31 08:21 - 2015-10-21 12:38 - 00023272 _____ () C:\Program Files\Advanced Monitoring Agent Network Management\CannonballSocket.dll
2015-10-01 09:01 - 2015-09-15 12:28 - 00240640 _____ () C:\Program Files\Advanced Monitoring Agent Network Management\websocket-sharp.dll
2015-09-03 08:14 - 2015-11-03 10:38 - 00229608 _____ () C:\Program Files\Managed Antivirus\Managed Antivirus Master Service\agentCommon.dll
2015-09-03 08:14 - 2015-11-03 10:38 - 00036584 _____ () C:\Program Files\Managed Antivirus\Managed Antivirus Master Service\agentCloudCommon.dll
2015-09-03 08:14 - 2015-11-03 10:38 - 00071400 _____ () C:\Program Files\Managed Antivirus\Managed Antivirus Master Service\agentCloudSharedCode.dll
2015-09-03 08:14 - 2015-11-03 10:38 - 00118504 _____ () C:\Program Files\Managed Antivirus\Managed Antivirus Master Service\BDEndpointSDK.dll
2015-09-03 08:14 - 2015-11-03 10:38 - 00022760 _____ () C:\Program Files\Managed Antivirus\Managed Antivirus Master Service\CannonballSocket.dll
2015-09-09 07:57 - 2015-09-03 15:38 - 00240640 _____ () C:\Program Files\Managed Antivirus\Managed Antivirus Master Service\websocket-sharp.dll
2015-10-21 09:36 - 2015-10-21 09:36 - 00670222 _____ () C:\Program Files (x86)\ownCloud\libocsync.dll
2015-08-06 08:59 - 2015-08-06 08:59 - 00097326 _____ () C:\Program Files (x86)\ownCloud\libgcc_s_sjlj-1.dll
2015-08-06 08:59 - 2015-08-06 08:59 - 00922727 _____ () C:\Program Files (x86)\ownCloud\libstdc++-6.dll
2015-10-21 09:36 - 2015-10-21 09:36 - 00977422 _____ () C:\Program Files (x86)\ownCloud\libowncloudsync.dll
2015-08-06 08:10 - 2015-08-06 08:10 - 00085548 _____ () C:\Program Files (x86)\ownCloud\zlib1.dll
2015-08-06 16:48 - 2015-08-06 16:48 - 00051095 _____ () C:\Program Files (x86)\ownCloud\libqt5keychain.dll
2015-08-06 08:21 - 2015-08-06 08:21 - 02197765 _____ () C:\Program Files (x86)\ownCloud\icui18n53.dll
2015-08-06 08:21 - 2015-08-06 08:21 - 01308778 _____ () C:\Program Files (x86)\ownCloud\icuuc53.dll
2015-08-06 08:21 - 2015-08-06 08:21 - 21539975 _____ () C:\Program Files (x86)\ownCloud\icudata53.dll
2015-08-06 08:11 - 2015-08-06 08:11 - 00148117 _____ () C:\Program Files (x86)\ownCloud\libpcre16-0.dll
2015-08-06 08:16 - 2015-08-06 08:16 - 01366986 _____ () C:\Program Files (x86)\ownCloud\libGLESv2.dll
2015-08-06 08:14 - 2015-08-06 08:14 - 00209711 _____ () C:\Program Files (x86)\ownCloud\libpng16-16.dll
2015-08-06 08:16 - 2015-08-06 08:16 - 00154982 _____ () C:\Program Files (x86)\ownCloud\libEGL.dll
2015-08-06 08:14 - 2015-08-06 08:14 - 00350662 _____ () C:\Program Files (x86)\ownCloud\libjpeg-8.dll
2015-08-06 08:17 - 2015-08-06 08:17 - 00689339 _____ () C:\Program Files (x86)\ownCloud\libsqlite3-0.dll
2015-08-06 10:35 - 2015-08-06 10:35 - 00247540 _____ () C:\Program Files (x86)\ownCloud\libwebp-4.dll
2015-08-06 08:26 - 2015-08-06 08:26 - 01169416 _____ () C:\Program Files (x86)\ownCloud\libxml2-2.dll
2015-08-06 10:38 - 2015-08-06 10:38 - 00231727 _____ () C:\Program Files (x86)\ownCloud\libxslt-1.dll
2015-10-12 12:01 - 2014-05-13 11:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-10-12 12:01 - 2014-05-13 11:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-10-12 12:01 - 2014-05-13 11:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2012-07-17 17:20 - 2012-07-17 17:20 - 00305520 _____ () C:\Program Files (x86)\Advanced Monitoring Agent\patchman\apistrings.dll
2012-07-17 17:24 - 2012-07-17 17:24 - 00159600 _____ () C:\Program Files (x86)\Advanced Monitoring Agent\patchman\modlop.dll
2012-07-23 13:32 - 2012-07-23 13:32 - 00099184 _____ () C:\Program Files (x86)\Advanced Monitoring Agent\patchman\httpserverattplugin.dll
2013-05-23 15:05 - 2013-05-23 15:05 - 02021240 _____ () C:\Program Files (x86)\Advanced Monitoring Agent\patchman\crmimodule.dll
2015-04-16 12:57 - 2015-04-16 12:57 - 00208496 _____ () C:\Program Files (x86)\Advanced Monitoring Agent\patchman\patchautodownload.dll
2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2013-01-21 13:05 - 2013-01-21 13:05 - 00183672 _____ () C:\Program Files (x86)\Advanced Monitoring Agent\patchman\scanmngsys.dll
2012-07-17 17:29 - 2012-07-17 17:29 - 00049520 _____ () C:\Program Files (x86)\Advanced Monitoring Agent\patchman\schedcompactdb.dll
2012-07-17 17:29 - 2012-07-17 17:29 - 00054640 _____ () C:\Program Files (x86)\Advanced Monitoring Agent\patchman\schedupdates.dll
2015-07-27 18:28 - 2009-01-10 11:32 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll
2015-07-27 18:28 - 2009-06-22 19:42 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll
2015-07-27 18:28 - 2010-05-14 10:57 - 02415104 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll
2015-07-27 18:28 - 2010-02-10 15:10 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll
2015-07-27 18:28 - 2012-05-09 02:11 - 00843264 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll
2015-07-27 18:28 - 2010-02-10 15:06 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll
2015-10-12 12:01 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-10-12 12:01 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2010-06-24 03:19 - 2010-06-24 03:19 - 00514570 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll
2015-03-06 09:36 - 2015-03-06 09:36 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\9b1cac8d98bd69d3e56a26ff2f96f266\IsdiInterop.ni.dll
2015-03-05 13:03 - 2011-01-13 02:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\herbert.bruckmueller\Downloads\adwcleaner_5.013.exe:BDU
AlternateDataStreams: C:\Users\herbert.bruckmueller\Downloads\ccsetup510.exe:BDU
AlternateDataStreams: C:\Users\herbert.bruckmueller\Downloads\FRST64.exe:BDU
AlternateDataStreams: C:\Users\herbert.bruckmueller\Downloads\HitmanPro Alert - CHIP-Installer.exe:BDU
AlternateDataStreams: C:\Users\herbert.bruckmueller\Downloads\jxpiinstall.exe:BDU
AlternateDataStreams: C:\Users\herbert.bruckmueller\Downloads\mbam-setup-2.1.8.1057.exe:BDU
AlternateDataStreams: C:\Users\herbert.bruckmueller\Downloads\ownCloud-2.0.1.5446-setup.exe:BDU
AlternateDataStreams: C:\Users\herbert.bruckmueller\Downloads\SpyBot Search Destroy - CHIP-Installer.exe:BDU

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2274497662-1395199413-223734523-1123\Control Panel\Desktop\\Wallpaper -> C:\Users\herbert.bruckmueller\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [{378F5AE0-29BE-4FB1-A025-622573ED7744}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{92D21149-C10A-48CF-A1AA-4271503E5AFB}] => (Allow) LPort=2869
FirewallRules: [{A4522E36-05CF-4099-B431-21A021329DDD}] => (Allow) LPort=1900
FirewallRules: [{3F869980-9D87-4EEF-A11A-C3709BC0EAD8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{49F5A482-5E57-4E77-9001-F50260B5A5A6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0EB42DC3-656C-48BC-B076-4C7A3AA2638B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{DB4B3BE4-47DF-4F52-8739-7363D20539AE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{334F4E91-133F-41D1-B01D-E4298A512C0A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{0F585636-D2D7-4324-814B-2307341514AD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{79DEAA23-3BB3-4659-ABE5-9CE99675E538}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5591D9A5-0F32-4274-8E72-50532CBE129C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CC0FB581-27E8-4449-8E65-1E3EC8495CE9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{30C4D01B-AF92-4B9B-B6B6-9F1673DC822B}] => (Allow) C:\Program Files\Advanced Monitoring Agent Network Management\NetworkManagement.exe
FirewallRules: [{EB5E71AD-9F11-433B-99E5-A4EF5E1C9172}] => (Allow) C:\Program Files\Advanced Monitoring Agent Network Management\NetworkManagement.exe
FirewallRules: [{3B9F58C0-8763-4099-9F09-D4B8F247EB9D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{6FE2AEBB-66FB-4D5D-AA51-9A5FA3C27F56}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{05BC743A-7D46-4F55-BB0E-9213A56F84AA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/07/2015 11:44:25 AM) (Source: Outlook) (EventID: 35) (User: )
Description: Fehler beim Bestimmen, ob sich der Speicher im Durchforstungsbereich befindet (Fehler=0x80070002).

Error: (11/07/2015 11:44:25 AM) (Source: Outlook) (EventID: 34) (User: )
Description: Fehler beim Abrufen des Durchforstungsbereichs-Managers. Fehler=0x80070002.

Error: (11/07/2015 11:44:25 AM) (Source: Outlook) (EventID: 35) (User: )
Description: Fehler beim Bestimmen, ob sich der Speicher im Durchforstungsbereich befindet (Fehler=0x80070002).

Error: (11/07/2015 11:44:25 AM) (Source: Outlook) (EventID: 34) (User: )
Description: Fehler beim Abrufen des Durchforstungsbereichs-Managers. Fehler=0x80070002.

Error: (11/07/2015 11:34:25 AM) (Source: ManagedAntivirus) (EventID: 0) (User: )
Description: PowerEvent wurde nicht verarbeitet. Aufgetretener Fehler: agentCommon.RunningQueue+ItemNotFoundException: Item named: 'SCHEDULED_QUICK_SCAN' could not be found
   bei agentCommon.RunningListBackedQueue.Reschedule(String itemName, Func`2 repeatFunction, ScheduleExecutionOptions options, Nullable`1 utcLastSucceeded, Nullable`1 utcLastFailed, Boolean abortIfRunning, Boolean onlyIfIdle)
   bei agentCommon.RunningQueue.RescheduleIfNotRunning(String itemName, Func`2 repeatFunction, ScheduleExecutionOptions options, Nullable`1 utcLastSucceeded, Nullable`1 utcLastFailed)
   bei agent.AV.Engine.MachineWokeFromSleep()
   bei agent.AgentService.OnPowerEvent(PowerBroadcastStatus powerStatus)
   bei System.ServiceProcess.ServiceBase.DeferredPowerEvent(Int32 eventType, IntPtr eventData)

Error: (11/07/2015 11:34:23 AM) (Source: Outlook) (EventID: 35) (User: )
Description: Fehler beim Bestimmen, ob sich der Speicher im Durchforstungsbereich befindet (Fehler=0x80070002).

Error: (11/07/2015 11:34:23 AM) (Source: Outlook) (EventID: 35) (User: )
Description: Fehler beim Bestimmen, ob sich der Speicher im Durchforstungsbereich befindet (Fehler=0x80070002).

Error: (11/07/2015 11:34:23 AM) (Source: Outlook) (EventID: 34) (User: )
Description: Fehler beim Abrufen des Durchforstungsbereichs-Managers. Fehler=0x80070002.

Error: (11/07/2015 11:34:23 AM) (Source: Outlook) (EventID: 34) (User: )
Description: Fehler beim Abrufen des Durchforstungsbereichs-Managers. Fehler=0x80070002.

Error: (11/05/2015 07:13:13 PM) (Source: Validity USDK) (EventID: 40) (User: )
Description: SSL alert by host: Description is: 47.


Systemfehler:
=============
Error: (11/07/2015 11:33:58 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT-AUTORITÄT)
Description: Bei der Verarbeitung der Gruppenrichtlinie ist aufgrund fehlender Netzwerkkonnektivität mit einem Domänencontroller ein Fehler aufgetreten. Dies kann eine vorübergehende Bedingung sein. Es wird eine Erfolgsmeldung generiert, wenn die Verbindung des Computers mit dem Domänencontroller wiederhergestellt wurde und wenn die Gruppenrichtlinie erfolgreich verarbeitet wurde. Falls für mehrere Stunden keine Erfolgsmeldung angezeigt wird, wenden Sie sich an den Administrator.

Error: (11/07/2015 11:33:58 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: BERNDORF)
Description: Bei der Verarbeitung der Gruppenrichtlinie ist aufgrund fehlender Netzwerkkonnektivität mit einem Domänencontroller ein Fehler aufgetreten. Dies kann eine vorübergehende Bedingung sein. Es wird eine Erfolgsmeldung generiert, wenn die Verbindung des Computers mit dem Domänencontroller wiederhergestellt wurde und wenn die Gruppenrichtlinie erfolgreich verarbeitet wurde. Falls für mehrere Stunden keine Erfolgsmeldung angezeigt wird, wenden Sie sich an den Administrator.

Error: (11/05/2015 07:05:31 PM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: Der Computer konnte eine sichere Sitzung mit einem
Domänencontroller in der Domäne BERNDORF aufgrund der folgenden
Ursache nicht einrichten: 
%%1311

Dies kann zu Authentifizierungsproblemen führen. Stellen
Sie sicher, dass der Computer mit dem Netzwerk verbunden ist.
Wenden Sie sich an den Domänenadministrator, wenn das Problem
weiterhin besteht.



ZUSÄTZLICHE INFORMATIONEN

Wenn dieser Computer ein Domänencontroller der bestimmten
Domäne ist, wird eine sichere Sitzung zum primären
Domänencontrolleremulator in der bestimmten Domäne eingerichtet.
Andernfalls richtet dieser Computer eine sichere Sitzung zu
einem beliebigen Domänencontroller in der bestimmten Domäne ein.

Error: (11/05/2015 07:05:12 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: BERNDORF)
Description: Bei der Verarbeitung der Gruppenrichtlinie ist aufgrund fehlender Netzwerkkonnektivität mit einem Domänencontroller ein Fehler aufgetreten. Dies kann eine vorübergehende Bedingung sein. Es wird eine Erfolgsmeldung generiert, wenn die Verbindung des Computers mit dem Domänencontroller wiederhergestellt wurde und wenn die Gruppenrichtlinie erfolgreich verarbeitet wurde. Falls für mehrere Stunden keine Erfolgsmeldung angezeigt wird, wenden Sie sich an den Administrator.

Error: (11/05/2015 07:05:12 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT-AUTORITÄT)
Description: Bei der Verarbeitung der Gruppenrichtlinie ist aufgrund fehlender Netzwerkkonnektivität mit einem Domänencontroller ein Fehler aufgetreten. Dies kann eine vorübergehende Bedingung sein. Es wird eine Erfolgsmeldung generiert, wenn die Verbindung des Computers mit dem Domänencontroller wiederhergestellt wurde und wenn die Gruppenrichtlinie erfolgreich verarbeitet wurde. Falls für mehrere Stunden keine Erfolgsmeldung angezeigt wird, wenden Sie sich an den Administrator.

Error: (11/05/2015 07:05:10 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst HP Power Assistant Service erreicht.

Error: (11/04/2015 02:38:43 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst hpqwmiex erreicht.

Error: (11/04/2015 12:18:42 PM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: Der Computer konnte eine sichere Sitzung mit einem
Domänencontroller in der Domäne BERNDORF aufgrund der folgenden
Ursache nicht einrichten: 
%%1311

Dies kann zu Authentifizierungsproblemen führen. Stellen
Sie sicher, dass der Computer mit dem Netzwerk verbunden ist.
Wenden Sie sich an den Domänenadministrator, wenn das Problem
weiterhin besteht.



ZUSÄTZLICHE INFORMATIONEN

Wenn dieser Computer ein Domänencontroller der bestimmten
Domäne ist, wird eine sichere Sitzung zum primären
Domänencontrolleremulator in der bestimmten Domäne eingerichtet.
Andernfalls richtet dieser Computer eine sichere Sitzung zu
einem beliebigen Domänencontroller in der bestimmten Domäne ein.

Error: (11/03/2015 06:30:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Mobile Partner. OUC" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (11/03/2015 06:30:41 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Mobile Partner. OUC erreicht.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Prozentuale Nutzung des RAM: 70%
Installierter physikalischer RAM: 4030.36 MB
Verfügbarer physikalischer RAM: 1180.81 MB
Summe virtueller Speicher: 8058.92 MB
Verfügbarer virtueller Speicher: 4913.53 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:572.98 GB) (Free:483.1 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (HP_RECOVERY) (Fixed) (Total:17.9 GB) (Free:2.68 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (HP_TOOLS) (Fixed) (Total:4.99 GB) (Free:2.13 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: F2D83907)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=573 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=5 GB) - (Type=0C)

==================== Ende von Addition.txt ============================
         
Danke!
__________________

Alt 07.11.2015, 11:01   #4
ferdimax
 
Bank Austria Onlinebanking, falsche Webseite - Standard

Bank Austria Onlinebanking, falsche Webseite



Sorry!
Hier auch FRST

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-11-2015
durchgeführt von Herbert.Bruckmueller (Administrator) auf HERBERT-HP (07-11-2015 11:50:06)
Gestartet von C:\Users\herbert.bruckmueller\Downloads
Geladene Profile: Herbert.Bruckmueller (Verfügbare Profile: Herbert.Bruckmueller & herbert & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Remote Monitoring) C:\Program Files (x86)\Advanced Monitoring Agent\winagent.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Bitdefender) C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\EndpointIntegration.exe
(Bitdefender) C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\EndpointService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files (x86)\ownCloud\owncloud.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(GFI Software Development Ltd.) C:\Program Files (x86)\Advanced Monitoring Agent\patchman\lnssatt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Bitdefender) C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\UpdateService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Bitdefender) C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\Console.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(LogicNow Ltd) C:\Program Files\Advanced Monitoring Agent Network Management\NetworkManagement.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(LogicNow Ltd) C:\Program Files\Managed Antivirus\Managed Antivirus Master Service\ManagedAntivirus.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2919992 2011-01-27] (Hewlett-Packard Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2803496 2011-06-24] (Synaptics Incorporated)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [615584 2011-01-06] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2011-01-06] (Atheros Commnucations)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [835072 2011-01-27] (IDT, Inc.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [299576 2011-01-28] (Hewlett-Packard Company)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation)
HKLM-x32\...\Run: [HPConnectionManager] => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [94264 2011-04-05] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\...\Run: [ownCloud] => C:\Program Files (x86)\ownCloud\owncloud.exe [1704974 2015-10-21] ()
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\...\MountPoints2: {7e879ff7-2927-11e5-8933-68a3c4f13d1d} - G:\AutoRun.exe
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\...\MountPoints2: {7e87a00c-2927-11e5-8933-68a3c4f13d1d} - G:\AutoRun.exe
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\...\MountPoints2: {e96b72f9-391d-11e5-aa11-68a3c4f13d1d} - G:\AutoRun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\windows\System32\SPReview\SPReview.exe [301568 2015-03-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCErrorShared] -> {0960F091-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCSyncShared] -> {0960F095-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCWarningShared] -> {0960F097-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Outlook 2010.lnk [2015-03-05]
ShortcutTarget: Microsoft Outlook 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe ()
Startup: C:\Users\herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\aBMainFX - Verknüpfung.lnk [2015-03-05]
ShortcutTarget: aBMainFX - Verknüpfung.lnk -> \\SRVBER\artBase\aB-Agenta Programm\aBMainFX.exe (Keine Datei)
Startup: C:\Users\herbert.bruckmueller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\aBMainFX - Verknüpfung.lnk [2015-03-05]
ShortcutTarget: aBMainFX - Verknüpfung.lnk -> \\SRVBER\artBase\aB-Agenta Programm\aBMainFX.exe (Keine Datei)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

AutoConfigURL: [S-1-5-21-2274497662-1395199413-223734523-1123] => hxxps://tonnelrock.net/tonnel.js
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{4D81B0A2-95DD-45B4-88CE-7F88B7454444}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{666BA3F3-F79E-49C5-BBB4-558596EF1C92}: [DhcpNameServer] 192.168.3.10
Tcpip\..\Interfaces\{C72A97B7-69C3-42BF-90C4-A85317D8F4EB}: [NameServer]  
Tcpip\..\Interfaces\{C72A97B7-69C3-42BF-90C4-A85317D8F4EB}: [DhcpNameServer] 194.48.128.199 194.48.139.254
Tcpip\..\Interfaces\{CBA08DEB-ACD3-4B93-9CDF-84E237E532BE}: [NameServer] 194.48.139.254 194.48.128.199

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: PDFXChange 2012 -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} -> C:\Program Files\Tracker Software\PDF-XChange 5\Win32\PXCIEaddin5.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-22] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-06] (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-22] (Oracle Corporation)
Toolbar: HKLM-x32 - PDFXChange 2012 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange 5\Win32\PXCIEaddin5.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)

FireFox:
========
FF ProfilePath: C:\Users\herbert.bruckmueller\AppData\Roaming\Mozilla\Firefox\Profiles\otkxoekz.default
FF SearchEngineOrder.1: Ask Search
FF SelectedSearchEngine: Google
FF Homepage: hxxps://www.google.at/?gws_rd=ssl
FF NetworkProxy: "autoconfig_url", "https://tonnelrock.net/tonnel.js"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-18] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2274497662-1395199413-223734523-1123: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)

Chrome: 
=======
CHR Profile: C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-26]
CHR Extension: (Docs) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-26]
CHR Extension: (Google Drive) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-27]
CHR Extension: (YouTube) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-26]
CHR Extension: (Google-Suche) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-27]
CHR Extension: (Google Tabellen) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-26]
CHR Extension: (Google Präsentationen) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-21]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-27]
CHR Extension: (Google Mail) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-27]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Advanced Monitoring Agent; C:\Program Files (x86)\Advanced Monitoring Agent\winagent.exe [8523264 2015-10-21] (Remote Monitoring) [Datei ist nicht signiert]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-01-06] (Atheros) [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [53920 2011-01-06] (Atheros Commnucations) [Datei ist nicht signiert]
R2 EndpointIntegration; C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\EndpointIntegration.exe [398480 2015-05-20] (Bitdefender)
R2 EndpointService; C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\EndpointService.exe [398480 2015-05-20] (Bitdefender)
S2 epag; C:\Program Files\Common Files\IT@WORK GmbH Antivirus\Endpoint Agent\epag.exe [3580632 2015-06-12] (Bitdefender)
R2 gfi_lanss11_attservice; C:\Program Files (x86)\Advanced Monitoring Agent\patchman\lnssatt.exe [118640 2012-07-17] (GFI Software Development Ltd.)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [281656 2011-01-28] (Hewlett-Packard Company)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 ManagedAntivirus; C:\Program Files\Managed Antivirus\Managed Antivirus Master Service\ManagedAntivirus.exe [278248 2015-11-03] (LogicNow Ltd)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [655712 2012-05-09] ()
R2 NetworkManagement; C:\Program Files\Advanced Monitoring Agent Network Management\NetworkManagement.exe [191208 2015-10-21] (LogicNow Ltd)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5490448 2015-06-18] (TeamViewer GmbH)
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
R2 UpdateService; C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\UpdateService.exe [398480 2015-05-20] (Bitdefender)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1369288 2015-05-28] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [747120 2015-05-28] (BitDefender)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2015-02-11] (GFI Software)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [161592 2015-07-22] (BitDefender LLC)
S3 hitmanpro37; C:\windows\system32\drivers\hitmanpro37.sys [41080 2015-10-13] ()
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [238080 2012-04-23] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1826048 2010-12-21] ()
R2 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-16] (BitDefender S.R.L.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-07 11:50 - 2015-11-07 11:51 - 00025322 _____ C:\Users\herbert.bruckmueller\Downloads\FRST.txt
2015-11-07 11:48 - 2015-11-07 11:50 - 00000000 ____D C:\FRST
2015-11-07 11:48 - 2015-11-07 11:48 - 02198528 _____ (Farbar) C:\Users\herbert.bruckmueller\Downloads\FRST64.exe
2015-11-04 13:29 - 2015-11-04 13:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-02 11:41 - 2015-11-02 11:41 - 00028806 _____ C:\Users\herbert.bruckmueller\Desktop\Kopie von Herbert Kunden Report 2015.xlsx
2015-10-29 09:13 - 2015-10-29 09:14 - 00000000 ____D C:\Users\herbert.bruckmueller\Desktop\Katzinger
2015-10-27 10:30 - 2015-10-27 10:30 - 00000376 _____ C:\windows\PFRO.log
2015-10-19 08:46 - 2015-10-19 08:46 - 00026500 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(5).aspx
2015-10-19 08:46 - 2015-10-19 08:46 - 00026500 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(4).aspx
2015-10-19 08:45 - 2015-10-19 08:45 - 00026299 _____ C:\Users\herbert.bruckmueller\Downloads\FileView.aspx
2015-10-19 08:45 - 2015-10-19 08:45 - 00026299 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(3).aspx
2015-10-19 08:45 - 2015-10-19 08:45 - 00026299 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(2).aspx
2015-10-19 08:45 - 2015-10-19 08:45 - 00026299 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(1).aspx
2015-10-15 10:01 - 2015-10-15 10:01 - 00001251 _____ C:\Users\herbert.bruckmueller\Desktop\SIVAG Wiki.lnk
2015-10-15 09:58 - 2015-11-07 11:51 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\Local\ownCloud
2015-10-15 09:58 - 2015-10-27 10:32 - 00000000 ____D C:\Users\herbert.bruckmueller\SIVAG Wiki
2015-10-15 09:57 - 2015-10-29 09:15 - 00001019 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ownCloud.lnk
2015-10-15 09:57 - 2015-10-29 09:15 - 00001007 _____ C:\Users\Public\Desktop\ownCloud.lnk
2015-10-15 09:56 - 2015-10-29 09:15 - 00000000 ____D C:\Program Files (x86)\ownCloud
2015-10-15 09:50 - 2015-10-15 09:52 - 39174288 _____ (ownCloud) C:\Users\herbert.bruckmueller\Downloads\ownCloud-2.0.1.5446-setup.exe
2015-10-13 12:32 - 2015-10-13 12:32 - 00041080 _____ C:\windows\system32\Drivers\hitmanpro37.sys
2015-10-13 09:27 - 2015-10-13 12:34 - 00000000 ____D C:\Program Files\HitmanPro
2015-10-13 09:27 - 2015-10-13 10:20 - 00000000 ____D C:\ProgramData\HitmanPro
2015-10-13 09:24 - 2015-10-13 09:24 - 13380715 _____ C:\Users\herbert.bruckmueller\Downloads\HitmanPro_3.7.9.242.zip
2015-10-13 09:22 - 2015-10-22 10:44 - 00000000 ____D C:\Users\herbert.bruckmueller\.oracle_jre_usage
2015-10-13 09:22 - 2015-10-13 09:22 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\Roaming\Sun
2015-10-13 09:22 - 2015-10-13 09:22 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\LocalLow\Sun
2015-10-13 09:21 - 2015-10-22 10:44 - 00000000 ____D C:\ProgramData\Oracle
2015-10-13 09:21 - 2015-10-22 10:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-13 09:21 - 2015-10-22 10:43 - 00097888 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2015-10-13 09:21 - 2015-10-22 10:43 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-13 09:20 - 2015-10-13 09:20 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\LocalLow\Oracle
2015-10-13 09:19 - 2015-10-13 09:19 - 00584288 _____ (Oracle Corporation) C:\Users\herbert.bruckmueller\Downloads\jxpiinstall.exe
2015-10-13 09:14 - 2015-10-13 09:14 - 01457952 _____ C:\Users\herbert.bruckmueller\Downloads\HitmanPro Alert - CHIP-Installer.exe
2015-10-12 18:25 - 2015-10-13 00:53 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2015-10-12 15:21 - 2015-11-03 18:29 - 00000616 _____ C:\windows\setupact.log
2015-10-12 15:21 - 2015-10-12 15:21 - 00000000 _____ C:\windows\setuperr.log
2015-10-12 15:09 - 2015-10-13 07:55 - 00000000 ____D C:\AdwCleaner
2015-10-12 15:08 - 2015-10-12 15:08 - 01682432 _____ C:\Users\herbert.bruckmueller\Downloads\adwcleaner_5.013.exe
2015-10-12 13:35 - 2015-07-30 14:13 - 00124624 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-10-12 13:35 - 2015-07-30 14:13 - 00103120 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-10-12 12:54 - 2015-07-23 01:06 - 05568960 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-10-12 12:54 - 2015-07-23 01:03 - 01730496 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-10-12 12:54 - 2015-07-23 01:03 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-10-12 12:54 - 2015-07-23 01:03 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-10-12 12:54 - 2015-07-23 01:03 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-10-12 12:54 - 2015-07-23 01:03 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 01390592 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-10-12 12:54 - 2015-07-23 01:02 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-10-12 12:54 - 2015-07-23 01:02 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-10-12 12:54 - 2015-07-23 01:01 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-10-12 12:54 - 2015-07-23 00:52 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:57 - 03989952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-10-12 12:54 - 2015-07-22 18:57 - 03934656 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-10-12 12:54 - 2015-07-22 18:54 - 01311768 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-10-12 12:54 - 2015-07-22 18:53 - 00641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2015-10-12 12:54 - 2015-07-22 18:53 - 00635392 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2015-10-12 12:54 - 2015-07-22 18:53 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-10-12 12:54 - 2015-07-22 18:53 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-10-12 12:54 - 2015-07-22 18:52 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-10-12 12:54 - 2015-07-22 18:52 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-10-12 12:54 - 2015-07-22 18:52 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-10-12 12:54 - 2015-07-22 18:52 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 17:48 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2015-10-12 12:54 - 2015-07-22 17:34 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-10-12 12:54 - 2015-07-22 17:34 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-10-12 12:54 - 2015-07-22 17:31 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 17:31 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 17:31 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 17:31 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-12 12:54 - 2015-07-15 04:19 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\basesrv.dll
2015-10-12 12:54 - 2015-06-09 19:03 - 03180544 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2015-10-12 12:54 - 2015-06-09 19:03 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2015-10-12 12:53 - 2015-07-30 19:06 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2015-10-12 12:53 - 2015-07-30 19:06 - 01648128 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-10-12 12:53 - 2015-07-30 19:06 - 01180160 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-10-12 12:53 - 2015-07-30 18:57 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2015-10-12 12:53 - 2015-07-30 18:57 - 01251328 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2015-10-12 12:53 - 2015-07-15 19:15 - 00094656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2015-10-12 12:53 - 2015-07-15 19:10 - 01743360 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2015-10-12 12:53 - 2015-07-15 19:10 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2015-10-12 12:53 - 2015-07-15 04:17 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2015-10-12 12:53 - 2015-07-15 03:54 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2015-10-12 12:53 - 2015-06-02 01:07 - 00254976 _____ (Microsoft Corporation) C:\windows\system32\cewmdm.dll
2015-10-12 12:53 - 2015-06-02 00:47 - 00210432 _____ (Microsoft Corporation) C:\windows\SysWOW64\cewmdm.dll
2015-10-12 12:52 - 2015-08-05 19:02 - 00157016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-10-12 12:52 - 2015-08-05 19:02 - 00097112 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-10-12 12:52 - 2015-08-05 18:56 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 01216512 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 01110016 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00729088 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\icaapi.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-10-12 12:52 - 2015-08-05 18:55 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-10-12 12:52 - 2015-08-05 18:55 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-10-12 12:52 - 2015-08-05 18:50 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-10-12 12:52 - 2015-08-05 18:50 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-10-12 12:52 - 2015-08-05 18:46 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-10-12 12:52 - 2015-08-05 18:41 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-10-12 12:52 - 2015-08-05 18:41 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-10-12 12:52 - 2015-08-05 18:41 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-10-12 12:52 - 2015-08-05 18:41 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-10-12 12:52 - 2015-08-05 18:40 - 00552960 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-10-12 12:52 - 2015-08-05 18:40 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-10-12 12:52 - 2015-08-05 18:40 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-10-12 12:52 - 2015-08-05 18:40 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll
2015-10-12 12:52 - 2015-08-05 18:40 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2015-10-12 12:52 - 2015-08-05 18:40 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-10-12 12:52 - 2015-08-05 18:39 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2015-10-12 12:52 - 2015-08-05 18:39 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-10-12 12:52 - 2015-08-05 18:39 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-10-12 12:52 - 2015-08-05 18:34 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-10-12 12:52 - 2015-08-05 18:34 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-10-12 12:52 - 2015-08-05 18:30 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-10-12 12:52 - 2015-08-05 18:06 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2015-10-12 12:52 - 2015-08-05 17:38 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2015-10-12 12:52 - 2015-08-05 17:37 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2015-10-12 12:52 - 2015-08-05 17:37 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2015-10-12 12:52 - 2015-08-04 19:03 - 00692672 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2015-10-12 12:52 - 2015-08-04 19:00 - 00616360 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2015-10-12 12:52 - 2015-08-04 18:56 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2015-10-12 12:52 - 2015-08-04 18:56 - 00059392 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2015-10-12 12:52 - 2015-08-04 18:56 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2015-10-12 12:52 - 2015-08-04 18:55 - 00147456 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2015-10-12 12:52 - 2015-08-04 18:55 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2015-10-12 12:52 - 2015-08-04 18:47 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2015-10-12 12:52 - 2015-08-04 17:58 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2015-10-12 12:52 - 2015-07-16 20:12 - 06131200 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2015-10-12 12:52 - 2015-07-16 20:12 - 00856064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2015-10-12 12:52 - 2015-07-16 20:12 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2015-10-12 12:52 - 2015-07-16 20:11 - 07077376 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-10-12 12:52 - 2015-07-16 20:11 - 01057792 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2015-10-12 12:52 - 2015-07-16 20:11 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2015-10-12 12:52 - 2015-07-11 14:15 - 00429568 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2015-10-12 12:52 - 2015-06-25 11:06 - 00115136 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2015-10-12 12:52 - 2015-06-25 11:01 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2015-10-12 12:52 - 2015-06-25 11:01 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2015-10-12 12:52 - 2015-06-25 10:44 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2015-10-12 12:51 - 2015-09-25 19:07 - 03168768 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-10-12 12:51 - 2015-09-25 19:07 - 02607104 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-10-12 12:51 - 2015-09-25 19:07 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-10-12 12:51 - 2015-09-25 19:07 - 00192512 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-10-12 12:51 - 2015-09-25 19:07 - 00098816 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-10-12 12:51 - 2015-09-25 19:07 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-10-12 12:51 - 2015-09-25 19:07 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-10-12 12:51 - 2015-09-25 19:06 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-10-12 12:51 - 2015-09-25 19:06 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-10-12 12:51 - 2015-09-25 19:06 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-10-12 12:51 - 2015-09-25 19:06 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-10-12 12:51 - 2015-09-25 18:59 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-10-12 12:51 - 2015-09-25 18:59 - 00174080 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-10-12 12:51 - 2015-09-25 18:59 - 00093696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-10-12 12:51 - 2015-09-25 18:59 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-10-12 12:51 - 2015-09-25 18:58 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-10-12 12:51 - 2015-09-18 20:22 - 00025432 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2015-10-12 12:51 - 2015-09-18 20:19 - 01291264 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-10-12 12:51 - 2015-09-18 20:19 - 00766464 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-10-12 12:51 - 2015-09-18 20:19 - 00700416 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-10-12 12:51 - 2015-09-18 20:19 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-10-12 12:51 - 2015-09-18 20:19 - 00073216 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-10-12 12:51 - 2015-09-18 20:09 - 01163776 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-10-12 12:51 - 2015-07-09 18:57 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\notepad.exe
2015-10-12 12:51 - 2015-07-09 18:57 - 00193536 _____ (Microsoft Corporation) C:\windows\notepad.exe
2015-10-12 12:51 - 2015-07-09 18:42 - 00179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\notepad.exe
2015-10-12 12:51 - 2015-07-04 19:07 - 02087424 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2015-10-12 12:51 - 2015-07-04 18:48 - 01414656 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2015-10-12 12:51 - 2015-07-01 21:49 - 00260096 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2015-10-12 12:51 - 2015-07-01 21:48 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2015-10-12 12:51 - 2015-07-01 21:30 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2015-10-12 12:51 - 2015-07-01 21:30 - 00082432 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
2015-10-12 12:51 - 2015-06-17 18:47 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-10-12 12:51 - 2015-06-17 18:37 - 00312320 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2015-10-12 12:51 - 2015-06-15 22:45 - 03242496 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2015-10-12 12:51 - 2015-06-15 22:45 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2015-10-12 12:51 - 2015-06-15 22:44 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2015-10-12 12:51 - 2015-06-15 22:43 - 02364416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2015-10-12 12:51 - 2015-06-15 22:43 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2015-10-12 12:51 - 2015-06-15 22:42 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2015-10-12 12:51 - 2015-06-15 22:42 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2015-10-12 12:51 - 2015-06-15 22:37 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
2015-10-12 12:36 - 2015-08-18 02:42 - 00393304 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-10-12 12:36 - 2015-08-18 02:14 - 00344168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-10-12 12:36 - 2015-08-15 07:48 - 25190400 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-10-12 12:36 - 2015-08-15 07:34 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-10-12 12:36 - 2015-08-15 07:33 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-10-12 12:36 - 2015-08-15 07:18 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-10-12 12:36 - 2015-08-15 07:18 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-10-12 12:36 - 2015-08-15 07:17 - 02886144 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-10-12 12:36 - 2015-08-15 07:17 - 00585216 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-10-12 12:36 - 2015-08-15 07:17 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-10-12 12:36 - 2015-08-15 07:17 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-10-12 12:36 - 2015-08-15 07:10 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-10-12 12:36 - 2015-08-15 07:09 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-10-12 12:36 - 2015-08-15 07:06 - 19856896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-10-12 12:36 - 2015-08-15 07:06 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-10-12 12:36 - 2015-08-15 07:04 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-10-12 12:36 - 2015-08-15 07:04 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-10-12 12:36 - 2015-08-15 07:04 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-10-12 12:36 - 2015-08-15 07:04 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-10-12 12:36 - 2015-08-15 07:00 - 05923328 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-10-12 12:36 - 2015-08-15 06:57 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-10-12 12:36 - 2015-08-15 06:53 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-10-12 12:36 - 2015-08-15 06:53 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-10-12 12:36 - 2015-08-15 06:46 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-10-12 12:36 - 2015-08-15 06:42 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-10-12 12:36 - 2015-08-15 06:41 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-10-12 12:36 - 2015-08-15 06:40 - 00504832 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-10-12 12:36 - 2015-08-15 06:40 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-10-12 12:36 - 2015-08-15 06:39 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-10-12 12:36 - 2015-08-15 06:39 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-10-12 12:36 - 2015-08-15 06:39 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-10-12 12:36 - 2015-08-15 06:38 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-10-12 12:36 - 2015-08-15 06:35 - 02279424 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-10-12 12:36 - 2015-08-15 06:33 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-10-12 12:36 - 2015-08-15 06:32 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-10-12 12:36 - 2015-08-15 06:30 - 00479232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-10-12 12:36 - 2015-08-15 06:29 - 00665600 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-10-12 12:36 - 2015-08-15 06:29 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-10-12 12:36 - 2015-08-15 06:29 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-10-12 12:36 - 2015-08-15 06:24 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-10-12 12:36 - 2015-08-15 06:23 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-10-12 12:36 - 2015-08-15 06:22 - 02126336 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-10-12 12:36 - 2015-08-15 06:22 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-10-12 12:36 - 2015-08-15 06:21 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-10-12 12:36 - 2015-08-15 06:16 - 14451712 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-10-12 12:36 - 2015-08-15 06:16 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-12 12:36 - 2015-08-15 06:14 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-10-12 12:36 - 2015-08-15 06:12 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-10-12 12:36 - 2015-08-15 06:11 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-10-12 12:36 - 2015-08-15 06:10 - 04520448 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-10-12 12:36 - 2015-08-15 06:07 - 02427392 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-10-12 12:36 - 2015-08-15 06:04 - 12857344 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-10-12 12:36 - 2015-08-15 06:02 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-10-12 12:36 - 2015-08-15 06:01 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-10-12 12:36 - 2015-08-15 06:01 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-10-12 12:36 - 2015-08-15 05:55 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-10-12 12:36 - 2015-08-15 05:43 - 01951232 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-10-12 12:36 - 2015-08-15 05:43 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-10-12 12:36 - 2015-08-15 05:39 - 01310720 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-10-12 12:36 - 2015-08-15 05:37 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00984448 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00901264 _____ (Microsoft Corporation) C:\windows\SysWOW64\ucrtbase.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00066400 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00063840 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00022368 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00020832 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-12 12:36 - 2015-07-09 18:58 - 01632256 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2015-10-12 12:36 - 2015-07-09 18:58 - 00082944 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2015-10-12 12:36 - 2015-07-09 18:42 - 01372160 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2015-10-12 12:36 - 2015-07-09 18:42 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmapi.dll
2015-10-12 12:31 - 2015-08-27 19:18 - 02004480 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2015-10-12 12:31 - 2015-08-27 19:18 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-10-12 12:31 - 2015-08-27 19:13 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2015-10-12 12:31 - 2015-08-27 19:13 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-10-12 12:31 - 2015-08-27 18:58 - 01391104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2015-10-12 12:31 - 2015-08-27 18:58 - 01241088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2015-10-12 12:31 - 2015-08-27 18:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2015-10-12 12:31 - 2015-08-27 18:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2015-10-12 12:31 - 2015-07-10 18:51 - 14177280 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-10-12 12:31 - 2015-07-10 18:34 - 12875776 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2015-10-12 12:22 - 2015-09-02 04:04 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-10-12 12:22 - 2015-09-02 04:04 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-10-12 12:22 - 2015-09-02 04:04 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-10-12 12:22 - 2015-09-02 04:04 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-10-12 12:22 - 2015-09-02 03:48 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2015-10-12 12:22 - 2015-09-02 03:48 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-10-12 12:22 - 2015-09-02 03:48 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2015-10-12 12:22 - 2015-09-02 03:47 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2015-10-12 12:22 - 2015-09-02 02:51 - 03209216 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-10-12 12:22 - 2015-09-02 02:47 - 00372736 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-10-12 12:22 - 2015-09-02 02:33 - 00299520 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-10-12 12:05 - 2015-10-12 12:05 - 00000000 ____D C:\Program Files\Common Files\AV
2015-10-12 12:02 - 2015-10-12 12:02 - 00000000 ____D C:\windows\System32\Tasks\Safer-Networking
2015-10-12 12:01 - 2015-10-12 13:07 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-10-12 12:01 - 2015-10-12 12:16 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-10-12 12:01 - 2015-10-12 12:01 - 00001391 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-10-12 12:01 - 2015-10-12 12:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-10-12 12:01 - 2013-09-20 09:49 - 00021040 _____ (Safer Networking Limited) C:\windows\system32\sdnclean64.exe
2015-10-12 11:54 - 2015-10-12 11:54 - 01457952 _____ C:\Users\herbert.bruckmueller\Downloads\SpyBot Search Destroy - CHIP-Installer.exe
2015-10-12 11:53 - 2015-10-12 11:53 - 06677440 _____ (Piriform Ltd) C:\Users\herbert.bruckmueller\Downloads\ccsetup510.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-07 11:50 - 2015-09-07 07:36 - 419922944 _____ C:\Users\herbert.bruckmueller\Documents\herbert.bruckmueller@sivag.at
2015-11-07 11:50 - 2015-03-26 19:39 - 00001110 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-07 11:47 - 2015-03-05 20:49 - 01358562 _____ C:\windows\WindowsUpdate.log
2015-11-07 11:43 - 2011-05-03 19:08 - 00705108 _____ C:\windows\system32\perfh007.dat
2015-11-07 11:43 - 2011-05-03 19:08 - 00151476 _____ C:\windows\system32\perfc007.dat
2015-11-07 11:43 - 2009-07-14 06:13 - 01629436 _____ C:\windows\system32\PerfStringBackup.INI
2015-11-07 11:41 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-07 11:41 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-07 11:39 - 2015-03-26 19:39 - 00001106 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-07 11:34 - 2015-04-08 07:07 - 00003222 _____ C:\windows\System32\Tasks\HPCeeScheduleForHERBERT-HP$
2015-11-07 11:34 - 2015-04-08 07:07 - 00000346 _____ C:\windows\Tasks\HPCeeScheduleForHERBERT-HP$.job
2015-11-07 11:34 - 2015-03-06 12:41 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-11-07 11:34 - 2015-03-05 15:30 - 00000000 ____D C:\Program Files (x86)\Advanced Monitoring Agent
2015-11-07 11:34 - 2015-03-05 13:37 - 00000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini
2015-11-04 13:34 - 2015-03-05 14:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-03 19:31 - 2011-05-03 19:23 - 00000000 ____D C:\ProgramData\PDFC
2015-11-03 18:29 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-11-03 09:53 - 2015-03-05 13:43 - 00000128 _____ C:\windows\system32\config\netlogon.ftl
2015-11-02 18:20 - 2015-03-11 13:21 - 00000000 ____D C:\Users\herbert.bruckmueller\Documents\Bluetooth Folder
2015-10-29 17:58 - 2015-08-31 08:21 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-10-29 10:57 - 2015-09-16 07:49 - 00000000 ____D C:\Users\herbert.bruckmueller\Desktop\PRO MAKLER
2015-10-28 09:24 - 2015-03-23 10:28 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\Local\CrashDumps
2015-10-27 10:52 - 2015-03-26 19:40 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-23 12:07 - 2015-08-31 08:21 - 00000000 ____D C:\Program Files\Advanced Monitoring Agent Network Management
2015-10-22 12:43 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\NDF
2015-10-22 08:48 - 2015-09-03 08:14 - 00000000 ____D C:\ProgramData\ManagedAntivirus
2015-10-20 11:15 - 2015-03-05 14:10 - 00000000 ____D C:\Users\herbert.bruckmueller\Documents\Eigene Dateien
2015-10-18 17:53 - 2015-03-06 12:41 - 00780488 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-10-18 17:53 - 2015-03-06 12:41 - 00142536 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-18 17:53 - 2015-03-06 12:41 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-10-15 09:58 - 2015-03-11 13:21 - 00000000 ____D C:\Users\herbert.bruckmueller
2015-10-15 09:57 - 2015-07-02 08:31 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-13 07:30 - 2015-09-28 08:55 - 00113880 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-12 16:04 - 2015-03-05 20:55 - 00000000 ____D C:\windows\rescache
2015-10-12 14:54 - 2015-03-05 15:45 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-10-12 14:54 - 2015-03-05 15:45 - 00000000 ____D C:\Program Files\CCleaner
2015-10-12 14:38 - 2015-03-11 13:21 - 00000000 ___RD C:\Users\herbert.bruckmueller\Virtual Machines
2015-10-12 14:22 - 2015-03-05 16:39 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-10-12 14:22 - 2015-03-05 16:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-10-12 14:22 - 2009-07-14 05:45 - 00410232 _____ C:\windows\system32\FNTCACHE.DAT
2015-10-12 14:18 - 2015-04-15 14:48 - 00000000 ___SD C:\windows\system32\CompatTel
2015-10-12 14:18 - 2015-04-15 14:48 - 00000000 ____D C:\windows\system32\appraiser
2015-10-12 14:18 - 2015-04-07 10:33 - 00000000 ___SD C:\windows\SysWOW64\GWX
2015-10-12 14:18 - 2015-04-07 10:33 - 00000000 ___SD C:\windows\system32\GWX
2015-10-12 14:18 - 2009-07-27 15:36 - 00000000 ____D C:\Program Files\Windows Journal
2015-10-12 14:18 - 2009-07-14 04:20 - 00000000 ____D C:\windows\PolicyDefinitions
2015-10-12 13:39 - 2015-03-05 13:58 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-12 13:31 - 2015-03-06 12:44 - 00000000 ____D C:\windows\system32\MRT
2015-10-12 13:08 - 2009-07-14 03:34 - 00000478 _____ C:\windows\win.ini
2015-10-12 09:16 - 2015-03-05 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-09-03 08:19 - 2015-09-03 08:19 - 0233697 _____ () C:\ProgramData\1441264588.bdinstall.bin

Einige Dateien in TEMP:
====================
C:\Users\herbert\AppData\Local\Temp\CpqMC.dll
C:\Users\herbert\AppData\Local\Temp\HPSWF.EXE
C:\Users\herbert\AppData\Local\Temp\MSN2952.exe
C:\Users\herbert\AppData\Local\Temp\SWHelperQueryW.dll
C:\Users\herbert.bruckmueller\AppData\Local\Temp\HitmanPro.exe
C:\Users\herbert.bruckmueller\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\herbert.bruckmueller\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-10-31 12:52

==================== Ende von FRST.txt ============================
         

Alt 08.11.2015, 05:47   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Bank Austria Onlinebanking, falsche Webseite - Standard

Bank Austria Onlinebanking, falsche Webseite



hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.11.2015, 10:55   #6
ferdimax
 
Bank Austria Onlinebanking, falsche Webseite - Standard

Bank Austria Onlinebanking, falsche Webseite



Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2015.11.08.02
  rootkit: v2015.11.04.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18015
Herbert.Bruckmueller :: HERBERT-HP [administrator]

08.11.2015 11:16:39
mbar-log-2015-11-08 (11-16-39).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 459552
Time elapsed: 20 minute(s), 50 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Hallo!
Ein Fund war, dabei, das ist jeodhc die fernwartungssoftware, die ist sauber!
Code:
ATTFilter
11:46:11.0382 0x1fec  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
11:46:14.0707 0x1fec  ============================================================
11:46:14.0707 0x1fec  Current date / time: 2015/11/08 11:46:14.0707
11:46:14.0707 0x1fec  SystemInfo:
11:46:14.0707 0x1fec  
11:46:14.0707 0x1fec  OS Version: 6.1.7601 ServicePack: 1.0
11:46:14.0707 0x1fec  Product type: Workstation
11:46:14.0708 0x1fec  ComputerName: HERBERT-HP
11:46:14.0708 0x1fec  UserName: Herbert.Bruckmueller
11:46:14.0708 0x1fec  Windows directory: C:\windows
11:46:14.0708 0x1fec  System windows directory: C:\windows
11:46:14.0708 0x1fec  Running under WOW64
11:46:14.0708 0x1fec  Processor architecture: Intel x64
11:46:14.0708 0x1fec  Number of processors: 4
11:46:14.0708 0x1fec  Page size: 0x1000
11:46:14.0708 0x1fec  Boot type: Normal boot
11:46:14.0708 0x1fec  ============================================================
11:46:20.0892 0x1fec  KLMD registered as C:\windows\system32\drivers\11833406.sys
11:46:21.0442 0x1fec  System UUID: {63B80509-C488-9626-5855-31666AFD2DDC}
11:46:21.0977 0x1fec  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:46:21.0981 0x1fec  ============================================================
11:46:21.0981 0x1fec  \Device\Harddisk0\DR0:
11:46:21.0981 0x1fec  MBR partitions:
11:46:21.0982 0x1fec  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x96000
11:46:21.0982 0x1fec  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x96800, BlocksNum 0x479F4800
11:46:21.0982 0x1fec  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x47A8B000, BlocksNum 0x23CB800
11:46:21.0982 0x1fec  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x49E56800, BlocksNum 0xA01000
11:46:21.0982 0x1fec  ============================================================
11:46:22.0022 0x1fec  C: <-> \Device\Harddisk0\DR0\Partition2
11:46:22.0066 0x1fec  D: <-> \Device\Harddisk0\DR0\Partition3
11:46:22.0080 0x1fec  E: <-> \Device\Harddisk0\DR0\Partition4
11:46:22.0080 0x1fec  ============================================================
11:46:22.0080 0x1fec  Initialize success
11:46:22.0080 0x1fec  ============================================================
11:46:56.0482 0x1994  ============================================================
11:46:56.0482 0x1994  Scan started
11:46:56.0482 0x1994  Mode: Manual; SigCheck; TDLFS; 
11:46:56.0482 0x1994  ============================================================
11:46:56.0482 0x1994  KSN ping started
11:46:58.0952 0x1994  KSN ping finished: true
11:47:00.0102 0x1994  ================ Scan system memory ========================
11:47:00.0102 0x1994  System memory - ok
11:47:00.0103 0x1994  ================ Scan services =============================
11:47:00.0313 0x1994  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
11:47:00.0553 0x1994  1394ohci - ok
11:47:00.0626 0x1994  [ 7A330A42870EB1FA81F88BE514D2D566, FFE4F37992A7855FD5308462054BCA91B275EFC52F3402C99ED1C716CCC0E43C ] Accelerometer   C:\windows\system32\DRIVERS\Accelerometer.sys
11:47:00.0704 0x1994  Accelerometer - ok
11:47:00.0811 0x1994  [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon        C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
11:47:00.0839 0x1994  ACDaemon - ok
11:47:00.0919 0x1994  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\windows\system32\drivers\ACPI.sys
11:47:00.0981 0x1994  ACPI - ok
11:47:01.0033 0x1994  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
11:47:01.0176 0x1994  AcpiPmi - ok
11:47:01.0310 0x1994  [ 8C194A201698B4B4F77D974549819D1F, 081A2496FE1CE519E48677D99A831FF1FEEB1B33C75224CF288FA52F3E0E5FF0 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:47:01.0337 0x1994  AdobeFlashPlayerUpdateSvc - ok
11:47:01.0401 0x1994  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\windows\system32\DRIVERS\adp94xx.sys
11:47:01.0429 0x1994  adp94xx - ok
11:47:01.0471 0x1994  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\windows\system32\DRIVERS\adpahci.sys
11:47:01.0490 0x1994  adpahci - ok
11:47:01.0522 0x1994  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\windows\system32\DRIVERS\adpu320.sys
11:47:01.0537 0x1994  adpu320 - ok
11:47:01.0892 0x1994  [ 48E531E6FF8F0378F0B49C6F7C2654B6, 2706D546C41B640AD443E029BCFB1E19902DE7323D141CD07EC627D1D91B7263 ] Advanced Monitoring Agent C:\Program Files (x86)\Advanced Monitoring Agent\winagent.exe
11:47:02.0279 0x1994  Advanced Monitoring Agent - detected UnsignedFile.Multi.Generic ( 1 )
11:47:04.0773 0x1994  Advanced Monitoring Agent ( UnsignedFile.Multi.Generic ) - warning
11:47:07.0263 0x1994  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
11:47:07.0317 0x1994  AeLookupSvc - ok
11:47:07.0409 0x1994  [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters     C:\Program Files\IDT\WDM\AESTSr64.exe
11:47:07.0466 0x1994  AESTFilters - ok
11:47:07.0512 0x1994  [ 6CCD1135320109D6B219F1A6E04AD9F6, B97D4DF46DF0EFC106BD3E248C70809F3F47DF3FD1CA039A0A3923E1FA05A969 ] Afc             C:\windows\syswow64\drivers\Afc.sys
11:47:07.0523 0x1994  Afc - ok
11:47:07.0588 0x1994  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\windows\system32\drivers\afd.sys
11:47:07.0680 0x1994  AFD - ok
11:47:07.0757 0x1994  [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem  C:\windows\system32\DRIVERS\agrsm64.sys
11:47:07.0892 0x1994  AgereSoftModem - ok
11:47:07.0929 0x1994  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\windows\system32\drivers\agp440.sys
11:47:07.0940 0x1994  agp440 - ok
11:47:07.0971 0x1994  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\windows\System32\alg.exe
11:47:08.0051 0x1994  ALG - ok
11:47:08.0095 0x1994  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\windows\system32\drivers\aliide.sys
11:47:08.0105 0x1994  aliide - ok
11:47:08.0148 0x1994  [ D5518E3BBFD69520FA3BDD3D05B5B458, 225FA482D7F6CED6D4688A2945EBFD8561DEAD5F2CD4137A43FF50DDBE7115E2 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
11:47:08.0240 0x1994  AMD External Events Utility - ok
11:47:08.0269 0x1994  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\windows\system32\drivers\amdide.sys
11:47:08.0280 0x1994  amdide - ok
11:47:08.0320 0x1994  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\windows\system32\DRIVERS\amdk8.sys
11:47:08.0373 0x1994  AmdK8 - ok
11:47:08.0679 0x1994  [ BE85FDC481F3BFBC036BB5D96DBBD12D, 34EA50C3FDA5EC1EE7E36671CC4883555812B091E260932116F001733E3E54B8 ] amdkmdag        C:\windows\system32\DRIVERS\atikmdag.sys
11:47:09.0098 0x1994  amdkmdag - ok
11:47:09.0146 0x1994  [ 8E0146E61409C46855F1DD008EAEDD5D, 16BC53F7B572F6F3BFA2C8848E28C87F21B8673A6D5498D2E18CEA72516789CD ] amdkmdap        C:\windows\system32\DRIVERS\atikmpag.sys
11:47:09.0195 0x1994  amdkmdap - ok
11:47:09.0212 0x1994  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\windows\system32\DRIVERS\amdppm.sys
11:47:09.0240 0x1994  AmdPPM - ok
11:47:09.0272 0x1994  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\windows\system32\drivers\amdsata.sys
11:47:09.0284 0x1994  amdsata - ok
11:47:09.0308 0x1994  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\windows\system32\DRIVERS\amdsbs.sys
11:47:09.0323 0x1994  amdsbs - ok
11:47:09.0349 0x1994  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\windows\system32\drivers\amdxata.sys
11:47:09.0360 0x1994  amdxata - ok
11:47:09.0418 0x1994  [ A0711D119BA4B48A1470C768D301013E, 536366F809125D2C2171597C8C2CB3271BE5C6B373152112E0D970749776E00A ] AppID           C:\windows\system32\drivers\appid.sys
11:47:09.0479 0x1994  AppID - ok
11:47:09.0517 0x1994  [ 173C90AF5B243B4DD86F95CA154CB58A, 349F566DADC96B31FDC34C4F26545FB880844DBF84E5821AA0D0CAA91FB837E1 ] AppIDSvc        C:\windows\System32\appidsvc.dll
11:47:09.0538 0x1994  AppIDSvc - ok
11:47:09.0568 0x1994  [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo         C:\windows\System32\appinfo.dll
11:47:09.0614 0x1994  Appinfo - ok
11:47:09.0653 0x1994  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\windows\System32\appmgmts.dll
11:47:09.0706 0x1994  AppMgmt - ok
11:47:09.0745 0x1994  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\windows\system32\DRIVERS\arc.sys
11:47:09.0757 0x1994  arc - ok
11:47:09.0768 0x1994  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\windows\system32\DRIVERS\arcsas.sys
11:47:09.0781 0x1994  arcsas - ok
11:47:09.0811 0x1994  [ 357635F16D28558C50870F4EF8AA4712, 80B579F0DCF1AC5607C692988B56CC62DEE1EF5BF3583B89006493F9DCE89CE9 ] ARCVCAM         C:\windows\system32\DRIVERS\ArcSoftVCapture.sys
11:47:09.0821 0x1994  ARCVCAM - ok
11:47:09.0925 0x1994  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:47:09.0962 0x1994  aspnet_state - ok
11:47:09.0984 0x1994  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
11:47:10.0155 0x1994  AsyncMac - ok
11:47:10.0222 0x1994  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\windows\system32\drivers\atapi.sys
11:47:10.0232 0x1994  atapi - ok
11:47:10.0271 0x1994  [ CBE61B4494165F458BD87E37181EE934, E95654DCC0F977A3604B6BE435BEE109AC8F9F7494FD3A132F5FB477BBF7B105 ] AthBTPort       C:\windows\system32\DRIVERS\btath_flt.sys
11:47:10.0318 0x1994  AthBTPort - ok
11:47:10.0371 0x1994  [ 4C4A576818EA028257C624AE36FF7A03, 951521E0531D943EF55737EE99BBCBD6CC6ABC50530985D774EEBE8564166EDB ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
11:47:10.0416 0x1994  Atheros Bt&Wlan Coex Agent - detected UnsignedFile.Multi.Generic ( 1 )
11:47:12.0934 0x1994  Detect skipped due to KSN trusted
11:47:12.0934 0x1994  Atheros Bt&Wlan Coex Agent - ok
11:47:13.0050 0x1994  [ 684B36CA4067DA7000CF95771A3CF0E7, CF3051C38A292D8914F65510D519C6B5F9FF3D31821C44A279C887919BE1FBF2 ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
11:47:13.0079 0x1994  AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
11:47:15.0486 0x1994  Detect skipped due to KSN trusted
11:47:15.0486 0x1994  AtherosSvc - ok
11:47:15.0638 0x1994  [ B4421D8CDADC441F76BA39532A3E3414, 4C7C14C99E2095012A85672C824E21CF2FC152BCC37A1B25BF3189D0F6A06ED3 ] athr            C:\windows\system32\DRIVERS\athrx.sys
11:47:15.0810 0x1994  athr - ok
11:47:15.0897 0x1994  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
11:47:15.0992 0x1994  AudioEndpointBuilder - ok
11:47:16.0012 0x1994  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\windows\System32\Audiosrv.dll
11:47:16.0037 0x1994  AudioSrv - ok
11:47:16.0117 0x1994  [ 7D2D2A4E0129026C2571A5DB602A0642, 0E619DBC6F4B61D2D31DB913F09FDACCE4E3445379E9FC92AE608ED1D8DABD8E ] avc3            C:\windows\system32\DRIVERS\avc3.sys
11:47:16.0191 0x1994  avc3 - ok
11:47:16.0249 0x1994  [ 4D3ADB9A6B623D332F0D0ED39613BB04, 38EB4D920BB6C43A88C67BE750D0525033F8378DFF1EE542E33CDC0000568D59 ] avckf           C:\windows\system32\DRIVERS\avckf.sys
11:47:16.0297 0x1994  avckf - ok
11:47:16.0348 0x1994  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\windows\System32\AxInstSV.dll
11:47:16.0455 0x1994  AxInstSV - ok
11:47:16.0512 0x1994  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\windows\system32\DRIVERS\bxvbda.sys
11:47:16.0594 0x1994  b06bdrv - ok
11:47:16.0629 0x1994  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys
11:47:16.0682 0x1994  b57nd60a - ok
11:47:16.0713 0x1994  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\windows\System32\bdesvc.dll
11:47:16.0773 0x1994  BDESVC - ok
11:47:16.0823 0x1994  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\windows\system32\drivers\Beep.sys
11:47:16.0863 0x1994  Beep - ok
11:47:16.0939 0x1994  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\windows\System32\bfe.dll
11:47:17.0019 0x1994  BFE - ok
11:47:17.0075 0x1994  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\windows\System32\qmgr.dll
11:47:17.0279 0x1994  BITS - ok
11:47:17.0304 0x1994  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
11:47:17.0328 0x1994  blbdrive - ok
11:47:17.0361 0x1994  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
11:47:17.0408 0x1994  bowser - ok
11:47:17.0436 0x1994  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\windows\system32\DRIVERS\BrFiltLo.sys
11:47:17.0506 0x1994  BrFiltLo - ok
11:47:17.0517 0x1994  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\windows\system32\DRIVERS\BrFiltUp.sys
11:47:17.0539 0x1994  BrFiltUp - ok
11:47:17.0589 0x1994  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\windows\System32\browser.dll
11:47:17.0645 0x1994  Browser - ok
11:47:17.0673 0x1994  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\windows\System32\Drivers\Brserid.sys
11:47:17.0713 0x1994  Brserid - ok
11:47:17.0717 0x1994  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
11:47:17.0750 0x1994  BrSerWdm - ok
11:47:17.0754 0x1994  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
11:47:17.0773 0x1994  BrUsbMdm - ok
11:47:17.0776 0x1994  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
11:47:17.0795 0x1994  BrUsbSer - ok
11:47:17.0849 0x1994  [ 227C8F308DE4AF4808E587465CEAB838, 7CF9FB82C979551E82F06F9D4003704E786CF2EAB4BE0836CB0BE9E735C48942 ] BTATH_A2DP      C:\windows\system32\drivers\btath_a2dp.sys
11:47:17.0900 0x1994  BTATH_A2DP - ok
11:47:17.0935 0x1994  [ A83A91D07D1FE6BBE7A9DB46CA00434B, 9EF851047189E13954C0F6A325E4843914C423C0D1EDAE21A34AB3A962BBD5AC ] BTATH_BUS       C:\windows\system32\DRIVERS\btath_bus.sys
11:47:17.0972 0x1994  BTATH_BUS - ok
11:47:17.0993 0x1994  [ C864FF85EE16D61C2BDD5EF76824625F, 6D2FE57688D9E8B4277BF6DA9C219DEB367274364FBE17EFC353CEDB2D7EA35D ] BTATH_HCRP      C:\windows\system32\DRIVERS\btath_hcrp.sys
11:47:18.0041 0x1994  BTATH_HCRP - ok
11:47:18.0095 0x1994  [ 0DEA505EFB5D771826D177EF8B8A208F, FD8027DA791F04077490749AC5A08F73CCBA1731462579AA9008CD8DD82FBBBC ] BTATH_LWFLT     C:\windows\system32\DRIVERS\btath_lwflt.sys
11:47:18.0125 0x1994  BTATH_LWFLT - ok
11:47:18.0151 0x1994  [ 724C8088C96EFE7A3E63FEC21D4681C0, 4F9B258BE0FEA634A0D93B3892F2F039A7CAD184C9A81DFC2B67B0D4B39C5035 ] BTATH_RCP       C:\windows\system32\DRIVERS\btath_rcp.sys
11:47:18.0180 0x1994  BTATH_RCP - ok
11:47:18.0223 0x1994  [ FF8B065F96E4D9525AA7227299FBD05C, 7F15424DCD3C2B907009883D1E80E0DF3E2F38A674C12BDBC748DB85D3DB74E6 ] BtFilter        C:\windows\system32\DRIVERS\btfilter.sys
11:47:18.0275 0x1994  BtFilter - ok
11:47:18.0306 0x1994  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\windows\system32\drivers\BthEnum.sys
11:47:18.0378 0x1994  BthEnum - ok
11:47:18.0416 0x1994  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\windows\system32\DRIVERS\bthmodem.sys
11:47:18.0449 0x1994  BTHMODEM - ok
11:47:18.0472 0x1994  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
11:47:18.0489 0x1994  BthPan - ok
11:47:18.0548 0x1994  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys
11:47:18.0632 0x1994  BTHPORT - ok
11:47:18.0666 0x1994  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\windows\system32\bthserv.dll
11:47:18.0710 0x1994  bthserv - ok
11:47:18.0724 0x1994  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
11:47:18.0750 0x1994  BTHUSB - ok
11:47:18.0778 0x1994  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
11:47:18.0839 0x1994  cdfs - ok
11:47:18.0895 0x1994  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys
11:47:18.0923 0x1994  cdrom - ok
11:47:18.0976 0x1994  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\windows\System32\certprop.dll
11:47:19.0025 0x1994  CertPropSvc - ok
11:47:19.0055 0x1994  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\windows\system32\DRIVERS\circlass.sys
11:47:19.0087 0x1994  circlass - ok
11:47:19.0141 0x1994  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\windows\system32\CLFS.sys
11:47:19.0162 0x1994  CLFS - ok
11:47:19.0246 0x1994  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:47:19.0258 0x1994  clr_optimization_v2.0.50727_32 - ok
11:47:19.0315 0x1994  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:47:19.0332 0x1994  clr_optimization_v2.0.50727_64 - ok
11:47:19.0419 0x1994  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:47:19.0433 0x1994  clr_optimization_v4.0.30319_32 - ok
11:47:19.0448 0x1994  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:47:19.0535 0x1994  clr_optimization_v4.0.30319_64 - ok
11:47:19.0566 0x1994  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
11:47:19.0599 0x1994  CmBatt - ok
11:47:19.0635 0x1994  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\windows\system32\drivers\cmdide.sys
11:47:19.0648 0x1994  cmdide - ok
11:47:19.0717 0x1994  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\windows\system32\Drivers\cng.sys
11:47:19.0748 0x1994  CNG - ok
11:47:19.0793 0x1994  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\windows\system32\DRIVERS\compbatt.sys
11:47:19.0806 0x1994  Compbatt - ok
11:47:19.0857 0x1994  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\windows\system32\drivers\CompositeBus.sys
11:47:19.0881 0x1994  CompositeBus - ok
11:47:19.0898 0x1994  COMSysApp - ok
11:47:19.0929 0x1994  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\windows\system32\DRIVERS\crcdisk.sys
11:47:19.0940 0x1994  crcdisk - ok
11:47:19.0998 0x1994  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\windows\system32\cryptsvc.dll
11:47:20.0066 0x1994  CryptSvc - ok
11:47:20.0114 0x1994  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\windows\system32\drivers\csc.sys
11:47:20.0174 0x1994  CSC - ok
11:47:20.0206 0x1994  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\windows\System32\cscsvc.dll
11:47:20.0263 0x1994  CscService - ok
11:47:20.0311 0x1994  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\windows\system32\rpcss.dll
11:47:20.0377 0x1994  DcomLaunch - ok
11:47:20.0433 0x1994  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\windows\System32\defragsvc.dll
11:47:20.0490 0x1994  defragsvc - ok
11:47:20.0533 0x1994  [ CF1F6326AC44C42F4615D4BD53188AC5, 28DC32F1957918C3D5DE72415CC32A51C6885CAA38119FE475D2631269D3B9B3 ] DfsC            C:\windows\system32\Drivers\dfsc.sys
11:47:20.0591 0x1994  DfsC - ok
11:47:20.0649 0x1994  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\windows\system32\dhcpcore.dll
11:47:20.0703 0x1994  Dhcp - ok
11:47:20.0800 0x1994  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\windows\system32\diagtrack.dll
11:47:20.0901 0x1994  DiagTrack - ok
11:47:20.0928 0x1994  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\windows\system32\drivers\discache.sys
11:47:20.0969 0x1994  discache - ok
11:47:21.0011 0x1994  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\windows\system32\DRIVERS\disk.sys
11:47:21.0024 0x1994  Disk - ok
11:47:21.0063 0x1994  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\windows\System32\dnsrslvr.dll
11:47:21.0127 0x1994  Dnscache - ok
11:47:21.0158 0x1994  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\windows\System32\dot3svc.dll
11:47:21.0212 0x1994  dot3svc - ok
11:47:21.0240 0x1994  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\windows\system32\dps.dll
11:47:21.0296 0x1994  DPS - ok
11:47:21.0330 0x1994  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
11:47:21.0375 0x1994  drmkaud - ok
11:47:21.0435 0x1994  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
11:47:21.0485 0x1994  DXGKrnl - ok
11:47:21.0511 0x1994  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\windows\System32\eapsvc.dll
11:47:21.0567 0x1994  EapHost - ok
11:47:21.0687 0x1994  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\windows\system32\DRIVERS\evbda.sys
11:47:21.0826 0x1994  ebdrv - ok
11:47:21.0871 0x1994  [ 3E9BDCA3994E2B6B6AC16BAA76722934, A77FEE9D78C1151B13C9509FA89B64024442D00C3C9EA19954045413D8A69D73 ] EFS             C:\windows\System32\lsass.exe
11:47:21.0928 0x1994  EFS - ok
11:47:22.0005 0x1994  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
11:47:22.0104 0x1994  ehRecvr - ok
11:47:22.0141 0x1994  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\windows\ehome\ehsched.exe
11:47:22.0191 0x1994  ehSched - ok
11:47:22.0231 0x1994  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\windows\system32\DRIVERS\elxstor.sys
11:47:22.0258 0x1994  elxstor - ok
11:47:22.0384 0x1994  [ DAA2E586CA57FDB9FFF16E91246225E7, 4D4C984B9DA2CC7C5ADD07D106A8CE626A3956869ABFEE347D45B0B94C9715DE ] EndpointIntegration C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\EndpointIntegration.exe
11:47:22.0420 0x1994  EndpointIntegration - ok
11:47:22.0433 0x1994  [ 199DFA6868BBEE22BC40A42FC555CEC2, 891A20CCF54339BF5A3055E5E61279683B0AF3EEC982DC44A30AC000BF4A5F2F ] EndpointService C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\EndpointService.exe
11:47:22.0451 0x1994  EndpointService - ok
11:47:22.0638 0x1994  [ 00CB74554E516CC475B3E73BC4C8C925, 7F12D580F96B07340F740942AC1EC0368DF286346233368C736230D625E332EF ] epag            C:\Program Files\Common Files\IT@WORK GmbH Antivirus\Endpoint Agent\epag.exe
11:47:22.0733 0x1994  epag - ok
11:47:22.0763 0x1994  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\windows\system32\drivers\errdev.sys
11:47:22.0783 0x1994  ErrDev - ok
11:47:22.0831 0x1994  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\windows\system32\es.dll
11:47:22.0881 0x1994  EventSystem - ok
11:47:22.0928 0x1994  [ 86F7951BBCEE4A86E79A97306BD14318, 84B52A0392DA53ED71A2C4D483DD93DDF552BF8AC764C7BD47BE0EB58C7C8219 ] ew_hwusbdev     C:\windows\system32\DRIVERS\ew_hwusbdev.sys
11:47:22.0975 0x1994  ew_hwusbdev - ok
11:47:22.0997 0x1994  [ 55E0EDA185869F7EA67EA97FD0655B39, D4A51E383102AA48F022EFCA08FAC389336A22C1DF60E17815117EFA60716964 ] ew_usbenumfilter C:\windows\system32\DRIVERS\ew_usbenumfilter.sys
11:47:23.0032 0x1994  ew_usbenumfilter - ok
11:47:23.0061 0x1994  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\windows\system32\drivers\exfat.sys
11:47:23.0107 0x1994  exfat - ok
11:47:23.0128 0x1994  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\windows\system32\drivers\fastfat.sys
11:47:23.0174 0x1994  fastfat - ok
11:47:23.0235 0x1994  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\windows\system32\fxssvc.exe
11:47:23.0316 0x1994  Fax - ok
11:47:23.0332 0x1994  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\windows\system32\DRIVERS\fdc.sys
11:47:23.0346 0x1994  fdc - ok
11:47:23.0370 0x1994  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\windows\system32\fdPHost.dll
11:47:23.0430 0x1994  fdPHost - ok
11:47:23.0450 0x1994  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\windows\system32\fdrespub.dll
11:47:23.0495 0x1994  FDResPub - ok
11:47:23.0508 0x1994  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
11:47:23.0522 0x1994  FileInfo - ok
11:47:23.0535 0x1994  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
11:47:23.0580 0x1994  Filetrace - ok
11:47:23.0584 0x1994  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\windows\system32\DRIVERS\flpydisk.sys
11:47:23.0609 0x1994  flpydisk - ok
11:47:23.0631 0x1994  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
11:47:23.0650 0x1994  FltMgr - ok
11:47:23.0719 0x1994  [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache       C:\windows\system32\FntCache.dll
11:47:23.0817 0x1994  FontCache - ok
11:47:23.0875 0x1994  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:47:23.0885 0x1994  FontCache3.0.0.0 - ok
11:47:23.0894 0x1994  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
11:47:23.0905 0x1994  FsDepends - ok
11:47:23.0949 0x1994  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
11:47:23.0962 0x1994  Fs_Rec - ok
11:47:24.0005 0x1994  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
11:47:24.0023 0x1994  fvevol - ok
11:47:24.0056 0x1994  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\windows\system32\DRIVERS\gagp30kx.sys
11:47:24.0069 0x1994  gagp30kx - ok
11:47:24.0165 0x1994  [ 551D463E4CCEB5240234DA6718C93A44, 37CE7DFD392A1899FDB1B36163D34E9C005344EABDF7397BEA81447B9F7262D1 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
11:47:24.0181 0x1994  GameConsoleService - ok
11:47:24.0212 0x1994  [ 14908F4F9005C29DE8F5587E271390EE, 43DDFA99F52467F91019DB858989F111EBE48A2BED8D43EA2C15D1FD3C104489 ] gfibto          C:\windows\system32\drivers\gfibto.sys
11:47:24.0222 0x1994  gfibto - ok
11:47:24.0298 0x1994  [ 548D44670C10A350D092F4BB1F6B036E, E60D37B044B856104023A03A25A00600DCF6668A608BF82D54C40999FD94EDDE ] gfi_lanss11_attservice C:\PROGRA~2\ADVANC~1\patchman\lnssatt.exe
11:47:24.0312 0x1994  gfi_lanss11_attservice - ok
11:47:24.0366 0x1994  [ FE91DC3D9A696CCDDB9F51C25ACBC53A, 4E1A7BB3AC57530A1DF8AB7E981087275E89E6AC629F881C98E40F13150ED532 ] gpsvc           C:\windows\System32\gpsvc.dll
11:47:24.0413 0x1994  gpsvc - ok
11:47:24.0488 0x1994  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:47:24.0500 0x1994  gupdate - ok
11:47:24.0506 0x1994  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:47:24.0516 0x1994  gupdatem - ok
11:47:24.0601 0x1994  [ 41918B5F0BF35DB5DF47ACEA42048F9F, B6C8E145AB4550ACF812FF864E827FBC23F997A9534001C1DB53B093B09EEEFA ] gzflt           C:\windows\system32\DRIVERS\gzflt.sys
11:47:24.0615 0x1994  gzflt - ok
11:47:24.0658 0x1994  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
11:47:24.0733 0x1994  hcw85cir - ok
11:47:24.0784 0x1994  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
11:47:24.0825 0x1994  HdAudAddService - ok
11:47:24.0874 0x1994  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\windows\system32\drivers\HDAudBus.sys
11:47:24.0917 0x1994  HDAudBus - ok
11:47:24.0933 0x1994  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\windows\system32\DRIVERS\HidBatt.sys
11:47:24.0960 0x1994  HidBatt - ok
11:47:24.0984 0x1994  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\windows\system32\DRIVERS\hidbth.sys
11:47:25.0018 0x1994  HidBth - ok
11:47:25.0023 0x1994  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\windows\system32\DRIVERS\hidir.sys
11:47:25.0050 0x1994  HidIr - ok
11:47:25.0078 0x1994  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\windows\system32\hidserv.dll
11:47:25.0127 0x1994  hidserv - ok
11:47:25.0167 0x1994  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys
11:47:25.0199 0x1994  HidUsb - ok
11:47:25.0229 0x1994  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\windows\system32\kmsvc.dll
11:47:25.0273 0x1994  hkmsvc - ok
11:47:25.0312 0x1994  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
11:47:25.0345 0x1994  HomeGroupListener - ok
11:47:25.0370 0x1994  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
11:47:25.0404 0x1994  HomeGroupProvider - ok
11:47:25.0488 0x1994  [ 02C2108111D9656A9729995D2219FB99, E0D5F714F79A6C6C2CA6CF11DA99DB51B44BDE635ADCF7FAD0E9650CC965ECB0 ] HP Power Assistant Service C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
11:47:25.0499 0x1994  HP Power Assistant Service - ok
11:47:25.0594 0x1994  [ D4B198E9B3CE6D05771E116D2D560F2F, 8674B708BD182AC5FC719462179933C1F79ABC3B73CA401810FFB9C7EE0B1520 ] hpCMSrv         c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
11:47:25.0625 0x1994  hpCMSrv - ok
11:47:25.0656 0x1994  [ A4BE23C451ADEB252CD17A0532CAE220, 612CF3B9CB11557C98DD0D036580C987E52585077529B8CBACD88778E2D8E31E ] hpdskflt        C:\windows\system32\DRIVERS\hpdskflt.sys
11:47:25.0665 0x1994  hpdskflt - ok
11:47:25.0707 0x1994  [ 0ADC6AFAB2B17FFC9C6E24DD1583F888, 328D8353F06C7D24CFBF1264640C58315ECC7575B0FADB6DB1528D0C1085C383 ] hpHotkeyMonitor C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
11:47:25.0721 0x1994  hpHotkeyMonitor - ok
11:47:25.0752 0x1994  [ B98EE5D4535A685634B90F7E04DE0DF7, E37D26EF83B70E84742498D2F53037F83BE13F0E01484D85A20C872F1F02ADDA ] HpqKbFiltr      C:\windows\system32\DRIVERS\HpqKbFiltr.sys
11:47:25.0762 0x1994  HpqKbFiltr - ok
11:47:25.0836 0x1994  [ EC9739A46F1F83C6E52A7A4697F44A65, CF4E93D3E8CA607DDEF87C6996F6C7326316144A61C1B4F83EA1B4B2F9BDC69B ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
11:47:25.0860 0x1994  hpqwmiex - ok
11:47:25.0901 0x1994  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
11:47:25.0915 0x1994  HpSAMD - ok
11:47:25.0934 0x1994  [ A88A45E82BC54BFFB49C63973010226A, A96FC7C9A7E71347756581C682F27ED0EB8B80FE8F5D2F83C3129EB75F9264C6 ] hpsrv           C:\windows\system32\Hpservice.exe
11:47:25.0955 0x1994  hpsrv - ok
11:47:26.0012 0x1994  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\windows\system32\drivers\HTTP.sys
11:47:26.0098 0x1994  HTTP - ok
11:47:26.0166 0x1994  [ 3B33B06D9A60CC8869CC280DAA36E414, 3C706F4B39A7E1800A2164FE808A179BD1A058C606468855692EA74CA46F9AE9 ] huawei_cdcacm   C:\windows\system32\DRIVERS\ew_jucdcacm.sys
11:47:26.0201 0x1994  huawei_cdcacm - ok
11:47:26.0227 0x1994  [ 871DE49EFF65CEABF15415F93148DF5A, 8FD66237135BB2A405CA6F0BDFE9163161123F5AEE89A37A8C4ABFF1C9E20A91 ] huawei_enumerator C:\windows\system32\DRIVERS\ew_jubusenum.sys
11:47:26.0260 0x1994  huawei_enumerator - ok
11:47:26.0288 0x1994  [ 1EC67C791D2D3EAE203B5F2CBFFE867C, CD2D0731D1AB3A67ACFD328923FF8E219D85DFC2E4D5D4468316F6F0D95B29D9 ] huawei_ext_ctrl C:\windows\system32\DRIVERS\ew_juextctrl.sys
11:47:26.0320 0x1994  huawei_ext_ctrl - ok
11:47:26.0350 0x1994  [ 6DF7633CD4665BC6A1B3572751B8D260, EB4885CA56BA0BF7E05F0D68B85BE879D91D69281EA856A19CA764C53E85B87C ] huawei_wwanecm  C:\windows\system32\DRIVERS\ew_juwwanecm.sys
11:47:26.0388 0x1994  huawei_wwanecm - ok
11:47:26.0467 0x1994  [ E90DA42B87D684DEBFB73B38A718A006, BB18C63C1982F5CB99C9B65D2B801E8C1909AD7CD0171326DC0015D6B781B451 ] HWDeviceService64.exe C:\ProgramData\DatacardService\HWDeviceService64.exe
11:47:26.0482 0x1994  HWDeviceService64.exe - ok
11:47:26.0519 0x1994  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
11:47:26.0530 0x1994  hwpolicy - ok
11:47:26.0595 0x1994  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\windows\system32\drivers\i8042prt.sys
11:47:26.0611 0x1994  i8042prt - ok
11:47:26.0646 0x1994  [ D469B77687E12FE43E344806740B624D, DFDD486FD040813BF4E5DDB504CF9E0BFBF6D4E540DDDA4829F9B675ACF63E89 ] iaStor          C:\windows\system32\DRIVERS\iaStor.sys
11:47:26.0666 0x1994  iaStor - ok
11:47:26.0760 0x1994  [ 117FF657E0D9BBD61B5C3E71E63D3919, F8AD1C861F018754A9BF348C9F1D6503854ED9D7DEEBF40E6B4E2FEA9FC6E56A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
11:47:26.0768 0x1994  IAStorDataMgrSvc - ok
11:47:26.0817 0x1994  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
11:47:26.0838 0x1994  iaStorV - ok
11:47:26.0908 0x1994  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:47:26.0955 0x1994  idsvc - ok
11:47:26.0960 0x1994  IEEtwCollectorService - ok
11:47:26.0993 0x1994  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\windows\system32\DRIVERS\iirsp.sys
11:47:27.0005 0x1994  iirsp - ok
11:47:27.0062 0x1994  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\windows\System32\ikeext.dll
11:47:27.0142 0x1994  IKEEXT - ok
11:47:27.0182 0x1994  [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud        C:\windows\system32\DRIVERS\IntcDAud.sys
11:47:27.0225 0x1994  IntcDAud - ok
11:47:27.0259 0x1994  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\windows\system32\drivers\intelide.sys
11:47:27.0270 0x1994  intelide - ok
11:47:27.0676 0x1994  [ EFE5A0AF39A8E179624117C521F1E012, 185BB1106E42256A6E7C63B09737A7059DD14DEA7C1D85ADF66C50D63CFDA556 ] intelkmd        C:\windows\system32\DRIVERS\igdpmd64.sys
11:47:28.0121 0x1994  intelkmd - ok
11:47:28.0151 0x1994  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
11:47:28.0178 0x1994  intelppm - ok
11:47:28.0212 0x1994  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\windows\system32\ipbusenum.dll
11:47:28.0245 0x1994  IPBusEnum - ok
11:47:28.0278 0x1994  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
11:47:28.0325 0x1994  IpFilterDriver - ok
11:47:28.0372 0x1994  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
11:47:28.0442 0x1994  iphlpsvc - ok
11:47:28.0479 0x1994  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
11:47:28.0504 0x1994  IPMIDRV - ok
11:47:28.0551 0x1994  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\windows\system32\drivers\ipnat.sys
11:47:28.0594 0x1994  IPNAT - ok
11:47:28.0624 0x1994  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\windows\system32\drivers\irenum.sys
11:47:28.0688 0x1994  IRENUM - ok
11:47:28.0714 0x1994  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\windows\system32\drivers\isapnp.sys
11:47:28.0725 0x1994  isapnp - ok
11:47:28.0767 0x1994  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
11:47:28.0784 0x1994  iScsiPrt - ok
11:47:28.0843 0x1994  [ 3B794CA0DE73790420DEBA3C759F1502, EEB5C5ECE4EBBD58A6EA93498615446C102EE4F73D7AD1987F751D2FE8325BB5 ] jhi_service     C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
11:47:28.0857 0x1994  jhi_service - ok
11:47:28.0891 0x1994  [ 0B44199365A69696109AB9A5855E0841, 7A2044C641FFFB9D4B19BED0E520FEEF570116EB3C9F4284D70560DD93A19A25 ] JMCR            C:\windows\system32\DRIVERS\jmcr.sys
11:47:28.0912 0x1994  JMCR - ok
11:47:28.0940 0x1994  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\windows\system32\drivers\kbdclass.sys
11:47:28.0952 0x1994  kbdclass - ok
11:47:28.0996 0x1994  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\windows\system32\drivers\kbdhid.sys
11:47:29.0025 0x1994  kbdhid - ok
11:47:29.0038 0x1994  [ 3E9BDCA3994E2B6B6AC16BAA76722934, A77FEE9D78C1151B13C9509FA89B64024442D00C3C9EA19954045413D8A69D73 ] KeyIso          C:\windows\system32\lsass.exe
11:47:29.0051 0x1994  KeyIso - ok
11:47:29.0093 0x1994  [ 1DAC21EC0705A6AFEFACCE265798F0F9, 16B66AE2578C6744825B0DFBB9CBA35FBDF5C04E8999F7629BA43D566FA9277F ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
11:47:29.0106 0x1994  KSecDD - ok
11:47:29.0127 0x1994  [ 2737840E7F6F6FF439966A67A35D59F8, 7442A8864D0A92C3A7EDBF889EC1AA9F743D6B48C4075CA8F3C0F1D836DFB9CE ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
11:47:29.0142 0x1994  KSecPkg - ok
11:47:29.0157 0x1994  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
11:47:29.0199 0x1994  ksthunk - ok
11:47:29.0243 0x1994  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\windows\system32\msdtckrm.dll
11:47:29.0293 0x1994  KtmRm - ok
11:47:29.0330 0x1994  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\windows\system32\srvsvc.dll
11:47:29.0375 0x1994  LanmanServer - ok
11:47:29.0414 0x1994  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
11:47:29.0458 0x1994  LanmanWorkstation - ok
11:47:29.0504 0x1994  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
11:47:29.0547 0x1994  lltdio - ok
11:47:29.0587 0x1994  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\windows\System32\lltdsvc.dll
11:47:29.0627 0x1994  lltdsvc - ok
11:47:29.0646 0x1994  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\windows\System32\lmhsvc.dll
11:47:29.0695 0x1994  lmhosts - ok
11:47:29.0745 0x1994  [ 97F9EAAC985A663394CD8F54DCD3E73A, D5BA3E7ED36BA361B1941F12D83568C30F7E49A8B9D54D3EBBBD05767E1F3B0A ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:47:29.0760 0x1994  LMS - ok
11:47:29.0797 0x1994  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\windows\system32\DRIVERS\lsi_fc.sys
11:47:29.0811 0x1994  LSI_FC - ok
11:47:29.0817 0x1994  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\windows\system32\DRIVERS\lsi_sas.sys
11:47:29.0830 0x1994  LSI_SAS - ok
11:47:29.0840 0x1994  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\windows\system32\DRIVERS\lsi_sas2.sys
11:47:29.0851 0x1994  LSI_SAS2 - ok
11:47:29.0863 0x1994  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\windows\system32\DRIVERS\lsi_scsi.sys
11:47:29.0889 0x1994  LSI_SCSI - ok
11:47:29.0914 0x1994  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\windows\system32\drivers\luafv.sys
11:47:29.0948 0x1994  luafv - ok
11:47:30.0044 0x1994  [ 85057764D5F82548B94F3F98783F8E00, 284063BE48E99073710CC07FBF36CEC1C30D0A626469B1D5F7A4B57DD9D0001F ] ManagedAntivirus C:\Program Files\Managed Antivirus\Managed Antivirus Master Service\ManagedAntivirus.exe
11:47:30.0060 0x1994  ManagedAntivirus - ok
11:47:30.0109 0x1994  [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector   C:\windows\system32\drivers\mbam.sys
11:47:30.0120 0x1994  MBAMProtector - ok
11:47:30.0230 0x1994  [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
11:47:30.0287 0x1994  MBAMService - ok
11:47:30.0348 0x1994  [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\windows\system32\drivers\mwac.sys
11:47:30.0359 0x1994  MBAMWebAccessControl - ok
11:47:30.0378 0x1994  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
11:47:30.0393 0x1994  Mcx2Svc - ok
11:47:30.0407 0x1994  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\windows\system32\DRIVERS\megasas.sys
11:47:30.0418 0x1994  megasas - ok
11:47:30.0439 0x1994  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\windows\system32\DRIVERS\MegaSR.sys
11:47:30.0457 0x1994  MegaSR - ok
11:47:30.0500 0x1994  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\windows\system32\DRIVERS\HECIx64.sys
11:47:30.0510 0x1994  MEIx64 - ok
11:47:30.0538 0x1994  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\windows\system32\mmcss.dll
11:47:30.0580 0x1994  MMCSS - ok
11:47:30.0684 0x1994  [ 9EA47AA97D15BCC50A0F0B78CBD8E768, 872665D17B41A5B5758790341B78DCE014C06900E42EB38A3C5A07C10D1A4809 ] Mobile Partner. RunOuc C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe
11:47:30.0715 0x1994  Mobile Partner. RunOuc - ok
11:47:30.0728 0x1994  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\windows\system32\drivers\modem.sys
11:47:30.0778 0x1994  Modem - ok
11:47:30.0798 0x1994  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\windows\system32\DRIVERS\monitor.sys
11:47:30.0839 0x1994  monitor - ok
11:47:30.0880 0x1994  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
11:47:30.0891 0x1994  mouclass - ok
11:47:30.0910 0x1994  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
11:47:30.0925 0x1994  mouhid - ok
11:47:30.0969 0x1994  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
11:47:30.0982 0x1994  mountmgr - ok
11:47:31.0025 0x1994  [ 0DE2474F316C515482ABAD3B697F8714, 62862AE7432F5350068E96AD466093359C6CF444EB517AE6D09134FAF78C49F5 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:47:31.0043 0x1994  MozillaMaintenance - ok
11:47:31.0084 0x1994  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\windows\system32\drivers\mpio.sys
11:47:31.0098 0x1994  mpio - ok
11:47:31.0109 0x1994  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
11:47:31.0142 0x1994  mpsdrv - ok
11:47:31.0204 0x1994  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\windows\system32\mpssvc.dll
11:47:31.0289 0x1994  MpsSvc - ok
11:47:31.0320 0x1994  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
11:47:31.0363 0x1994  MRxDAV - ok
11:47:31.0403 0x1994  [ DB8E6BA1D110A4E40D48612E9009E366, 678728CC8BBCD0D99E67DA63F53A99AC6D6D12EAE3E26655D372940BE7411098 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
11:47:31.0439 0x1994  mrxsmb - ok
11:47:31.0464 0x1994  [ 24432705B02BC1EFC42A83F93BA202A3, 13F2CA069FAEDA9CEAC6E09D10807DBFF729EAF6133DC46DE5A14C5694E9510B ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
11:47:31.0493 0x1994  mrxsmb10 - ok
11:47:31.0509 0x1994  [ 5E7E31C6426F000AF29E7C452826AF5E, F66102138458BDBD2CE586C95FF90F9B90F5DC8832EA1ACFAD694F1D0B949B21 ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
11:47:31.0525 0x1994  mrxsmb20 - ok
11:47:31.0555 0x1994  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\windows\system32\drivers\msahci.sys
11:47:31.0566 0x1994  msahci - ok
11:47:31.0584 0x1994  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\windows\system32\drivers\msdsm.sys
11:47:31.0598 0x1994  msdsm - ok
11:47:31.0615 0x1994  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\windows\System32\msdtc.exe
11:47:31.0641 0x1994  MSDTC - ok
11:47:31.0673 0x1994  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\windows\system32\drivers\Msfs.sys
11:47:31.0706 0x1994  Msfs - ok
11:47:31.0737 0x1994  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
11:47:31.0784 0x1994  mshidkmdf - ok
11:47:31.0807 0x1994  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
11:47:31.0820 0x1994  msisadrv - ok
11:47:31.0849 0x1994  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
11:47:31.0893 0x1994  MSiSCSI - ok
11:47:31.0899 0x1994  msiserver - ok
11:47:31.0936 0x1994  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
11:47:31.0986 0x1994  MSKSSRV - ok
11:47:32.0006 0x1994  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
11:47:32.0056 0x1994  MSPCLOCK - ok
11:47:32.0070 0x1994  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
11:47:32.0104 0x1994  MSPQM - ok
11:47:32.0188 0x1994  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
11:47:32.0208 0x1994  MsRPC - ok
11:47:32.0249 0x1994  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\windows\system32\drivers\mssmbios.sys
11:47:32.0260 0x1994  mssmbios - ok
11:47:32.0264 0x1994  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
11:47:32.0308 0x1994  MSTEE - ok
11:47:32.0322 0x1994  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\windows\system32\DRIVERS\MTConfig.sys
11:47:32.0351 0x1994  MTConfig - ok
11:47:32.0388 0x1994  [ AA0C2BA3782E92BD85E2264BE418E67C, 8B0953926E83274DF16670F1EF6F4E302F7EE17418F486975C353A406850298C ] Mup             C:\windows\system32\Drivers\mup.sys
11:47:32.0401 0x1994  Mup - ok
11:47:32.0438 0x1994  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\windows\system32\qagentRT.dll
11:47:32.0496 0x1994  napagent - ok
11:47:32.0531 0x1994  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
11:47:32.0556 0x1994  NativeWifiP - ok
11:47:32.0628 0x1994  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\windows\system32\drivers\ndis.sys
11:47:32.0662 0x1994  NDIS - ok
11:47:32.0689 0x1994  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
11:47:32.0723 0x1994  NdisCap - ok
11:47:32.0753 0x1994  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
11:47:32.0786 0x1994  NdisTapi - ok
11:47:32.0819 0x1994  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
11:47:32.0863 0x1994  Ndisuio - ok
11:47:32.0894 0x1994  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
11:47:32.0939 0x1994  NdisWan - ok
11:47:32.0957 0x1994  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
11:47:33.0005 0x1994  NDProxy - ok
11:47:33.0027 0x1994  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
11:47:33.0078 0x1994  NetBIOS - ok
11:47:33.0099 0x1994  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
11:47:33.0137 0x1994  NetBT - ok
11:47:33.0149 0x1994  [ 3E9BDCA3994E2B6B6AC16BAA76722934, A77FEE9D78C1151B13C9509FA89B64024442D00C3C9EA19954045413D8A69D73 ] Netlogon        C:\windows\system32\lsass.exe
11:47:33.0172 0x1994  Netlogon - ok
11:47:33.0217 0x1994  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\windows\System32\netman.dll
11:47:33.0274 0x1994  Netman - ok
11:47:33.0350 0x1994  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:47:33.0376 0x1994  NetMsmqActivator - ok
11:47:33.0398 0x1994  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:47:33.0411 0x1994  NetPipeActivator - ok
11:47:33.0439 0x1994  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\windows\System32\netprofm.dll
11:47:33.0493 0x1994  netprofm - ok
11:47:33.0510 0x1994  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:47:33.0524 0x1994  NetTcpActivator - ok
11:47:33.0530 0x1994  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:47:33.0545 0x1994  NetTcpPortSharing - ok
11:47:33.0626 0x1994  [ 02A0D43320E1F711310BC51B02B3E22B, 3904FA144F74D99A2804E47A866E961D0CE144E58358AA14412B22DD9F4B1F22 ] NetworkManagement C:\Program Files\Advanced Monitoring Agent Network Management\NetworkManagement.exe
11:47:33.0638 0x1994  NetworkManagement - ok
11:47:33.0661 0x1994  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\windows\system32\DRIVERS\nfrd960.sys
11:47:33.0673 0x1994  nfrd960 - ok
11:47:33.0692 0x1994  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\windows\System32\nlasvc.dll
11:47:33.0727 0x1994  NlaSvc - ok
11:47:33.0743 0x1994  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\windows\system32\drivers\Npfs.sys
11:47:33.0774 0x1994  Npfs - ok
11:47:33.0803 0x1994  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\windows\system32\nsisvc.dll
11:47:33.0849 0x1994  nsi - ok
11:47:33.0862 0x1994  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
11:47:33.0909 0x1994  nsiproxy - ok
11:47:34.0005 0x1994  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
11:47:34.0066 0x1994  Ntfs - ok
11:47:34.0086 0x1994  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\windows\system32\drivers\Null.sys
11:47:34.0135 0x1994  Null - ok
11:47:34.0179 0x1994  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\windows\system32\drivers\nvraid.sys
11:47:34.0193 0x1994  nvraid - ok
11:47:34.0224 0x1994  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\windows\system32\drivers\nvstor.sys
11:47:34.0238 0x1994  nvstor - ok
11:47:34.0266 0x1994  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
11:47:34.0279 0x1994  nv_agp - ok
11:47:34.0305 0x1994  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
11:47:34.0348 0x1994  ohci1394 - ok
11:47:34.0400 0x1994  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:47:34.0414 0x1994  ose - ok
11:47:34.0640 0x1994  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:47:34.0755 0x1994  osppsvc - ok
11:47:34.0803 0x1994  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
11:47:34.0878 0x1994  p2pimsvc - ok
11:47:34.0902 0x1994  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\windows\system32\p2psvc.dll
11:47:34.0942 0x1994  p2psvc - ok
11:47:34.0974 0x1994  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\windows\system32\DRIVERS\parport.sys
11:47:34.0997 0x1994  Parport - ok
11:47:35.0023 0x1994  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\windows\system32\drivers\partmgr.sys
11:47:35.0035 0x1994  partmgr - ok
11:47:35.0066 0x1994  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\windows\System32\pcasvc.dll
11:47:35.0121 0x1994  PcaSvc - ok
11:47:35.0164 0x1994  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\windows\system32\drivers\pci.sys
11:47:35.0178 0x1994  pci - ok
11:47:35.0216 0x1994  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\windows\system32\drivers\pciide.sys
11:47:35.0229 0x1994  pciide - ok
11:47:35.0238 0x1994  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\windows\system32\DRIVERS\pcmcia.sys
11:47:35.0253 0x1994  pcmcia - ok
11:47:35.0274 0x1994  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\windows\system32\drivers\pcw.sys
11:47:35.0286 0x1994  pcw - ok
11:47:35.0332 0x1994  pdfcDispatcher - ok
11:47:35.0380 0x1994  [ 8F924F00F2F81422FD7C340FDA0E00D8, BCB4AD154FB54C878D53E046C4238EEF52B38E0C14157D120FDCF8F9E98679B4 ] PdiService      C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
11:47:35.0392 0x1994  PdiService - ok
11:47:35.0426 0x1994  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\windows\system32\drivers\peauth.sys
11:47:35.0483 0x1994  PEAUTH - ok
11:47:35.0545 0x1994  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\windows\system32\peerdistsvc.dll
11:47:35.0643 0x1994  PeerDistSvc - ok
11:47:35.0743 0x1994  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\windows\SysWow64\perfhost.exe
11:47:35.0774 0x1994  PerfHost - ok
11:47:35.0846 0x1994  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\windows\system32\pla.dll
11:47:35.0944 0x1994  pla - ok
11:47:36.0012 0x1994  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
11:47:36.0084 0x1994  PlugPlay - ok
11:47:36.0096 0x1994  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
11:47:36.0128 0x1994  PNRPAutoReg - ok
11:47:36.0147 0x1994  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
11:47:36.0166 0x1994  PNRPsvc - ok
11:47:36.0209 0x1994  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
11:47:36.0276 0x1994  PolicyAgent - ok
11:47:36.0314 0x1994  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\windows\system32\umpo.dll
11:47:36.0361 0x1994  Power - ok
11:47:36.0395 0x1994  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
11:47:36.0428 0x1994  PptpMiniport - ok
11:47:36.0451 0x1994  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\windows\system32\DRIVERS\processr.sys
11:47:36.0479 0x1994  Processor - ok
11:47:36.0519 0x1994  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\windows\system32\profsvc.dll
11:47:36.0577 0x1994  ProfSvc - ok
11:47:36.0592 0x1994  [ 3E9BDCA3994E2B6B6AC16BAA76722934, A77FEE9D78C1151B13C9509FA89B64024442D00C3C9EA19954045413D8A69D73 ] ProtectedStorage C:\windows\system32\lsass.exe
11:47:36.0604 0x1994  ProtectedStorage - ok
11:47:36.0644 0x1994  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\windows\system32\DRIVERS\pacer.sys
11:47:36.0693 0x1994  Psched - ok
11:47:36.0756 0x1994  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\windows\system32\DRIVERS\ql2300.sys
11:47:36.0829 0x1994  ql2300 - ok
11:47:36.0852 0x1994  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\windows\system32\DRIVERS\ql40xx.sys
11:47:36.0865 0x1994  ql40xx - ok
11:47:36.0898 0x1994  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\windows\system32\qwave.dll
11:47:36.0922 0x1994  QWAVE - ok
11:47:36.0941 0x1994  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
11:47:36.0973 0x1994  QWAVEdrv - ok
11:47:36.0990 0x1994  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
11:47:37.0029 0x1994  RasAcd - ok
11:47:37.0073 0x1994  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
11:47:37.0118 0x1994  RasAgileVpn - ok
11:47:37.0143 0x1994  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\windows\System32\rasauto.dll
11:47:37.0186 0x1994  RasAuto - ok
11:47:37.0217 0x1994  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
11:47:37.0265 0x1994  Rasl2tp - ok
11:47:37.0304 0x1994  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\windows\System32\rasmans.dll
11:47:37.0358 0x1994  RasMan - ok
11:47:37.0376 0x1994  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
11:47:37.0422 0x1994  RasPppoe - ok
11:47:37.0452 0x1994  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
11:47:37.0485 0x1994  RasSstp - ok
11:47:37.0532 0x1994  [ 71B6F78D6444CCE6F77BC42917A4E8F7, 34927A2C1CA349D251A327ED1F30018B065A8E6B886D9B5080A8AE2F6A8C0914 ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
11:47:37.0586 0x1994  rdbss - ok
11:47:37.0600 0x1994  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\windows\system32\DRIVERS\rdpbus.sys
11:47:37.0615 0x1994  rdpbus - ok
11:47:37.0627 0x1994  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
11:47:37.0658 0x1994  RDPCDD - ok
11:47:37.0699 0x1994  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\windows\system32\drivers\rdpdr.sys
11:47:37.0756 0x1994  RDPDR - ok
11:47:37.0770 0x1994  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
11:47:37.0817 0x1994  RDPENCDD - ok
11:47:37.0834 0x1994  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
11:47:37.0866 0x1994  RDPREFMP - ok
11:47:37.0939 0x1994  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
11:47:38.0020 0x1994  RdpVideoMiniport - ok
11:47:38.0055 0x1994  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
11:47:38.0114 0x1994  RDPWD - ok
11:47:38.0150 0x1994  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
11:47:38.0166 0x1994  rdyboost - ok
11:47:38.0216 0x1994  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\windows\System32\mprdim.dll
11:47:38.0269 0x1994  RemoteAccess - ok
11:47:38.0299 0x1994  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\windows\system32\regsvc.dll
11:47:38.0339 0x1994  RemoteRegistry - ok
11:47:38.0400 0x1994  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\windows\system32\DRIVERS\rfcomm.sys
11:47:38.0420 0x1994  RFCOMM - ok
11:47:38.0435 0x1994  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
11:47:38.0469 0x1994  RpcEptMapper - ok
11:47:38.0489 0x1994  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\windows\system32\locator.exe
11:47:38.0516 0x1994  RpcLocator - ok
11:47:38.0554 0x1994  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\windows\system32\rpcss.dll
11:47:38.0596 0x1994  RpcSs - ok
11:47:38.0624 0x1994  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
11:47:38.0671 0x1994  rspndr - ok
11:47:38.0714 0x1994  [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167         C:\windows\system32\DRIVERS\Rt64win7.sys
11:47:38.0741 0x1994  RTL8167 - ok
11:47:38.0784 0x1994  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\windows\system32\drivers\vms3cap.sys
11:47:38.0834 0x1994  s3cap - ok
11:47:38.0848 0x1994  [ 3E9BDCA3994E2B6B6AC16BAA76722934, A77FEE9D78C1151B13C9509FA89B64024442D00C3C9EA19954045413D8A69D73 ] SamSs           C:\windows\system32\lsass.exe
11:47:38.0872 0x1994  SamSs - ok
11:47:38.0905 0x1994  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
11:47:38.0918 0x1994  sbp2port - ok
11:47:38.0942 0x1994  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\windows\System32\SCardSvr.dll
11:47:38.0980 0x1994  SCardSvr - ok
11:47:39.0021 0x1994  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
11:47:39.0076 0x1994  scfilter - ok
11:47:39.0185 0x1994  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\windows\system32\schedsvc.dll
11:47:39.0265 0x1994  Schedule - ok
11:47:39.0286 0x1994  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\windows\System32\certprop.dll
11:47:39.0317 0x1994  SCPolicySvc - ok
11:47:39.0380 0x1994  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\windows\system32\drivers\sdbus.sys
11:47:39.0412 0x1994  sdbus - ok
11:47:39.0450 0x1994  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\windows\System32\SDRSVC.dll
11:47:39.0497 0x1994  SDRSVC - ok
11:47:39.0639 0x1994  [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
11:47:39.0685 0x1994  SDScannerService - ok
11:47:39.0805 0x1994  [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
11:47:39.0860 0x1994  SDUpdateService - ok
11:47:39.0883 0x1994  [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
11:47:39.0896 0x1994  SDWSCService - ok
11:47:39.0926 0x1994  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
11:47:39.0967 0x1994  secdrv - ok
11:47:39.0988 0x1994  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\windows\system32\seclogon.dll
11:47:40.0030 0x1994  seclogon - ok
11:47:40.0074 0x1994  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\windows\System32\sens.dll
11:47:40.0108 0x1994  SENS - ok
11:47:40.0140 0x1994  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\windows\system32\sensrsvc.dll
11:47:40.0175 0x1994  SensrSvc - ok
11:47:40.0199 0x1994  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\windows\system32\DRIVERS\serenum.sys
11:47:40.0229 0x1994  Serenum - ok
11:47:40.0249 0x1994  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\windows\system32\DRIVERS\serial.sys
11:47:40.0283 0x1994  Serial - ok
11:47:40.0342 0x1994  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\windows\system32\DRIVERS\sermouse.sys
11:47:40.0373 0x1994  sermouse - ok
11:47:40.0418 0x1994  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\windows\system32\sessenv.dll
11:47:40.0454 0x1994  SessionEnv - ok
11:47:40.0480 0x1994  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
11:47:40.0514 0x1994  sffdisk - ok
11:47:40.0528 0x1994  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
11:47:40.0541 0x1994  sffp_mmc - ok
11:47:40.0551 0x1994  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
11:47:40.0579 0x1994  sffp_sd - ok
11:47:40.0584 0x1994  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\windows\system32\DRIVERS\sfloppy.sys
11:47:40.0610 0x1994  sfloppy - ok
11:47:40.0640 0x1994  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\windows\System32\ipnathlp.dll
11:47:40.0680 0x1994  SharedAccess - ok
11:47:40.0727 0x1994  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
11:47:40.0768 0x1994  ShellHWDetection - ok
11:47:40.0800 0x1994  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\windows\system32\DRIVERS\SiSRaid2.sys
11:47:40.0811 0x1994  SiSRaid2 - ok
11:47:40.0830 0x1994  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\windows\system32\DRIVERS\sisraid4.sys
11:47:40.0844 0x1994  SiSRaid4 - ok
11:47:40.0921 0x1994  [ 0B70786BD1062CD4C6B58E412B9C3E55, 60ED027642FFF97BFFA55AE3EFFCCBB6D6AD8196D35E9ED06F9AF431E3C0402A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
11:47:40.0941 0x1994  SkypeUpdate - ok
11:47:40.0959 0x1994  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\windows\system32\DRIVERS\smb.sys
11:47:40.0994 0x1994  Smb - ok
11:47:41.0023 0x1994  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
11:47:41.0055 0x1994  SNMPTRAP - ok
11:47:41.0158 0x1994  [ 43FBAA2C9E6B01B6AFC40B69019C27EC, 43772CACDD280A8E9D6B01BD967BE2970CA40CDB6F7FB322B64D487D36EA3754 ] SNP2UVC         C:\windows\system32\DRIVERS\snp2uvc.sys
11:47:41.0241 0x1994  SNP2UVC - ok
11:47:41.0264 0x1994  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\windows\system32\drivers\spldr.sys
11:47:41.0275 0x1994  spldr - ok
11:47:41.0315 0x1994  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\windows\System32\spoolsv.exe
11:47:41.0395 0x1994  Spooler - ok
11:47:41.0566 0x1994  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\windows\system32\sppsvc.exe
11:47:41.0749 0x1994  sppsvc - ok
11:47:41.0772 0x1994  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\windows\system32\sppuinotify.dll
11:47:41.0824 0x1994  sppuinotify - ok
11:47:41.0863 0x1994  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\windows\system32\DRIVERS\srv.sys
11:47:41.0917 0x1994  srv - ok
11:47:41.0943 0x1994  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
11:47:41.0975 0x1994  srv2 - ok
11:47:42.0013 0x1994  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
11:47:42.0037 0x1994  srvnet - ok
11:47:42.0061 0x1994  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
11:47:42.0114 0x1994  SSDPSRV - ok
11:47:42.0131 0x1994  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\windows\system32\sstpsvc.dll
11:47:42.0181 0x1994  SstpSvc - ok
11:47:42.0239 0x1994  [ 0CDEA5ACBB69C45F642E96D81E906CCD, F7F4E9D5CBE0161611A8F66D9950D4CC8F408B6A42B80454962F3C059D60400E ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
11:47:42.0258 0x1994  STacSV - ok
11:47:42.0285 0x1994  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\windows\system32\DRIVERS\stexstor.sys
11:47:42.0296 0x1994  stexstor - ok
11:47:42.0343 0x1994  [ 5C8D6072D1D09F11789C6A014688048A, 06D762E8C0201600E9F3F5A8FC2D943789572903C3DCAA1C8A8166F9F76BE608 ] STHDA           C:\windows\system32\DRIVERS\stwrt64.sys
11:47:42.0387 0x1994  STHDA - ok
11:47:42.0462 0x1994  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\windows\System32\wiaservc.dll
11:47:42.0501 0x1994  stisvc - ok
11:47:42.0551 0x1994  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\windows\system32\drivers\vmstorfl.sys
11:47:42.0568 0x1994  storflt - ok
11:47:42.0594 0x1994  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\windows\system32\storsvc.dll
11:47:42.0649 0x1994  StorSvc - ok
11:47:42.0661 0x1994  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\windows\system32\drivers\storvsc.sys
11:47:42.0674 0x1994  storvsc - ok
11:47:42.0687 0x1994  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\windows\system32\drivers\swenum.sys
11:47:42.0697 0x1994  swenum - ok
11:47:42.0723 0x1994  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\windows\System32\swprv.dll
11:47:42.0791 0x1994  swprv - ok
11:47:42.0966 0x1994  [ 1BFDD504F8C2E76B74E86CCF11283368, 63D9512577241F79D71C045E8E01E9F3CABAABEB03DCA2AA41910F35D024DFA6 ] SynTP           C:\windows\system32\DRIVERS\SynTP.sys
11:47:43.0014 0x1994  SynTP - ok
11:47:43.0138 0x1994  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\windows\system32\sysmain.dll
11:47:43.0222 0x1994  SysMain - ok
11:47:43.0264 0x1994  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
11:47:43.0299 0x1994  TabletInputService - ok
11:47:43.0346 0x1994  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\windows\System32\tapisrv.dll
11:47:43.0401 0x1994  TapiSrv - ok
11:47:43.0433 0x1994  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\windows\System32\tbssvc.dll
11:47:43.0472 0x1994  TBS - ok
11:47:43.0628 0x1994  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
11:47:43.0690 0x1994  Tcpip - ok
11:47:43.0757 0x1994  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
11:47:43.0809 0x1994  TCPIP6 - ok
11:47:43.0849 0x1994  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
11:47:43.0870 0x1994  tcpipreg - ok
11:47:43.0901 0x1994  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
11:47:43.0958 0x1994  TDPIPE - ok
11:47:43.0992 0x1994  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
11:47:44.0005 0x1994  TDTCP - ok
11:47:44.0049 0x1994  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\windows\system32\DRIVERS\tdx.sys
11:47:44.0094 0x1994  tdx - ok
11:47:44.0376 0x1994  [ 9F08C8C7977D30FE23591EDD3444105E, 8293400D1A568B1C2A6256A6F1DEAFA528DC46FCB5B119152944706EF1C5A248 ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
11:47:44.0506 0x1994  TeamViewer - ok
11:47:44.0541 0x1994  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\windows\system32\drivers\termdd.sys
11:47:44.0555 0x1994  TermDD - ok
11:47:44.0611 0x1994  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\windows\System32\termsrv.dll
11:47:44.0665 0x1994  TermService - ok
11:47:44.0693 0x1994  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\windows\system32\themeservice.dll
11:47:44.0729 0x1994  Themes - ok
11:47:44.0758 0x1994  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\windows\system32\mmcss.dll
11:47:44.0790 0x1994  THREADORDER - ok
11:47:44.0820 0x1994  [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM             C:\windows\system32\drivers\tpm.sys
11:47:44.0833 0x1994  TPM - ok
11:47:44.0849 0x1994  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\windows\System32\trkwks.dll
11:47:44.0900 0x1994  TrkWks - ok
11:47:44.0991 0x1994  [ FE3D70DE933A481284FCE7D5DB5DCE50, A2A1C6AEED6417FCEE5990CD766B2A78D9037583B57617418242D98C031617F2 ] trufos          C:\windows\system32\DRIVERS\trufos.sys
11:47:45.0013 0x1994  trufos - ok
11:47:45.0067 0x1994  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
11:47:45.0100 0x1994  TrustedInstaller - ok
11:47:45.0143 0x1994  [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
11:47:45.0155 0x1994  tssecsrv - ok
11:47:45.0185 0x1994  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
11:47:45.0238 0x1994  TsUsbFlt - ok
11:47:45.0281 0x1994  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
11:47:45.0325 0x1994  tunnel - ok
11:47:45.0330 0x1994  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\windows\system32\DRIVERS\uagp35.sys
11:47:45.0342 0x1994  uagp35 - ok
11:47:45.0390 0x1994  [ D5994AB5C2B2D72D6320A7004D52617C, 6F5BCDE29233EA43EA29223CAC91119123CE01F87B3228E5F6FBCB6C14A675DE ] uArcCapture     C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
11:47:45.0408 0x1994  uArcCapture - ok
11:47:45.0433 0x1994  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
11:47:45.0478 0x1994  udfs - ok
11:47:45.0499 0x1994  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\windows\system32\UI0Detect.exe
11:47:45.0513 0x1994  UI0Detect - ok
11:47:45.0529 0x1994  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
11:47:45.0542 0x1994  uliagpkx - ok
11:47:45.0584 0x1994  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\windows\system32\drivers\umbus.sys
11:47:45.0615 0x1994  umbus - ok
11:47:45.0644 0x1994  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\windows\system32\DRIVERS\umpass.sys
11:47:45.0674 0x1994  UmPass - ok
11:47:45.0716 0x1994  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\windows\System32\umrdp.dll
11:47:45.0740 0x1994  UmRdpService - ok
11:47:45.0885 0x1994  [ A69CD6BDB82872999D2E46F9324ADA83, 1F06D5B716D48E693A082C1FC49D80405F50D60C78FDF5829FF51F1CC11CF011 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
11:47:45.0949 0x1994  UNS - ok
11:47:46.0048 0x1994  [ 8151A6EAA6F93BEB1963DFEBCA33DF61, 5F4A4AB2CABED47EFBFCA15707A29BEEF7D159A293A884C478CBF99BDC25F07D ] UpdateService   C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\UpdateService.exe
11:47:46.0102 0x1994  UpdateService - ok
11:47:46.0132 0x1994  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\windows\System32\upnphost.dll
11:47:46.0199 0x1994  upnphost - ok
11:47:46.0239 0x1994  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
11:47:46.0282 0x1994  usbccgp - ok
11:47:46.0312 0x1994  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\windows\system32\drivers\usbcir.sys
11:47:46.0341 0x1994  usbcir - ok
11:47:46.0379 0x1994  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\windows\system32\drivers\usbehci.sys
11:47:46.0409 0x1994  usbehci - ok
11:47:46.0454 0x1994  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
11:47:46.0520 0x1994  usbhub - ok
11:47:46.0542 0x1994  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\windows\system32\drivers\usbohci.sys
11:47:46.0556 0x1994  usbohci - ok
11:47:46.0597 0x1994  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys
11:47:46.0624 0x1994  usbprint - ok
11:47:46.0658 0x1994  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
11:47:46.0722 0x1994  USBSTOR - ok
11:47:46.0735 0x1994  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\windows\system32\drivers\usbuhci.sys
11:47:46.0762 0x1994  usbuhci - ok
11:47:46.0793 0x1994  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
11:47:46.0828 0x1994  usbvideo - ok
11:47:46.0845 0x1994  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\windows\System32\uxsms.dll
11:47:46.0879 0x1994  UxSms - ok
11:47:46.0936 0x1994  [ 3E9BDCA3994E2B6B6AC16BAA76722934, A77FEE9D78C1151B13C9509FA89B64024442D00C3C9EA19954045413D8A69D73 ] VaultSvc        C:\windows\system32\lsass.exe
11:47:46.0948 0x1994  VaultSvc - ok
11:47:47.0089 0x1994  [ 41EEF971DD82A3674D07F275A4DEF702, 67F5CAAD5FCDAFBF6C5140662B00921BEBF2F65C368D42E50047E596465F1451 ] vcsFPService    C:\windows\system32\vcsFPService.exe
11:47:47.0168 0x1994  vcsFPService - ok
11:47:47.0196 0x1994  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
11:47:47.0207 0x1994  vdrvroot - ok
11:47:47.0252 0x1994  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\windows\System32\vds.exe
11:47:47.0320 0x1994  vds - ok
11:47:47.0343 0x1994  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
11:47:47.0357 0x1994  vga - ok
11:47:47.0373 0x1994  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\windows\System32\drivers\vga.sys
11:47:47.0403 0x1994  VgaSave - ok
11:47:47.0446 0x1994  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
11:47:47.0462 0x1994  vhdmp - ok
11:47:47.0492 0x1994  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\windows\system32\drivers\viaide.sys
11:47:47.0503 0x1994  viaide - ok
11:47:47.0526 0x1994  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\windows\system32\drivers\vmbus.sys
11:47:47.0541 0x1994  vmbus - ok
11:47:47.0558 0x1994  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\windows\system32\drivers\VMBusHID.sys
11:47:47.0578 0x1994  VMBusHID - ok
11:47:47.0613 0x1994  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\windows\system32\drivers\volmgr.sys
11:47:47.0625 0x1994  volmgr - ok
11:47:47.0665 0x1994  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
11:47:47.0685 0x1994  volmgrx - ok
11:47:47.0709 0x1994  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\windows\system32\drivers\volsnap.sys
11:47:47.0729 0x1994  volsnap - ok
11:47:47.0766 0x1994  [ B4A73CA4EF9A02B9738CEA9AD5FE5917, B6A8086189FE2F1C3FE5B3F484FBA3DB2E5E1836F3154D30090F136C27D16166 ] vpcbus          C:\windows\system32\DRIVERS\vpchbus.sys
11:47:47.0782 0x1994  vpcbus - ok
11:47:47.0794 0x1994  [ E675FB2B48C54F09895482E2253B289C, 68BBFBF2356C849722E429CA753CC309A3CCE8CF00EBDBBD2695ECD292324DF2 ] vpcnfltr        C:\windows\system32\DRIVERS\vpcnfltr.sys
11:47:47.0831 0x1994  vpcnfltr - ok
11:47:47.0852 0x1994  [ 5FB42082B0D19A0268705F1DD343DF20, 62F8EEE6A507CE6A8BD638020118D71B78332F79BA82654AB702AE46B04767D9 ] vpcusb          C:\windows\system32\DRIVERS\vpcusb.sys
11:47:47.0866 0x1994  vpcusb - ok
11:47:47.0895 0x1994  [ 207B6539799CC1C112661A9B620DD233, 6B915CC7F77C867516D94865D7BF2E5C815402EF0A4488C3EB2FEF7CFA6C98F6 ] vpcvmm          C:\windows\system32\drivers\vpcvmm.sys
11:47:47.0925 0x1994  vpcvmm - ok
11:47:47.0960 0x1994  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\windows\system32\DRIVERS\vsmraid.sys
11:47:47.0974 0x1994  vsmraid - ok
11:47:48.0033 0x1994  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\windows\system32\vssvc.exe
11:47:48.0135 0x1994  VSS - ok
11:47:48.0141 0x1994  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
11:47:48.0164 0x1994  vwifibus - ok
11:47:48.0185 0x1994  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
11:47:48.0216 0x1994  vwififlt - ok
11:47:48.0255 0x1994  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\windows\system32\w32time.dll
11:47:48.0314 0x1994  W32Time - ok
11:47:48.0337 0x1994  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\windows\system32\DRIVERS\wacompen.sys
11:47:48.0364 0x1994  WacomPen - ok
11:47:48.0430 0x1994  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
11:47:48.0472 0x1994  WANARP - ok
11:47:48.0507 0x1994  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
11:47:48.0537 0x1994  Wanarpv6 - ok
11:47:48.0610 0x1994  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\windows\system32\Wat\WatAdminSvc.exe
11:47:48.0671 0x1994  WatAdminSvc - ok
11:47:48.0743 0x1994  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\windows\system32\wbengine.exe
11:47:48.0834 0x1994  wbengine - ok
11:47:48.0858 0x1994  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
11:47:48.0898 0x1994  WbioSrvc - ok
11:47:48.0947 0x1994  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\windows\System32\wcncsvc.dll
11:47:48.0981 0x1994  wcncsvc - ok
11:47:49.0003 0x1994  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
11:47:49.0050 0x1994  WcsPlugInService - ok
11:47:49.0064 0x1994  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\windows\system32\DRIVERS\wd.sys
11:47:49.0075 0x1994  Wd - ok
11:47:49.0132 0x1994  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
11:47:49.0179 0x1994  Wdf01000 - ok
11:47:49.0218 0x1994  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\windows\system32\wdi.dll
11:47:49.0248 0x1994  WdiServiceHost - ok
11:47:49.0252 0x1994  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\windows\system32\wdi.dll
11:47:49.0266 0x1994  WdiSystemHost - ok
11:47:49.0307 0x1994  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\windows\System32\webclnt.dll
11:47:49.0349 0x1994  WebClient - ok
11:47:49.0372 0x1994  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\windows\system32\wecsvc.dll
11:47:49.0427 0x1994  Wecsvc - ok
11:47:49.0445 0x1994  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\windows\System32\wercplsupport.dll
11:47:49.0507 0x1994  wercplsupport - ok
11:47:49.0540 0x1994  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\windows\System32\WerSvc.dll
11:47:49.0585 0x1994  WerSvc - ok
11:47:49.0606 0x1994  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
11:47:49.0640 0x1994  WfpLwf - ok
11:47:49.0673 0x1994  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
11:47:49.0685 0x1994  WIMMount - ok
11:47:49.0706 0x1994  WinDefend - ok
11:47:49.0714 0x1994  WinHttpAutoProxySvc - ok
11:47:49.0784 0x1994  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
11:47:49.0834 0x1994  Winmgmt - ok
11:47:49.0924 0x1994  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\windows\system32\WsmSvc.dll
11:47:50.0033 0x1994  WinRM - ok
11:47:50.0061 0x1994  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUSB          C:\windows\system32\DRIVERS\WinUSB.sys
11:47:50.0090 0x1994  WinUSB - ok
11:47:50.0145 0x1994  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\windows\System32\wlansvc.dll
11:47:50.0197 0x1994  Wlansvc - ok
11:47:50.0354 0x1994  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:47:50.0412 0x1994  wlidsvc - ok
11:47:50.0454 0x1994  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\windows\system32\drivers\wmiacpi.sys
11:47:50.0477 0x1994  WmiAcpi - ok
11:47:50.0505 0x1994  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
11:47:50.0523 0x1994  wmiApSrv - ok
11:47:50.0533 0x1994  WMPNetworkSvc - ok
11:47:50.0564 0x1994  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\windows\System32\wpcsvc.dll
11:47:50.0595 0x1994  WPCSvc - ok
11:47:50.0631 0x1994  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
11:47:50.0664 0x1994  WPDBusEnum - ok
11:47:50.0691 0x1994  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
11:47:50.0735 0x1994  ws2ifsl - ok
11:47:50.0758 0x1994  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\windows\System32\wscsvc.dll
11:47:50.0779 0x1994  wscsvc - ok
11:47:50.0782 0x1994  WSearch - ok
11:47:50.0891 0x1994  [ 291778E1A36716182AFBC1731B2DFEAB, C0B928CCCE8C496C90C42E0D294BAB51DC67C02B0D20CFB6A16B0AE1F51CC497 ] wuauserv        C:\windows\system32\wuaueng.dll
11:47:51.0026 0x1994  wuauserv - ok
11:47:51.0062 0x1994  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
11:47:51.0105 0x1994  WudfPf - ok
11:47:51.0136 0x1994  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
11:47:51.0169 0x1994  WUDFRd - ok
11:47:51.0202 0x1994  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
11:47:51.0228 0x1994  wudfsvc - ok
11:47:51.0265 0x1994  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\windows\System32\wwansvc.dll
11:47:51.0301 0x1994  WwanSvc - ok
11:47:51.0340 0x1994  ================ Scan global ===============================
11:47:51.0372 0x1994  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\windows\system32\basesrv.dll
11:47:51.0412 0x1994  [ 8927015C999D55D9B4AC66000EE5343D, 2AC4896880BAD44192822063A31785F4A716D992201B3E6A590A2D75D9729A4A ] C:\windows\system32\winsrv.dll
11:47:51.0435 0x1994  [ 8927015C999D55D9B4AC66000EE5343D, 2AC4896880BAD44192822063A31785F4A716D992201B3E6A590A2D75D9729A4A ] C:\windows\system32\winsrv.dll
11:47:51.0476 0x1994  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
11:47:51.0525 0x1994  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\windows\system32\services.exe
11:47:51.0534 0x1994  [ Global ] - ok
11:47:51.0534 0x1994  ================ Scan MBR ==================================
11:47:51.0560 0x1994  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:47:52.0023 0x1994  \Device\Harddisk0\DR0 - ok
11:47:52.0024 0x1994  ================ Scan VBR ==================================
11:47:52.0026 0x1994  [ D651B19D4C8D044C9403244DF76DEFB5 ] \Device\Harddisk0\DR0\Partition1
11:47:52.0028 0x1994  \Device\Harddisk0\DR0\Partition1 - ok
11:47:52.0030 0x1994  [ 96C5BCCE9A67D3ECD90D205A204EFD7E ] \Device\Harddisk0\DR0\Partition2
11:47:52.0032 0x1994  \Device\Harddisk0\DR0\Partition2 - ok
11:47:52.0034 0x1994  [ 4E45B941D4A250022475B62BBDEB0ABE ] \Device\Harddisk0\DR0\Partition3
11:47:52.0036 0x1994  \Device\Harddisk0\DR0\Partition3 - ok
11:47:52.0038 0x1994  [ 9276383CC3B6447694A835EF9121E0A3 ] \Device\Harddisk0\DR0\Partition4
11:47:52.0039 0x1994  \Device\Harddisk0\DR0\Partition4 - ok
11:47:52.0040 0x1994  ================ Scan generic autorun ======================
11:47:52.0119 0x1994  [ B13D24EBC32B570F40CBEF8C6AAA08D5, 9F4DEF06A571E93447BFAF89AC315E5C832CCC32431B4EC451D1E09D161EA452 ] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe
11:47:52.0129 0x1994  HPPowerAssistant - ok
11:47:52.0130 0x1994  SynTPEnh - ok
11:47:52.0159 0x1994  [ E5E36F473EE6C78D59BD146AEA72126E, 53C5C5885C96D7CEA9983ECF857D35E0DEF5882C041AB3BFA9FA855E6B15512C ] C:\windows\system32\igfxtray.exe
11:47:52.0172 0x1994  IgfxTray - ok
11:47:52.0198 0x1994  [ B344EFF1EF4B8B38E62285C879DEEF15, 0D5CF8C9DD4ADFDF8F7A98A15157B96BF8D719B20939DE3A5BDE557534AA211C ] C:\windows\system32\hkcmd.exe
11:47:52.0215 0x1994  HotKeysCmds - ok
11:47:52.0234 0x1994  [ C08DE420FED6773828CEB64E38D5CE73, C08C01711D625386145802FD0E627DF5D22BCBBA7F0FACAA22BC1977176DF3EC ] C:\windows\system32\igfxpers.exe
11:47:52.0252 0x1994  Persistence - ok
11:47:52.0326 0x1994  [ E600CE78AF8F386AA4E2A18B36EEE728, EB996E0C567626F27D9680E023046589A258AC3006CB11DC70BAEC78EC71652B ] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
11:47:52.0359 0x1994  AtherosBtStack - detected UnsignedFile.Multi.Generic ( 1 )
11:47:54.0827 0x1994  Detect skipped due to KSN trusted
11:47:54.0828 0x1994  AtherosBtStack - ok
11:47:54.0884 0x1994  [ 43E822906AC752CF864A7B73D2B9B1C5, 5F167F8ACDD5F5B655F197C78DF544F30F38927397EBCD065B63B2D6A70795ED ] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
11:47:54.0908 0x1994  AthBtTray - detected UnsignedFile.Multi.Generic ( 1 )
11:47:57.0123 0x1ab8  Object required for P2P: [ A69CD6BDB82872999D2E46F9324ADA83 ] UNS
11:47:57.0344 0x1994  Detect skipped due to KSN trusted
11:47:57.0344 0x1994  AthBtTray - ok
11:47:57.0432 0x1994  [ AF891F9CA22113D229B5EF18AFAEEFB7, 0CFC5326C819542CFCEDE22B8AA059F7C93E66552C4F995D11D6C4CB7D57A458 ] C:\Program Files\IDT\WDM\sttray64.exe
11:47:57.0478 0x1994  SysTrayApp - ok
11:47:57.0539 0x1994  [ CAC998C8D3E0D56D2F245E42C2F70809, 99148E6C7EB6A299B00320350C31D9AAB9326DF85089E92E50E175C1355549EC ] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
11:47:57.0555 0x1994  QLBController - ok
11:47:57.0640 0x1994  [ D1918E94EF4A1AF8B8D87766B752496B, 649D01870E244E6CA7D67021D2E39E7711DAB5BC5121DB39D0F4957B57ED4AC6 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
11:47:57.0688 0x1994  StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
11:47:59.0694 0x1ab8  Object send P2P result: true
11:48:00.0064 0x1994  Detect skipped due to KSN trusted
11:48:00.0064 0x1994  StartCCC - ok
11:48:00.0159 0x1994  [ 20E2FB1FF86FDEA6894F98AC31568396, B9F84A13BBEDF1D7033269B34E7F9B7B7BDC629AE60C2D6BE48853898E987F33 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
11:48:00.0174 0x1994  IAStorIcon - ok
11:48:00.0213 0x1994  [ 45CA20470C941959C97B43B8B458C2CD, 9986A587F36B2715BE9106FBBD49519B156595555DC59BB4DBFCEDA3A49D8644 ] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
11:48:00.0223 0x1994  HPConnectionManager - ok
11:48:00.0307 0x1994  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:48:00.0406 0x1994  Sidebar - ok
11:48:00.0444 0x1994  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:48:00.0473 0x1994  mctadmin - ok
11:48:00.0504 0x1994  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:48:00.0555 0x1994  Sidebar - ok
11:48:00.0562 0x1994  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:48:00.0579 0x1994  mctadmin - ok
11:48:00.0850 0x1994  [ 15914F30482983E349FF9544B2DCAF11, 457833C665AB340D6DEE6B489947EE2D5202D4C93097C194A9DF196AFE4E4898 ] C:\Program Files\CCleaner\CCleaner64.exe
11:48:01.0035 0x1994  CCleaner Monitoring - ok
11:48:01.0123 0x1994  [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
11:48:01.0178 0x1994  SpybotPostWindows10UpgradeReInstall - detected UnsignedFile.Multi.Generic ( 1 )
11:48:03.0630 0x1994  Detect skipped due to KSN trusted
11:48:03.0630 0x1994  SpybotPostWindows10UpgradeReInstall - ok
11:48:03.0754 0x1994  [ 72FBD174CB8BCA9C94809C557031FA96, 08A50B4E783DB7389AAE3EDC90ED49C91ECC0910D2D1CCF6EBD5FBF4F5105441 ] C:\Program Files (x86)\ownCloud\owncloud.exe
11:48:03.0834 0x1994  ownCloud - detected UnsignedFile.Multi.Generic ( 1 )
11:48:06.0334 0x1994  Detect skipped due to KSN trusted
11:48:06.0334 0x1994  ownCloud - ok
11:48:06.0335 0x1994  Waiting for KSN requests completion. In queue: 9
11:48:06.0983 0x1658  Object required for P2P: [ 15914F30482983E349FF9544B2DCAF11 ] C:\Program Files\CCleaner\CCleaner64.exe
11:48:07.0335 0x1994  Waiting for KSN requests completion. In queue: 1
11:48:08.0335 0x1994  Waiting for KSN requests completion. In queue: 1
11:48:09.0335 0x1994  Waiting for KSN requests completion. In queue: 1
11:48:09.0561 0x1658  Object send P2P result: true
11:48:10.0463 0x1994  AV detected via SS2: Managed Antivirus-Anti-Malware, C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\ProductActionCenterFix.exe ( 5.3.26.727 ), 0x41000 ( enabled : updated )
11:48:10.0491 0x1994  Win FW state via NFP2: enabled ( trusted )
11:48:12.0918 0x1994  ============================================================
11:48:12.0918 0x1994  Scan finished
11:48:12.0918 0x1994  ============================================================
11:48:12.0927 0x1c14  Detected object count: 1
11:48:12.0927 0x1c14  Actual detected object count: 1
11:54:25.0292 0x1c14  Advanced Monitoring Agent ( UnsignedFile.Multi.Generic ) - skipped by user
11:54:25.0292 0x1c14  Advanced Monitoring Agent ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:54:31.0482 0x1c34  Deinitialize success
         

Alt 08.11.2015, 19:28   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Bank Austria Onlinebanking, falsche Webseite - Standard

Bank Austria Onlinebanking, falsche Webseite



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 09.11.2015, 11:29   #8
ferdimax
 
Bank Austria Onlinebanking, falsche Webseite - Standard

Bank Austria Onlinebanking, falsche Webseite



Hallo!
Code:
ATTFilter
ComboFix 15-11-09.01 - Herbert.Bruckmueller 09.11.2015  11:55:10.1.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.43.1031.18.4030.1319 [GMT 1:00]
ausgeführt von:: c:\users\herbert.bruckmueller\Downloads\ComboFix.exe
AV: Managed Antivirus-Anti-Malware *Enabled/Updated* {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
SP: Managed Antivirus-Anti-Malware *Enabled/Updated* {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
SP: Spybot - Search and Destroy *Disabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_UpdateService
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-10-09 bis 2015-11-09  ))))))))))))))))))))))))))))))
.
.
2015-11-09 11:05 . 2015-11-09 11:05	--------	d-----w-	c:\users\herbert\AppData\Local\temp
2015-11-09 11:05 . 2015-11-09 11:05	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-11-07 16:47 . 2015-11-07 16:47	--------	d-----w-	c:\program files (x86)\ESET
2015-11-07 14:42 . 2015-11-08 10:42	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-11-07 10:48 . 2015-11-07 10:52	--------	d-----w-	C:\FRST
2015-10-22 11:43 . 2015-10-22 11:43	--------	d-----w-	c:\users\herbert.bruckmueller\AppData\Local\Diagnostics
2015-10-22 09:44 . 2015-10-22 09:44	--------	d-----w-	c:\program files (x86)\Common Files\Java
2015-10-15 08:58 . 2015-11-09 11:05	--------	d-----w-	c:\users\herbert.bruckmueller\AppData\Local\ownCloud
2015-10-15 08:58 . 2015-10-27 09:32	--------	d-----w-	c:\users\herbert.bruckmueller\SIVAG Wiki
2015-10-15 08:56 . 2015-10-29 08:15	--------	d-----w-	c:\program files (x86)\ownCloud
2015-10-13 08:27 . 2015-10-13 11:34	--------	d-----w-	c:\program files\HitmanPro
2015-10-13 08:27 . 2015-10-13 09:20	--------	d-----w-	c:\programdata\HitmanPro
2015-10-13 08:22 . 2015-10-22 09:44	--------	d-----w-	c:\users\herbert.bruckmueller\.oracle_jre_usage
2015-10-13 08:21 . 2015-10-22 09:43	97888	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-10-13 08:21 . 2015-10-22 09:44	--------	d-----w-	c:\programdata\Oracle
2015-10-13 08:21 . 2015-10-22 09:43	--------	d-----w-	c:\program files (x86)\Java
2015-10-12 17:25 . 2015-10-12 23:53	--------	d---a-w-	C:\Kaspersky Rescue Disk 10.0
2015-10-12 14:09 . 2015-11-07 16:24	--------	d-----w-	C:\AdwCleaner
2015-10-12 12:35 . 2015-07-30 13:13	103120	----a-w-	c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-10-12 12:35 . 2015-07-30 13:13	124624	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-10-12 11:53 . 2015-07-15 18:10	1743360	----a-w-	c:\windows\system32\sysmain.dll
2015-10-12 11:53 . 2015-07-15 18:15	94656	----a-w-	c:\windows\system32\drivers\mountmgr.sys
2015-10-12 11:53 . 2015-07-15 20:23	2560	----a-w-	c:\windows\system32\drivers\de-DE\mountmgr.sys.mui
2015-10-12 11:53 . 2015-07-15 18:10	11264	----a-w-	c:\windows\system32\msmmsp.dll
2015-10-12 11:53 . 2015-07-30 18:06	1648128	----a-w-	c:\windows\system32\DWrite.dll
2015-10-12 11:53 . 2015-07-30 18:06	1180160	----a-w-	c:\windows\system32\FntCache.dll
2015-10-12 11:53 . 2015-07-30 17:57	1251328	----a-w-	c:\windows\SysWow64\DWrite.dll
2015-10-12 11:53 . 2015-07-30 18:06	2565120	----a-w-	c:\windows\system32\d3d10warp.dll
2015-10-12 11:53 . 2015-07-30 17:57	1987584	----a-w-	c:\windows\SysWow64\d3d10warp.dll
2015-10-12 11:53 . 2015-07-15 03:17	2048	----a-w-	c:\windows\system32\tzres.dll
2015-10-12 11:53 . 2015-07-15 02:54	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2015-10-12 11:53 . 2015-06-02 00:07	254976	----a-w-	c:\windows\system32\cewmdm.dll
2015-10-12 11:53 . 2015-06-01 23:47	210432	----a-w-	c:\windows\SysWow64\cewmdm.dll
2015-10-12 11:51 . 2015-06-17 17:47	404992	----a-w-	c:\windows\system32\gdi32.dll
2015-10-12 11:31 . 2015-08-27 18:18	1887232	----a-w-	c:\windows\system32\msxml3.dll
2015-10-12 11:31 . 2015-08-27 18:18	2004480	----a-w-	c:\windows\system32\msxml6.dll
2015-10-12 11:31 . 2015-08-27 18:13	2048	----a-w-	c:\windows\system32\msxml6r.dll
2015-10-12 11:31 . 2015-08-27 18:13	2048	----a-w-	c:\windows\system32\msxml3r.dll
2015-10-12 11:31 . 2015-08-27 17:58	1391104	----a-w-	c:\windows\SysWow64\msxml6.dll
2015-10-12 11:31 . 2015-08-27 17:58	1241088	----a-w-	c:\windows\SysWow64\msxml3.dll
2015-10-12 11:31 . 2015-08-27 17:51	2048	----a-w-	c:\windows\SysWow64\msxml6r.dll
2015-10-12 11:31 . 2015-08-27 17:51	2048	----a-w-	c:\windows\SysWow64\msxml3r.dll
2015-10-12 11:31 . 2015-07-10 17:51	14177280	----a-w-	c:\windows\system32\shell32.dll
2015-10-12 11:22 . 2015-09-02 01:51	3209216	----a-w-	c:\windows\system32\win32k.sys
2015-10-12 11:22 . 2015-09-02 03:04	41984	----a-w-	c:\windows\system32\lpk.dll
2015-10-12 11:22 . 2015-09-02 03:04	100864	----a-w-	c:\windows\system32\fontsub.dll
2015-10-12 11:22 . 2015-09-02 03:04	14336	----a-w-	c:\windows\system32\dciman32.dll
2015-10-12 11:22 . 2015-09-02 03:04	46080	----a-w-	c:\windows\system32\atmlib.dll
2015-10-12 11:22 . 2015-09-02 02:48	70656	----a-w-	c:\windows\SysWow64\fontsub.dll
2015-10-12 11:22 . 2015-09-02 02:48	10240	----a-w-	c:\windows\SysWow64\dciman32.dll
2015-10-12 11:22 . 2015-09-02 02:48	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2015-10-12 11:22 . 2015-09-02 02:47	25600	----a-w-	c:\windows\SysWow64\lpk.dll
2015-10-12 11:22 . 2015-09-02 01:47	372736	----a-w-	c:\windows\system32\atmfd.dll
2015-10-12 11:22 . 2015-09-02 01:33	299520	----a-w-	c:\windows\SysWow64\atmfd.dll
2015-10-12 11:05 . 2015-10-12 11:05	--------	d-----w-	c:\program files\Common Files\AV
2015-10-12 11:01 . 2013-09-20 08:49	21040	----a-w-	c:\windows\system32\sdnclean64.exe
2015-10-12 11:01 . 2015-10-12 12:07	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2015-10-12 11:01 . 2015-10-12 11:16	--------	d-----w-	c:\program files (x86)\Spybot - Search & Destroy 2
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-11-08 10:16 . 2015-09-28 07:55	192216	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-11-08 10:15 . 2015-09-28 07:54	109272	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-11-07 19:43 . 2015-05-28 11:37	1600520	----a-w-	c:\windows\system32\drivers\avc3.sys
2015-11-07 19:41 . 2015-05-28 12:21	775424	----a-w-	c:\windows\system32\drivers\avckf.sys
2015-11-07 19:40 . 2015-09-03 07:16	477272	----a-w-	c:\windows\system32\drivers\trufos.sys
2015-10-18 16:53 . 2015-03-06 11:41	780488	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-10-18 16:53 . 2015-03-06 11:41	142536	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-10-05 08:50 . 2015-09-28 07:54	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2015-10-05 08:50 . 2015-09-28 07:54	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2015-08-26 16:37 . 2015-03-06 11:44	134753440	----a-w-	c:\windows\system32\MRT.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ownCloud"="c:\program files (x86)\ownCloud\owncloud.exe" [2015-10-21 1704974]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2011-01-28 299576]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-03-28 336384]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-26 283160]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2011-04-05 94264]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2014-06-24 4101576]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-10-06 597040]
.
c:\users\herbert.bruckmueller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
aBMainFX - Verknüpfung.lnk - \\SRVBER\artBase\aB-Agenta Programm\aBMainFX.exe [2015-10-2 582144]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Outlook 2010.lnk - c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe [2015-3-5 304296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
R2 Mobile Partner. RunOuc;Mobile Partner. OUC;c:\program files (x86)\Mobile Partner\UpdateDog\ouc.exe;c:\program files (x86)\Mobile Partner\UpdateDog\ouc.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys;c:\windows\SYSNATIVE\DRIVERS\avc3.sys [x]
S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys;c:\windows\SYSNATIVE\drivers\gfibto.sys [x]
S0 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys;c:\windows\SYSNATIVE\DRIVERS\gzflt.sys [x]
S2 Advanced Monitoring Agent;Advanced Monitoring Agent;c:\program files (x86)\Advanced Monitoring Agent\winagent.exe;c:\program files (x86)\Advanced Monitoring Agent\winagent.exe [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 EndpointIntegration;IT@WORK GmbH Antivirus Endpoint Integration Service;c:\program files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\EndpointIntegration.exe;c:\program files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\EndpointIntegration.exe [x]
S2 EndpointService;IT@WORK GmbH Antivirus Endpoint Host Service;c:\program files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\EndpointService.exe;c:\program files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\EndpointService.exe [x]
S2 epag;IT@WORK GmbH Antivirus Endpoint Agent;c:\program files\Common Files\IT@WORK GmbH Antivirus\Endpoint Agent\epag.exe;c:\program files\Common Files\IT@WORK GmbH Antivirus\Endpoint Agent\epag.exe [x]
S2 gfi_lanss11_attservice;GFI LanGuard 11 Attendant Service;c:\progra~2\ADVANC~1\patchman\lnssatt.exe;c:\progra~2\ADVANC~1\patchman\lnssatt.exe [x]
S2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [x]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [x]
S2 ManagedAntivirus;IT@WORK GmbH Antivirus Endpoint  Master Service;c:\program files\Managed Antivirus\Managed Antivirus Master Service\ManagedAntivirus.exe;c:\program files\Managed Antivirus\Managed Antivirus Master Service\ManagedAntivirus.exe [x]
S2 NetworkManagement;Advanced Monitoring Agent Network Management;c:\program files\Advanced Monitoring Agent Network Management\NetworkManagement.exe;c:\program files\Advanced Monitoring Agent Network Management\NetworkManagement.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [x]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
S2 uArcCapture;ArcCapture;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftVCapture.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys;c:\windows\SYSNATIVE\DRIVERS\avckf.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-10-27 09:50	997704	----a-w-	c:\program files (x86)\Google\Chrome\Application\46.0.2490.80\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-11-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-06 16:53]
.
2015-11-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-03-26 18:39]
.
2015-11-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-03-26 18:39]
.
2015-11-07 c:\windows\Tasks\HPCeeScheduleForHERBERT-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\  OCError]
@="{0960F090-F328-48A3-B746-276B1E3C3722}"
[HKEY_CLASSES_ROOT\CLSID\{0960F090-F328-48A3-B746-276B1E3C3722}]
2015-06-19 01:31	274432	----a-w-	c:\program files (x86)\ownCloud\shellext\OCOverlays_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\  OCErrorShared]
@="{0960F091-F328-48A3-B746-276B1E3C3722}"
[HKEY_CLASSES_ROOT\CLSID\{0960F091-F328-48A3-B746-276B1E3C3722}]
2015-06-19 01:31	274432	----a-w-	c:\program files (x86)\ownCloud\shellext\OCOverlays_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\  OCOK]
@="{0960F092-F328-48A3-B746-276B1E3C3722}"
[HKEY_CLASSES_ROOT\CLSID\{0960F092-F328-48A3-B746-276B1E3C3722}]
2015-06-19 01:31	274432	----a-w-	c:\program files (x86)\ownCloud\shellext\OCOverlays_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\  OCOKShared]
@="{0960F093-F328-48A3-B746-276B1E3C3722}"
[HKEY_CLASSES_ROOT\CLSID\{0960F093-F328-48A3-B746-276B1E3C3722}]
2015-06-19 01:31	274432	----a-w-	c:\program files (x86)\ownCloud\shellext\OCOverlays_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\  OCSync]
@="{0960F094-F328-48A3-B746-276B1E3C3722}"
[HKEY_CLASSES_ROOT\CLSID\{0960F094-F328-48A3-B746-276B1E3C3722}]
2015-06-19 01:31	274432	----a-w-	c:\program files (x86)\ownCloud\shellext\OCOverlays_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\  OCSyncShared]
@="{0960F095-F328-48A3-B746-276B1E3C3722}"
[HKEY_CLASSES_ROOT\CLSID\{0960F095-F328-48A3-B746-276B1E3C3722}]
2015-06-19 01:31	274432	----a-w-	c:\program files (x86)\ownCloud\shellext\OCOverlays_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\  OCWarning]
@="{0960F096-F328-48A3-B746-276B1E3C3722}"
[HKEY_CLASSES_ROOT\CLSID\{0960F096-F328-48A3-B746-276B1E3C3722}]
2015-06-19 01:31	274432	----a-w-	c:\program files (x86)\ownCloud\shellext\OCOverlays_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\  OCWarningShared]
@="{0960F097-F328-48A3-B746-276B1E3C3722}"
[HKEY_CLASSES_ROOT\CLSID\{0960F097-F328-48A3-B746-276B1E3C3722}]
2015-06-19 01:31	274432	----a-w-	c:\program files (x86)\ownCloud\shellext\OCOverlays_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe" [2011-01-27 13880]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-27 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-27 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-27 418328]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-01-06 615584]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-01-06 379040]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-01-27 835072]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
uLocal Page = c:\windows\system32\blank.htm
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.3.10
TCP: Interfaces\{CBA08DEB-ACD3-4B93-9CDF-84E237E532BE}: NameServer = 194.48.139.254 194.48.128.199
FF - ProfilePath - c:\users\herbert.bruckmueller\AppData\Roaming\Mozilla\Firefox\Profiles\otkxoekz.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxps://www.google.at/?gws_rd=ssl
FF - prefs.js: network.proxy.type - 2
.
.
------- Dateityp-Verknüpfung -------
.
inifile="%SystemRoot%\system32\NOTEPAD.EXE" %1
txtfile="%SystemRoot%\system32\NOTEPAD.EXE" %1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
Notify-SDWinLogon - SDWinLogon.dll
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_226_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_226_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_226_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_226_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_226.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.19"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_226.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_226.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_226.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\programdata\Mobile Partner\OnlineUpdate\ouc.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\TeamViewer\TeamViewer_Desktop.exe
c:\program files (x86)\teamviewer\TeamViewer.exe
c:\program files (x86)\TeamViewer\tv_w32.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-11-09  12:28:19 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-11-09 11:28
.
Vor Suchlauf: 13 Verzeichnis(se), 516.016.508.928 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 515.688.415.232 Bytes frei
.
- - End Of File - - C88333F570B3A8E7EB320045CA8B7EC1
         
Danke!

Alt 10.11.2015, 19:38   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Bank Austria Onlinebanking, falsche Webseite - Standard

Bank Austria Onlinebanking, falsche Webseite



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 11.11.2015, 11:51   #10
ferdimax
 
Bank Austria Onlinebanking, falsche Webseite - Standard

Bank Austria Onlinebanking, falsche Webseite



Hallo!
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 11.11.2015
Suchlaufzeit: 07:58
Protokolldatei: 
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.11.11.02
Rootkit-Datenbank: v2015.11.04.02
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Herbert.Bruckmueller

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 470625
Abgelaufene Zeit: 13 Min., 17 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Code:
ATTFilter
# AdwCleaner v5.019 - Bericht erstellt am 11/11/2015 um 08:26:46
# Aktualisiert am 08/11/2015 von Xplode
# Datenbank : 2015-11-09.1 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)
# Benutzername : Herbert.Bruckmueller - HERBERT-HP
# Gestartet von : C:\Users\herbert.bruckmueller\Downloads\AdwCleaner_5.019.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKCU\Software\OCS

***** [ Internetbrowser ] *****


*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [932 Bytes] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 7 Professional x64
Ran by Herbert.Bruckmueller on 11.11.2015 at  8:45:13,43
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer



~~~ Files



~~~ Folders



~~~ Chrome


[C:\Users\herbert.bruckmueller\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\herbert.bruckmueller\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\herbert.bruckmueller\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\herbert.bruckmueller\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.11.2015 at  8:51:55,20
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Hier noch der FRST.log
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
durchgeführt von Herbert.Bruckmueller (Administrator) auf HERBERT-HP (11-11-2015 12:49:38)
Gestartet von C:\Users\herbert.bruckmueller\Downloads
Geladene Profile: Herbert.Bruckmueller (Verfügbare Profile: Herbert.Bruckmueller & Administrator & herbert & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Remote Monitoring) C:\Program Files (x86)\Advanced Monitoring Agent\winagent.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Bitdefender) C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\endpointintegration.exe
(Bitdefender) C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\endpointservice.exe
(Bitdefender) C:\Program Files\Common Files\IT@WORK GmbH Antivirus\Endpoint Agent\epag.exe
(GFI Software Development Ltd.) C:\Program Files (x86)\Advanced Monitoring Agent\patchman\lnssatt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(LogicNow Ltd) C:\Program Files\Managed Antivirus\Managed Antivirus Master Service\ManagedAntivirus.exe
(LogicNow Ltd) C:\Program Files\Advanced Monitoring Agent Network Management\NetworkManagement.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Bitdefender) C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\console.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files (x86)\ownCloud\owncloud.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\herbert.bruckmueller\Downloads\FRST64(1).exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2919992 2011-01-27] (Hewlett-Packard Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2803496 2011-06-24] (Synaptics Incorporated)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [615584 2011-01-06] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2011-01-06] (Atheros Commnucations)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [835072 2011-01-27] (IDT, Inc.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [299576 2011-01-28] (Hewlett-Packard Company)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation)
HKLM-x32\...\Run: [HPConnectionManager] => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [94264 2011-04-05] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\...\Run: [ownCloud] => C:\Program Files (x86)\ownCloud\owncloud.exe [1704974 2015-10-21] ()
ShellIconOverlayIdentifiers: [  OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCErrorShared] -> {0960F091-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCSyncShared] -> {0960F095-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCWarningShared] -> {0960F097-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Outlook 2010.lnk [2015-03-05]
ShortcutTarget: Microsoft Outlook 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe ()
Startup: C:\Users\herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\aBMainFX - Verknüpfung.lnk [2015-03-05]
ShortcutTarget: aBMainFX - Verknüpfung.lnk -> \\SRVBER\artBase\aB-Agenta Programm\aBMainFX.exe (artBase! Software GmbH)
Startup: C:\Users\herbert.bruckmueller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\aBMainFX - Verknüpfung.lnk [2015-03-05]
ShortcutTarget: aBMainFX - Verknüpfung.lnk -> \\SRVBER\artBase\aB-Agenta Programm\aBMainFX.exe (artBase! Software GmbH)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.3.10
Tcpip\..\Interfaces\{4D81B0A2-95DD-45B4-88CE-7F88B7454444}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{666BA3F3-F79E-49C5-BBB4-558596EF1C92}: [DhcpNameServer] 192.168.3.10
Tcpip\..\Interfaces\{C72A97B7-69C3-42BF-90C4-A85317D8F4EB}: [NameServer]  
Tcpip\..\Interfaces\{C72A97B7-69C3-42BF-90C4-A85317D8F4EB}: [DhcpNameServer] 194.48.128.199 194.48.139.254
Tcpip\..\Interfaces\{CBA08DEB-ACD3-4B93-9CDF-84E237E532BE}: [NameServer] 194.48.139.254 194.48.128.199

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: PDFXChange 2012 -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} -> C:\Program Files\Tracker Software\PDF-XChange 5\Win32\PXCIEaddin5.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-22] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-06] (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-22] (Oracle Corporation)
Toolbar: HKLM-x32 - PDFXChange 2012 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange 5\Win32\PXCIEaddin5.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)

FireFox:
========
FF ProfilePath: C:\Users\herbert.bruckmueller\AppData\Roaming\Mozilla\Firefox\Profiles\otkxoekz.default
FF SearchEngineOrder.1: Ask Search
FF SelectedSearchEngine: Google
FF Homepage: hxxps://www.google.at/?gws_rd=ssl
FF NetworkProxy: "autoconfig_url", "https://tonnelrock.net/tonnel.js"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-18] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2274497662-1395199413-223734523-1123: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)

Chrome: 
=======
CHR Profile: C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-26]
CHR Extension: (Docs) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-26]
CHR Extension: (Google Drive) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-27]
CHR Extension: (YouTube) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-26]
CHR Extension: (Google-Suche) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-27]
CHR Extension: (Google Tabellen) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-26]
CHR Extension: (Google Präsentationen) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-21]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-27]
CHR Extension: (Google Mail) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-27]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Advanced Monitoring Agent; C:\Program Files (x86)\Advanced Monitoring Agent\winagent.exe [8523264 2015-10-21] (Remote Monitoring) [Datei ist nicht signiert]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-01-06] (Atheros) [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [53920 2011-01-06] (Atheros Commnucations) [Datei ist nicht signiert]
R2 EndpointIntegration; C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\EndpointIntegration.exe [398480 2015-11-07] (Bitdefender)
R2 EndpointService; C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\EndpointService.exe [398480 2015-11-07] (Bitdefender)
R2 epag; C:\Program Files\Common Files\IT@WORK GmbH Antivirus\Endpoint Agent\epag.exe [3626976 2015-11-07] (Bitdefender)
R2 gfi_lanss11_attservice; C:\Program Files (x86)\Advanced Monitoring Agent\patchman\lnssatt.exe [118640 2012-07-17] (GFI Software Development Ltd.)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [281656 2011-01-28] (Hewlett-Packard Company)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 ManagedAntivirus; C:\Program Files\Managed Antivirus\Managed Antivirus Master Service\ManagedAntivirus.exe [278248 2015-11-03] (LogicNow Ltd)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [655712 2012-05-09] ()
R2 NetworkManagement; C:\Program Files\Advanced Monitoring Agent Network Management\NetworkManagement.exe [186088 2015-11-09] (LogicNow Ltd)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5490448 2015-06-18] (TeamViewer GmbH)
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1600520 2015-11-07] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [775424 2015-11-07] (BitDefender)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2015-02-11] (GFI Software)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [161592 2015-07-22] (BitDefender LLC)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [238080 2012-04-23] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1826048 2010-12-21] ()
R2 trufos; C:\Windows\System32\DRIVERS\trufos.sys [477272 2015-11-07] (BitDefender S.R.L.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-11 12:48 - 2015-11-11 12:49 - 02198528 _____ (Farbar) C:\Users\herbert.bruckmueller\Downloads\FRST64(1).exe
2015-11-11 08:23 - 2015-11-11 08:23 - 01798976 _____ (Malwarebytes) C:\Users\herbert.bruckmueller\Downloads\JRT(1).exe
2015-11-11 07:59 - 2015-11-11 07:59 - 01712128 _____ C:\Users\herbert.bruckmueller\Downloads\AdwCleaner_5.019.exe
2015-11-09 13:03 - 2015-09-18 20:31 - 00391784 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-11-09 13:03 - 2015-09-18 19:58 - 00345688 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-11-09 13:03 - 2015-09-16 05:48 - 25851904 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-11-09 13:03 - 2015-09-16 05:36 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-11-09 13:03 - 2015-09-16 05:36 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-11-09 13:03 - 2015-09-16 05:22 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-11-09 13:03 - 2015-09-16 05:21 - 02886656 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-11-09 13:03 - 2015-09-16 05:21 - 00585728 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-11-09 13:03 - 2015-09-16 05:21 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-11-09 13:03 - 2015-09-16 05:21 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-11-09 13:03 - 2015-09-16 05:21 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-11-09 13:03 - 2015-09-16 05:14 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-11-09 13:03 - 2015-09-16 05:13 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-11-09 13:03 - 2015-09-16 05:10 - 00616960 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-11-09 13:03 - 2015-09-16 05:09 - 05990912 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-11-09 13:03 - 2015-09-16 05:08 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-11-09 13:03 - 2015-09-16 05:08 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-11-09 13:03 - 2015-09-16 05:08 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-11-09 13:03 - 2015-09-16 05:08 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-11-09 13:03 - 2015-09-16 05:01 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-11-09 13:03 - 2015-09-16 04:58 - 20357632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-11-09 13:03 - 2015-09-16 04:58 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-11-09 13:03 - 2015-09-16 04:50 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-11-09 13:03 - 2015-09-16 04:46 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-11-09 13:03 - 2015-09-16 04:45 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-11-09 13:03 - 2015-09-16 04:45 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-11-09 13:03 - 2015-09-16 04:43 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-11-09 13:03 - 2015-09-16 04:41 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2015-11-09 13:03 - 2015-09-16 04:33 - 00504832 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-11-09 13:03 - 2015-09-16 04:33 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-11-09 13:03 - 2015-09-16 04:32 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-11-09 13:03 - 2015-09-16 04:32 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-11-09 13:03 - 2015-09-16 04:31 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2015-11-09 13:03 - 2015-09-16 04:31 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-11-09 13:03 - 2015-09-16 04:29 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-11-09 13:03 - 2015-09-16 04:29 - 00720896 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-11-09 13:03 - 2015-09-16 04:28 - 02279936 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-11-09 13:03 - 2015-09-16 04:28 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-11-09 13:03 - 2015-09-16 04:26 - 02126336 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-11-09 13:03 - 2015-09-16 04:26 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-11-09 13:03 - 2015-09-16 04:26 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-11-09 13:03 - 2015-09-16 04:24 - 00480256 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-11-09 13:03 - 2015-09-16 04:23 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-11-09 13:03 - 2015-09-16 04:22 - 14458368 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-11-09 13:03 - 2015-09-16 04:22 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-11-09 13:03 - 2015-09-16 04:22 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-11-09 13:03 - 2015-09-16 04:15 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-11-09 13:03 - 2015-09-16 04:11 - 02487808 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-11-09 13:03 - 2015-09-16 04:10 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-09 13:03 - 2015-09-16 04:07 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-11-09 13:03 - 2015-09-16 04:06 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-11-09 13:03 - 2015-09-16 04:05 - 04527616 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-11-09 13:03 - 2015-09-16 04:05 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-11-09 13:03 - 2015-09-16 04:04 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2015-11-09 13:03 - 2015-09-16 03:59 - 01546752 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-11-09 13:03 - 2015-09-16 03:58 - 12853760 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-11-09 13:03 - 2015-09-16 03:58 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2015-11-09 13:03 - 2015-09-16 03:56 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-11-09 13:03 - 2015-09-16 03:55 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-11-09 13:03 - 2015-09-16 03:55 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-11-09 13:03 - 2015-09-16 03:48 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-11-09 13:03 - 2015-09-16 03:37 - 02011136 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-11-09 13:03 - 2015-09-16 03:34 - 01311232 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-11-09 13:03 - 2015-09-16 03:32 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-11-09 13:02 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-11-09 13:02 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-11-09 13:02 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-11-09 13:02 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-11-09 13:02 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-11-09 13:02 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-11-09 13:02 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-11-09 13:02 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-11-09 13:02 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-11-09 13:02 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-11-09 13:02 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-11-09 13:02 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-11-09 13:02 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-11-09 13:02 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-11-09 13:02 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-11-09 13:02 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-11-09 13:02 - 2015-10-01 19:06 - 00692672 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2015-11-09 13:02 - 2015-10-01 19:04 - 00616360 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2015-11-09 13:02 - 2015-10-01 19:00 - 00147456 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2015-11-09 13:02 - 2015-10-01 19:00 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2015-11-09 13:02 - 2015-10-01 19:00 - 00059392 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2015-11-09 13:02 - 2015-10-01 19:00 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2015-11-09 13:02 - 2015-10-01 19:00 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2015-11-09 13:02 - 2015-10-01 18:50 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2015-11-09 13:02 - 2015-10-01 18:00 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2015-11-09 13:02 - 2015-09-29 04:16 - 05569472 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-11-09 13:02 - 2015-09-29 04:13 - 01730496 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-11-09 13:02 - 2015-09-29 04:11 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-11-09 13:02 - 2015-09-29 04:11 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-11-09 13:02 - 2015-09-29 04:11 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-11-09 13:02 - 2015-09-29 04:11 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-11-09 13:02 - 2015-09-29 04:11 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-11-09 13:02 - 2015-09-29 04:11 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-11-09 13:02 - 2015-09-29 04:11 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-11-09 13:02 - 2015-09-29 04:11 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-11-09 13:02 - 2015-09-29 04:10 - 01216512 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2015-11-09 13:02 - 2015-09-29 04:10 - 01164800 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-11-09 13:02 - 2015-09-29 04:10 - 00729088 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-11-09 13:02 - 2015-09-29 04:10 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-11-09 13:02 - 2015-09-29 04:10 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-11-09 13:02 - 2015-09-29 04:10 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-11-09 13:02 - 2015-09-29 04:10 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-11-09 13:02 - 2015-09-29 04:10 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2015-11-09 13:02 - 2015-09-29 04:10 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-11-09 13:02 - 2015-09-29 04:10 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-11-09 13:02 - 2015-09-29 04:10 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-11-09 13:02 - 2015-09-29 04:09 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-11-09 13:02 - 2015-09-29 04:09 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-11-09 13:02 - 2015-09-29 04:05 - 03990976 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-11-09 13:02 - 2015-09-29 04:05 - 03936192 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-11-09 13:02 - 2015-09-29 04:05 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-11-09 13:02 - 2015-09-29 04:05 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-11-09 13:02 - 2015-09-29 04:02 - 01311768 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:59 - 00552960 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-11-09 13:02 - 2015-09-29 03:59 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-11-09 13:02 - 2015-09-29 03:59 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-11-09 13:02 - 2015-09-29 03:59 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-11-09 13:02 - 2015-09-29 03:59 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-11-09 13:02 - 2015-09-29 03:59 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-11-09 13:02 - 2015-09-29 03:58 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-11-09 13:02 - 2015-09-29 03:58 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2015-11-09 13:02 - 2015-09-29 03:58 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-11-09 13:02 - 2015-09-29 03:58 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-11-09 13:02 - 2015-09-29 03:57 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-11-09 13:02 - 2015-09-29 03:57 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2015-11-09 13:02 - 2015-09-29 03:57 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-11-09 13:02 - 2015-09-29 03:57 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-11-09 13:02 - 2015-09-29 03:53 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-11-09 13:02 - 2015-09-29 03:53 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 02:50 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2015-11-09 13:02 - 2015-09-29 02:49 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2015-11-09 13:02 - 2015-09-29 02:49 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2015-11-09 13:02 - 2015-09-29 02:43 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-11-09 13:02 - 2015-09-29 02:43 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-11-09 13:02 - 2015-09-29 02:40 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 02:40 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 02:40 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 02:40 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-09 13:02 - 2015-09-15 19:17 - 00157016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-11-09 13:02 - 2015-09-15 19:17 - 00097112 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-11-09 13:02 - 2015-09-15 19:11 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-11-09 13:02 - 2015-09-15 19:11 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-11-09 13:02 - 2015-09-15 19:11 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-11-09 13:02 - 2015-09-15 19:11 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-11-09 13:02 - 2015-09-15 19:11 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-11-09 13:02 - 2015-09-15 19:11 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-11-09 13:02 - 2015-09-15 19:10 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-11-09 13:02 - 2015-09-15 18:36 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-11-09 13:02 - 2015-09-15 18:36 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-11-09 13:02 - 2015-09-15 18:36 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-11-09 13:02 - 2015-09-15 18:35 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-11-09 13:01 - 2015-08-06 19:04 - 14176768 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-11-09 13:01 - 2015-08-06 19:03 - 01866752 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2015-11-09 13:01 - 2015-08-06 18:44 - 12875776 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2015-11-09 13:01 - 2015-08-06 18:44 - 01498624 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2015-11-09 12:53 - 2015-09-14 20:45 - 03210240 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-11-09 12:28 - 2015-11-09 12:28 - 00030328 _____ C:\ComboFix.txt
2015-11-09 11:50 - 2011-06-26 07:45 - 00256000 _____ C:\windows\PEV.exe
2015-11-09 11:50 - 2010-11-07 18:20 - 00208896 _____ C:\windows\MBR.exe
2015-11-09 11:50 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2015-11-09 11:50 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2015-11-09 11:50 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2015-11-09 11:50 - 2000-08-31 01:00 - 00098816 _____ C:\windows\sed.exe
2015-11-09 11:50 - 2000-08-31 01:00 - 00080412 _____ C:\windows\grep.exe
2015-11-09 11:50 - 2000-08-31 01:00 - 00068096 _____ C:\windows\zip.exe
2015-11-09 11:44 - 2015-11-09 12:28 - 00000000 ____D C:\Qoobox
2015-11-09 11:44 - 2015-11-09 12:26 - 00000000 ____D C:\windows\erdnt
2015-11-09 11:43 - 2015-11-09 11:43 - 05638248 ____R (Swearware) C:\Users\herbert.bruckmueller\Downloads\ComboFix.exe
2015-11-08 11:45 - 2015-11-08 11:46 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\herbert.bruckmueller\Downloads\tdsskiller(1).exe
2015-11-08 11:12 - 2015-11-08 11:13 - 16563352 _____ (Malwarebytes Corp.) C:\Users\herbert.bruckmueller\Downloads\mbar-1.09.3.1001.exe
2015-11-07 21:27 - 2015-11-07 21:27 - 01466656 _____ C:\Users\herbert.bruckmueller\Downloads\HitmanPro Alert - CHIP-Installer.exe
2015-11-07 21:26 - 2015-11-10 10:35 - 00000000 ____D C:\Users\herbert.bruckmueller\ownCloud
2015-11-07 19:06 - 2015-11-07 19:06 - 00852720 _____ C:\Users\herbert.bruckmueller\Downloads\SecurityCheck.exe
2015-11-07 17:47 - 2015-11-07 17:47 - 02870984 _____ (ESET) C:\Users\herbert.bruckmueller\Downloads\esetsmartinstaller_deu.exe
2015-11-07 17:47 - 2015-11-07 17:47 - 00000000 ____D C:\Program Files (x86)\ESET
2015-11-07 17:22 - 2015-11-07 17:22 - 01798976 _____ (Malwarebytes) C:\Users\herbert.bruckmueller\Downloads\JRT.exe
2015-11-07 16:33 - 2015-11-07 16:33 - 01713664 _____ C:\Users\herbert.bruckmueller\Downloads\AdwCleaner_5.018.exe
2015-11-07 16:21 - 2015-11-07 16:21 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\herbert.bruckmueller\Downloads\tdsskiller.exe
2015-11-07 15:42 - 2015-11-08 11:42 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-11-07 15:40 - 2015-11-07 15:40 - 16563352 _____ (Malwarebytes Corp.) C:\Users\herbert.bruckmueller\Downloads\mbar-1.09.3.1001(1).exe
2015-11-07 11:51 - 2015-11-07 11:52 - 00040663 _____ C:\Users\herbert.bruckmueller\Downloads\Addition.txt
2015-11-07 11:50 - 2015-11-11 12:49 - 00023864 _____ C:\Users\herbert.bruckmueller\Downloads\FRST.txt
2015-11-07 11:48 - 2015-11-11 12:49 - 00000000 ____D C:\FRST
2015-11-07 11:48 - 2015-11-07 11:48 - 02198528 _____ (Farbar) C:\Users\herbert.bruckmueller\Downloads\FRST64.exe
2015-11-04 13:29 - 2015-11-07 17:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-02 11:41 - 2015-11-02 11:41 - 00028806 _____ C:\Users\herbert.bruckmueller\Desktop\Kopie von Herbert Kunden Report 2015.xlsx
2015-10-29 09:13 - 2015-10-29 09:14 - 00000000 ____D C:\Users\herbert.bruckmueller\Desktop\Katzinger
2015-10-27 10:30 - 2015-11-09 12:07 - 00001536 _____ C:\windows\PFRO.log
2015-10-19 08:46 - 2015-10-19 08:46 - 00026500 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(5).aspx
2015-10-19 08:46 - 2015-10-19 08:46 - 00026500 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(4).aspx
2015-10-19 08:45 - 2015-10-19 08:45 - 00026299 _____ C:\Users\herbert.bruckmueller\Downloads\FileView.aspx
2015-10-19 08:45 - 2015-10-19 08:45 - 00026299 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(3).aspx
2015-10-19 08:45 - 2015-10-19 08:45 - 00026299 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(2).aspx
2015-10-19 08:45 - 2015-10-19 08:45 - 00026299 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(1).aspx
2015-10-15 10:01 - 2015-10-15 10:01 - 00001251 _____ C:\Users\herbert.bruckmueller\Desktop\SIVAG Wiki.lnk
2015-10-15 09:58 - 2015-11-11 12:51 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\Local\ownCloud
2015-10-15 09:58 - 2015-10-27 10:32 - 00000000 ____D C:\Users\herbert.bruckmueller\SIVAG Wiki
2015-10-15 09:57 - 2015-10-29 09:15 - 00001019 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ownCloud.lnk
2015-10-15 09:57 - 2015-10-29 09:15 - 00001007 _____ C:\Users\Public\Desktop\ownCloud.lnk
2015-10-15 09:56 - 2015-10-29 09:15 - 00000000 ____D C:\Program Files (x86)\ownCloud
2015-10-15 09:50 - 2015-10-15 09:52 - 39174288 _____ (ownCloud) C:\Users\herbert.bruckmueller\Downloads\ownCloud-2.0.1.5446-setup.exe
2015-10-13 09:27 - 2015-10-13 12:34 - 00000000 ____D C:\Program Files\HitmanPro
2015-10-13 09:27 - 2015-10-13 10:20 - 00000000 ____D C:\ProgramData\HitmanPro
2015-10-13 09:24 - 2015-11-07 21:28 - 13380715 _____ C:\Users\herbert.bruckmueller\Downloads\HitmanPro_3.7.9.242.zip
2015-10-13 09:22 - 2015-10-22 10:44 - 00000000 ____D C:\Users\herbert.bruckmueller\.oracle_jre_usage
2015-10-13 09:22 - 2015-10-13 09:22 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\Roaming\Sun
2015-10-13 09:22 - 2015-10-13 09:22 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\LocalLow\Sun
2015-10-13 09:21 - 2015-10-22 10:44 - 00000000 ____D C:\ProgramData\Oracle
2015-10-13 09:21 - 2015-10-22 10:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-13 09:21 - 2015-10-22 10:43 - 00097888 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2015-10-13 09:21 - 2015-10-22 10:43 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-13 09:20 - 2015-10-13 09:20 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\LocalLow\Oracle
2015-10-13 09:19 - 2015-10-13 09:19 - 00584288 _____ (Oracle Corporation) C:\Users\herbert.bruckmueller\Downloads\jxpiinstall.exe
2015-10-12 18:25 - 2015-10-13 00:53 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2015-10-12 15:21 - 2015-11-11 11:26 - 00001176 _____ C:\windows\setupact.log
2015-10-12 15:21 - 2015-10-12 15:21 - 00000000 _____ C:\windows\setuperr.log
2015-10-12 15:09 - 2015-11-11 08:26 - 00000000 ____D C:\AdwCleaner
2015-10-12 15:08 - 2015-10-12 15:08 - 01682432 _____ C:\Users\herbert.bruckmueller\Downloads\adwcleaner_5.013.exe
2015-10-12 13:35 - 2015-07-30 14:13 - 00124624 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-10-12 13:35 - 2015-07-30 14:13 - 00103120 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 01390592 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2015-10-12 12:54 - 2015-07-22 18:53 - 00641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2015-10-12 12:54 - 2015-07-22 18:53 - 00635392 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2015-10-12 12:54 - 2015-07-22 17:48 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2015-10-12 12:54 - 2015-07-15 04:19 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\basesrv.dll
2015-10-12 12:54 - 2015-06-09 19:03 - 03180544 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2015-10-12 12:54 - 2015-06-09 19:03 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2015-10-12 12:53 - 2015-07-30 19:06 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2015-10-12 12:53 - 2015-07-30 19:06 - 01648128 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-10-12 12:53 - 2015-07-30 19:06 - 01180160 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-10-12 12:53 - 2015-07-30 18:57 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2015-10-12 12:53 - 2015-07-30 18:57 - 01251328 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2015-10-12 12:53 - 2015-07-15 19:15 - 00094656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2015-10-12 12:53 - 2015-07-15 19:10 - 01743360 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2015-10-12 12:53 - 2015-07-15 19:10 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2015-10-12 12:53 - 2015-07-15 04:17 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2015-10-12 12:53 - 2015-07-15 03:54 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2015-10-12 12:53 - 2015-06-02 01:07 - 00254976 _____ (Microsoft Corporation) C:\windows\system32\cewmdm.dll
2015-10-12 12:53 - 2015-06-02 00:47 - 00210432 _____ (Microsoft Corporation) C:\windows\SysWOW64\cewmdm.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 01110016 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\icaapi.dll
2015-10-12 12:52 - 2015-08-05 18:40 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll
2015-10-12 12:52 - 2015-08-05 18:06 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2015-10-12 12:52 - 2015-07-16 20:12 - 06131200 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2015-10-12 12:52 - 2015-07-16 20:12 - 00856064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2015-10-12 12:52 - 2015-07-16 20:12 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2015-10-12 12:52 - 2015-07-16 20:11 - 07077376 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-10-12 12:52 - 2015-07-16 20:11 - 01057792 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2015-10-12 12:52 - 2015-07-16 20:11 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2015-10-12 12:52 - 2015-07-11 14:15 - 00429568 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2015-10-12 12:52 - 2015-06-25 11:06 - 00115136 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2015-10-12 12:52 - 2015-06-25 11:01 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2015-10-12 12:52 - 2015-06-25 11:01 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2015-10-12 12:52 - 2015-06-25 10:44 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2015-10-12 12:51 - 2015-09-18 20:22 - 00025432 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2015-10-12 12:51 - 2015-09-18 20:19 - 01291264 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-10-12 12:51 - 2015-09-18 20:19 - 00766464 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-10-12 12:51 - 2015-09-18 20:19 - 00700416 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-10-12 12:51 - 2015-09-18 20:19 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-10-12 12:51 - 2015-09-18 20:19 - 00073216 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-10-12 12:51 - 2015-09-18 20:09 - 01163776 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-10-12 12:51 - 2015-07-09 18:57 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\notepad.exe
2015-10-12 12:51 - 2015-07-09 18:57 - 00193536 _____ (Microsoft Corporation) C:\windows\notepad.exe
2015-10-12 12:51 - 2015-07-09 18:42 - 00179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\notepad.exe
2015-10-12 12:51 - 2015-07-04 19:07 - 02087424 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2015-10-12 12:51 - 2015-07-04 18:48 - 01414656 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2015-10-12 12:51 - 2015-07-01 21:49 - 00260096 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2015-10-12 12:51 - 2015-07-01 21:48 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2015-10-12 12:51 - 2015-07-01 21:30 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2015-10-12 12:51 - 2015-07-01 21:30 - 00082432 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
2015-10-12 12:51 - 2015-06-17 18:47 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-10-12 12:51 - 2015-06-17 18:37 - 00312320 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2015-10-12 12:51 - 2015-06-15 22:45 - 03242496 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2015-10-12 12:51 - 2015-06-15 22:45 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2015-10-12 12:51 - 2015-06-15 22:44 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2015-10-12 12:51 - 2015-06-15 22:43 - 02364416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2015-10-12 12:51 - 2015-06-15 22:43 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2015-10-12 12:51 - 2015-06-15 22:42 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2015-10-12 12:51 - 2015-06-15 22:42 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2015-10-12 12:51 - 2015-06-15 22:37 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00984448 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00901264 _____ (Microsoft Corporation) C:\windows\SysWOW64\ucrtbase.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00066400 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00063840 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00022368 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00020832 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-12 12:36 - 2015-07-09 18:58 - 01632256 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2015-10-12 12:36 - 2015-07-09 18:58 - 00082944 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2015-10-12 12:36 - 2015-07-09 18:42 - 01372160 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2015-10-12 12:36 - 2015-07-09 18:42 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmapi.dll
2015-10-12 12:31 - 2015-08-27 19:18 - 02004480 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2015-10-12 12:31 - 2015-08-27 19:18 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-10-12 12:31 - 2015-08-27 19:13 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2015-10-12 12:31 - 2015-08-27 19:13 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-10-12 12:31 - 2015-08-27 18:58 - 01391104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2015-10-12 12:31 - 2015-08-27 18:58 - 01241088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2015-10-12 12:31 - 2015-08-27 18:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2015-10-12 12:31 - 2015-08-27 18:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2015-10-12 12:22 - 2015-09-02 04:04 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-10-12 12:22 - 2015-09-02 04:04 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-10-12 12:22 - 2015-09-02 04:04 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-10-12 12:22 - 2015-09-02 04:04 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-10-12 12:22 - 2015-09-02 03:48 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2015-10-12 12:22 - 2015-09-02 03:48 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-10-12 12:22 - 2015-09-02 03:48 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2015-10-12 12:22 - 2015-09-02 03:47 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2015-10-12 12:22 - 2015-09-02 02:47 - 00372736 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-10-12 12:22 - 2015-09-02 02:33 - 00299520 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-10-12 12:05 - 2015-10-12 12:05 - 00000000 ____D C:\Program Files\Common Files\AV
2015-10-12 12:02 - 2015-10-12 12:02 - 00000000 ____D C:\windows\System32\Tasks\Safer-Networking
2015-10-12 12:01 - 2015-10-12 13:07 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-10-12 12:01 - 2015-10-12 12:16 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-10-12 12:01 - 2015-10-12 12:01 - 00001391 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-10-12 12:01 - 2015-10-12 12:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-10-12 12:01 - 2013-09-20 09:49 - 00021040 _____ (Safer Networking Limited) C:\windows\system32\sdnclean64.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-11 12:50 - 2015-03-26 19:39 - 00001110 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-11 12:03 - 2015-03-06 12:41 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-11-11 12:02 - 2015-03-05 15:30 - 00000000 ____D C:\Program Files (x86)\Advanced Monitoring Agent
2015-11-11 11:36 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-11 11:36 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-11 11:34 - 2015-09-07 07:36 - 419922944 _____ C:\Users\herbert.bruckmueller\Documents\herbert.bruckmueller@sivag.at
2015-11-11 11:34 - 2015-04-08 07:07 - 00003222 _____ C:\windows\System32\Tasks\HPCeeScheduleForHERBERT-HP$
2015-11-11 11:34 - 2015-04-08 07:07 - 00000346 _____ C:\windows\Tasks\HPCeeScheduleForHERBERT-HP$.job
2015-11-11 11:34 - 2011-05-03 19:08 - 00705108 _____ C:\windows\system32\perfh007.dat
2015-11-11 11:34 - 2011-05-03 19:08 - 00151476 _____ C:\windows\system32\perfc007.dat
2015-11-11 11:34 - 2009-07-14 06:13 - 01629436 _____ C:\windows\system32\PerfStringBackup.INI
2015-11-11 11:33 - 2015-08-31 08:21 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-11-11 11:33 - 2015-03-05 13:37 - 00000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini
2015-11-11 11:31 - 2015-03-26 19:39 - 00001106 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-11 11:27 - 2011-05-03 19:23 - 00000000 ____D C:\ProgramData\PDFC
2015-11-11 11:26 - 2015-03-05 13:43 - 00000128 _____ C:\windows\system32\config\netlogon.ftl
2015-11-11 11:26 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-11-11 11:25 - 2015-03-05 20:49 - 01722227 _____ C:\windows\WindowsUpdate.log
2015-11-11 10:12 - 2015-08-31 08:21 - 00000000 ____D C:\Program Files\Advanced Monitoring Agent Network Management
2015-11-11 07:57 - 2015-09-28 08:55 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-09 21:27 - 2015-03-05 20:55 - 00000000 ____D C:\windows\rescache
2015-11-09 13:26 - 2015-03-11 13:21 - 00000000 ___RD C:\Users\herbert.bruckmueller\Virtual Machines
2015-11-09 13:21 - 2009-07-14 05:45 - 00410232 _____ C:\windows\system32\FNTCACHE.DAT
2015-11-09 13:11 - 2015-03-05 13:58 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-09 13:09 - 2009-07-14 03:34 - 00000478 _____ C:\windows\win.ini
2015-11-09 12:23 - 2009-07-14 03:34 - 00000215 _____ C:\windows\system.ini
2015-11-09 12:06 - 2009-07-14 03:34 - 99090432 _____ C:\windows\system32\config\SOFTWARE.bak
2015-11-09 12:06 - 2009-07-14 03:34 - 18087936 _____ C:\windows\system32\config\SYSTEM.bak
2015-11-09 12:06 - 2009-07-14 03:34 - 106168320 _____ C:\windows\system32\config\COMPONENTS.bak
2015-11-09 12:06 - 2009-07-14 03:34 - 00786432 _____ C:\windows\system32\config\DEFAULT.bak
2015-11-09 12:06 - 2009-07-14 03:34 - 00262144 _____ C:\windows\system32\config\SECURITY.bak
2015-11-08 11:15 - 2015-09-28 08:54 - 00109272 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2015-11-07 21:26 - 2015-03-11 13:21 - 00000000 ____D C:\Users\herbert.bruckmueller
2015-11-07 20:43 - 2015-05-28 12:37 - 01600520 _____ (BitDefender) C:\windows\system32\Drivers\avc3.sys
2015-11-07 20:41 - 2015-05-28 13:21 - 00775424 _____ (BitDefender) C:\windows\system32\Drivers\avckf.sys
2015-11-07 20:40 - 2015-09-03 08:16 - 00477272 _____ (BitDefender S.R.L.) C:\windows\system32\Drivers\trufos.sys
2015-11-07 17:25 - 2015-03-05 14:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-07 16:31 - 2015-09-28 08:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-11-07 16:31 - 2015-09-28 08:54 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-11-02 18:20 - 2015-03-11 13:21 - 00000000 ____D C:\Users\herbert.bruckmueller\Documents\Bluetooth Folder
2015-10-29 10:57 - 2015-09-16 07:49 - 00000000 ____D C:\Users\herbert.bruckmueller\Desktop\PRO MAKLER
2015-10-28 09:24 - 2015-03-23 10:28 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\Local\CrashDumps
2015-10-27 10:52 - 2015-03-26 19:40 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-22 12:43 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\NDF
2015-10-22 08:48 - 2015-09-03 08:14 - 00000000 ____D C:\ProgramData\ManagedAntivirus
2015-10-20 11:15 - 2015-03-05 14:10 - 00000000 ____D C:\Users\herbert.bruckmueller\Documents\Eigene Dateien
2015-10-18 17:53 - 2015-03-06 12:41 - 00780488 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-10-18 17:53 - 2015-03-06 12:41 - 00142536 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-18 17:53 - 2015-03-06 12:41 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-10-15 09:57 - 2015-07-02 08:31 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-12 14:54 - 2015-03-05 15:45 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-10-12 14:54 - 2015-03-05 15:45 - 00000000 ____D C:\Program Files\CCleaner
2015-10-12 14:22 - 2015-03-05 16:39 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-10-12 14:22 - 2015-03-05 16:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-10-12 14:18 - 2015-04-15 14:48 - 00000000 ___SD C:\windows\system32\CompatTel
2015-10-12 14:18 - 2015-04-15 14:48 - 00000000 ____D C:\windows\system32\appraiser
2015-10-12 14:18 - 2015-04-07 10:33 - 00000000 ___SD C:\windows\SysWOW64\GWX
2015-10-12 14:18 - 2015-04-07 10:33 - 00000000 ___SD C:\windows\system32\GWX
2015-10-12 14:18 - 2009-07-27 15:36 - 00000000 ____D C:\Program Files\Windows Journal
2015-10-12 14:18 - 2009-07-14 04:20 - 00000000 ____D C:\windows\PolicyDefinitions
2015-10-12 13:31 - 2015-03-06 12:44 - 00000000 ____D C:\windows\system32\MRT
2015-10-12 09:16 - 2015-03-05 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

Einige Dateien in TEMP:
====================
C:\Users\herbert.bruckmueller\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-10 00:00

==================== Ende von FRST.txt ============================
         
Danke für die Hilfe!

Alt 12.11.2015, 15:58   #11
schrauber
/// the machine
/// TB-Ausbilder
 

Bank Austria Onlinebanking, falsche Webseite - Standard

Bank Austria Onlinebanking, falsche Webseite




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 12.11.2015, 20:31   #12
ferdimax
 
Bank Austria Onlinebanking, falsche Webseite - Standard

Bank Austria Onlinebanking, falsche Webseite



Hi!
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a1567e0dff2a424a8908e701109167a9
# end=init
# utc_time=2015-11-07 04:47:55
# local_time=2015-11-07 05:47:55 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 26614
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a1567e0dff2a424a8908e701109167a9
# end=updated
# utc_time=2015-11-07 04:52:04
# local_time=2015-11-07 05:52:04 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=a1567e0dff2a424a8908e701109167a9
# engine=26614
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-11-07 06:28:17
# local_time=2015-11-07 07:28:17 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Endpoint Security by Bitdefender Antimalware'
# compatibility_mode=2069 16777213 66 100 9907 139282505 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 21300608 198550747 0 0
# scanned=302854
# found=3
# cleaned=0
# scan_time=5772
sh=62BFF91A7E351CB1A21EF92320815874B2D2DFA8 ft=1 fh=fc2555afc5bde153 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\herbert.bruckmueller\AppData\Local\Temp\DMR\dmr_72.exe"
sh=CDFC279C21EADA2BD981FAFA46546ADC1CEAAD6F ft=1 fh=55c227375fc27c4d vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\herbert.bruckmueller\Downloads\HitmanPro Alert - CHIP-Installer.exe"
sh=405EA8286471409C393114B2F85A4D57B2EAB751 ft=1 fh=7f3971b0c2134346 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\herbert.bruckmueller\Downloads\SpyBot Search Destroy - CHIP-Installer.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a1567e0dff2a424a8908e701109167a9
# end=init
# utc_time=2015-11-07 06:41:43
# local_time=2015-11-07 07:41:43 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=53251
Update Finalize
Updated modules version: 26614
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a1567e0dff2a424a8908e701109167a9
# end=updated
# utc_time=2015-11-07 06:42:02
# local_time=2015-11-07 07:42:02 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=a1567e0dff2a424a8908e701109167a9
# engine=26614
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-11-07 08:16:08
# local_time=2015-11-07 09:16:08 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Endpoint Security by Bitdefender Antimalware'
# compatibility_mode=2069 16777213 66 100 9601 139288975 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 21307078 198557217 0 0
# scanned=303283
# found=5
# cleaned=5
# scan_time=5645
sh=62BFF91A7E351CB1A21EF92320815874B2D2DFA8 ft=1 fh=fc2555afc5bde153 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\herbert.bruckmueller\AppData\Local\Temp\DMR\dmr_72.exe"
sh=2CF9F87AA2EA689D9B9F5CCED4C51B2595C19027 ft=1 fh=4b16eff5bfe216f3 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\herbert.bruckmueller\Downloads\ccsetup510.exe"
sh=9E4084FFC1A61081AFF2EA0EBB911EFA6DF5EEE3 ft=1 fh=48c3ec7a87c42728 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\herbert.bruckmueller\Downloads\HitmanPro Alert - CHIP-Installer(1).exe"
sh=CDFC279C21EADA2BD981FAFA46546ADC1CEAAD6F ft=1 fh=55c227375fc27c4d vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\herbert.bruckmueller\Downloads\HitmanPro Alert - CHIP-Installer.exe"
sh=405EA8286471409C393114B2F85A4D57B2EAB751 ft=1 fh=7f3971b0c2134346 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\herbert.bruckmueller\Downloads\SpyBot Search Destroy - CHIP-Installer.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a1567e0dff2a424a8908e701109167a9
# end=init
# utc_time=2015-11-12 04:35:40
# local_time=2015-11-12 05:35:40 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 26695
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a1567e0dff2a424a8908e701109167a9
# end=updated
# utc_time=2015-11-12 04:37:33
# local_time=2015-11-12 05:37:33 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=a1567e0dff2a424a8908e701109167a9
# engine=26695
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-11-12 06:20:59
# local_time=2015-11-12 07:20:59 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Endpoint Security by Bitdefender Antimalware'
# compatibility_mode=2069 16777213 66 100 10378 139714067 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 21732170 198982309 0 0
# scanned=331709
# found=1
# cleaned=0
# scan_time=6205
sh=E3F4FCDD159BAFA19F568BA4EC7F9F3ED451708F ft=1 fh=f80411e151b2c307 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\herbert.bruckmueller\Downloads\HitmanPro Alert - CHIP-Installer.exe"
         
Code:
ATTFilter
 Results of screen317's Security Check version 1.009  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Managed Antivirus-Anti-Malware   
 Antivirus out of date! (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Spybot - Search & Destroy 
 Java 8 Update 65  
 Java version 32-bit out of Date! 
 Adobe Flash Player 19.0.0.245  
 Mozilla Firefox (42.0) 
 Google Chrome (46.0.2490.80) 
 Google Chrome (46.0.2490.86) 
````````Process Check: objlist.exe by Laurent````````  
 Spybot Teatimer.exe is disabled! 
 Managed Antivirus Managed Antivirus Engine IT@WORK GmbH Antivirus Managed Antivirus\EndpointIntegration.exe 
 Managed Antivirus Managed Antivirus Engine IT@WORK GmbH Antivirus Managed Antivirus\EndpointService.exe 
 Common Files IT@WORK GmbH Antivirus Endpoint Agent epag.exe 
 Managed Antivirus Managed Antivirus Master Service ManagedAntivirus.exe  
 Managed Antivirus Managed Antivirus Engine IT@WORK GmbH Antivirus Managed Antivirus\Console.exe 
 Mobile Partner OnlineUpdate ouc.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
durchgeführt von Herbert.Bruckmueller (Administrator) auf HERBERT-HP (12-11-2015 21:28:40)
Gestartet von C:\Users\herbert.bruckmueller\Downloads
Geladene Profile: Herbert.Bruckmueller (Verfügbare Profile: Herbert.Bruckmueller & Administrator & herbert & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Remote Monitoring) C:\Program Files (x86)\Advanced Monitoring Agent\winagent.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Bitdefender) C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\endpointintegration.exe
(Bitdefender) C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\endpointservice.exe
(Bitdefender) C:\Program Files\Common Files\IT@WORK GmbH Antivirus\Endpoint Agent\epag.exe
(GFI Software Development Ltd.) C:\Program Files (x86)\Advanced Monitoring Agent\patchman\lnssatt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(LogicNow Ltd) C:\Program Files\Managed Antivirus\Managed Antivirus Master Service\ManagedAntivirus.exe
(LogicNow Ltd) C:\Program Files\Advanced Monitoring Agent Network Management\NetworkManagement.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Bitdefender) C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\console.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files (x86)\ownCloud\owncloud.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\herbert.bruckmueller\Downloads\FRST64(1).exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2919992 2011-01-27] (Hewlett-Packard Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2803496 2011-06-24] (Synaptics Incorporated)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [615584 2011-01-06] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2011-01-06] (Atheros Commnucations)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [835072 2011-01-27] (IDT, Inc.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [299576 2011-01-28] (Hewlett-Packard Company)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation)
HKLM-x32\...\Run: [HPConnectionManager] => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [94264 2011-04-05] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\...\Run: [ownCloud] => C:\Program Files (x86)\ownCloud\owncloud.exe [1704974 2015-10-21] ()
ShellIconOverlayIdentifiers: [  OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCErrorShared] -> {0960F091-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCSyncShared] -> {0960F095-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCWarningShared] -> {0960F097-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Outlook 2010.lnk [2015-03-05]
ShortcutTarget: Microsoft Outlook 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe ()
Startup: C:\Users\herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\aBMainFX - Verknüpfung.lnk [2015-03-05]
ShortcutTarget: aBMainFX - Verknüpfung.lnk -> \\SRVBER\artBase\aB-Agenta Programm\aBMainFX.exe (artBase! Software GmbH)
Startup: C:\Users\herbert.bruckmueller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\aBMainFX - Verknüpfung.lnk [2015-03-05]
ShortcutTarget: aBMainFX - Verknüpfung.lnk -> \\SRVBER\artBase\aB-Agenta Programm\aBMainFX.exe (artBase! Software GmbH)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.3.10
Tcpip\..\Interfaces\{4D81B0A2-95DD-45B4-88CE-7F88B7454444}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{666BA3F3-F79E-49C5-BBB4-558596EF1C92}: [DhcpNameServer] 192.168.3.10
Tcpip\..\Interfaces\{C72A97B7-69C3-42BF-90C4-A85317D8F4EB}: [NameServer]  
Tcpip\..\Interfaces\{C72A97B7-69C3-42BF-90C4-A85317D8F4EB}: [DhcpNameServer] 194.48.128.199 194.48.139.254
Tcpip\..\Interfaces\{CBA08DEB-ACD3-4B93-9CDF-84E237E532BE}: [NameServer] 194.48.139.254 194.48.128.199

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: PDFXChange 2012 -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} -> C:\Program Files\Tracker Software\PDF-XChange 5\Win32\PXCIEaddin5.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-22] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-06] (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-22] (Oracle Corporation)
Toolbar: HKLM-x32 - PDFXChange 2012 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange 5\Win32\PXCIEaddin5.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)

FireFox:
========
FF ProfilePath: C:\Users\herbert.bruckmueller\AppData\Roaming\Mozilla\Firefox\Profiles\otkxoekz.default
FF SearchEngineOrder.1: Ask Search
FF SelectedSearchEngine: Google
FF Homepage: hxxps://www.google.at/?gws_rd=ssl
FF NetworkProxy: "autoconfig_url", "https://tonnelrock.net/tonnel.js"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2274497662-1395199413-223734523-1123: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)

Chrome: 
=======
CHR Profile: C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-26]
CHR Extension: (Docs) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-26]
CHR Extension: (Google Drive) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-27]
CHR Extension: (YouTube) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-26]
CHR Extension: (Google-Suche) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-27]
CHR Extension: (Google Tabellen) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-26]
CHR Extension: (Google Präsentationen) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-21]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-27]
CHR Extension: (Google Mail) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-27]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Advanced Monitoring Agent; C:\Program Files (x86)\Advanced Monitoring Agent\winagent.exe [8523264 2015-10-21] (Remote Monitoring) [Datei ist nicht signiert]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-01-06] (Atheros) [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [53920 2011-01-06] (Atheros Commnucations) [Datei ist nicht signiert]
R2 EndpointIntegration; C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\EndpointIntegration.exe [398480 2015-11-07] (Bitdefender)
R2 EndpointService; C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\EndpointService.exe [398480 2015-11-07] (Bitdefender)
R2 epag; C:\Program Files\Common Files\IT@WORK GmbH Antivirus\Endpoint Agent\epag.exe [3626976 2015-11-07] (Bitdefender)
R2 gfi_lanss11_attservice; C:\Program Files (x86)\Advanced Monitoring Agent\patchman\lnssatt.exe [118640 2012-07-17] (GFI Software Development Ltd.)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [281656 2011-01-28] (Hewlett-Packard Company)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 ManagedAntivirus; C:\Program Files\Managed Antivirus\Managed Antivirus Master Service\ManagedAntivirus.exe [278248 2015-11-03] (LogicNow Ltd)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [655712 2012-05-09] ()
R2 NetworkManagement; C:\Program Files\Advanced Monitoring Agent Network Management\NetworkManagement.exe [186088 2015-11-09] (LogicNow Ltd)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5490448 2015-06-18] (TeamViewer GmbH)
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1600520 2015-11-07] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [775424 2015-11-07] (BitDefender)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2015-02-11] (GFI Software)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [161592 2015-07-22] (BitDefender LLC)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [238080 2012-04-23] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1826048 2010-12-21] ()
R2 trufos; C:\Windows\System32\DRIVERS\trufos.sys [477272 2015-11-07] (BitDefender S.R.L.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-12 17:36 - 2015-11-12 17:36 - 00852720 _____ C:\Users\herbert.bruckmueller\Downloads\SecurityCheck(1).exe
2015-11-12 17:35 - 2015-11-12 17:35 - 02870984 _____ (ESET) C:\Users\herbert.bruckmueller\Downloads\esetsmartinstaller_deu(1).exe
2015-11-11 12:48 - 2015-11-11 12:49 - 02198528 _____ (Farbar) C:\Users\herbert.bruckmueller\Downloads\FRST64(1).exe
2015-11-11 08:23 - 2015-11-11 08:23 - 01798976 _____ (Malwarebytes) C:\Users\herbert.bruckmueller\Downloads\JRT(1).exe
2015-11-11 07:59 - 2015-11-11 07:59 - 01712128 _____ C:\Users\herbert.bruckmueller\Downloads\AdwCleaner_5.019.exe
2015-11-09 13:03 - 2015-09-18 20:31 - 00391784 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-11-09 13:03 - 2015-09-18 19:58 - 00345688 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-11-09 13:03 - 2015-09-16 05:48 - 25851904 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-11-09 13:03 - 2015-09-16 05:36 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-11-09 13:03 - 2015-09-16 05:36 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-11-09 13:03 - 2015-09-16 05:22 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-11-09 13:03 - 2015-09-16 05:21 - 02886656 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-11-09 13:03 - 2015-09-16 05:21 - 00585728 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-11-09 13:03 - 2015-09-16 05:21 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-11-09 13:03 - 2015-09-16 05:21 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-11-09 13:03 - 2015-09-16 05:21 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-11-09 13:03 - 2015-09-16 05:14 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-11-09 13:03 - 2015-09-16 05:13 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-11-09 13:03 - 2015-09-16 05:10 - 00616960 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-11-09 13:03 - 2015-09-16 05:09 - 05990912 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-11-09 13:03 - 2015-09-16 05:08 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-11-09 13:03 - 2015-09-16 05:08 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-11-09 13:03 - 2015-09-16 05:08 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-11-09 13:03 - 2015-09-16 05:08 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-11-09 13:03 - 2015-09-16 05:01 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-11-09 13:03 - 2015-09-16 04:58 - 20357632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-11-09 13:03 - 2015-09-16 04:58 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-11-09 13:03 - 2015-09-16 04:50 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-11-09 13:03 - 2015-09-16 04:46 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-11-09 13:03 - 2015-09-16 04:45 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-11-09 13:03 - 2015-09-16 04:45 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-11-09 13:03 - 2015-09-16 04:43 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-11-09 13:03 - 2015-09-16 04:41 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2015-11-09 13:03 - 2015-09-16 04:33 - 00504832 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-11-09 13:03 - 2015-09-16 04:33 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-11-09 13:03 - 2015-09-16 04:32 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-11-09 13:03 - 2015-09-16 04:32 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-11-09 13:03 - 2015-09-16 04:31 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2015-11-09 13:03 - 2015-09-16 04:31 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-11-09 13:03 - 2015-09-16 04:29 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-11-09 13:03 - 2015-09-16 04:29 - 00720896 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-11-09 13:03 - 2015-09-16 04:28 - 02279936 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-11-09 13:03 - 2015-09-16 04:28 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-11-09 13:03 - 2015-09-16 04:26 - 02126336 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-11-09 13:03 - 2015-09-16 04:26 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-11-09 13:03 - 2015-09-16 04:26 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-11-09 13:03 - 2015-09-16 04:24 - 00480256 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-11-09 13:03 - 2015-09-16 04:23 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-11-09 13:03 - 2015-09-16 04:22 - 14458368 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-11-09 13:03 - 2015-09-16 04:22 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-11-09 13:03 - 2015-09-16 04:22 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-11-09 13:03 - 2015-09-16 04:15 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-11-09 13:03 - 2015-09-16 04:11 - 02487808 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-11-09 13:03 - 2015-09-16 04:10 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-09 13:03 - 2015-09-16 04:07 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-11-09 13:03 - 2015-09-16 04:06 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-11-09 13:03 - 2015-09-16 04:05 - 04527616 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-11-09 13:03 - 2015-09-16 04:05 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-11-09 13:03 - 2015-09-16 04:04 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2015-11-09 13:03 - 2015-09-16 03:59 - 01546752 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-11-09 13:03 - 2015-09-16 03:58 - 12853760 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-11-09 13:03 - 2015-09-16 03:58 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2015-11-09 13:03 - 2015-09-16 03:56 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-11-09 13:03 - 2015-09-16 03:55 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-11-09 13:03 - 2015-09-16 03:55 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-11-09 13:03 - 2015-09-16 03:48 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-11-09 13:03 - 2015-09-16 03:37 - 02011136 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-11-09 13:03 - 2015-09-16 03:34 - 01311232 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-11-09 13:03 - 2015-09-16 03:32 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-11-09 13:02 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-11-09 13:02 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-11-09 13:02 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-11-09 13:02 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-11-09 13:02 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-11-09 13:02 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-11-09 13:02 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-11-09 13:02 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-11-09 13:02 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-11-09 13:02 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-11-09 13:02 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-11-09 13:02 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-11-09 13:02 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-11-09 13:02 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-11-09 13:02 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-11-09 13:02 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-11-09 13:02 - 2015-10-01 19:06 - 00692672 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2015-11-09 13:02 - 2015-10-01 19:04 - 00616360 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2015-11-09 13:02 - 2015-10-01 19:00 - 00147456 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2015-11-09 13:02 - 2015-10-01 19:00 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2015-11-09 13:02 - 2015-10-01 19:00 - 00059392 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2015-11-09 13:02 - 2015-10-01 19:00 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2015-11-09 13:02 - 2015-10-01 19:00 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2015-11-09 13:02 - 2015-10-01 18:50 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2015-11-09 13:02 - 2015-10-01 18:00 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2015-11-09 13:02 - 2015-09-29 04:16 - 05569472 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-11-09 13:02 - 2015-09-29 04:13 - 01730496 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-11-09 13:02 - 2015-09-29 04:11 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-11-09 13:02 - 2015-09-29 04:11 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-11-09 13:02 - 2015-09-29 04:11 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-11-09 13:02 - 2015-09-29 04:11 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-11-09 13:02 - 2015-09-29 04:11 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-11-09 13:02 - 2015-09-29 04:11 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-11-09 13:02 - 2015-09-29 04:11 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-11-09 13:02 - 2015-09-29 04:11 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-11-09 13:02 - 2015-09-29 04:10 - 01216512 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2015-11-09 13:02 - 2015-09-29 04:10 - 01164800 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-11-09 13:02 - 2015-09-29 04:10 - 00729088 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-11-09 13:02 - 2015-09-29 04:10 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-11-09 13:02 - 2015-09-29 04:10 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-11-09 13:02 - 2015-09-29 04:10 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-11-09 13:02 - 2015-09-29 04:10 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-11-09 13:02 - 2015-09-29 04:10 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2015-11-09 13:02 - 2015-09-29 04:10 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-11-09 13:02 - 2015-09-29 04:10 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-11-09 13:02 - 2015-09-29 04:10 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-11-09 13:02 - 2015-09-29 04:09 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-11-09 13:02 - 2015-09-29 04:09 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-11-09 13:02 - 2015-09-29 04:05 - 03990976 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-11-09 13:02 - 2015-09-29 04:05 - 03936192 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-11-09 13:02 - 2015-09-29 04:05 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-11-09 13:02 - 2015-09-29 04:05 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-11-09 13:02 - 2015-09-29 04:02 - 01311768 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:59 - 00552960 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-11-09 13:02 - 2015-09-29 03:59 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-11-09 13:02 - 2015-09-29 03:59 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-11-09 13:02 - 2015-09-29 03:59 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-11-09 13:02 - 2015-09-29 03:59 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-11-09 13:02 - 2015-09-29 03:59 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-11-09 13:02 - 2015-09-29 03:58 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-11-09 13:02 - 2015-09-29 03:58 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2015-11-09 13:02 - 2015-09-29 03:58 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-11-09 13:02 - 2015-09-29 03:58 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-11-09 13:02 - 2015-09-29 03:57 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-11-09 13:02 - 2015-09-29 03:57 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2015-11-09 13:02 - 2015-09-29 03:57 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-11-09 13:02 - 2015-09-29 03:57 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-11-09 13:02 - 2015-09-29 03:53 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-11-09 13:02 - 2015-09-29 03:53 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 02:50 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2015-11-09 13:02 - 2015-09-29 02:49 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2015-11-09 13:02 - 2015-09-29 02:49 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2015-11-09 13:02 - 2015-09-29 02:43 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-11-09 13:02 - 2015-09-29 02:43 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-11-09 13:02 - 2015-09-29 02:40 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 02:40 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 02:40 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 02:40 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-09 13:02 - 2015-09-15 19:17 - 00157016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-11-09 13:02 - 2015-09-15 19:17 - 00097112 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-11-09 13:02 - 2015-09-15 19:11 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-11-09 13:02 - 2015-09-15 19:11 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-11-09 13:02 - 2015-09-15 19:11 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-11-09 13:02 - 2015-09-15 19:11 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-11-09 13:02 - 2015-09-15 19:11 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-11-09 13:02 - 2015-09-15 19:11 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-11-09 13:02 - 2015-09-15 19:10 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-11-09 13:02 - 2015-09-15 18:36 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-11-09 13:02 - 2015-09-15 18:36 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-11-09 13:02 - 2015-09-15 18:36 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-11-09 13:02 - 2015-09-15 18:35 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-11-09 13:01 - 2015-08-06 19:04 - 14176768 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-11-09 13:01 - 2015-08-06 19:03 - 01866752 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2015-11-09 13:01 - 2015-08-06 18:44 - 12875776 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2015-11-09 13:01 - 2015-08-06 18:44 - 01498624 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2015-11-09 12:53 - 2015-09-14 20:45 - 03210240 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-11-09 12:28 - 2015-11-09 12:28 - 00030328 _____ C:\ComboFix.txt
2015-11-09 11:50 - 2011-06-26 07:45 - 00256000 _____ C:\windows\PEV.exe
2015-11-09 11:50 - 2010-11-07 18:20 - 00208896 _____ C:\windows\MBR.exe
2015-11-09 11:50 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2015-11-09 11:50 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2015-11-09 11:50 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2015-11-09 11:50 - 2000-08-31 01:00 - 00098816 _____ C:\windows\sed.exe
2015-11-09 11:50 - 2000-08-31 01:00 - 00080412 _____ C:\windows\grep.exe
2015-11-09 11:50 - 2000-08-31 01:00 - 00068096 _____ C:\windows\zip.exe
2015-11-09 11:44 - 2015-11-09 12:28 - 00000000 ____D C:\Qoobox
2015-11-09 11:44 - 2015-11-09 12:26 - 00000000 ____D C:\windows\erdnt
2015-11-09 11:43 - 2015-11-09 11:43 - 05638248 ____R (Swearware) C:\Users\herbert.bruckmueller\Downloads\ComboFix.exe
2015-11-08 11:45 - 2015-11-08 11:46 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\herbert.bruckmueller\Downloads\tdsskiller(1).exe
2015-11-08 11:12 - 2015-11-08 11:13 - 16563352 _____ (Malwarebytes Corp.) C:\Users\herbert.bruckmueller\Downloads\mbar-1.09.3.1001.exe
2015-11-07 21:27 - 2015-11-07 21:27 - 01466656 _____ C:\Users\herbert.bruckmueller\Downloads\HitmanPro Alert - CHIP-Installer.exe
2015-11-07 21:26 - 2015-11-12 16:48 - 00000000 ____D C:\Users\herbert.bruckmueller\ownCloud
2015-11-07 19:06 - 2015-11-07 19:06 - 00852720 _____ C:\Users\herbert.bruckmueller\Downloads\SecurityCheck.exe
2015-11-07 17:47 - 2015-11-07 17:47 - 02870984 _____ (ESET) C:\Users\herbert.bruckmueller\Downloads\esetsmartinstaller_deu.exe
2015-11-07 17:22 - 2015-11-07 17:22 - 01798976 _____ (Malwarebytes) C:\Users\herbert.bruckmueller\Downloads\JRT.exe
2015-11-07 16:33 - 2015-11-07 16:33 - 01713664 _____ C:\Users\herbert.bruckmueller\Downloads\AdwCleaner_5.018.exe
2015-11-07 16:21 - 2015-11-07 16:21 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\herbert.bruckmueller\Downloads\tdsskiller.exe
2015-11-07 15:42 - 2015-11-08 11:42 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-11-07 15:40 - 2015-11-07 15:40 - 16563352 _____ (Malwarebytes Corp.) C:\Users\herbert.bruckmueller\Downloads\mbar-1.09.3.1001(1).exe
2015-11-07 11:51 - 2015-11-07 11:52 - 00040663 _____ C:\Users\herbert.bruckmueller\Downloads\Addition.txt
2015-11-07 11:50 - 2015-11-12 21:28 - 00024094 _____ C:\Users\herbert.bruckmueller\Downloads\FRST.txt
2015-11-07 11:48 - 2015-11-12 21:28 - 00000000 ____D C:\FRST
2015-11-07 11:48 - 2015-11-07 11:48 - 02198528 _____ (Farbar) C:\Users\herbert.bruckmueller\Downloads\FRST64.exe
2015-11-04 13:29 - 2015-11-07 17:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-02 11:41 - 2015-11-02 11:41 - 00028806 _____ C:\Users\herbert.bruckmueller\Desktop\Kopie von Herbert Kunden Report 2015.xlsx
2015-10-29 09:13 - 2015-10-29 09:14 - 00000000 ____D C:\Users\herbert.bruckmueller\Desktop\Katzinger
2015-10-27 10:30 - 2015-11-09 12:07 - 00001536 _____ C:\windows\PFRO.log
2015-10-19 08:46 - 2015-10-19 08:46 - 00026500 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(5).aspx
2015-10-19 08:46 - 2015-10-19 08:46 - 00026500 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(4).aspx
2015-10-19 08:45 - 2015-10-19 08:45 - 00026299 _____ C:\Users\herbert.bruckmueller\Downloads\FileView.aspx
2015-10-19 08:45 - 2015-10-19 08:45 - 00026299 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(3).aspx
2015-10-19 08:45 - 2015-10-19 08:45 - 00026299 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(2).aspx
2015-10-19 08:45 - 2015-10-19 08:45 - 00026299 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(1).aspx
2015-10-15 10:01 - 2015-10-15 10:01 - 00001251 _____ C:\Users\herbert.bruckmueller\Desktop\SIVAG Wiki.lnk
2015-10-15 09:58 - 2015-11-12 21:29 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\Local\ownCloud
2015-10-15 09:58 - 2015-10-27 10:32 - 00000000 ____D C:\Users\herbert.bruckmueller\SIVAG Wiki
2015-10-15 09:57 - 2015-10-29 09:15 - 00001019 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ownCloud.lnk
2015-10-15 09:57 - 2015-10-29 09:15 - 00001007 _____ C:\Users\Public\Desktop\ownCloud.lnk
2015-10-15 09:56 - 2015-10-29 09:15 - 00000000 ____D C:\Program Files (x86)\ownCloud
2015-10-15 09:50 - 2015-10-15 09:52 - 39174288 _____ (ownCloud) C:\Users\herbert.bruckmueller\Downloads\ownCloud-2.0.1.5446-setup.exe
2015-10-13 09:27 - 2015-10-13 12:34 - 00000000 ____D C:\Program Files\HitmanPro
2015-10-13 09:27 - 2015-10-13 10:20 - 00000000 ____D C:\ProgramData\HitmanPro
2015-10-13 09:24 - 2015-11-07 21:28 - 13380715 _____ C:\Users\herbert.bruckmueller\Downloads\HitmanPro_3.7.9.242.zip
2015-10-13 09:22 - 2015-10-22 10:44 - 00000000 ____D C:\Users\herbert.bruckmueller\.oracle_jre_usage
2015-10-13 09:22 - 2015-10-13 09:22 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\Roaming\Sun
2015-10-13 09:22 - 2015-10-13 09:22 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\LocalLow\Sun
2015-10-13 09:21 - 2015-10-22 10:44 - 00000000 ____D C:\ProgramData\Oracle
2015-10-13 09:21 - 2015-10-22 10:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-13 09:21 - 2015-10-22 10:43 - 00097888 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2015-10-13 09:21 - 2015-10-22 10:43 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-13 09:20 - 2015-10-13 09:20 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\LocalLow\Oracle
2015-10-13 09:19 - 2015-10-13 09:19 - 00584288 _____ (Oracle Corporation) C:\Users\herbert.bruckmueller\Downloads\jxpiinstall.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-12 21:03 - 2015-03-06 12:41 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-11-12 21:02 - 2015-03-05 15:30 - 00000000 ____D C:\Program Files (x86)\Advanced Monitoring Agent
2015-11-12 20:50 - 2015-03-26 19:39 - 00001110 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-12 20:14 - 2015-03-05 13:43 - 00000128 _____ C:\windows\system32\config\netlogon.ftl
2015-11-12 18:55 - 2015-03-05 20:49 - 01765554 _____ C:\windows\WindowsUpdate.log
2015-11-12 13:38 - 2015-03-05 13:37 - 00000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini
2015-11-12 10:36 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-12 10:36 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-12 07:50 - 2015-03-26 19:39 - 00001106 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-11 21:02 - 2015-08-31 08:21 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-11-11 19:53 - 2015-03-26 19:40 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-11 16:03 - 2015-03-06 12:41 - 00780488 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-11-11 16:03 - 2015-03-06 12:41 - 00142536 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-11 16:03 - 2015-03-06 12:41 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-11-11 11:34 - 2015-09-07 07:36 - 419922944 _____ C:\Users\herbert.bruckmueller\Documents\herbert.bruckmueller@sivag.at
2015-11-11 11:34 - 2015-04-08 07:07 - 00003222 _____ C:\windows\System32\Tasks\HPCeeScheduleForHERBERT-HP$
2015-11-11 11:34 - 2015-04-08 07:07 - 00000346 _____ C:\windows\Tasks\HPCeeScheduleForHERBERT-HP$.job
2015-11-11 11:34 - 2011-05-03 19:08 - 00705108 _____ C:\windows\system32\perfh007.dat
2015-11-11 11:34 - 2011-05-03 19:08 - 00151476 _____ C:\windows\system32\perfc007.dat
2015-11-11 11:34 - 2009-07-14 06:13 - 01629436 _____ C:\windows\system32\PerfStringBackup.INI
2015-11-11 11:27 - 2011-05-03 19:23 - 00000000 ____D C:\ProgramData\PDFC
2015-11-11 11:26 - 2015-10-12 15:21 - 00001176 _____ C:\windows\setupact.log
2015-11-11 11:26 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-11-11 10:12 - 2015-08-31 08:21 - 00000000 ____D C:\Program Files\Advanced Monitoring Agent Network Management
2015-11-11 08:26 - 2015-10-12 15:09 - 00000000 ____D C:\AdwCleaner
2015-11-11 07:57 - 2015-09-28 08:55 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-09 21:27 - 2015-03-05 20:55 - 00000000 ____D C:\windows\rescache
2015-11-09 13:26 - 2015-03-11 13:21 - 00000000 ___RD C:\Users\herbert.bruckmueller\Virtual Machines
2015-11-09 13:21 - 2009-07-14 05:45 - 00410232 _____ C:\windows\system32\FNTCACHE.DAT
2015-11-09 13:11 - 2015-03-05 13:58 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-09 13:09 - 2009-07-14 03:34 - 00000478 _____ C:\windows\win.ini
2015-11-09 12:23 - 2009-07-14 03:34 - 00000215 _____ C:\windows\system.ini
2015-11-09 12:06 - 2009-07-14 03:34 - 99090432 _____ C:\windows\system32\config\SOFTWARE.bak
2015-11-09 12:06 - 2009-07-14 03:34 - 18087936 _____ C:\windows\system32\config\SYSTEM.bak
2015-11-09 12:06 - 2009-07-14 03:34 - 106168320 _____ C:\windows\system32\config\COMPONENTS.bak
2015-11-09 12:06 - 2009-07-14 03:34 - 00786432 _____ C:\windows\system32\config\DEFAULT.bak
2015-11-09 12:06 - 2009-07-14 03:34 - 00262144 _____ C:\windows\system32\config\SECURITY.bak
2015-11-08 11:15 - 2015-09-28 08:54 - 00109272 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2015-11-07 21:26 - 2015-03-11 13:21 - 00000000 ____D C:\Users\herbert.bruckmueller
2015-11-07 20:43 - 2015-05-28 12:37 - 01600520 _____ (BitDefender) C:\windows\system32\Drivers\avc3.sys
2015-11-07 20:41 - 2015-05-28 13:21 - 00775424 _____ (BitDefender) C:\windows\system32\Drivers\avckf.sys
2015-11-07 20:40 - 2015-09-03 08:16 - 00477272 _____ (BitDefender S.R.L.) C:\windows\system32\Drivers\trufos.sys
2015-11-07 17:25 - 2015-03-05 14:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-07 16:31 - 2015-09-28 08:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-11-07 16:31 - 2015-09-28 08:54 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-11-02 18:20 - 2015-03-11 13:21 - 00000000 ____D C:\Users\herbert.bruckmueller\Documents\Bluetooth Folder
2015-10-29 10:57 - 2015-09-16 07:49 - 00000000 ____D C:\Users\herbert.bruckmueller\Desktop\PRO MAKLER
2015-10-28 09:24 - 2015-03-23 10:28 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\Local\CrashDumps
2015-10-22 12:43 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\NDF
2015-10-22 08:48 - 2015-09-03 08:14 - 00000000 ____D C:\ProgramData\ManagedAntivirus
2015-10-20 11:15 - 2015-03-05 14:10 - 00000000 ____D C:\Users\herbert.bruckmueller\Documents\Eigene Dateien
2015-10-15 09:57 - 2015-07-02 08:31 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-13 00:53 - 2015-10-12 18:25 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0

Einige Dateien in TEMP:
====================
C:\Users\herbert.bruckmueller\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-10 00:00

==================== Ende von FRST.txt ============================
         
Leider Fehler noch nicht behoben!

Alt 14.11.2015, 10:51   #13
schrauber
/// the machine
/// TB-Ausbilder
 

Bank Austria Onlinebanking, falsche Webseite - Standard

Bank Austria Onlinebanking, falsche Webseite



In welchem Browser kommt das noch? Kommt es auch in mehreren?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 16.11.2015, 12:12   #14
ferdimax
 
Bank Austria Onlinebanking, falsche Webseite - Standard

Bank Austria Onlinebanking, falsche Webseite



Hallo!
Bei Firefox ja!
Bei Chrome und IE nicht mehr, die sind sauber!

Danke!

Alt 17.11.2015, 17:11   #15
schrauber
/// the machine
/// TB-Ausbilder
 

Bank Austria Onlinebanking, falsche Webseite - Standard

Bank Austria Onlinebanking, falsche Webseite



Revo Uninstaller - Download - Filepony
damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.mozilla.org/de/kb/fi...einfach-loesen


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\Users\herbert.bruckmueller\AppData\Local\Temp\DMR\dmr_72.exe

C:\Users\herbert.bruckmueller\Downloads\HitmanPro Alert - CHIP-Installer.exe

C:\Users\herbert.bruckmueller\Downloads\SpyBot Search Destroy - CHIP-Installer.exe

C:\Users\herbert.bruckmueller\Downloads\ccsetup510.exe

C:\Users\herbert.bruckmueller\Downloads\HitmanPro Alert - CHIP-Installer(1).exe
Emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Downloadverhalten überdenken:
CHIP-Installer - was ist das? - Anleitungen



Frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Bank Austria Onlinebanking, falsche Webseite
bank austria onlinebanking, bereits, board, direkt, ebanking, falsche, falsche webseite trojaner, frage, gefunde, geklärt, hilfe, hilfe!, onlinebanking, problem, troja, trojaner, unter, webseite



Ähnliche Themen: Bank Austria Onlinebanking, falsche Webseite


  1. Onlinebanking Zugang von der Bank gesperrt - keine Infektion gefunden
    Log-Analyse und Auswertung - 09.10.2015 (20)
  2. Bank Austria Onlinebanking - Trojaner
    Plagegeister aller Art und deren Bekämpfung - 08.08.2015 (17)
  3. Windows 7: mitb Trojaner - Onlinebanking wurde von Bank gesperrt
    Log-Analyse und Auswertung - 04.06.2014 (1)
  4. Onlinebanking-Trojaner Zeus2 / ZBot obwohl KEIN Onlinebanking genutzt wird
    Plagegeister aller Art und deren Bekämpfung - 21.05.2013 (4)
  5. Popupfenster mit Tanabfrage beim Onlinebanking der Deutschen Bank
    Log-Analyse und Auswertung - 17.05.2013 (11)
  6. Trojan.Agent.IET / IPH.Trojan.Zbot.Rke / 100er Tan Abfrage OnlineBanking Deutsche Bank
    Log-Analyse und Auswertung - 27.03.2013 (10)
  7. Polizeivirus 5.2 austria , windows 7, log files schon erstellt
    Plagegeister aller Art und deren Bekämpfung - 09.11.2012 (15)
  8. Online Cyber Police Trojaner Austria
    Log-Analyse und Auswertung - 19.09.2012 (1)
  9. cyber polizei austria
    Plagegeister aller Art und deren Bekämpfung - 12.09.2012 (17)
  10. Polizei mit Ukash-Virus in Austria
    Plagegeister aller Art und deren Bekämpfung - 29.07.2012 (14)
  11. Bundespolizei Austria Trojaner
    Plagegeister aller Art und deren Bekämpfung - 11.05.2012 (11)
  12. Trojaner Bundeskriminalamt Austria Ip-Adresse vorübergehend gesperrt - 100 € zahlen
    Plagegeister aller Art und deren Bekämpfung - 18.02.2012 (8)
  13. Falsche Webseite gezeigt- komische Weiterleitung
    Plagegeister aller Art und deren Bekämpfung - 22.03.2011 (27)
  14. 20 TANs von Deutsche Bank OnlineBanking gefordert
    Plagegeister aller Art und deren Bekämpfung - 10.02.2011 (27)
  15. Bank Austria: Hardware verletzt Bankgeheimnis [Update]
    Nachrichten - 06.10.2010 (0)
  16. Bank Austria: Hardware verletzt Bankgeheimnis
    Nachrichten - 06.10.2010 (0)
  17. Bank-Webseite fragt 10 TAN-Nummern ab
    Log-Analyse und Auswertung - 23.09.2008 (16)

Zum Thema Bank Austria Onlinebanking, falsche Webseite - Hallo! Bin zum Ersten Mal hier, bitte um Nachsicht! Hab mein Problem unter dem bereits ereldigtem Thread "Bank Austria Onlinebanking - Trojaner" am Board gefunden! http://www.trojaner-board.de/169030-...-trojaner.html Da ich hier nicht - Bank Austria Onlinebanking, falsche Webseite...
Archiv
Du betrachtest: Bank Austria Onlinebanking, falsche Webseite auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.