| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Bank Austria Onlinebanking, falsche WebseiteWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
23.10.2015, 08:28
| #1 |
 |  Bank Austria Onlinebanking, falsche Webseite Hallo! Bin zum Ersten Mal hier, bitte um Nachsicht! Hab mein Problem unter dem bereits ereldigtem Thread "Bank Austria Onlinebanking - Trojaner" am Board gefunden! http://www.trojaner-board.de/169030-...-trojaner.html Da ich hier nicht sonderlich versiert bin meine Frage ob ich das ganze Prozedere so abarbeiten soll od. ob sich dabei geklärt hat wo ich nun direkt ansetzten kann um den Trojaner weg zu bekommen! Danke für eure Hilfe! |
|
23.10.2015, 08:51
| #2 |
| /// the machine /// TB-Ausbilder    | Bank Austria Onlinebanking, falsche Webseite hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
07.11.2015, 12:00
| #3 |
| | Bank Austria Onlinebanking, falsche Webseite Hallo!
__________________Hat ein wenig gedauert, aber jetzt! Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-11-2015
durchgeführt von Herbert.Bruckmueller (Administrator) auf HERBERT-HP (07-11-2015 11:50:06)
Gestartet von C:\Users\herbert.bruckmueller\Downloads
Geladene Profile: Herbert.Bruckmueller (Verfügbare Profile: Herbert.Bruckmueller & herbert & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Remote Monitoring) C:\Program Files (x86)\Advanced Monitoring Agent\winagent.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Bitdefender) C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\EndpointIntegration.exe
(Bitdefender) C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\EndpointService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files (x86)\ownCloud\owncloud.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(GFI Software Development Ltd.) C:\Program Files (x86)\Advanced Monitoring Agent\patchman\lnssatt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Bitdefender) C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\UpdateService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Bitdefender) C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\Console.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(LogicNow Ltd) C:\Program Files\Advanced Monitoring Agent Network Management\NetworkManagement.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(LogicNow Ltd) C:\Program Files\Managed Antivirus\Managed Antivirus Master Service\ManagedAntivirus.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2919992 2011-01-27] (Hewlett-Packard Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2803496 2011-06-24] (Synaptics Incorporated)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [615584 2011-01-06] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2011-01-06] (Atheros Commnucations)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [835072 2011-01-27] (IDT, Inc.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [299576 2011-01-28] (Hewlett-Packard Company)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation)
HKLM-x32\...\Run: [HPConnectionManager] => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [94264 2011-04-05] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\...\Run: [ownCloud] => C:\Program Files (x86)\ownCloud\owncloud.exe [1704974 2015-10-21] ()
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\...\MountPoints2: {7e879ff7-2927-11e5-8933-68a3c4f13d1d} - G:\AutoRun.exe
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\...\MountPoints2: {7e87a00c-2927-11e5-8933-68a3c4f13d1d} - G:\AutoRun.exe
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\...\MountPoints2: {e96b72f9-391d-11e5-aa11-68a3c4f13d1d} - G:\AutoRun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\windows\System32\SPReview\SPReview.exe [301568 2015-03-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCErrorShared] -> {0960F091-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCSyncShared] -> {0960F095-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCWarningShared] -> {0960F097-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Outlook 2010.lnk [2015-03-05]
ShortcutTarget: Microsoft Outlook 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe ()
Startup: C:\Users\herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\aBMainFX - Verknüpfung.lnk [2015-03-05]
ShortcutTarget: aBMainFX - Verknüpfung.lnk -> \\SRVBER\artBase\aB-Agenta Programm\aBMainFX.exe (Keine Datei)
Startup: C:\Users\herbert.bruckmueller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\aBMainFX - Verknüpfung.lnk [2015-03-05]
ShortcutTarget: aBMainFX - Verknüpfung.lnk -> \\SRVBER\artBase\aB-Agenta Programm\aBMainFX.exe (Keine Datei)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
AutoConfigURL: [S-1-5-21-2274497662-1395199413-223734523-1123] => hxxps://tonnelrock.net/tonnel.js
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{4D81B0A2-95DD-45B4-88CE-7F88B7454444}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{666BA3F3-F79E-49C5-BBB4-558596EF1C92}: [DhcpNameServer] 192.168.3.10
Tcpip\..\Interfaces\{C72A97B7-69C3-42BF-90C4-A85317D8F4EB}: [NameServer]
Tcpip\..\Interfaces\{C72A97B7-69C3-42BF-90C4-A85317D8F4EB}: [DhcpNameServer] 194.48.128.199 194.48.139.254
Tcpip\..\Interfaces\{CBA08DEB-ACD3-4B93-9CDF-84E237E532BE}: [NameServer] 194.48.139.254 194.48.128.199
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: PDFXChange 2012 -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} -> C:\Program Files\Tracker Software\PDF-XChange 5\Win32\PXCIEaddin5.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-22] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-06] (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-22] (Oracle Corporation)
Toolbar: HKLM-x32 - PDFXChange 2012 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange 5\Win32\PXCIEaddin5.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FireFox:
========
FF ProfilePath: C:\Users\herbert.bruckmueller\AppData\Roaming\Mozilla\Firefox\Profiles\otkxoekz.default
FF SearchEngineOrder.1: Ask Search
FF SelectedSearchEngine: Google
FF Homepage: hxxps://www.google.at/?gws_rd=ssl
FF NetworkProxy: "autoconfig_url", "https://tonnelrock.net/tonnel.js"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-18] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2274497662-1395199413-223734523-1123: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
Chrome:
=======
CHR Profile: C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-26]
CHR Extension: (Docs) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-26]
CHR Extension: (Google Drive) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-27]
CHR Extension: (YouTube) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-26]
CHR Extension: (Google-Suche) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-27]
CHR Extension: (Google Tabellen) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-26]
CHR Extension: (Google Präsentationen) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-21]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-27]
CHR Extension: (Google Mail) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-27]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Advanced Monitoring Agent; C:\Program Files (x86)\Advanced Monitoring Agent\winagent.exe [8523264 2015-10-21] (Remote Monitoring) [Datei ist nicht signiert]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-01-06] (Atheros) [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [53920 2011-01-06] (Atheros Commnucations) [Datei ist nicht signiert]
R2 EndpointIntegration; C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\EndpointIntegration.exe [398480 2015-05-20] (Bitdefender)
R2 EndpointService; C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\EndpointService.exe [398480 2015-05-20] (Bitdefender)
S2 epag; C:\Program Files\Common Files\IT@WORK GmbH Antivirus\Endpoint Agent\epag.exe [3580632 2015-06-12] (Bitdefender)
R2 gfi_lanss11_attservice; C:\Program Files (x86)\Advanced Monitoring Agent\patchman\lnssatt.exe [118640 2012-07-17] (GFI Software Development Ltd.)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [281656 2011-01-28] (Hewlett-Packard Company)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 ManagedAntivirus; C:\Program Files\Managed Antivirus\Managed Antivirus Master Service\ManagedAntivirus.exe [278248 2015-11-03] (LogicNow Ltd)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [655712 2012-05-09] ()
R2 NetworkManagement; C:\Program Files\Advanced Monitoring Agent Network Management\NetworkManagement.exe [191208 2015-10-21] (LogicNow Ltd)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5490448 2015-06-18] (TeamViewer GmbH)
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
R2 UpdateService; C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\UpdateService.exe [398480 2015-05-20] (Bitdefender)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1369288 2015-05-28] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [747120 2015-05-28] (BitDefender)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2015-02-11] (GFI Software)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [161592 2015-07-22] (BitDefender LLC)
S3 hitmanpro37; C:\windows\system32\drivers\hitmanpro37.sys [41080 2015-10-13] ()
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [238080 2012-04-23] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1826048 2010-12-21] ()
R2 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-16] (BitDefender S.R.L.)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-07 11:50 - 2015-11-07 11:51 - 00025322 _____ C:\Users\herbert.bruckmueller\Downloads\FRST.txt
2015-11-07 11:48 - 2015-11-07 11:50 - 00000000 ____D C:\FRST
2015-11-07 11:48 - 2015-11-07 11:48 - 02198528 _____ (Farbar) C:\Users\herbert.bruckmueller\Downloads\FRST64.exe
2015-11-04 13:29 - 2015-11-04 13:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-02 11:41 - 2015-11-02 11:41 - 00028806 _____ C:\Users\herbert.bruckmueller\Desktop\Kopie von Herbert Kunden Report 2015.xlsx
2015-10-29 09:13 - 2015-10-29 09:14 - 00000000 ____D C:\Users\herbert.bruckmueller\Desktop\Katzinger
2015-10-27 10:30 - 2015-10-27 10:30 - 00000376 _____ C:\windows\PFRO.log
2015-10-19 08:46 - 2015-10-19 08:46 - 00026500 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(5).aspx
2015-10-19 08:46 - 2015-10-19 08:46 - 00026500 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(4).aspx
2015-10-19 08:45 - 2015-10-19 08:45 - 00026299 _____ C:\Users\herbert.bruckmueller\Downloads\FileView.aspx
2015-10-19 08:45 - 2015-10-19 08:45 - 00026299 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(3).aspx
2015-10-19 08:45 - 2015-10-19 08:45 - 00026299 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(2).aspx
2015-10-19 08:45 - 2015-10-19 08:45 - 00026299 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(1).aspx
2015-10-15 10:01 - 2015-10-15 10:01 - 00001251 _____ C:\Users\herbert.bruckmueller\Desktop\SIVAG Wiki.lnk
2015-10-15 09:58 - 2015-11-07 11:51 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\Local\ownCloud
2015-10-15 09:58 - 2015-10-27 10:32 - 00000000 ____D C:\Users\herbert.bruckmueller\SIVAG Wiki
2015-10-15 09:57 - 2015-10-29 09:15 - 00001019 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ownCloud.lnk
2015-10-15 09:57 - 2015-10-29 09:15 - 00001007 _____ C:\Users\Public\Desktop\ownCloud.lnk
2015-10-15 09:56 - 2015-10-29 09:15 - 00000000 ____D C:\Program Files (x86)\ownCloud
2015-10-15 09:50 - 2015-10-15 09:52 - 39174288 _____ (ownCloud) C:\Users\herbert.bruckmueller\Downloads\ownCloud-2.0.1.5446-setup.exe
2015-10-13 12:32 - 2015-10-13 12:32 - 00041080 _____ C:\windows\system32\Drivers\hitmanpro37.sys
2015-10-13 09:27 - 2015-10-13 12:34 - 00000000 ____D C:\Program Files\HitmanPro
2015-10-13 09:27 - 2015-10-13 10:20 - 00000000 ____D C:\ProgramData\HitmanPro
2015-10-13 09:24 - 2015-10-13 09:24 - 13380715 _____ C:\Users\herbert.bruckmueller\Downloads\HitmanPro_3.7.9.242.zip
2015-10-13 09:22 - 2015-10-22 10:44 - 00000000 ____D C:\Users\herbert.bruckmueller\.oracle_jre_usage
2015-10-13 09:22 - 2015-10-13 09:22 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\Roaming\Sun
2015-10-13 09:22 - 2015-10-13 09:22 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\LocalLow\Sun
2015-10-13 09:21 - 2015-10-22 10:44 - 00000000 ____D C:\ProgramData\Oracle
2015-10-13 09:21 - 2015-10-22 10:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-13 09:21 - 2015-10-22 10:43 - 00097888 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2015-10-13 09:21 - 2015-10-22 10:43 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-13 09:20 - 2015-10-13 09:20 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\LocalLow\Oracle
2015-10-13 09:19 - 2015-10-13 09:19 - 00584288 _____ (Oracle Corporation) C:\Users\herbert.bruckmueller\Downloads\jxpiinstall.exe
2015-10-13 09:14 - 2015-10-13 09:14 - 01457952 _____ C:\Users\herbert.bruckmueller\Downloads\HitmanPro Alert - CHIP-Installer.exe
2015-10-12 18:25 - 2015-10-13 00:53 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2015-10-12 15:21 - 2015-11-03 18:29 - 00000616 _____ C:\windows\setupact.log
2015-10-12 15:21 - 2015-10-12 15:21 - 00000000 _____ C:\windows\setuperr.log
2015-10-12 15:09 - 2015-10-13 07:55 - 00000000 ____D C:\AdwCleaner
2015-10-12 15:08 - 2015-10-12 15:08 - 01682432 _____ C:\Users\herbert.bruckmueller\Downloads\adwcleaner_5.013.exe
2015-10-12 13:35 - 2015-07-30 14:13 - 00124624 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-10-12 13:35 - 2015-07-30 14:13 - 00103120 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-10-12 12:54 - 2015-07-23 01:06 - 05568960 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-10-12 12:54 - 2015-07-23 01:03 - 01730496 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-10-12 12:54 - 2015-07-23 01:03 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-10-12 12:54 - 2015-07-23 01:03 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-10-12 12:54 - 2015-07-23 01:03 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-10-12 12:54 - 2015-07-23 01:03 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 01390592 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-10-12 12:54 - 2015-07-23 01:02 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-10-12 12:54 - 2015-07-23 01:02 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-10-12 12:54 - 2015-07-23 01:01 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-10-12 12:54 - 2015-07-23 00:52 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:57 - 03989952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-10-12 12:54 - 2015-07-22 18:57 - 03934656 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-10-12 12:54 - 2015-07-22 18:54 - 01311768 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-10-12 12:54 - 2015-07-22 18:53 - 00641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2015-10-12 12:54 - 2015-07-22 18:53 - 00635392 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2015-10-12 12:54 - 2015-07-22 18:53 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-10-12 12:54 - 2015-07-22 18:53 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-10-12 12:54 - 2015-07-22 18:52 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-10-12 12:54 - 2015-07-22 18:52 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-10-12 12:54 - 2015-07-22 18:52 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-10-12 12:54 - 2015-07-22 18:52 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 17:48 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2015-10-12 12:54 - 2015-07-22 17:34 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-10-12 12:54 - 2015-07-22 17:34 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-10-12 12:54 - 2015-07-22 17:31 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 17:31 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 17:31 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 17:31 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-12 12:54 - 2015-07-15 04:19 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\basesrv.dll
2015-10-12 12:54 - 2015-06-09 19:03 - 03180544 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2015-10-12 12:54 - 2015-06-09 19:03 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2015-10-12 12:53 - 2015-07-30 19:06 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2015-10-12 12:53 - 2015-07-30 19:06 - 01648128 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-10-12 12:53 - 2015-07-30 19:06 - 01180160 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-10-12 12:53 - 2015-07-30 18:57 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2015-10-12 12:53 - 2015-07-30 18:57 - 01251328 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2015-10-12 12:53 - 2015-07-15 19:15 - 00094656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2015-10-12 12:53 - 2015-07-15 19:10 - 01743360 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2015-10-12 12:53 - 2015-07-15 19:10 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2015-10-12 12:53 - 2015-07-15 04:17 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2015-10-12 12:53 - 2015-07-15 03:54 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2015-10-12 12:53 - 2015-06-02 01:07 - 00254976 _____ (Microsoft Corporation) C:\windows\system32\cewmdm.dll
2015-10-12 12:53 - 2015-06-02 00:47 - 00210432 _____ (Microsoft Corporation) C:\windows\SysWOW64\cewmdm.dll
2015-10-12 12:52 - 2015-08-05 19:02 - 00157016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-10-12 12:52 - 2015-08-05 19:02 - 00097112 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-10-12 12:52 - 2015-08-05 18:56 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 01216512 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 01110016 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00729088 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\icaapi.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-10-12 12:52 - 2015-08-05 18:55 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-10-12 12:52 - 2015-08-05 18:55 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-10-12 12:52 - 2015-08-05 18:50 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-10-12 12:52 - 2015-08-05 18:50 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-10-12 12:52 - 2015-08-05 18:46 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-10-12 12:52 - 2015-08-05 18:41 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-10-12 12:52 - 2015-08-05 18:41 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-10-12 12:52 - 2015-08-05 18:41 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-10-12 12:52 - 2015-08-05 18:41 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-10-12 12:52 - 2015-08-05 18:40 - 00552960 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-10-12 12:52 - 2015-08-05 18:40 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-10-12 12:52 - 2015-08-05 18:40 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-10-12 12:52 - 2015-08-05 18:40 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll
2015-10-12 12:52 - 2015-08-05 18:40 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2015-10-12 12:52 - 2015-08-05 18:40 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-10-12 12:52 - 2015-08-05 18:39 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2015-10-12 12:52 - 2015-08-05 18:39 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-10-12 12:52 - 2015-08-05 18:39 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-10-12 12:52 - 2015-08-05 18:34 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-10-12 12:52 - 2015-08-05 18:34 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-10-12 12:52 - 2015-08-05 18:30 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-10-12 12:52 - 2015-08-05 18:06 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2015-10-12 12:52 - 2015-08-05 17:38 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2015-10-12 12:52 - 2015-08-05 17:37 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2015-10-12 12:52 - 2015-08-05 17:37 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2015-10-12 12:52 - 2015-08-04 19:03 - 00692672 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2015-10-12 12:52 - 2015-08-04 19:00 - 00616360 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2015-10-12 12:52 - 2015-08-04 18:56 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2015-10-12 12:52 - 2015-08-04 18:56 - 00059392 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2015-10-12 12:52 - 2015-08-04 18:56 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2015-10-12 12:52 - 2015-08-04 18:55 - 00147456 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2015-10-12 12:52 - 2015-08-04 18:55 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2015-10-12 12:52 - 2015-08-04 18:47 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2015-10-12 12:52 - 2015-08-04 17:58 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2015-10-12 12:52 - 2015-07-16 20:12 - 06131200 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2015-10-12 12:52 - 2015-07-16 20:12 - 00856064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2015-10-12 12:52 - 2015-07-16 20:12 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2015-10-12 12:52 - 2015-07-16 20:11 - 07077376 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-10-12 12:52 - 2015-07-16 20:11 - 01057792 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2015-10-12 12:52 - 2015-07-16 20:11 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2015-10-12 12:52 - 2015-07-11 14:15 - 00429568 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2015-10-12 12:52 - 2015-06-25 11:06 - 00115136 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2015-10-12 12:52 - 2015-06-25 11:01 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2015-10-12 12:52 - 2015-06-25 11:01 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2015-10-12 12:52 - 2015-06-25 10:44 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2015-10-12 12:51 - 2015-09-25 19:07 - 03168768 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-10-12 12:51 - 2015-09-25 19:07 - 02607104 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-10-12 12:51 - 2015-09-25 19:07 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-10-12 12:51 - 2015-09-25 19:07 - 00192512 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-10-12 12:51 - 2015-09-25 19:07 - 00098816 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-10-12 12:51 - 2015-09-25 19:07 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-10-12 12:51 - 2015-09-25 19:07 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-10-12 12:51 - 2015-09-25 19:06 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-10-12 12:51 - 2015-09-25 19:06 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-10-12 12:51 - 2015-09-25 19:06 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-10-12 12:51 - 2015-09-25 19:06 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-10-12 12:51 - 2015-09-25 18:59 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-10-12 12:51 - 2015-09-25 18:59 - 00174080 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-10-12 12:51 - 2015-09-25 18:59 - 00093696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-10-12 12:51 - 2015-09-25 18:59 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-10-12 12:51 - 2015-09-25 18:58 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-10-12 12:51 - 2015-09-18 20:22 - 00025432 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2015-10-12 12:51 - 2015-09-18 20:19 - 01291264 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-10-12 12:51 - 2015-09-18 20:19 - 00766464 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-10-12 12:51 - 2015-09-18 20:19 - 00700416 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-10-12 12:51 - 2015-09-18 20:19 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-10-12 12:51 - 2015-09-18 20:19 - 00073216 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-10-12 12:51 - 2015-09-18 20:09 - 01163776 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-10-12 12:51 - 2015-07-09 18:57 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\notepad.exe
2015-10-12 12:51 - 2015-07-09 18:57 - 00193536 _____ (Microsoft Corporation) C:\windows\notepad.exe
2015-10-12 12:51 - 2015-07-09 18:42 - 00179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\notepad.exe
2015-10-12 12:51 - 2015-07-04 19:07 - 02087424 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2015-10-12 12:51 - 2015-07-04 18:48 - 01414656 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2015-10-12 12:51 - 2015-07-01 21:49 - 00260096 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2015-10-12 12:51 - 2015-07-01 21:48 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2015-10-12 12:51 - 2015-07-01 21:30 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2015-10-12 12:51 - 2015-07-01 21:30 - 00082432 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
2015-10-12 12:51 - 2015-06-17 18:47 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-10-12 12:51 - 2015-06-17 18:37 - 00312320 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2015-10-12 12:51 - 2015-06-15 22:45 - 03242496 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2015-10-12 12:51 - 2015-06-15 22:45 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2015-10-12 12:51 - 2015-06-15 22:44 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2015-10-12 12:51 - 2015-06-15 22:43 - 02364416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2015-10-12 12:51 - 2015-06-15 22:43 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2015-10-12 12:51 - 2015-06-15 22:42 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2015-10-12 12:51 - 2015-06-15 22:42 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2015-10-12 12:51 - 2015-06-15 22:37 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
2015-10-12 12:36 - 2015-08-18 02:42 - 00393304 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-10-12 12:36 - 2015-08-18 02:14 - 00344168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-10-12 12:36 - 2015-08-15 07:48 - 25190400 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-10-12 12:36 - 2015-08-15 07:34 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-10-12 12:36 - 2015-08-15 07:33 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-10-12 12:36 - 2015-08-15 07:18 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-10-12 12:36 - 2015-08-15 07:18 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-10-12 12:36 - 2015-08-15 07:17 - 02886144 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-10-12 12:36 - 2015-08-15 07:17 - 00585216 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-10-12 12:36 - 2015-08-15 07:17 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-10-12 12:36 - 2015-08-15 07:17 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-10-12 12:36 - 2015-08-15 07:10 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-10-12 12:36 - 2015-08-15 07:09 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-10-12 12:36 - 2015-08-15 07:06 - 19856896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-10-12 12:36 - 2015-08-15 07:06 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-10-12 12:36 - 2015-08-15 07:04 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-10-12 12:36 - 2015-08-15 07:04 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-10-12 12:36 - 2015-08-15 07:04 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-10-12 12:36 - 2015-08-15 07:04 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-10-12 12:36 - 2015-08-15 07:00 - 05923328 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-10-12 12:36 - 2015-08-15 06:57 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-10-12 12:36 - 2015-08-15 06:53 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-10-12 12:36 - 2015-08-15 06:53 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-10-12 12:36 - 2015-08-15 06:46 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-10-12 12:36 - 2015-08-15 06:42 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-10-12 12:36 - 2015-08-15 06:41 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-10-12 12:36 - 2015-08-15 06:40 - 00504832 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-10-12 12:36 - 2015-08-15 06:40 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-10-12 12:36 - 2015-08-15 06:39 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-10-12 12:36 - 2015-08-15 06:39 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-10-12 12:36 - 2015-08-15 06:39 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-10-12 12:36 - 2015-08-15 06:38 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-10-12 12:36 - 2015-08-15 06:35 - 02279424 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-10-12 12:36 - 2015-08-15 06:33 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-10-12 12:36 - 2015-08-15 06:32 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-10-12 12:36 - 2015-08-15 06:30 - 00479232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-10-12 12:36 - 2015-08-15 06:29 - 00665600 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-10-12 12:36 - 2015-08-15 06:29 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-10-12 12:36 - 2015-08-15 06:29 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-10-12 12:36 - 2015-08-15 06:24 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-10-12 12:36 - 2015-08-15 06:23 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-10-12 12:36 - 2015-08-15 06:22 - 02126336 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-10-12 12:36 - 2015-08-15 06:22 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-10-12 12:36 - 2015-08-15 06:21 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-10-12 12:36 - 2015-08-15 06:16 - 14451712 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-10-12 12:36 - 2015-08-15 06:16 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-12 12:36 - 2015-08-15 06:14 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-10-12 12:36 - 2015-08-15 06:12 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-10-12 12:36 - 2015-08-15 06:11 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-10-12 12:36 - 2015-08-15 06:10 - 04520448 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-10-12 12:36 - 2015-08-15 06:07 - 02427392 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-10-12 12:36 - 2015-08-15 06:04 - 12857344 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-10-12 12:36 - 2015-08-15 06:02 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-10-12 12:36 - 2015-08-15 06:01 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-10-12 12:36 - 2015-08-15 06:01 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-10-12 12:36 - 2015-08-15 05:55 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-10-12 12:36 - 2015-08-15 05:43 - 01951232 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-10-12 12:36 - 2015-08-15 05:43 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-10-12 12:36 - 2015-08-15 05:39 - 01310720 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-10-12 12:36 - 2015-08-15 05:37 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00984448 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00901264 _____ (Microsoft Corporation) C:\windows\SysWOW64\ucrtbase.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00066400 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00063840 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00022368 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00020832 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-12 12:36 - 2015-07-09 18:58 - 01632256 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2015-10-12 12:36 - 2015-07-09 18:58 - 00082944 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2015-10-12 12:36 - 2015-07-09 18:42 - 01372160 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2015-10-12 12:36 - 2015-07-09 18:42 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmapi.dll
2015-10-12 12:31 - 2015-08-27 19:18 - 02004480 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2015-10-12 12:31 - 2015-08-27 19:18 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-10-12 12:31 - 2015-08-27 19:13 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2015-10-12 12:31 - 2015-08-27 19:13 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-10-12 12:31 - 2015-08-27 18:58 - 01391104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2015-10-12 12:31 - 2015-08-27 18:58 - 01241088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2015-10-12 12:31 - 2015-08-27 18:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2015-10-12 12:31 - 2015-08-27 18:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2015-10-12 12:31 - 2015-07-10 18:51 - 14177280 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-10-12 12:31 - 2015-07-10 18:34 - 12875776 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2015-10-12 12:22 - 2015-09-02 04:04 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-10-12 12:22 - 2015-09-02 04:04 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-10-12 12:22 - 2015-09-02 04:04 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-10-12 12:22 - 2015-09-02 04:04 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-10-12 12:22 - 2015-09-02 03:48 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2015-10-12 12:22 - 2015-09-02 03:48 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-10-12 12:22 - 2015-09-02 03:48 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2015-10-12 12:22 - 2015-09-02 03:47 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2015-10-12 12:22 - 2015-09-02 02:51 - 03209216 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-10-12 12:22 - 2015-09-02 02:47 - 00372736 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-10-12 12:22 - 2015-09-02 02:33 - 00299520 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-10-12 12:05 - 2015-10-12 12:05 - 00000000 ____D C:\Program Files\Common Files\AV
2015-10-12 12:02 - 2015-10-12 12:02 - 00000000 ____D C:\windows\System32\Tasks\Safer-Networking
2015-10-12 12:01 - 2015-10-12 13:07 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-10-12 12:01 - 2015-10-12 12:16 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-10-12 12:01 - 2015-10-12 12:01 - 00001391 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-10-12 12:01 - 2015-10-12 12:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-10-12 12:01 - 2013-09-20 09:49 - 00021040 _____ (Safer Networking Limited) C:\windows\system32\sdnclean64.exe
2015-10-12 11:54 - 2015-10-12 11:54 - 01457952 _____ C:\Users\herbert.bruckmueller\Downloads\SpyBot Search Destroy - CHIP-Installer.exe
2015-10-12 11:53 - 2015-10-12 11:53 - 06677440 _____ (Piriform Ltd) C:\Users\herbert.bruckmueller\Downloads\ccsetup510.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-07 11:50 - 2015-09-07 07:36 - 419922944 _____ C:\Users\herbert.bruckmueller\Documents\herbert.bruckmueller@sivag.at
2015-11-07 11:50 - 2015-03-26 19:39 - 00001110 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-07 11:47 - 2015-03-05 20:49 - 01358562 _____ C:\windows\WindowsUpdate.log
2015-11-07 11:43 - 2011-05-03 19:08 - 00705108 _____ C:\windows\system32\perfh007.dat
2015-11-07 11:43 - 2011-05-03 19:08 - 00151476 _____ C:\windows\system32\perfc007.dat
2015-11-07 11:43 - 2009-07-14 06:13 - 01629436 _____ C:\windows\system32\PerfStringBackup.INI
2015-11-07 11:41 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-07 11:41 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-07 11:39 - 2015-03-26 19:39 - 00001106 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-07 11:34 - 2015-04-08 07:07 - 00003222 _____ C:\windows\System32\Tasks\HPCeeScheduleForHERBERT-HP$
2015-11-07 11:34 - 2015-04-08 07:07 - 00000346 _____ C:\windows\Tasks\HPCeeScheduleForHERBERT-HP$.job
2015-11-07 11:34 - 2015-03-06 12:41 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-11-07 11:34 - 2015-03-05 15:30 - 00000000 ____D C:\Program Files (x86)\Advanced Monitoring Agent
2015-11-07 11:34 - 2015-03-05 13:37 - 00000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini
2015-11-04 13:34 - 2015-03-05 14:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-03 19:31 - 2011-05-03 19:23 - 00000000 ____D C:\ProgramData\PDFC
2015-11-03 18:29 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-11-03 09:53 - 2015-03-05 13:43 - 00000128 _____ C:\windows\system32\config\netlogon.ftl
2015-11-02 18:20 - 2015-03-11 13:21 - 00000000 ____D C:\Users\herbert.bruckmueller\Documents\Bluetooth Folder
2015-10-29 17:58 - 2015-08-31 08:21 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-10-29 10:57 - 2015-09-16 07:49 - 00000000 ____D C:\Users\herbert.bruckmueller\Desktop\PRO MAKLER
2015-10-28 09:24 - 2015-03-23 10:28 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\Local\CrashDumps
2015-10-27 10:52 - 2015-03-26 19:40 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-23 12:07 - 2015-08-31 08:21 - 00000000 ____D C:\Program Files\Advanced Monitoring Agent Network Management
2015-10-22 12:43 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\NDF
2015-10-22 08:48 - 2015-09-03 08:14 - 00000000 ____D C:\ProgramData\ManagedAntivirus
2015-10-20 11:15 - 2015-03-05 14:10 - 00000000 ____D C:\Users\herbert.bruckmueller\Documents\Eigene Dateien
2015-10-18 17:53 - 2015-03-06 12:41 - 00780488 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-10-18 17:53 - 2015-03-06 12:41 - 00142536 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-18 17:53 - 2015-03-06 12:41 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-10-15 09:58 - 2015-03-11 13:21 - 00000000 ____D C:\Users\herbert.bruckmueller
2015-10-15 09:57 - 2015-07-02 08:31 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-13 07:30 - 2015-09-28 08:55 - 00113880 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-12 16:04 - 2015-03-05 20:55 - 00000000 ____D C:\windows\rescache
2015-10-12 14:54 - 2015-03-05 15:45 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-10-12 14:54 - 2015-03-05 15:45 - 00000000 ____D C:\Program Files\CCleaner
2015-10-12 14:38 - 2015-03-11 13:21 - 00000000 ___RD C:\Users\herbert.bruckmueller\Virtual Machines
2015-10-12 14:22 - 2015-03-05 16:39 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-10-12 14:22 - 2015-03-05 16:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-10-12 14:22 - 2009-07-14 05:45 - 00410232 _____ C:\windows\system32\FNTCACHE.DAT
2015-10-12 14:18 - 2015-04-15 14:48 - 00000000 ___SD C:\windows\system32\CompatTel
2015-10-12 14:18 - 2015-04-15 14:48 - 00000000 ____D C:\windows\system32\appraiser
2015-10-12 14:18 - 2015-04-07 10:33 - 00000000 ___SD C:\windows\SysWOW64\GWX
2015-10-12 14:18 - 2015-04-07 10:33 - 00000000 ___SD C:\windows\system32\GWX
2015-10-12 14:18 - 2009-07-27 15:36 - 00000000 ____D C:\Program Files\Windows Journal
2015-10-12 14:18 - 2009-07-14 04:20 - 00000000 ____D C:\windows\PolicyDefinitions
2015-10-12 13:39 - 2015-03-05 13:58 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-12 13:31 - 2015-03-06 12:44 - 00000000 ____D C:\windows\system32\MRT
2015-10-12 13:08 - 2009-07-14 03:34 - 00000478 _____ C:\windows\win.ini
2015-10-12 09:16 - 2015-03-05 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-09-03 08:19 - 2015-09-03 08:19 - 0233697 _____ () C:\ProgramData\1441264588.bdinstall.bin
Einige Dateien in TEMP:
====================
C:\Users\herbert\AppData\Local\Temp\CpqMC.dll
C:\Users\herbert\AppData\Local\Temp\HPSWF.EXE
C:\Users\herbert\AppData\Local\Temp\MSN2952.exe
C:\Users\herbert\AppData\Local\Temp\SWHelperQueryW.dll
C:\Users\herbert.bruckmueller\AppData\Local\Temp\HitmanPro.exe
C:\Users\herbert.bruckmueller\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\herbert.bruckmueller\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-10-31 12:52
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-11-2015
durchgeführt von Herbert.Bruckmueller (2015-11-07 11:51:42)
Gestartet von C:\Users\herbert.bruckmueller\Downloads
Windows 7 Professional Service Pack 1 (X64) (2015-03-05 10:58:29)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3356595372-2875079322-2432392346-500 - Administrator - Enabled) => C:\Users\Administrator.herbert-HP
Gast (S-1-5-21-3356595372-2875079322-2432392346-501 - Limited - Disabled)
herbert (S-1-5-21-3356595372-2875079322-2432392346-1001 - Administrator - Enabled) => C:\Users\herbert
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Managed Antivirus-Anti-Malware (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Managed Antivirus-Anti-Malware (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Advanced Monitoring Agent (HKLM-x32\...\Advanced Monitoring Agent_is1) (Version: - )
Advanced Monitoring Agent Network Management (HKLM\...\{F88FE7C0-2B64-405B-9197-25F8BE135460}_is1) (Version: 9.0.0.707 - LogicNow, Ltd.)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
ArcSoft TotalMedia (HKLM-x32\...\ArcSoft TotalMedia) (Version: 2.0.39.12 - ArcSoft)
ArcSoft TotalMedia (x32 Version: 1.0.48.25 - ArcSoft) Hidden
ArcSoft Webcam Sharing Manager (HKLM-x32\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 2.0.0.30 - ArcSoft)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{63E42DE7-C468-31B0-E373-173C67C87B88}) (Version: 3.0.820.0 - ATI Technologies, Inc.)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.02.000.55 - Atheros Communications)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-Lot - The Elizabethan Era (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Endpoint (Version: 5.3.23 - Bitdefender) Hidden
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
Evernote v. 4.2.2 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.2.3979 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Free YouTube to MP3 Converter version 3.12.57.324 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.57.324 - DVDVideoSoft Ltd.)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GFI LanGuard 11 Agent (x32 Version: 11.0.2012.0717 - GFI Software Ltd) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HP 3D DriveGuard (HKLM\...\{EE971BDB-D883-4711-8F95-600E53103283}) (Version: 4.1.4.1 - Hewlett-Packard Company)
HP Connection Manager (HKLM-x32\...\{4B21E4B2-89B8-499D-803A-34ABF929401E}) (Version: 4.1.10.1 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{6A9C9BE1-14A3-42ED-A388-42E30A1412E9}) (Version: 1.2.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{CFC1988A-F492-4BC5-B6F7-683A95718AE9}) (Version: 1.1.11.1 - Hewlett-Packard Company)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)
HP HotKey Support (HKLM\...\{7D1C63D1-6520-49DA-B738-958133526E80}) (Version: 4.0.10.1 - Hewlett-Packard Company)
HP Power Assistant (HKLM\...\{3D8EDF72-13CC-4E51-AAB6-32A20524D2E0}) (Version: 2.0.2.0 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{20976B1F-E910-404D-9261-C16EE7E12DC8}) (Version: 3.0.0.9057 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{03046EBB-CB7C-4B98-BEFB-690EB955DA22}) (Version: 8.5.4526.3645 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{344A1AA2-AC8E-4741-BDB0-65B68FDA883C}) (Version: 3.2.0.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{B7F60A16-7A7B-41FB-9AE3-DE9E324FBA06}) (Version: 4.0.112.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{531000B3-DBEE-4115-BBF3-DA48B67C053F}) (Version: 8.2.1.1 - Hewlett-Packard Company)
HP System Default Settings (HKLM-x32\...\{54C65FE7-83BD-4A5B-A9B4-41F793C5F241}) (Version: 2.1.2 - Hewlett-Packard Company)
HP Wallpaper (HKLM-x32\...\{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}) (Version: 2.00 - Hewlett-Packard Company)
HP Webcam Driver (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50058.0 - Sonix)
HPAsset component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6325.0 - IDT)
Insaniquarium Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel(R) Identity Protection Technology 1.0.71.0 (HKLM-x32\...\{2C43790E-8470-1027-82D3-DF319F3C410F}) (Version: 1.0.71.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Jewel Quest II (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.57.2 - JMicron Technology Corp.)
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Managed Antivirus (HKLM\...\Endpoint Security) (Version: 5.3.23.713 - IT@WORK GmbH Antivirus)
Managed Antivirus Master Service (HKLM\...\{F88FE7C0-2B64-405B-9197-25F8BE135459}_is1) (Version: 14.0.0.845 - LogicNow, Inc.)
Maschinenschreiben Deluxe 1.2.42 (HKLM-x32\...\Maschinenschreiben Deluxe_is1) (Version: - Sergej Vinarski)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{DF2035BE-5820-4965-BD97-7FAF8D4A7879}) (Version: 1.0.0 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 23.003.07.01.801 - Huawei Technologies Co.,Ltd)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
ownCloud (HKLM-x32\...\ownCloud) (Version: 2.0.2.5569 - ownCloud)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.33 - PDF Complete, Inc)
pdfFactory Pro (HKLM\...\pdfFactory Pro) (Version: 4.81 - FinePrint Software, LLC)
PDF-XChange 2012 Pro (HKLM\...\{F92F0AAB-2EF6-412C-8BF4-0B11EB535280}_is1) (Version: 5.5.308.2 - Tracker Software Products Ltd)
PDF-XChange Editor (HKLM-x32\...\{87738bc6-bdf0-4e55-86b5-32ddece8f51d}) (Version: 5.5.308.2 - Tracker Software Products (Canada) Ltd.)
PDF-XChange Editor (Version: 5.5.308.2 - Tracker Software Products (Canada) Ltd.) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 1.12.0016 - Realtek)
SDK (x32 Version: 2.24.025 - Portrait Displays, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.13.0 - Synaptics Incorporated)
Take Control Viewer 6.0 (HKLM-x32\...\Take Control Viewer_is1) (Version: - )
TeamViewer 10 Host (HKLM-x32\...\TeamViewer) (Version: 10.0.43879 - TeamViewer)
Validity Fingerprint Sensor Driver (HKLM\...\{FFC3E41D-2C2B-45B7-9AD9-5EA19572DD26}) (Version: 4.3.117.0 - Validity Sensors, Inc.)
VIP Access SDK x64(1.0.0.50) (HKLM-x32\...\VIP Access SDK) (Version: 1.0.0.50 - Symantec Inc.)
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Xobni Core (x32 Version: 1.0.0 - Xobni, Inc.) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
12-10-2015 12:55:45 Windows Update
15-10-2015 09:56:59 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
29-10-2015 09:14:45 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0665D523-1B20-425E-9A76-CDC5882D349F} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-18] (Adobe Systems Incorporated)
Task: {29B35C2F-5000-4B36-BB76-D4E2710E1D4F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {445B7214-A18E-420C-BC33-EB7D2C6BBFE9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-26] (Google Inc.)
Task: {45F2B70B-3477-407D-B843-4E83B0D92C43} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-26] (Google Inc.)
Task: {55298305-2873-44B8-A750-3828D2FD061F} - System32\Tasks\HPCeeScheduleForHERBERT-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {5562CAA4-7188-4A74-B354-C8BB849C7362} - System32\Tasks\Hewlett-Packard\HP Support Assistant\First Boot => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe
Task: {7DF669F2-B174-43EF-972D-7FB3DA5247F8} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {BA222F15-D8C3-449E-8ECB-AB6FE82E3D69} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForHERBERT-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-09-11 08:35 - 2007-02-09 03:41 - 00014848 _____ () C:\windows\System32\KOAZHJAL.dll
2015-09-03 08:18 - 2013-09-04 17:18 - 00265080 _____ () C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\txmlutil.dll
2015-06-19 02:31 - 2015-06-19 02:31 - 00059392 _____ () C:\Program Files (x86)\ownCloud\shellext\OCUtil_x64.dll
2011-01-27 06:11 - 2011-01-27 06:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-10-21 09:36 - 2015-10-21 09:36 - 01704974 _____ () C:\Program Files (x86)\ownCloud\owncloud.exe
2011-01-27 02:14 - 2011-01-27 02:14 - 00036408 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Remote.dll
2015-09-16 20:33 - 2015-09-16 20:33 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2011-03-14 16:27 - 2011-03-14 16:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2015-07-27 18:28 - 2012-05-09 02:11 - 00655712 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
2011-03-22 19:17 - 2011-03-22 19:17 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-03-14 19:16 - 2011-03-14 19:16 - 00024576 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingResources.dll
2011-03-28 20:44 - 2011-03-28 20:44 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-01-27 02:13 - 2011-01-27 02:13 - 00080440 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\HardwareAccess.dll
2011-01-27 02:13 - 2011-01-27 02:13 - 00047160 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\Graphs.dll
2011-05-03 19:25 - 2011-01-27 01:34 - 01083392 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.dll
2010-06-24 03:21 - 2010-06-24 03:21 - 01102336 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\System.Data.SQLite.dll
2015-08-31 08:21 - 2015-10-21 12:38 - 00236776 _____ () C:\Program Files\Advanced Monitoring Agent Network Management\agentCommon.dll
2015-08-31 08:21 - 2015-10-21 12:38 - 00038120 _____ () C:\Program Files\Advanced Monitoring Agent Network Management\agentCloudCommon.dll
2015-08-31 08:21 - 2015-10-21 12:38 - 00069864 _____ () C:\Program Files\Advanced Monitoring Agent Network Management\agentCloudSharedCode.dll
2015-08-31 08:21 - 2015-10-21 12:38 - 00418536 _____ () C:\Program Files\Advanced Monitoring Agent Network Management\DiscoveryLibrary.dll
2015-08-31 08:21 - 2015-10-21 12:38 - 00023272 _____ () C:\Program Files\Advanced Monitoring Agent Network Management\CannonballSocket.dll
2015-10-01 09:01 - 2015-09-15 12:28 - 00240640 _____ () C:\Program Files\Advanced Monitoring Agent Network Management\websocket-sharp.dll
2015-09-03 08:14 - 2015-11-03 10:38 - 00229608 _____ () C:\Program Files\Managed Antivirus\Managed Antivirus Master Service\agentCommon.dll
2015-09-03 08:14 - 2015-11-03 10:38 - 00036584 _____ () C:\Program Files\Managed Antivirus\Managed Antivirus Master Service\agentCloudCommon.dll
2015-09-03 08:14 - 2015-11-03 10:38 - 00071400 _____ () C:\Program Files\Managed Antivirus\Managed Antivirus Master Service\agentCloudSharedCode.dll
2015-09-03 08:14 - 2015-11-03 10:38 - 00118504 _____ () C:\Program Files\Managed Antivirus\Managed Antivirus Master Service\BDEndpointSDK.dll
2015-09-03 08:14 - 2015-11-03 10:38 - 00022760 _____ () C:\Program Files\Managed Antivirus\Managed Antivirus Master Service\CannonballSocket.dll
2015-09-09 07:57 - 2015-09-03 15:38 - 00240640 _____ () C:\Program Files\Managed Antivirus\Managed Antivirus Master Service\websocket-sharp.dll
2015-10-21 09:36 - 2015-10-21 09:36 - 00670222 _____ () C:\Program Files (x86)\ownCloud\libocsync.dll
2015-08-06 08:59 - 2015-08-06 08:59 - 00097326 _____ () C:\Program Files (x86)\ownCloud\libgcc_s_sjlj-1.dll
2015-08-06 08:59 - 2015-08-06 08:59 - 00922727 _____ () C:\Program Files (x86)\ownCloud\libstdc++-6.dll
2015-10-21 09:36 - 2015-10-21 09:36 - 00977422 _____ () C:\Program Files (x86)\ownCloud\libowncloudsync.dll
2015-08-06 08:10 - 2015-08-06 08:10 - 00085548 _____ () C:\Program Files (x86)\ownCloud\zlib1.dll
2015-08-06 16:48 - 2015-08-06 16:48 - 00051095 _____ () C:\Program Files (x86)\ownCloud\libqt5keychain.dll
2015-08-06 08:21 - 2015-08-06 08:21 - 02197765 _____ () C:\Program Files (x86)\ownCloud\icui18n53.dll
2015-08-06 08:21 - 2015-08-06 08:21 - 01308778 _____ () C:\Program Files (x86)\ownCloud\icuuc53.dll
2015-08-06 08:21 - 2015-08-06 08:21 - 21539975 _____ () C:\Program Files (x86)\ownCloud\icudata53.dll
2015-08-06 08:11 - 2015-08-06 08:11 - 00148117 _____ () C:\Program Files (x86)\ownCloud\libpcre16-0.dll
2015-08-06 08:16 - 2015-08-06 08:16 - 01366986 _____ () C:\Program Files (x86)\ownCloud\libGLESv2.dll
2015-08-06 08:14 - 2015-08-06 08:14 - 00209711 _____ () C:\Program Files (x86)\ownCloud\libpng16-16.dll
2015-08-06 08:16 - 2015-08-06 08:16 - 00154982 _____ () C:\Program Files (x86)\ownCloud\libEGL.dll
2015-08-06 08:14 - 2015-08-06 08:14 - 00350662 _____ () C:\Program Files (x86)\ownCloud\libjpeg-8.dll
2015-08-06 08:17 - 2015-08-06 08:17 - 00689339 _____ () C:\Program Files (x86)\ownCloud\libsqlite3-0.dll
2015-08-06 10:35 - 2015-08-06 10:35 - 00247540 _____ () C:\Program Files (x86)\ownCloud\libwebp-4.dll
2015-08-06 08:26 - 2015-08-06 08:26 - 01169416 _____ () C:\Program Files (x86)\ownCloud\libxml2-2.dll
2015-08-06 10:38 - 2015-08-06 10:38 - 00231727 _____ () C:\Program Files (x86)\ownCloud\libxslt-1.dll
2015-10-12 12:01 - 2014-05-13 11:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-10-12 12:01 - 2014-05-13 11:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-10-12 12:01 - 2014-05-13 11:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2012-07-17 17:20 - 2012-07-17 17:20 - 00305520 _____ () C:\Program Files (x86)\Advanced Monitoring Agent\patchman\apistrings.dll
2012-07-17 17:24 - 2012-07-17 17:24 - 00159600 _____ () C:\Program Files (x86)\Advanced Monitoring Agent\patchman\modlop.dll
2012-07-23 13:32 - 2012-07-23 13:32 - 00099184 _____ () C:\Program Files (x86)\Advanced Monitoring Agent\patchman\httpserverattplugin.dll
2013-05-23 15:05 - 2013-05-23 15:05 - 02021240 _____ () C:\Program Files (x86)\Advanced Monitoring Agent\patchman\crmimodule.dll
2015-04-16 12:57 - 2015-04-16 12:57 - 00208496 _____ () C:\Program Files (x86)\Advanced Monitoring Agent\patchman\patchautodownload.dll
2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2013-01-21 13:05 - 2013-01-21 13:05 - 00183672 _____ () C:\Program Files (x86)\Advanced Monitoring Agent\patchman\scanmngsys.dll
2012-07-17 17:29 - 2012-07-17 17:29 - 00049520 _____ () C:\Program Files (x86)\Advanced Monitoring Agent\patchman\schedcompactdb.dll
2012-07-17 17:29 - 2012-07-17 17:29 - 00054640 _____ () C:\Program Files (x86)\Advanced Monitoring Agent\patchman\schedupdates.dll
2015-07-27 18:28 - 2009-01-10 11:32 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll
2015-07-27 18:28 - 2009-06-22 19:42 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll
2015-07-27 18:28 - 2010-05-14 10:57 - 02415104 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll
2015-07-27 18:28 - 2010-02-10 15:10 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll
2015-07-27 18:28 - 2012-05-09 02:11 - 00843264 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll
2015-07-27 18:28 - 2010-02-10 15:06 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll
2015-10-12 12:01 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-10-12 12:01 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2010-06-24 03:19 - 2010-06-24 03:19 - 00514570 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll
2015-03-06 09:36 - 2015-03-06 09:36 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\9b1cac8d98bd69d3e56a26ff2f96f266\IsdiInterop.ni.dll
2015-03-05 13:03 - 2011-01-13 02:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\herbert.bruckmueller\Downloads\adwcleaner_5.013.exe:BDU
AlternateDataStreams: C:\Users\herbert.bruckmueller\Downloads\ccsetup510.exe:BDU
AlternateDataStreams: C:\Users\herbert.bruckmueller\Downloads\FRST64.exe:BDU
AlternateDataStreams: C:\Users\herbert.bruckmueller\Downloads\HitmanPro Alert - CHIP-Installer.exe:BDU
AlternateDataStreams: C:\Users\herbert.bruckmueller\Downloads\jxpiinstall.exe:BDU
AlternateDataStreams: C:\Users\herbert.bruckmueller\Downloads\mbam-setup-2.1.8.1057.exe:BDU
AlternateDataStreams: C:\Users\herbert.bruckmueller\Downloads\ownCloud-2.0.1.5446-setup.exe:BDU
AlternateDataStreams: C:\Users\herbert.bruckmueller\Downloads\SpyBot Search Destroy - CHIP-Installer.exe:BDU
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\Control Panel\Desktop\\Wallpaper -> C:\Users\herbert.bruckmueller\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [{378F5AE0-29BE-4FB1-A025-622573ED7744}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{92D21149-C10A-48CF-A1AA-4271503E5AFB}] => (Allow) LPort=2869
FirewallRules: [{A4522E36-05CF-4099-B431-21A021329DDD}] => (Allow) LPort=1900
FirewallRules: [{3F869980-9D87-4EEF-A11A-C3709BC0EAD8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{49F5A482-5E57-4E77-9001-F50260B5A5A6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0EB42DC3-656C-48BC-B076-4C7A3AA2638B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{DB4B3BE4-47DF-4F52-8739-7363D20539AE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{334F4E91-133F-41D1-B01D-E4298A512C0A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{0F585636-D2D7-4324-814B-2307341514AD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{79DEAA23-3BB3-4659-ABE5-9CE99675E538}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5591D9A5-0F32-4274-8E72-50532CBE129C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CC0FB581-27E8-4449-8E65-1E3EC8495CE9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{30C4D01B-AF92-4B9B-B6B6-9F1673DC822B}] => (Allow) C:\Program Files\Advanced Monitoring Agent Network Management\NetworkManagement.exe
FirewallRules: [{EB5E71AD-9F11-433B-99E5-A4EF5E1C9172}] => (Allow) C:\Program Files\Advanced Monitoring Agent Network Management\NetworkManagement.exe
FirewallRules: [{3B9F58C0-8763-4099-9F09-D4B8F247EB9D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{6FE2AEBB-66FB-4D5D-AA51-9A5FA3C27F56}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{05BC743A-7D46-4F55-BB0E-9213A56F84AA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/07/2015 11:44:25 AM) (Source: Outlook) (EventID: 35) (User: )
Description: Fehler beim Bestimmen, ob sich der Speicher im Durchforstungsbereich befindet (Fehler=0x80070002).
Error: (11/07/2015 11:44:25 AM) (Source: Outlook) (EventID: 34) (User: )
Description: Fehler beim Abrufen des Durchforstungsbereichs-Managers. Fehler=0x80070002.
Error: (11/07/2015 11:44:25 AM) (Source: Outlook) (EventID: 35) (User: )
Description: Fehler beim Bestimmen, ob sich der Speicher im Durchforstungsbereich befindet (Fehler=0x80070002).
Error: (11/07/2015 11:44:25 AM) (Source: Outlook) (EventID: 34) (User: )
Description: Fehler beim Abrufen des Durchforstungsbereichs-Managers. Fehler=0x80070002.
Error: (11/07/2015 11:34:25 AM) (Source: ManagedAntivirus) (EventID: 0) (User: )
Description: PowerEvent wurde nicht verarbeitet. Aufgetretener Fehler: agentCommon.RunningQueue+ItemNotFoundException: Item named: 'SCHEDULED_QUICK_SCAN' could not be found
bei agentCommon.RunningListBackedQueue.Reschedule(String itemName, Func`2 repeatFunction, ScheduleExecutionOptions options, Nullable`1 utcLastSucceeded, Nullable`1 utcLastFailed, Boolean abortIfRunning, Boolean onlyIfIdle)
bei agentCommon.RunningQueue.RescheduleIfNotRunning(String itemName, Func`2 repeatFunction, ScheduleExecutionOptions options, Nullable`1 utcLastSucceeded, Nullable`1 utcLastFailed)
bei agent.AV.Engine.MachineWokeFromSleep()
bei agent.AgentService.OnPowerEvent(PowerBroadcastStatus powerStatus)
bei System.ServiceProcess.ServiceBase.DeferredPowerEvent(Int32 eventType, IntPtr eventData)
Error: (11/07/2015 11:34:23 AM) (Source: Outlook) (EventID: 35) (User: )
Description: Fehler beim Bestimmen, ob sich der Speicher im Durchforstungsbereich befindet (Fehler=0x80070002).
Error: (11/07/2015 11:34:23 AM) (Source: Outlook) (EventID: 35) (User: )
Description: Fehler beim Bestimmen, ob sich der Speicher im Durchforstungsbereich befindet (Fehler=0x80070002).
Error: (11/07/2015 11:34:23 AM) (Source: Outlook) (EventID: 34) (User: )
Description: Fehler beim Abrufen des Durchforstungsbereichs-Managers. Fehler=0x80070002.
Error: (11/07/2015 11:34:23 AM) (Source: Outlook) (EventID: 34) (User: )
Description: Fehler beim Abrufen des Durchforstungsbereichs-Managers. Fehler=0x80070002.
Error: (11/05/2015 07:13:13 PM) (Source: Validity USDK) (EventID: 40) (User: )
Description: SSL alert by host: Description is: 47.
Systemfehler:
=============
Error: (11/07/2015 11:33:58 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT-AUTORITÄT)
Description: Bei der Verarbeitung der Gruppenrichtlinie ist aufgrund fehlender Netzwerkkonnektivität mit einem Domänencontroller ein Fehler aufgetreten. Dies kann eine vorübergehende Bedingung sein. Es wird eine Erfolgsmeldung generiert, wenn die Verbindung des Computers mit dem Domänencontroller wiederhergestellt wurde und wenn die Gruppenrichtlinie erfolgreich verarbeitet wurde. Falls für mehrere Stunden keine Erfolgsmeldung angezeigt wird, wenden Sie sich an den Administrator.
Error: (11/07/2015 11:33:58 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: BERNDORF)
Description: Bei der Verarbeitung der Gruppenrichtlinie ist aufgrund fehlender Netzwerkkonnektivität mit einem Domänencontroller ein Fehler aufgetreten. Dies kann eine vorübergehende Bedingung sein. Es wird eine Erfolgsmeldung generiert, wenn die Verbindung des Computers mit dem Domänencontroller wiederhergestellt wurde und wenn die Gruppenrichtlinie erfolgreich verarbeitet wurde. Falls für mehrere Stunden keine Erfolgsmeldung angezeigt wird, wenden Sie sich an den Administrator.
Error: (11/05/2015 07:05:31 PM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: Der Computer konnte eine sichere Sitzung mit einem
Domänencontroller in der Domäne BERNDORF aufgrund der folgenden
Ursache nicht einrichten:
%%1311
Dies kann zu Authentifizierungsproblemen führen. Stellen
Sie sicher, dass der Computer mit dem Netzwerk verbunden ist.
Wenden Sie sich an den Domänenadministrator, wenn das Problem
weiterhin besteht.
ZUSÄTZLICHE INFORMATIONEN
Wenn dieser Computer ein Domänencontroller der bestimmten
Domäne ist, wird eine sichere Sitzung zum primären
Domänencontrolleremulator in der bestimmten Domäne eingerichtet.
Andernfalls richtet dieser Computer eine sichere Sitzung zu
einem beliebigen Domänencontroller in der bestimmten Domäne ein.
Error: (11/05/2015 07:05:12 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: BERNDORF)
Description: Bei der Verarbeitung der Gruppenrichtlinie ist aufgrund fehlender Netzwerkkonnektivität mit einem Domänencontroller ein Fehler aufgetreten. Dies kann eine vorübergehende Bedingung sein. Es wird eine Erfolgsmeldung generiert, wenn die Verbindung des Computers mit dem Domänencontroller wiederhergestellt wurde und wenn die Gruppenrichtlinie erfolgreich verarbeitet wurde. Falls für mehrere Stunden keine Erfolgsmeldung angezeigt wird, wenden Sie sich an den Administrator.
Error: (11/05/2015 07:05:12 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT-AUTORITÄT)
Description: Bei der Verarbeitung der Gruppenrichtlinie ist aufgrund fehlender Netzwerkkonnektivität mit einem Domänencontroller ein Fehler aufgetreten. Dies kann eine vorübergehende Bedingung sein. Es wird eine Erfolgsmeldung generiert, wenn die Verbindung des Computers mit dem Domänencontroller wiederhergestellt wurde und wenn die Gruppenrichtlinie erfolgreich verarbeitet wurde. Falls für mehrere Stunden keine Erfolgsmeldung angezeigt wird, wenden Sie sich an den Administrator.
Error: (11/05/2015 07:05:10 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst HP Power Assistant Service erreicht.
Error: (11/04/2015 02:38:43 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst hpqwmiex erreicht.
Error: (11/04/2015 12:18:42 PM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: Der Computer konnte eine sichere Sitzung mit einem
Domänencontroller in der Domäne BERNDORF aufgrund der folgenden
Ursache nicht einrichten:
%%1311
Dies kann zu Authentifizierungsproblemen führen. Stellen
Sie sicher, dass der Computer mit dem Netzwerk verbunden ist.
Wenden Sie sich an den Domänenadministrator, wenn das Problem
weiterhin besteht.
ZUSÄTZLICHE INFORMATIONEN
Wenn dieser Computer ein Domänencontroller der bestimmten
Domäne ist, wird eine sichere Sitzung zum primären
Domänencontrolleremulator in der bestimmten Domäne eingerichtet.
Andernfalls richtet dieser Computer eine sichere Sitzung zu
einem beliebigen Domänencontroller in der bestimmten Domäne ein.
Error: (11/03/2015 06:30:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Mobile Partner. OUC" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (11/03/2015 06:30:41 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Mobile Partner. OUC erreicht.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Prozentuale Nutzung des RAM: 70%
Installierter physikalischer RAM: 4030.36 MB
Verfügbarer physikalischer RAM: 1180.81 MB
Summe virtueller Speicher: 8058.92 MB
Verfügbarer virtueller Speicher: 4913.53 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:572.98 GB) (Free:483.1 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (HP_RECOVERY) (Fixed) (Total:17.9 GB) (Free:2.68 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (HP_TOOLS) (Fixed) (Total:4.99 GB) (Free:2.13 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: F2D83907)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=573 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=5 GB) - (Type=0C)
==================== Ende von Addition.txt ============================
|
|
07.11.2015, 12:01
| #4 |
| | Bank Austria Onlinebanking, falsche Webseite Sorry! Hier auch FRST Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-11-2015
durchgeführt von Herbert.Bruckmueller (Administrator) auf HERBERT-HP (07-11-2015 11:50:06)
Gestartet von C:\Users\herbert.bruckmueller\Downloads
Geladene Profile: Herbert.Bruckmueller (Verfügbare Profile: Herbert.Bruckmueller & herbert & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Remote Monitoring) C:\Program Files (x86)\Advanced Monitoring Agent\winagent.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Bitdefender) C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\EndpointIntegration.exe
(Bitdefender) C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\EndpointService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files (x86)\ownCloud\owncloud.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(GFI Software Development Ltd.) C:\Program Files (x86)\Advanced Monitoring Agent\patchman\lnssatt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Bitdefender) C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\UpdateService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Bitdefender) C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\Console.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(LogicNow Ltd) C:\Program Files\Advanced Monitoring Agent Network Management\NetworkManagement.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(LogicNow Ltd) C:\Program Files\Managed Antivirus\Managed Antivirus Master Service\ManagedAntivirus.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2919992 2011-01-27] (Hewlett-Packard Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2803496 2011-06-24] (Synaptics Incorporated)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [615584 2011-01-06] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2011-01-06] (Atheros Commnucations)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [835072 2011-01-27] (IDT, Inc.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [299576 2011-01-28] (Hewlett-Packard Company)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation)
HKLM-x32\...\Run: [HPConnectionManager] => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [94264 2011-04-05] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\...\Run: [ownCloud] => C:\Program Files (x86)\ownCloud\owncloud.exe [1704974 2015-10-21] ()
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\...\MountPoints2: {7e879ff7-2927-11e5-8933-68a3c4f13d1d} - G:\AutoRun.exe
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\...\MountPoints2: {7e87a00c-2927-11e5-8933-68a3c4f13d1d} - G:\AutoRun.exe
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\...\MountPoints2: {e96b72f9-391d-11e5-aa11-68a3c4f13d1d} - G:\AutoRun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\windows\System32\SPReview\SPReview.exe [301568 2015-03-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCErrorShared] -> {0960F091-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCSyncShared] -> {0960F095-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCWarningShared] -> {0960F097-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Outlook 2010.lnk [2015-03-05]
ShortcutTarget: Microsoft Outlook 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe ()
Startup: C:\Users\herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\aBMainFX - Verknüpfung.lnk [2015-03-05]
ShortcutTarget: aBMainFX - Verknüpfung.lnk -> \\SRVBER\artBase\aB-Agenta Programm\aBMainFX.exe (Keine Datei)
Startup: C:\Users\herbert.bruckmueller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\aBMainFX - Verknüpfung.lnk [2015-03-05]
ShortcutTarget: aBMainFX - Verknüpfung.lnk -> \\SRVBER\artBase\aB-Agenta Programm\aBMainFX.exe (Keine Datei)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
AutoConfigURL: [S-1-5-21-2274497662-1395199413-223734523-1123] => hxxps://tonnelrock.net/tonnel.js
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{4D81B0A2-95DD-45B4-88CE-7F88B7454444}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{666BA3F3-F79E-49C5-BBB4-558596EF1C92}: [DhcpNameServer] 192.168.3.10
Tcpip\..\Interfaces\{C72A97B7-69C3-42BF-90C4-A85317D8F4EB}: [NameServer]
Tcpip\..\Interfaces\{C72A97B7-69C3-42BF-90C4-A85317D8F4EB}: [DhcpNameServer] 194.48.128.199 194.48.139.254
Tcpip\..\Interfaces\{CBA08DEB-ACD3-4B93-9CDF-84E237E532BE}: [NameServer] 194.48.139.254 194.48.128.199
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: PDFXChange 2012 -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} -> C:\Program Files\Tracker Software\PDF-XChange 5\Win32\PXCIEaddin5.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-22] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-06] (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-22] (Oracle Corporation)
Toolbar: HKLM-x32 - PDFXChange 2012 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange 5\Win32\PXCIEaddin5.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FireFox:
========
FF ProfilePath: C:\Users\herbert.bruckmueller\AppData\Roaming\Mozilla\Firefox\Profiles\otkxoekz.default
FF SearchEngineOrder.1: Ask Search
FF SelectedSearchEngine: Google
FF Homepage: hxxps://www.google.at/?gws_rd=ssl
FF NetworkProxy: "autoconfig_url", "https://tonnelrock.net/tonnel.js"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-18] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2274497662-1395199413-223734523-1123: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
Chrome:
=======
CHR Profile: C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-26]
CHR Extension: (Docs) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-26]
CHR Extension: (Google Drive) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-27]
CHR Extension: (YouTube) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-26]
CHR Extension: (Google-Suche) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-27]
CHR Extension: (Google Tabellen) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-26]
CHR Extension: (Google Präsentationen) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-21]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-27]
CHR Extension: (Google Mail) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-27]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Advanced Monitoring Agent; C:\Program Files (x86)\Advanced Monitoring Agent\winagent.exe [8523264 2015-10-21] (Remote Monitoring) [Datei ist nicht signiert]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-01-06] (Atheros) [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [53920 2011-01-06] (Atheros Commnucations) [Datei ist nicht signiert]
R2 EndpointIntegration; C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\EndpointIntegration.exe [398480 2015-05-20] (Bitdefender)
R2 EndpointService; C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\EndpointService.exe [398480 2015-05-20] (Bitdefender)
S2 epag; C:\Program Files\Common Files\IT@WORK GmbH Antivirus\Endpoint Agent\epag.exe [3580632 2015-06-12] (Bitdefender)
R2 gfi_lanss11_attservice; C:\Program Files (x86)\Advanced Monitoring Agent\patchman\lnssatt.exe [118640 2012-07-17] (GFI Software Development Ltd.)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [281656 2011-01-28] (Hewlett-Packard Company)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 ManagedAntivirus; C:\Program Files\Managed Antivirus\Managed Antivirus Master Service\ManagedAntivirus.exe [278248 2015-11-03] (LogicNow Ltd)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [655712 2012-05-09] ()
R2 NetworkManagement; C:\Program Files\Advanced Monitoring Agent Network Management\NetworkManagement.exe [191208 2015-10-21] (LogicNow Ltd)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5490448 2015-06-18] (TeamViewer GmbH)
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
R2 UpdateService; C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\UpdateService.exe [398480 2015-05-20] (Bitdefender)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1369288 2015-05-28] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [747120 2015-05-28] (BitDefender)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2015-02-11] (GFI Software)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [161592 2015-07-22] (BitDefender LLC)
S3 hitmanpro37; C:\windows\system32\drivers\hitmanpro37.sys [41080 2015-10-13] ()
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [238080 2012-04-23] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1826048 2010-12-21] ()
R2 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-16] (BitDefender S.R.L.)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-07 11:50 - 2015-11-07 11:51 - 00025322 _____ C:\Users\herbert.bruckmueller\Downloads\FRST.txt
2015-11-07 11:48 - 2015-11-07 11:50 - 00000000 ____D C:\FRST
2015-11-07 11:48 - 2015-11-07 11:48 - 02198528 _____ (Farbar) C:\Users\herbert.bruckmueller\Downloads\FRST64.exe
2015-11-04 13:29 - 2015-11-04 13:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-02 11:41 - 2015-11-02 11:41 - 00028806 _____ C:\Users\herbert.bruckmueller\Desktop\Kopie von Herbert Kunden Report 2015.xlsx
2015-10-29 09:13 - 2015-10-29 09:14 - 00000000 ____D C:\Users\herbert.bruckmueller\Desktop\Katzinger
2015-10-27 10:30 - 2015-10-27 10:30 - 00000376 _____ C:\windows\PFRO.log
2015-10-19 08:46 - 2015-10-19 08:46 - 00026500 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(5).aspx
2015-10-19 08:46 - 2015-10-19 08:46 - 00026500 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(4).aspx
2015-10-19 08:45 - 2015-10-19 08:45 - 00026299 _____ C:\Users\herbert.bruckmueller\Downloads\FileView.aspx
2015-10-19 08:45 - 2015-10-19 08:45 - 00026299 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(3).aspx
2015-10-19 08:45 - 2015-10-19 08:45 - 00026299 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(2).aspx
2015-10-19 08:45 - 2015-10-19 08:45 - 00026299 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(1).aspx
2015-10-15 10:01 - 2015-10-15 10:01 - 00001251 _____ C:\Users\herbert.bruckmueller\Desktop\SIVAG Wiki.lnk
2015-10-15 09:58 - 2015-11-07 11:51 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\Local\ownCloud
2015-10-15 09:58 - 2015-10-27 10:32 - 00000000 ____D C:\Users\herbert.bruckmueller\SIVAG Wiki
2015-10-15 09:57 - 2015-10-29 09:15 - 00001019 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ownCloud.lnk
2015-10-15 09:57 - 2015-10-29 09:15 - 00001007 _____ C:\Users\Public\Desktop\ownCloud.lnk
2015-10-15 09:56 - 2015-10-29 09:15 - 00000000 ____D C:\Program Files (x86)\ownCloud
2015-10-15 09:50 - 2015-10-15 09:52 - 39174288 _____ (ownCloud) C:\Users\herbert.bruckmueller\Downloads\ownCloud-2.0.1.5446-setup.exe
2015-10-13 12:32 - 2015-10-13 12:32 - 00041080 _____ C:\windows\system32\Drivers\hitmanpro37.sys
2015-10-13 09:27 - 2015-10-13 12:34 - 00000000 ____D C:\Program Files\HitmanPro
2015-10-13 09:27 - 2015-10-13 10:20 - 00000000 ____D C:\ProgramData\HitmanPro
2015-10-13 09:24 - 2015-10-13 09:24 - 13380715 _____ C:\Users\herbert.bruckmueller\Downloads\HitmanPro_3.7.9.242.zip
2015-10-13 09:22 - 2015-10-22 10:44 - 00000000 ____D C:\Users\herbert.bruckmueller\.oracle_jre_usage
2015-10-13 09:22 - 2015-10-13 09:22 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\Roaming\Sun
2015-10-13 09:22 - 2015-10-13 09:22 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\LocalLow\Sun
2015-10-13 09:21 - 2015-10-22 10:44 - 00000000 ____D C:\ProgramData\Oracle
2015-10-13 09:21 - 2015-10-22 10:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-13 09:21 - 2015-10-22 10:43 - 00097888 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2015-10-13 09:21 - 2015-10-22 10:43 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-13 09:20 - 2015-10-13 09:20 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\LocalLow\Oracle
2015-10-13 09:19 - 2015-10-13 09:19 - 00584288 _____ (Oracle Corporation) C:\Users\herbert.bruckmueller\Downloads\jxpiinstall.exe
2015-10-13 09:14 - 2015-10-13 09:14 - 01457952 _____ C:\Users\herbert.bruckmueller\Downloads\HitmanPro Alert - CHIP-Installer.exe
2015-10-12 18:25 - 2015-10-13 00:53 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2015-10-12 15:21 - 2015-11-03 18:29 - 00000616 _____ C:\windows\setupact.log
2015-10-12 15:21 - 2015-10-12 15:21 - 00000000 _____ C:\windows\setuperr.log
2015-10-12 15:09 - 2015-10-13 07:55 - 00000000 ____D C:\AdwCleaner
2015-10-12 15:08 - 2015-10-12 15:08 - 01682432 _____ C:\Users\herbert.bruckmueller\Downloads\adwcleaner_5.013.exe
2015-10-12 13:35 - 2015-07-30 14:13 - 00124624 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-10-12 13:35 - 2015-07-30 14:13 - 00103120 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-10-12 12:54 - 2015-07-23 01:06 - 05568960 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-10-12 12:54 - 2015-07-23 01:03 - 01730496 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-10-12 12:54 - 2015-07-23 01:03 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-10-12 12:54 - 2015-07-23 01:03 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-10-12 12:54 - 2015-07-23 01:03 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-10-12 12:54 - 2015-07-23 01:03 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 01390592 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-10-12 12:54 - 2015-07-23 01:02 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-10-12 12:54 - 2015-07-23 01:02 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-10-12 12:54 - 2015-07-23 01:01 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-10-12 12:54 - 2015-07-23 00:52 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-12 12:54 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:57 - 03989952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-10-12 12:54 - 2015-07-22 18:57 - 03934656 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-10-12 12:54 - 2015-07-22 18:54 - 01311768 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-10-12 12:54 - 2015-07-22 18:53 - 00641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2015-10-12 12:54 - 2015-07-22 18:53 - 00635392 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2015-10-12 12:54 - 2015-07-22 18:53 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-10-12 12:54 - 2015-07-22 18:53 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-10-12 12:54 - 2015-07-22 18:52 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-10-12 12:54 - 2015-07-22 18:52 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-10-12 12:54 - 2015-07-22 18:52 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-10-12 12:54 - 2015-07-22 18:52 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 17:48 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2015-10-12 12:54 - 2015-07-22 17:34 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-10-12 12:54 - 2015-07-22 17:34 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-10-12 12:54 - 2015-07-22 17:31 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 17:31 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 17:31 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-12 12:54 - 2015-07-22 17:31 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-12 12:54 - 2015-07-15 04:19 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\basesrv.dll
2015-10-12 12:54 - 2015-06-09 19:03 - 03180544 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2015-10-12 12:54 - 2015-06-09 19:03 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2015-10-12 12:53 - 2015-07-30 19:06 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2015-10-12 12:53 - 2015-07-30 19:06 - 01648128 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-10-12 12:53 - 2015-07-30 19:06 - 01180160 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-10-12 12:53 - 2015-07-30 18:57 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2015-10-12 12:53 - 2015-07-30 18:57 - 01251328 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2015-10-12 12:53 - 2015-07-15 19:15 - 00094656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2015-10-12 12:53 - 2015-07-15 19:10 - 01743360 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2015-10-12 12:53 - 2015-07-15 19:10 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2015-10-12 12:53 - 2015-07-15 04:17 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2015-10-12 12:53 - 2015-07-15 03:54 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2015-10-12 12:53 - 2015-06-02 01:07 - 00254976 _____ (Microsoft Corporation) C:\windows\system32\cewmdm.dll
2015-10-12 12:53 - 2015-06-02 00:47 - 00210432 _____ (Microsoft Corporation) C:\windows\SysWOW64\cewmdm.dll
2015-10-12 12:52 - 2015-08-05 19:02 - 00157016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-10-12 12:52 - 2015-08-05 19:02 - 00097112 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-10-12 12:52 - 2015-08-05 18:56 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 01216512 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 01110016 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00729088 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\icaapi.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-10-12 12:52 - 2015-08-05 18:55 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-10-12 12:52 - 2015-08-05 18:55 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-10-12 12:52 - 2015-08-05 18:50 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-10-12 12:52 - 2015-08-05 18:50 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-10-12 12:52 - 2015-08-05 18:46 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-10-12 12:52 - 2015-08-05 18:41 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-10-12 12:52 - 2015-08-05 18:41 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-10-12 12:52 - 2015-08-05 18:41 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-10-12 12:52 - 2015-08-05 18:41 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-10-12 12:52 - 2015-08-05 18:40 - 00552960 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-10-12 12:52 - 2015-08-05 18:40 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-10-12 12:52 - 2015-08-05 18:40 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-10-12 12:52 - 2015-08-05 18:40 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll
2015-10-12 12:52 - 2015-08-05 18:40 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2015-10-12 12:52 - 2015-08-05 18:40 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-10-12 12:52 - 2015-08-05 18:39 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2015-10-12 12:52 - 2015-08-05 18:39 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-10-12 12:52 - 2015-08-05 18:39 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-10-12 12:52 - 2015-08-05 18:34 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-10-12 12:52 - 2015-08-05 18:34 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-10-12 12:52 - 2015-08-05 18:30 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-10-12 12:52 - 2015-08-05 18:06 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2015-10-12 12:52 - 2015-08-05 17:38 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2015-10-12 12:52 - 2015-08-05 17:37 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2015-10-12 12:52 - 2015-08-05 17:37 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2015-10-12 12:52 - 2015-08-04 19:03 - 00692672 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2015-10-12 12:52 - 2015-08-04 19:00 - 00616360 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2015-10-12 12:52 - 2015-08-04 18:56 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2015-10-12 12:52 - 2015-08-04 18:56 - 00059392 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2015-10-12 12:52 - 2015-08-04 18:56 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2015-10-12 12:52 - 2015-08-04 18:55 - 00147456 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2015-10-12 12:52 - 2015-08-04 18:55 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2015-10-12 12:52 - 2015-08-04 18:47 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2015-10-12 12:52 - 2015-08-04 17:58 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2015-10-12 12:52 - 2015-07-16 20:12 - 06131200 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2015-10-12 12:52 - 2015-07-16 20:12 - 00856064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2015-10-12 12:52 - 2015-07-16 20:12 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2015-10-12 12:52 - 2015-07-16 20:11 - 07077376 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-10-12 12:52 - 2015-07-16 20:11 - 01057792 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2015-10-12 12:52 - 2015-07-16 20:11 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2015-10-12 12:52 - 2015-07-11 14:15 - 00429568 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2015-10-12 12:52 - 2015-06-25 11:06 - 00115136 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2015-10-12 12:52 - 2015-06-25 11:01 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2015-10-12 12:52 - 2015-06-25 11:01 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2015-10-12 12:52 - 2015-06-25 10:44 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2015-10-12 12:51 - 2015-09-25 19:07 - 03168768 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-10-12 12:51 - 2015-09-25 19:07 - 02607104 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-10-12 12:51 - 2015-09-25 19:07 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-10-12 12:51 - 2015-09-25 19:07 - 00192512 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-10-12 12:51 - 2015-09-25 19:07 - 00098816 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-10-12 12:51 - 2015-09-25 19:07 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-10-12 12:51 - 2015-09-25 19:07 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-10-12 12:51 - 2015-09-25 19:06 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-10-12 12:51 - 2015-09-25 19:06 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-10-12 12:51 - 2015-09-25 19:06 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-10-12 12:51 - 2015-09-25 19:06 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-10-12 12:51 - 2015-09-25 18:59 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-10-12 12:51 - 2015-09-25 18:59 - 00174080 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-10-12 12:51 - 2015-09-25 18:59 - 00093696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-10-12 12:51 - 2015-09-25 18:59 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-10-12 12:51 - 2015-09-25 18:58 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-10-12 12:51 - 2015-09-18 20:22 - 00025432 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2015-10-12 12:51 - 2015-09-18 20:19 - 01291264 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-10-12 12:51 - 2015-09-18 20:19 - 00766464 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-10-12 12:51 - 2015-09-18 20:19 - 00700416 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-10-12 12:51 - 2015-09-18 20:19 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-10-12 12:51 - 2015-09-18 20:19 - 00073216 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-10-12 12:51 - 2015-09-18 20:09 - 01163776 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-10-12 12:51 - 2015-07-09 18:57 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\notepad.exe
2015-10-12 12:51 - 2015-07-09 18:57 - 00193536 _____ (Microsoft Corporation) C:\windows\notepad.exe
2015-10-12 12:51 - 2015-07-09 18:42 - 00179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\notepad.exe
2015-10-12 12:51 - 2015-07-04 19:07 - 02087424 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2015-10-12 12:51 - 2015-07-04 18:48 - 01414656 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2015-10-12 12:51 - 2015-07-01 21:49 - 00260096 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2015-10-12 12:51 - 2015-07-01 21:48 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2015-10-12 12:51 - 2015-07-01 21:30 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2015-10-12 12:51 - 2015-07-01 21:30 - 00082432 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
2015-10-12 12:51 - 2015-06-17 18:47 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-10-12 12:51 - 2015-06-17 18:37 - 00312320 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2015-10-12 12:51 - 2015-06-15 22:45 - 03242496 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2015-10-12 12:51 - 2015-06-15 22:45 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2015-10-12 12:51 - 2015-06-15 22:44 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2015-10-12 12:51 - 2015-06-15 22:43 - 02364416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2015-10-12 12:51 - 2015-06-15 22:43 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2015-10-12 12:51 - 2015-06-15 22:42 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2015-10-12 12:51 - 2015-06-15 22:42 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2015-10-12 12:51 - 2015-06-15 22:37 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
2015-10-12 12:36 - 2015-08-18 02:42 - 00393304 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-10-12 12:36 - 2015-08-18 02:14 - 00344168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-10-12 12:36 - 2015-08-15 07:48 - 25190400 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-10-12 12:36 - 2015-08-15 07:34 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-10-12 12:36 - 2015-08-15 07:33 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-10-12 12:36 - 2015-08-15 07:18 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-10-12 12:36 - 2015-08-15 07:18 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-10-12 12:36 - 2015-08-15 07:17 - 02886144 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-10-12 12:36 - 2015-08-15 07:17 - 00585216 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-10-12 12:36 - 2015-08-15 07:17 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-10-12 12:36 - 2015-08-15 07:17 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-10-12 12:36 - 2015-08-15 07:10 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-10-12 12:36 - 2015-08-15 07:09 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-10-12 12:36 - 2015-08-15 07:06 - 19856896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-10-12 12:36 - 2015-08-15 07:06 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-10-12 12:36 - 2015-08-15 07:04 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-10-12 12:36 - 2015-08-15 07:04 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-10-12 12:36 - 2015-08-15 07:04 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-10-12 12:36 - 2015-08-15 07:04 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-10-12 12:36 - 2015-08-15 07:00 - 05923328 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-10-12 12:36 - 2015-08-15 06:57 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-10-12 12:36 - 2015-08-15 06:53 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-10-12 12:36 - 2015-08-15 06:53 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-10-12 12:36 - 2015-08-15 06:46 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-10-12 12:36 - 2015-08-15 06:42 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-10-12 12:36 - 2015-08-15 06:41 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-10-12 12:36 - 2015-08-15 06:40 - 00504832 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-10-12 12:36 - 2015-08-15 06:40 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-10-12 12:36 - 2015-08-15 06:39 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-10-12 12:36 - 2015-08-15 06:39 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-10-12 12:36 - 2015-08-15 06:39 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-10-12 12:36 - 2015-08-15 06:38 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-10-12 12:36 - 2015-08-15 06:35 - 02279424 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-10-12 12:36 - 2015-08-15 06:33 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-10-12 12:36 - 2015-08-15 06:32 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-10-12 12:36 - 2015-08-15 06:30 - 00479232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-10-12 12:36 - 2015-08-15 06:29 - 00665600 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-10-12 12:36 - 2015-08-15 06:29 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-10-12 12:36 - 2015-08-15 06:29 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-10-12 12:36 - 2015-08-15 06:24 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-10-12 12:36 - 2015-08-15 06:23 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-10-12 12:36 - 2015-08-15 06:22 - 02126336 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-10-12 12:36 - 2015-08-15 06:22 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-10-12 12:36 - 2015-08-15 06:21 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-10-12 12:36 - 2015-08-15 06:16 - 14451712 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-10-12 12:36 - 2015-08-15 06:16 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-12 12:36 - 2015-08-15 06:14 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-10-12 12:36 - 2015-08-15 06:12 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-10-12 12:36 - 2015-08-15 06:11 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-10-12 12:36 - 2015-08-15 06:10 - 04520448 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-10-12 12:36 - 2015-08-15 06:07 - 02427392 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-10-12 12:36 - 2015-08-15 06:04 - 12857344 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-10-12 12:36 - 2015-08-15 06:02 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-10-12 12:36 - 2015-08-15 06:01 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-10-12 12:36 - 2015-08-15 06:01 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-10-12 12:36 - 2015-08-15 05:55 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-10-12 12:36 - 2015-08-15 05:43 - 01951232 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-10-12 12:36 - 2015-08-15 05:43 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-10-12 12:36 - 2015-08-15 05:39 - 01310720 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-10-12 12:36 - 2015-08-15 05:37 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00984448 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00901264 _____ (Microsoft Corporation) C:\windows\SysWOW64\ucrtbase.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00066400 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00063840 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00022368 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00020832 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-12 12:36 - 2015-07-09 18:58 - 01632256 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2015-10-12 12:36 - 2015-07-09 18:58 - 00082944 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2015-10-12 12:36 - 2015-07-09 18:42 - 01372160 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2015-10-12 12:36 - 2015-07-09 18:42 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmapi.dll
2015-10-12 12:31 - 2015-08-27 19:18 - 02004480 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2015-10-12 12:31 - 2015-08-27 19:18 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-10-12 12:31 - 2015-08-27 19:13 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2015-10-12 12:31 - 2015-08-27 19:13 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-10-12 12:31 - 2015-08-27 18:58 - 01391104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2015-10-12 12:31 - 2015-08-27 18:58 - 01241088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2015-10-12 12:31 - 2015-08-27 18:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2015-10-12 12:31 - 2015-08-27 18:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2015-10-12 12:31 - 2015-07-10 18:51 - 14177280 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-10-12 12:31 - 2015-07-10 18:34 - 12875776 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2015-10-12 12:22 - 2015-09-02 04:04 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-10-12 12:22 - 2015-09-02 04:04 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-10-12 12:22 - 2015-09-02 04:04 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-10-12 12:22 - 2015-09-02 04:04 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-10-12 12:22 - 2015-09-02 03:48 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2015-10-12 12:22 - 2015-09-02 03:48 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-10-12 12:22 - 2015-09-02 03:48 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2015-10-12 12:22 - 2015-09-02 03:47 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2015-10-12 12:22 - 2015-09-02 02:51 - 03209216 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-10-12 12:22 - 2015-09-02 02:47 - 00372736 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-10-12 12:22 - 2015-09-02 02:33 - 00299520 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-10-12 12:05 - 2015-10-12 12:05 - 00000000 ____D C:\Program Files\Common Files\AV
2015-10-12 12:02 - 2015-10-12 12:02 - 00000000 ____D C:\windows\System32\Tasks\Safer-Networking
2015-10-12 12:01 - 2015-10-12 13:07 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-10-12 12:01 - 2015-10-12 12:16 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-10-12 12:01 - 2015-10-12 12:01 - 00001391 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-10-12 12:01 - 2015-10-12 12:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-10-12 12:01 - 2013-09-20 09:49 - 00021040 _____ (Safer Networking Limited) C:\windows\system32\sdnclean64.exe
2015-10-12 11:54 - 2015-10-12 11:54 - 01457952 _____ C:\Users\herbert.bruckmueller\Downloads\SpyBot Search Destroy - CHIP-Installer.exe
2015-10-12 11:53 - 2015-10-12 11:53 - 06677440 _____ (Piriform Ltd) C:\Users\herbert.bruckmueller\Downloads\ccsetup510.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-07 11:50 - 2015-09-07 07:36 - 419922944 _____ C:\Users\herbert.bruckmueller\Documents\herbert.bruckmueller@sivag.at
2015-11-07 11:50 - 2015-03-26 19:39 - 00001110 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-07 11:47 - 2015-03-05 20:49 - 01358562 _____ C:\windows\WindowsUpdate.log
2015-11-07 11:43 - 2011-05-03 19:08 - 00705108 _____ C:\windows\system32\perfh007.dat
2015-11-07 11:43 - 2011-05-03 19:08 - 00151476 _____ C:\windows\system32\perfc007.dat
2015-11-07 11:43 - 2009-07-14 06:13 - 01629436 _____ C:\windows\system32\PerfStringBackup.INI
2015-11-07 11:41 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-07 11:41 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-07 11:39 - 2015-03-26 19:39 - 00001106 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-07 11:34 - 2015-04-08 07:07 - 00003222 _____ C:\windows\System32\Tasks\HPCeeScheduleForHERBERT-HP$
2015-11-07 11:34 - 2015-04-08 07:07 - 00000346 _____ C:\windows\Tasks\HPCeeScheduleForHERBERT-HP$.job
2015-11-07 11:34 - 2015-03-06 12:41 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-11-07 11:34 - 2015-03-05 15:30 - 00000000 ____D C:\Program Files (x86)\Advanced Monitoring Agent
2015-11-07 11:34 - 2015-03-05 13:37 - 00000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini
2015-11-04 13:34 - 2015-03-05 14:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-03 19:31 - 2011-05-03 19:23 - 00000000 ____D C:\ProgramData\PDFC
2015-11-03 18:29 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-11-03 09:53 - 2015-03-05 13:43 - 00000128 _____ C:\windows\system32\config\netlogon.ftl
2015-11-02 18:20 - 2015-03-11 13:21 - 00000000 ____D C:\Users\herbert.bruckmueller\Documents\Bluetooth Folder
2015-10-29 17:58 - 2015-08-31 08:21 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-10-29 10:57 - 2015-09-16 07:49 - 00000000 ____D C:\Users\herbert.bruckmueller\Desktop\PRO MAKLER
2015-10-28 09:24 - 2015-03-23 10:28 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\Local\CrashDumps
2015-10-27 10:52 - 2015-03-26 19:40 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-23 12:07 - 2015-08-31 08:21 - 00000000 ____D C:\Program Files\Advanced Monitoring Agent Network Management
2015-10-22 12:43 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\NDF
2015-10-22 08:48 - 2015-09-03 08:14 - 00000000 ____D C:\ProgramData\ManagedAntivirus
2015-10-20 11:15 - 2015-03-05 14:10 - 00000000 ____D C:\Users\herbert.bruckmueller\Documents\Eigene Dateien
2015-10-18 17:53 - 2015-03-06 12:41 - 00780488 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-10-18 17:53 - 2015-03-06 12:41 - 00142536 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-18 17:53 - 2015-03-06 12:41 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-10-15 09:58 - 2015-03-11 13:21 - 00000000 ____D C:\Users\herbert.bruckmueller
2015-10-15 09:57 - 2015-07-02 08:31 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-13 07:30 - 2015-09-28 08:55 - 00113880 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-12 16:04 - 2015-03-05 20:55 - 00000000 ____D C:\windows\rescache
2015-10-12 14:54 - 2015-03-05 15:45 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-10-12 14:54 - 2015-03-05 15:45 - 00000000 ____D C:\Program Files\CCleaner
2015-10-12 14:38 - 2015-03-11 13:21 - 00000000 ___RD C:\Users\herbert.bruckmueller\Virtual Machines
2015-10-12 14:22 - 2015-03-05 16:39 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-10-12 14:22 - 2015-03-05 16:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-10-12 14:22 - 2009-07-14 05:45 - 00410232 _____ C:\windows\system32\FNTCACHE.DAT
2015-10-12 14:18 - 2015-04-15 14:48 - 00000000 ___SD C:\windows\system32\CompatTel
2015-10-12 14:18 - 2015-04-15 14:48 - 00000000 ____D C:\windows\system32\appraiser
2015-10-12 14:18 - 2015-04-07 10:33 - 00000000 ___SD C:\windows\SysWOW64\GWX
2015-10-12 14:18 - 2015-04-07 10:33 - 00000000 ___SD C:\windows\system32\GWX
2015-10-12 14:18 - 2009-07-27 15:36 - 00000000 ____D C:\Program Files\Windows Journal
2015-10-12 14:18 - 2009-07-14 04:20 - 00000000 ____D C:\windows\PolicyDefinitions
2015-10-12 13:39 - 2015-03-05 13:58 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-12 13:31 - 2015-03-06 12:44 - 00000000 ____D C:\windows\system32\MRT
2015-10-12 13:08 - 2009-07-14 03:34 - 00000478 _____ C:\windows\win.ini
2015-10-12 09:16 - 2015-03-05 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-09-03 08:19 - 2015-09-03 08:19 - 0233697 _____ () C:\ProgramData\1441264588.bdinstall.bin
Einige Dateien in TEMP:
====================
C:\Users\herbert\AppData\Local\Temp\CpqMC.dll
C:\Users\herbert\AppData\Local\Temp\HPSWF.EXE
C:\Users\herbert\AppData\Local\Temp\MSN2952.exe
C:\Users\herbert\AppData\Local\Temp\SWHelperQueryW.dll
C:\Users\herbert.bruckmueller\AppData\Local\Temp\HitmanPro.exe
C:\Users\herbert.bruckmueller\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\herbert.bruckmueller\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-10-31 12:52
==================== Ende von FRST.txt ============================
|
|
08.11.2015, 06:47
| #5 |
| /// the machine /// TB-Ausbilder | Bank Austria Onlinebanking, falsche Webseite hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.11.2015, 11:55
| #6 |
| | Bank Austria Onlinebanking, falsche WebseiteCode:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2015.11.08.02
rootkit: v2015.11.04.02
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18015
Herbert.Bruckmueller :: HERBERT-HP [administrator]
08.11.2015 11:16:39
mbar-log-2015-11-08 (11-16-39).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 459552
Time elapsed: 20 minute(s), 50 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Ein Fund war, dabei, das ist jeodhc die fernwartungssoftware, die ist sauber! Code:
ATTFilter 11:46:11.0382 0x1fec TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
11:46:14.0707 0x1fec ============================================================
11:46:14.0707 0x1fec Current date / time: 2015/11/08 11:46:14.0707
11:46:14.0707 0x1fec SystemInfo:
11:46:14.0707 0x1fec
11:46:14.0707 0x1fec OS Version: 6.1.7601 ServicePack: 1.0
11:46:14.0707 0x1fec Product type: Workstation
11:46:14.0708 0x1fec ComputerName: HERBERT-HP
11:46:14.0708 0x1fec UserName: Herbert.Bruckmueller
11:46:14.0708 0x1fec Windows directory: C:\windows
11:46:14.0708 0x1fec System windows directory: C:\windows
11:46:14.0708 0x1fec Running under WOW64
11:46:14.0708 0x1fec Processor architecture: Intel x64
11:46:14.0708 0x1fec Number of processors: 4
11:46:14.0708 0x1fec Page size: 0x1000
11:46:14.0708 0x1fec Boot type: Normal boot
11:46:14.0708 0x1fec ============================================================
11:46:20.0892 0x1fec KLMD registered as C:\windows\system32\drivers\11833406.sys
11:46:21.0442 0x1fec System UUID: {63B80509-C488-9626-5855-31666AFD2DDC}
11:46:21.0977 0x1fec Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:46:21.0981 0x1fec ============================================================
11:46:21.0981 0x1fec \Device\Harddisk0\DR0:
11:46:21.0981 0x1fec MBR partitions:
11:46:21.0982 0x1fec \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x96000
11:46:21.0982 0x1fec \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x96800, BlocksNum 0x479F4800
11:46:21.0982 0x1fec \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x47A8B000, BlocksNum 0x23CB800
11:46:21.0982 0x1fec \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x49E56800, BlocksNum 0xA01000
11:46:21.0982 0x1fec ============================================================
11:46:22.0022 0x1fec C: <-> \Device\Harddisk0\DR0\Partition2
11:46:22.0066 0x1fec D: <-> \Device\Harddisk0\DR0\Partition3
11:46:22.0080 0x1fec E: <-> \Device\Harddisk0\DR0\Partition4
11:46:22.0080 0x1fec ============================================================
11:46:22.0080 0x1fec Initialize success
11:46:22.0080 0x1fec ============================================================
11:46:56.0482 0x1994 ============================================================
11:46:56.0482 0x1994 Scan started
11:46:56.0482 0x1994 Mode: Manual; SigCheck; TDLFS;
11:46:56.0482 0x1994 ============================================================
11:46:56.0482 0x1994 KSN ping started
11:46:58.0952 0x1994 KSN ping finished: true
11:47:00.0102 0x1994 ================ Scan system memory ========================
11:47:00.0102 0x1994 System memory - ok
11:47:00.0103 0x1994 ================ Scan services =============================
11:47:00.0313 0x1994 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
11:47:00.0553 0x1994 1394ohci - ok
11:47:00.0626 0x1994 [ 7A330A42870EB1FA81F88BE514D2D566, FFE4F37992A7855FD5308462054BCA91B275EFC52F3402C99ED1C716CCC0E43C ] Accelerometer C:\windows\system32\DRIVERS\Accelerometer.sys
11:47:00.0704 0x1994 Accelerometer - ok
11:47:00.0811 0x1994 [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
11:47:00.0839 0x1994 ACDaemon - ok
11:47:00.0919 0x1994 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\windows\system32\drivers\ACPI.sys
11:47:00.0981 0x1994 ACPI - ok
11:47:01.0033 0x1994 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
11:47:01.0176 0x1994 AcpiPmi - ok
11:47:01.0310 0x1994 [ 8C194A201698B4B4F77D974549819D1F, 081A2496FE1CE519E48677D99A831FF1FEEB1B33C75224CF288FA52F3E0E5FF0 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:47:01.0337 0x1994 AdobeFlashPlayerUpdateSvc - ok
11:47:01.0401 0x1994 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
11:47:01.0429 0x1994 adp94xx - ok
11:47:01.0471 0x1994 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
11:47:01.0490 0x1994 adpahci - ok
11:47:01.0522 0x1994 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
11:47:01.0537 0x1994 adpu320 - ok
11:47:01.0892 0x1994 [ 48E531E6FF8F0378F0B49C6F7C2654B6, 2706D546C41B640AD443E029BCFB1E19902DE7323D141CD07EC627D1D91B7263 ] Advanced Monitoring Agent C:\Program Files (x86)\Advanced Monitoring Agent\winagent.exe
11:47:02.0279 0x1994 Advanced Monitoring Agent - detected UnsignedFile.Multi.Generic ( 1 )
11:47:04.0773 0x1994 Advanced Monitoring Agent ( UnsignedFile.Multi.Generic ) - warning
11:47:07.0263 0x1994 [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
11:47:07.0317 0x1994 AeLookupSvc - ok
11:47:07.0409 0x1994 [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
11:47:07.0466 0x1994 AESTFilters - ok
11:47:07.0512 0x1994 [ 6CCD1135320109D6B219F1A6E04AD9F6, B97D4DF46DF0EFC106BD3E248C70809F3F47DF3FD1CA039A0A3923E1FA05A969 ] Afc C:\windows\syswow64\drivers\Afc.sys
11:47:07.0523 0x1994 Afc - ok
11:47:07.0588 0x1994 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\windows\system32\drivers\afd.sys
11:47:07.0680 0x1994 AFD - ok
11:47:07.0757 0x1994 [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem C:\windows\system32\DRIVERS\agrsm64.sys
11:47:07.0892 0x1994 AgereSoftModem - ok
11:47:07.0929 0x1994 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\windows\system32\drivers\agp440.sys
11:47:07.0940 0x1994 agp440 - ok
11:47:07.0971 0x1994 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\windows\System32\alg.exe
11:47:08.0051 0x1994 ALG - ok
11:47:08.0095 0x1994 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\windows\system32\drivers\aliide.sys
11:47:08.0105 0x1994 aliide - ok
11:47:08.0148 0x1994 [ D5518E3BBFD69520FA3BDD3D05B5B458, 225FA482D7F6CED6D4688A2945EBFD8561DEAD5F2CD4137A43FF50DDBE7115E2 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
11:47:08.0240 0x1994 AMD External Events Utility - ok
11:47:08.0269 0x1994 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\windows\system32\drivers\amdide.sys
11:47:08.0280 0x1994 amdide - ok
11:47:08.0320 0x1994 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
11:47:08.0373 0x1994 AmdK8 - ok
11:47:08.0679 0x1994 [ BE85FDC481F3BFBC036BB5D96DBBD12D, 34EA50C3FDA5EC1EE7E36671CC4883555812B091E260932116F001733E3E54B8 ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
11:47:09.0098 0x1994 amdkmdag - ok
11:47:09.0146 0x1994 [ 8E0146E61409C46855F1DD008EAEDD5D, 16BC53F7B572F6F3BFA2C8848E28C87F21B8673A6D5498D2E18CEA72516789CD ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
11:47:09.0195 0x1994 amdkmdap - ok
11:47:09.0212 0x1994 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
11:47:09.0240 0x1994 AmdPPM - ok
11:47:09.0272 0x1994 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\windows\system32\drivers\amdsata.sys
11:47:09.0284 0x1994 amdsata - ok
11:47:09.0308 0x1994 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
11:47:09.0323 0x1994 amdsbs - ok
11:47:09.0349 0x1994 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\windows\system32\drivers\amdxata.sys
11:47:09.0360 0x1994 amdxata - ok
11:47:09.0418 0x1994 [ A0711D119BA4B48A1470C768D301013E, 536366F809125D2C2171597C8C2CB3271BE5C6B373152112E0D970749776E00A ] AppID C:\windows\system32\drivers\appid.sys
11:47:09.0479 0x1994 AppID - ok
11:47:09.0517 0x1994 [ 173C90AF5B243B4DD86F95CA154CB58A, 349F566DADC96B31FDC34C4F26545FB880844DBF84E5821AA0D0CAA91FB837E1 ] AppIDSvc C:\windows\System32\appidsvc.dll
11:47:09.0538 0x1994 AppIDSvc - ok
11:47:09.0568 0x1994 [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\windows\System32\appinfo.dll
11:47:09.0614 0x1994 Appinfo - ok
11:47:09.0653 0x1994 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\windows\System32\appmgmts.dll
11:47:09.0706 0x1994 AppMgmt - ok
11:47:09.0745 0x1994 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\windows\system32\DRIVERS\arc.sys
11:47:09.0757 0x1994 arc - ok
11:47:09.0768 0x1994 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
11:47:09.0781 0x1994 arcsas - ok
11:47:09.0811 0x1994 [ 357635F16D28558C50870F4EF8AA4712, 80B579F0DCF1AC5607C692988B56CC62DEE1EF5BF3583B89006493F9DCE89CE9 ] ARCVCAM C:\windows\system32\DRIVERS\ArcSoftVCapture.sys
11:47:09.0821 0x1994 ARCVCAM - ok
11:47:09.0925 0x1994 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:47:09.0962 0x1994 aspnet_state - ok
11:47:09.0984 0x1994 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
11:47:10.0155 0x1994 AsyncMac - ok
11:47:10.0222 0x1994 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\windows\system32\drivers\atapi.sys
11:47:10.0232 0x1994 atapi - ok
11:47:10.0271 0x1994 [ CBE61B4494165F458BD87E37181EE934, E95654DCC0F977A3604B6BE435BEE109AC8F9F7494FD3A132F5FB477BBF7B105 ] AthBTPort C:\windows\system32\DRIVERS\btath_flt.sys
11:47:10.0318 0x1994 AthBTPort - ok
11:47:10.0371 0x1994 [ 4C4A576818EA028257C624AE36FF7A03, 951521E0531D943EF55737EE99BBCBD6CC6ABC50530985D774EEBE8564166EDB ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
11:47:10.0416 0x1994 Atheros Bt&Wlan Coex Agent - detected UnsignedFile.Multi.Generic ( 1 )
11:47:12.0934 0x1994 Detect skipped due to KSN trusted
11:47:12.0934 0x1994 Atheros Bt&Wlan Coex Agent - ok
11:47:13.0050 0x1994 [ 684B36CA4067DA7000CF95771A3CF0E7, CF3051C38A292D8914F65510D519C6B5F9FF3D31821C44A279C887919BE1FBF2 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
11:47:13.0079 0x1994 AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
11:47:15.0486 0x1994 Detect skipped due to KSN trusted
11:47:15.0486 0x1994 AtherosSvc - ok
11:47:15.0638 0x1994 [ B4421D8CDADC441F76BA39532A3E3414, 4C7C14C99E2095012A85672C824E21CF2FC152BCC37A1B25BF3189D0F6A06ED3 ] athr C:\windows\system32\DRIVERS\athrx.sys
11:47:15.0810 0x1994 athr - ok
11:47:15.0897 0x1994 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
11:47:15.0992 0x1994 AudioEndpointBuilder - ok
11:47:16.0012 0x1994 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\windows\System32\Audiosrv.dll
11:47:16.0037 0x1994 AudioSrv - ok
11:47:16.0117 0x1994 [ 7D2D2A4E0129026C2571A5DB602A0642, 0E619DBC6F4B61D2D31DB913F09FDACCE4E3445379E9FC92AE608ED1D8DABD8E ] avc3 C:\windows\system32\DRIVERS\avc3.sys
11:47:16.0191 0x1994 avc3 - ok
11:47:16.0249 0x1994 [ 4D3ADB9A6B623D332F0D0ED39613BB04, 38EB4D920BB6C43A88C67BE750D0525033F8378DFF1EE542E33CDC0000568D59 ] avckf C:\windows\system32\DRIVERS\avckf.sys
11:47:16.0297 0x1994 avckf - ok
11:47:16.0348 0x1994 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\windows\System32\AxInstSV.dll
11:47:16.0455 0x1994 AxInstSV - ok
11:47:16.0512 0x1994 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
11:47:16.0594 0x1994 b06bdrv - ok
11:47:16.0629 0x1994 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
11:47:16.0682 0x1994 b57nd60a - ok
11:47:16.0713 0x1994 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\windows\System32\bdesvc.dll
11:47:16.0773 0x1994 BDESVC - ok
11:47:16.0823 0x1994 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\windows\system32\drivers\Beep.sys
11:47:16.0863 0x1994 Beep - ok
11:47:16.0939 0x1994 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\windows\System32\bfe.dll
11:47:17.0019 0x1994 BFE - ok
11:47:17.0075 0x1994 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\windows\System32\qmgr.dll
11:47:17.0279 0x1994 BITS - ok
11:47:17.0304 0x1994 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
11:47:17.0328 0x1994 blbdrive - ok
11:47:17.0361 0x1994 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\windows\system32\DRIVERS\bowser.sys
11:47:17.0408 0x1994 bowser - ok
11:47:17.0436 0x1994 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
11:47:17.0506 0x1994 BrFiltLo - ok
11:47:17.0517 0x1994 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
11:47:17.0539 0x1994 BrFiltUp - ok
11:47:17.0589 0x1994 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\windows\System32\browser.dll
11:47:17.0645 0x1994 Browser - ok
11:47:17.0673 0x1994 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\windows\System32\Drivers\Brserid.sys
11:47:17.0713 0x1994 Brserid - ok
11:47:17.0717 0x1994 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
11:47:17.0750 0x1994 BrSerWdm - ok
11:47:17.0754 0x1994 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
11:47:17.0773 0x1994 BrUsbMdm - ok
11:47:17.0776 0x1994 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
11:47:17.0795 0x1994 BrUsbSer - ok
11:47:17.0849 0x1994 [ 227C8F308DE4AF4808E587465CEAB838, 7CF9FB82C979551E82F06F9D4003704E786CF2EAB4BE0836CB0BE9E735C48942 ] BTATH_A2DP C:\windows\system32\drivers\btath_a2dp.sys
11:47:17.0900 0x1994 BTATH_A2DP - ok
11:47:17.0935 0x1994 [ A83A91D07D1FE6BBE7A9DB46CA00434B, 9EF851047189E13954C0F6A325E4843914C423C0D1EDAE21A34AB3A962BBD5AC ] BTATH_BUS C:\windows\system32\DRIVERS\btath_bus.sys
11:47:17.0972 0x1994 BTATH_BUS - ok
11:47:17.0993 0x1994 [ C864FF85EE16D61C2BDD5EF76824625F, 6D2FE57688D9E8B4277BF6DA9C219DEB367274364FBE17EFC353CEDB2D7EA35D ] BTATH_HCRP C:\windows\system32\DRIVERS\btath_hcrp.sys
11:47:18.0041 0x1994 BTATH_HCRP - ok
11:47:18.0095 0x1994 [ 0DEA505EFB5D771826D177EF8B8A208F, FD8027DA791F04077490749AC5A08F73CCBA1731462579AA9008CD8DD82FBBBC ] BTATH_LWFLT C:\windows\system32\DRIVERS\btath_lwflt.sys
11:47:18.0125 0x1994 BTATH_LWFLT - ok
11:47:18.0151 0x1994 [ 724C8088C96EFE7A3E63FEC21D4681C0, 4F9B258BE0FEA634A0D93B3892F2F039A7CAD184C9A81DFC2B67B0D4B39C5035 ] BTATH_RCP C:\windows\system32\DRIVERS\btath_rcp.sys
11:47:18.0180 0x1994 BTATH_RCP - ok
11:47:18.0223 0x1994 [ FF8B065F96E4D9525AA7227299FBD05C, 7F15424DCD3C2B907009883D1E80E0DF3E2F38A674C12BDBC748DB85D3DB74E6 ] BtFilter C:\windows\system32\DRIVERS\btfilter.sys
11:47:18.0275 0x1994 BtFilter - ok
11:47:18.0306 0x1994 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
11:47:18.0378 0x1994 BthEnum - ok
11:47:18.0416 0x1994 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
11:47:18.0449 0x1994 BTHMODEM - ok
11:47:18.0472 0x1994 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
11:47:18.0489 0x1994 BthPan - ok
11:47:18.0548 0x1994 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
11:47:18.0632 0x1994 BTHPORT - ok
11:47:18.0666 0x1994 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\windows\system32\bthserv.dll
11:47:18.0710 0x1994 bthserv - ok
11:47:18.0724 0x1994 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
11:47:18.0750 0x1994 BTHUSB - ok
11:47:18.0778 0x1994 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
11:47:18.0839 0x1994 cdfs - ok
11:47:18.0895 0x1994 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
11:47:18.0923 0x1994 cdrom - ok
11:47:18.0976 0x1994 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\windows\System32\certprop.dll
11:47:19.0025 0x1994 CertPropSvc - ok
11:47:19.0055 0x1994 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\windows\system32\DRIVERS\circlass.sys
11:47:19.0087 0x1994 circlass - ok
11:47:19.0141 0x1994 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\windows\system32\CLFS.sys
11:47:19.0162 0x1994 CLFS - ok
11:47:19.0246 0x1994 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:47:19.0258 0x1994 clr_optimization_v2.0.50727_32 - ok
11:47:19.0315 0x1994 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:47:19.0332 0x1994 clr_optimization_v2.0.50727_64 - ok
11:47:19.0419 0x1994 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:47:19.0433 0x1994 clr_optimization_v4.0.30319_32 - ok
11:47:19.0448 0x1994 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:47:19.0535 0x1994 clr_optimization_v4.0.30319_64 - ok
11:47:19.0566 0x1994 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
11:47:19.0599 0x1994 CmBatt - ok
11:47:19.0635 0x1994 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\windows\system32\drivers\cmdide.sys
11:47:19.0648 0x1994 cmdide - ok
11:47:19.0717 0x1994 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\windows\system32\Drivers\cng.sys
11:47:19.0748 0x1994 CNG - ok
11:47:19.0793 0x1994 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
11:47:19.0806 0x1994 Compbatt - ok
11:47:19.0857 0x1994 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
11:47:19.0881 0x1994 CompositeBus - ok
11:47:19.0898 0x1994 COMSysApp - ok
11:47:19.0929 0x1994 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
11:47:19.0940 0x1994 crcdisk - ok
11:47:19.0998 0x1994 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\windows\system32\cryptsvc.dll
11:47:20.0066 0x1994 CryptSvc - ok
11:47:20.0114 0x1994 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\windows\system32\drivers\csc.sys
11:47:20.0174 0x1994 CSC - ok
11:47:20.0206 0x1994 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\windows\System32\cscsvc.dll
11:47:20.0263 0x1994 CscService - ok
11:47:20.0311 0x1994 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\windows\system32\rpcss.dll
11:47:20.0377 0x1994 DcomLaunch - ok
11:47:20.0433 0x1994 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\windows\System32\defragsvc.dll
11:47:20.0490 0x1994 defragsvc - ok
11:47:20.0533 0x1994 [ CF1F6326AC44C42F4615D4BD53188AC5, 28DC32F1957918C3D5DE72415CC32A51C6885CAA38119FE475D2631269D3B9B3 ] DfsC C:\windows\system32\Drivers\dfsc.sys
11:47:20.0591 0x1994 DfsC - ok
11:47:20.0649 0x1994 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\windows\system32\dhcpcore.dll
11:47:20.0703 0x1994 Dhcp - ok
11:47:20.0800 0x1994 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\windows\system32\diagtrack.dll
11:47:20.0901 0x1994 DiagTrack - ok
11:47:20.0928 0x1994 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\windows\system32\drivers\discache.sys
11:47:20.0969 0x1994 discache - ok
11:47:21.0011 0x1994 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\windows\system32\DRIVERS\disk.sys
11:47:21.0024 0x1994 Disk - ok
11:47:21.0063 0x1994 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\windows\System32\dnsrslvr.dll
11:47:21.0127 0x1994 Dnscache - ok
11:47:21.0158 0x1994 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\windows\System32\dot3svc.dll
11:47:21.0212 0x1994 dot3svc - ok
11:47:21.0240 0x1994 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\windows\system32\dps.dll
11:47:21.0296 0x1994 DPS - ok
11:47:21.0330 0x1994 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
11:47:21.0375 0x1994 drmkaud - ok
11:47:21.0435 0x1994 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
11:47:21.0485 0x1994 DXGKrnl - ok
11:47:21.0511 0x1994 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\windows\System32\eapsvc.dll
11:47:21.0567 0x1994 EapHost - ok
11:47:21.0687 0x1994 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
11:47:21.0826 0x1994 ebdrv - ok
11:47:21.0871 0x1994 [ 3E9BDCA3994E2B6B6AC16BAA76722934, A77FEE9D78C1151B13C9509FA89B64024442D00C3C9EA19954045413D8A69D73 ] EFS C:\windows\System32\lsass.exe
11:47:21.0928 0x1994 EFS - ok
11:47:22.0005 0x1994 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\windows\ehome\ehRecvr.exe
11:47:22.0104 0x1994 ehRecvr - ok
11:47:22.0141 0x1994 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\windows\ehome\ehsched.exe
11:47:22.0191 0x1994 ehSched - ok
11:47:22.0231 0x1994 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
11:47:22.0258 0x1994 elxstor - ok
11:47:22.0384 0x1994 [ DAA2E586CA57FDB9FFF16E91246225E7, 4D4C984B9DA2CC7C5ADD07D106A8CE626A3956869ABFEE347D45B0B94C9715DE ] EndpointIntegration C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\EndpointIntegration.exe
11:47:22.0420 0x1994 EndpointIntegration - ok
11:47:22.0433 0x1994 [ 199DFA6868BBEE22BC40A42FC555CEC2, 891A20CCF54339BF5A3055E5E61279683B0AF3EEC982DC44A30AC000BF4A5F2F ] EndpointService C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\EndpointService.exe
11:47:22.0451 0x1994 EndpointService - ok
11:47:22.0638 0x1994 [ 00CB74554E516CC475B3E73BC4C8C925, 7F12D580F96B07340F740942AC1EC0368DF286346233368C736230D625E332EF ] epag C:\Program Files\Common Files\IT@WORK GmbH Antivirus\Endpoint Agent\epag.exe
11:47:22.0733 0x1994 epag - ok
11:47:22.0763 0x1994 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\windows\system32\drivers\errdev.sys
11:47:22.0783 0x1994 ErrDev - ok
11:47:22.0831 0x1994 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\windows\system32\es.dll
11:47:22.0881 0x1994 EventSystem - ok
11:47:22.0928 0x1994 [ 86F7951BBCEE4A86E79A97306BD14318, 84B52A0392DA53ED71A2C4D483DD93DDF552BF8AC764C7BD47BE0EB58C7C8219 ] ew_hwusbdev C:\windows\system32\DRIVERS\ew_hwusbdev.sys
11:47:22.0975 0x1994 ew_hwusbdev - ok
11:47:22.0997 0x1994 [ 55E0EDA185869F7EA67EA97FD0655B39, D4A51E383102AA48F022EFCA08FAC389336A22C1DF60E17815117EFA60716964 ] ew_usbenumfilter C:\windows\system32\DRIVERS\ew_usbenumfilter.sys
11:47:23.0032 0x1994 ew_usbenumfilter - ok
11:47:23.0061 0x1994 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\windows\system32\drivers\exfat.sys
11:47:23.0107 0x1994 exfat - ok
11:47:23.0128 0x1994 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\windows\system32\drivers\fastfat.sys
11:47:23.0174 0x1994 fastfat - ok
11:47:23.0235 0x1994 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\windows\system32\fxssvc.exe
11:47:23.0316 0x1994 Fax - ok
11:47:23.0332 0x1994 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\windows\system32\DRIVERS\fdc.sys
11:47:23.0346 0x1994 fdc - ok
11:47:23.0370 0x1994 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\windows\system32\fdPHost.dll
11:47:23.0430 0x1994 fdPHost - ok
11:47:23.0450 0x1994 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\windows\system32\fdrespub.dll
11:47:23.0495 0x1994 FDResPub - ok
11:47:23.0508 0x1994 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\windows\system32\drivers\fileinfo.sys
11:47:23.0522 0x1994 FileInfo - ok
11:47:23.0535 0x1994 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\windows\system32\drivers\filetrace.sys
11:47:23.0580 0x1994 Filetrace - ok
11:47:23.0584 0x1994 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
11:47:23.0609 0x1994 flpydisk - ok
11:47:23.0631 0x1994 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
11:47:23.0650 0x1994 FltMgr - ok
11:47:23.0719 0x1994 [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache C:\windows\system32\FntCache.dll
11:47:23.0817 0x1994 FontCache - ok
11:47:23.0875 0x1994 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:47:23.0885 0x1994 FontCache3.0.0.0 - ok
11:47:23.0894 0x1994 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\windows\system32\drivers\FsDepends.sys
11:47:23.0905 0x1994 FsDepends - ok
11:47:23.0949 0x1994 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
11:47:23.0962 0x1994 Fs_Rec - ok
11:47:24.0005 0x1994 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
11:47:24.0023 0x1994 fvevol - ok
11:47:24.0056 0x1994 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
11:47:24.0069 0x1994 gagp30kx - ok
11:47:24.0165 0x1994 [ 551D463E4CCEB5240234DA6718C93A44, 37CE7DFD392A1899FDB1B36163D34E9C005344EABDF7397BEA81447B9F7262D1 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
11:47:24.0181 0x1994 GameConsoleService - ok
11:47:24.0212 0x1994 [ 14908F4F9005C29DE8F5587E271390EE, 43DDFA99F52467F91019DB858989F111EBE48A2BED8D43EA2C15D1FD3C104489 ] gfibto C:\windows\system32\drivers\gfibto.sys
11:47:24.0222 0x1994 gfibto - ok
11:47:24.0298 0x1994 [ 548D44670C10A350D092F4BB1F6B036E, E60D37B044B856104023A03A25A00600DCF6668A608BF82D54C40999FD94EDDE ] gfi_lanss11_attservice C:\PROGRA~2\ADVANC~1\patchman\lnssatt.exe
11:47:24.0312 0x1994 gfi_lanss11_attservice - ok
11:47:24.0366 0x1994 [ FE91DC3D9A696CCDDB9F51C25ACBC53A, 4E1A7BB3AC57530A1DF8AB7E981087275E89E6AC629F881C98E40F13150ED532 ] gpsvc C:\windows\System32\gpsvc.dll
11:47:24.0413 0x1994 gpsvc - ok
11:47:24.0488 0x1994 [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:47:24.0500 0x1994 gupdate - ok
11:47:24.0506 0x1994 [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:47:24.0516 0x1994 gupdatem - ok
11:47:24.0601 0x1994 [ 41918B5F0BF35DB5DF47ACEA42048F9F, B6C8E145AB4550ACF812FF864E827FBC23F997A9534001C1DB53B093B09EEEFA ] gzflt C:\windows\system32\DRIVERS\gzflt.sys
11:47:24.0615 0x1994 gzflt - ok
11:47:24.0658 0x1994 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
11:47:24.0733 0x1994 hcw85cir - ok
11:47:24.0784 0x1994 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
11:47:24.0825 0x1994 HdAudAddService - ok
11:47:24.0874 0x1994 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
11:47:24.0917 0x1994 HDAudBus - ok
11:47:24.0933 0x1994 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
11:47:24.0960 0x1994 HidBatt - ok
11:47:24.0984 0x1994 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
11:47:25.0018 0x1994 HidBth - ok
11:47:25.0023 0x1994 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\windows\system32\DRIVERS\hidir.sys
11:47:25.0050 0x1994 HidIr - ok
11:47:25.0078 0x1994 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\windows\system32\hidserv.dll
11:47:25.0127 0x1994 hidserv - ok
11:47:25.0167 0x1994 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
11:47:25.0199 0x1994 HidUsb - ok
11:47:25.0229 0x1994 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\windows\system32\kmsvc.dll
11:47:25.0273 0x1994 hkmsvc - ok
11:47:25.0312 0x1994 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
11:47:25.0345 0x1994 HomeGroupListener - ok
11:47:25.0370 0x1994 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
11:47:25.0404 0x1994 HomeGroupProvider - ok
11:47:25.0488 0x1994 [ 02C2108111D9656A9729995D2219FB99, E0D5F714F79A6C6C2CA6CF11DA99DB51B44BDE635ADCF7FAD0E9650CC965ECB0 ] HP Power Assistant Service C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
11:47:25.0499 0x1994 HP Power Assistant Service - ok
11:47:25.0594 0x1994 [ D4B198E9B3CE6D05771E116D2D560F2F, 8674B708BD182AC5FC719462179933C1F79ABC3B73CA401810FFB9C7EE0B1520 ] hpCMSrv c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
11:47:25.0625 0x1994 hpCMSrv - ok
11:47:25.0656 0x1994 [ A4BE23C451ADEB252CD17A0532CAE220, 612CF3B9CB11557C98DD0D036580C987E52585077529B8CBACD88778E2D8E31E ] hpdskflt C:\windows\system32\DRIVERS\hpdskflt.sys
11:47:25.0665 0x1994 hpdskflt - ok
11:47:25.0707 0x1994 [ 0ADC6AFAB2B17FFC9C6E24DD1583F888, 328D8353F06C7D24CFBF1264640C58315ECC7575B0FADB6DB1528D0C1085C383 ] hpHotkeyMonitor C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
11:47:25.0721 0x1994 hpHotkeyMonitor - ok
11:47:25.0752 0x1994 [ B98EE5D4535A685634B90F7E04DE0DF7, E37D26EF83B70E84742498D2F53037F83BE13F0E01484D85A20C872F1F02ADDA ] HpqKbFiltr C:\windows\system32\DRIVERS\HpqKbFiltr.sys
11:47:25.0762 0x1994 HpqKbFiltr - ok
11:47:25.0836 0x1994 [ EC9739A46F1F83C6E52A7A4697F44A65, CF4E93D3E8CA607DDEF87C6996F6C7326316144A61C1B4F83EA1B4B2F9BDC69B ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
11:47:25.0860 0x1994 hpqwmiex - ok
11:47:25.0901 0x1994 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
11:47:25.0915 0x1994 HpSAMD - ok
11:47:25.0934 0x1994 [ A88A45E82BC54BFFB49C63973010226A, A96FC7C9A7E71347756581C682F27ED0EB8B80FE8F5D2F83C3129EB75F9264C6 ] hpsrv C:\windows\system32\Hpservice.exe
11:47:25.0955 0x1994 hpsrv - ok
11:47:26.0012 0x1994 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\windows\system32\drivers\HTTP.sys
11:47:26.0098 0x1994 HTTP - ok
11:47:26.0166 0x1994 [ 3B33B06D9A60CC8869CC280DAA36E414, 3C706F4B39A7E1800A2164FE808A179BD1A058C606468855692EA74CA46F9AE9 ] huawei_cdcacm C:\windows\system32\DRIVERS\ew_jucdcacm.sys
11:47:26.0201 0x1994 huawei_cdcacm - ok
11:47:26.0227 0x1994 [ 871DE49EFF65CEABF15415F93148DF5A, 8FD66237135BB2A405CA6F0BDFE9163161123F5AEE89A37A8C4ABFF1C9E20A91 ] huawei_enumerator C:\windows\system32\DRIVERS\ew_jubusenum.sys
11:47:26.0260 0x1994 huawei_enumerator - ok
11:47:26.0288 0x1994 [ 1EC67C791D2D3EAE203B5F2CBFFE867C, CD2D0731D1AB3A67ACFD328923FF8E219D85DFC2E4D5D4468316F6F0D95B29D9 ] huawei_ext_ctrl C:\windows\system32\DRIVERS\ew_juextctrl.sys
11:47:26.0320 0x1994 huawei_ext_ctrl - ok
11:47:26.0350 0x1994 [ 6DF7633CD4665BC6A1B3572751B8D260, EB4885CA56BA0BF7E05F0D68B85BE879D91D69281EA856A19CA764C53E85B87C ] huawei_wwanecm C:\windows\system32\DRIVERS\ew_juwwanecm.sys
11:47:26.0388 0x1994 huawei_wwanecm - ok
11:47:26.0467 0x1994 [ E90DA42B87D684DEBFB73B38A718A006, BB18C63C1982F5CB99C9B65D2B801E8C1909AD7CD0171326DC0015D6B781B451 ] HWDeviceService64.exe C:\ProgramData\DatacardService\HWDeviceService64.exe
11:47:26.0482 0x1994 HWDeviceService64.exe - ok
11:47:26.0519 0x1994 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
11:47:26.0530 0x1994 hwpolicy - ok
11:47:26.0595 0x1994 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\windows\system32\drivers\i8042prt.sys
11:47:26.0611 0x1994 i8042prt - ok
11:47:26.0646 0x1994 [ D469B77687E12FE43E344806740B624D, DFDD486FD040813BF4E5DDB504CF9E0BFBF6D4E540DDDA4829F9B675ACF63E89 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
11:47:26.0666 0x1994 iaStor - ok
11:47:26.0760 0x1994 [ 117FF657E0D9BBD61B5C3E71E63D3919, F8AD1C861F018754A9BF348C9F1D6503854ED9D7DEEBF40E6B4E2FEA9FC6E56A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
11:47:26.0768 0x1994 IAStorDataMgrSvc - ok
11:47:26.0817 0x1994 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
11:47:26.0838 0x1994 iaStorV - ok
11:47:26.0908 0x1994 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:47:26.0955 0x1994 idsvc - ok
11:47:26.0960 0x1994 IEEtwCollectorService - ok
11:47:26.0993 0x1994 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
11:47:27.0005 0x1994 iirsp - ok
11:47:27.0062 0x1994 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\windows\System32\ikeext.dll
11:47:27.0142 0x1994 IKEEXT - ok
11:47:27.0182 0x1994 [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
11:47:27.0225 0x1994 IntcDAud - ok
11:47:27.0259 0x1994 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\windows\system32\drivers\intelide.sys
11:47:27.0270 0x1994 intelide - ok
11:47:27.0676 0x1994 [ EFE5A0AF39A8E179624117C521F1E012, 185BB1106E42256A6E7C63B09737A7059DD14DEA7C1D85ADF66C50D63CFDA556 ] intelkmd C:\windows\system32\DRIVERS\igdpmd64.sys
11:47:28.0121 0x1994 intelkmd - ok
11:47:28.0151 0x1994 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
11:47:28.0178 0x1994 intelppm - ok
11:47:28.0212 0x1994 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\windows\system32\ipbusenum.dll
11:47:28.0245 0x1994 IPBusEnum - ok
11:47:28.0278 0x1994 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
11:47:28.0325 0x1994 IpFilterDriver - ok
11:47:28.0372 0x1994 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\windows\System32\iphlpsvc.dll
11:47:28.0442 0x1994 iphlpsvc - ok
11:47:28.0479 0x1994 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
11:47:28.0504 0x1994 IPMIDRV - ok
11:47:28.0551 0x1994 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\windows\system32\drivers\ipnat.sys
11:47:28.0594 0x1994 IPNAT - ok
11:47:28.0624 0x1994 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\windows\system32\drivers\irenum.sys
11:47:28.0688 0x1994 IRENUM - ok
11:47:28.0714 0x1994 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\windows\system32\drivers\isapnp.sys
11:47:28.0725 0x1994 isapnp - ok
11:47:28.0767 0x1994 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
11:47:28.0784 0x1994 iScsiPrt - ok
11:47:28.0843 0x1994 [ 3B794CA0DE73790420DEBA3C759F1502, EEB5C5ECE4EBBD58A6EA93498615446C102EE4F73D7AD1987F751D2FE8325BB5 ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
11:47:28.0857 0x1994 jhi_service - ok
11:47:28.0891 0x1994 [ 0B44199365A69696109AB9A5855E0841, 7A2044C641FFFB9D4B19BED0E520FEEF570116EB3C9F4284D70560DD93A19A25 ] JMCR C:\windows\system32\DRIVERS\jmcr.sys
11:47:28.0912 0x1994 JMCR - ok
11:47:28.0940 0x1994 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\windows\system32\drivers\kbdclass.sys
11:47:28.0952 0x1994 kbdclass - ok
11:47:28.0996 0x1994 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
11:47:29.0025 0x1994 kbdhid - ok
11:47:29.0038 0x1994 [ 3E9BDCA3994E2B6B6AC16BAA76722934, A77FEE9D78C1151B13C9509FA89B64024442D00C3C9EA19954045413D8A69D73 ] KeyIso C:\windows\system32\lsass.exe
11:47:29.0051 0x1994 KeyIso - ok
11:47:29.0093 0x1994 [ 1DAC21EC0705A6AFEFACCE265798F0F9, 16B66AE2578C6744825B0DFBB9CBA35FBDF5C04E8999F7629BA43D566FA9277F ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
11:47:29.0106 0x1994 KSecDD - ok
11:47:29.0127 0x1994 [ 2737840E7F6F6FF439966A67A35D59F8, 7442A8864D0A92C3A7EDBF889EC1AA9F743D6B48C4075CA8F3C0F1D836DFB9CE ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
11:47:29.0142 0x1994 KSecPkg - ok
11:47:29.0157 0x1994 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\windows\system32\drivers\ksthunk.sys
11:47:29.0199 0x1994 ksthunk - ok
11:47:29.0243 0x1994 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\windows\system32\msdtckrm.dll
11:47:29.0293 0x1994 KtmRm - ok
11:47:29.0330 0x1994 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\windows\system32\srvsvc.dll
11:47:29.0375 0x1994 LanmanServer - ok
11:47:29.0414 0x1994 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
11:47:29.0458 0x1994 LanmanWorkstation - ok
11:47:29.0504 0x1994 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
11:47:29.0547 0x1994 lltdio - ok
11:47:29.0587 0x1994 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\windows\System32\lltdsvc.dll
11:47:29.0627 0x1994 lltdsvc - ok
11:47:29.0646 0x1994 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\windows\System32\lmhsvc.dll
11:47:29.0695 0x1994 lmhosts - ok
11:47:29.0745 0x1994 [ 97F9EAAC985A663394CD8F54DCD3E73A, D5BA3E7ED36BA361B1941F12D83568C30F7E49A8B9D54D3EBBBD05767E1F3B0A ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:47:29.0760 0x1994 LMS - ok
11:47:29.0797 0x1994 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
11:47:29.0811 0x1994 LSI_FC - ok
11:47:29.0817 0x1994 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
11:47:29.0830 0x1994 LSI_SAS - ok
11:47:29.0840 0x1994 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
11:47:29.0851 0x1994 LSI_SAS2 - ok
11:47:29.0863 0x1994 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
11:47:29.0889 0x1994 LSI_SCSI - ok
11:47:29.0914 0x1994 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\windows\system32\drivers\luafv.sys
11:47:29.0948 0x1994 luafv - ok
11:47:30.0044 0x1994 [ 85057764D5F82548B94F3F98783F8E00, 284063BE48E99073710CC07FBF36CEC1C30D0A626469B1D5F7A4B57DD9D0001F ] ManagedAntivirus C:\Program Files\Managed Antivirus\Managed Antivirus Master Service\ManagedAntivirus.exe
11:47:30.0060 0x1994 ManagedAntivirus - ok
11:47:30.0109 0x1994 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\windows\system32\drivers\mbam.sys
11:47:30.0120 0x1994 MBAMProtector - ok
11:47:30.0230 0x1994 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
11:47:30.0287 0x1994 MBAMService - ok
11:47:30.0348 0x1994 [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\windows\system32\drivers\mwac.sys
11:47:30.0359 0x1994 MBAMWebAccessControl - ok
11:47:30.0378 0x1994 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
11:47:30.0393 0x1994 Mcx2Svc - ok
11:47:30.0407 0x1994 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\windows\system32\DRIVERS\megasas.sys
11:47:30.0418 0x1994 megasas - ok
11:47:30.0439 0x1994 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
11:47:30.0457 0x1994 MegaSR - ok
11:47:30.0500 0x1994 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
11:47:30.0510 0x1994 MEIx64 - ok
11:47:30.0538 0x1994 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\windows\system32\mmcss.dll
11:47:30.0580 0x1994 MMCSS - ok
11:47:30.0684 0x1994 [ 9EA47AA97D15BCC50A0F0B78CBD8E768, 872665D17B41A5B5758790341B78DCE014C06900E42EB38A3C5A07C10D1A4809 ] Mobile Partner. RunOuc C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe
11:47:30.0715 0x1994 Mobile Partner. RunOuc - ok
11:47:30.0728 0x1994 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\windows\system32\drivers\modem.sys
11:47:30.0778 0x1994 Modem - ok
11:47:30.0798 0x1994 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\windows\system32\DRIVERS\monitor.sys
11:47:30.0839 0x1994 monitor - ok
11:47:30.0880 0x1994 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
11:47:30.0891 0x1994 mouclass - ok
11:47:30.0910 0x1994 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
11:47:30.0925 0x1994 mouhid - ok
11:47:30.0969 0x1994 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\windows\system32\drivers\mountmgr.sys
11:47:30.0982 0x1994 mountmgr - ok
11:47:31.0025 0x1994 [ 0DE2474F316C515482ABAD3B697F8714, 62862AE7432F5350068E96AD466093359C6CF444EB517AE6D09134FAF78C49F5 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:47:31.0043 0x1994 MozillaMaintenance - ok
11:47:31.0084 0x1994 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\windows\system32\drivers\mpio.sys
11:47:31.0098 0x1994 mpio - ok
11:47:31.0109 0x1994 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
11:47:31.0142 0x1994 mpsdrv - ok
11:47:31.0204 0x1994 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\windows\system32\mpssvc.dll
11:47:31.0289 0x1994 MpsSvc - ok
11:47:31.0320 0x1994 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
11:47:31.0363 0x1994 MRxDAV - ok
11:47:31.0403 0x1994 [ DB8E6BA1D110A4E40D48612E9009E366, 678728CC8BBCD0D99E67DA63F53A99AC6D6D12EAE3E26655D372940BE7411098 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
11:47:31.0439 0x1994 mrxsmb - ok
11:47:31.0464 0x1994 [ 24432705B02BC1EFC42A83F93BA202A3, 13F2CA069FAEDA9CEAC6E09D10807DBFF729EAF6133DC46DE5A14C5694E9510B ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
11:47:31.0493 0x1994 mrxsmb10 - ok
11:47:31.0509 0x1994 [ 5E7E31C6426F000AF29E7C452826AF5E, F66102138458BDBD2CE586C95FF90F9B90F5DC8832EA1ACFAD694F1D0B949B21 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
11:47:31.0525 0x1994 mrxsmb20 - ok
11:47:31.0555 0x1994 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\windows\system32\drivers\msahci.sys
11:47:31.0566 0x1994 msahci - ok
11:47:31.0584 0x1994 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\windows\system32\drivers\msdsm.sys
11:47:31.0598 0x1994 msdsm - ok
11:47:31.0615 0x1994 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\windows\System32\msdtc.exe
11:47:31.0641 0x1994 MSDTC - ok
11:47:31.0673 0x1994 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\windows\system32\drivers\Msfs.sys
11:47:31.0706 0x1994 Msfs - ok
11:47:31.0737 0x1994 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
11:47:31.0784 0x1994 mshidkmdf - ok
11:47:31.0807 0x1994 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
11:47:31.0820 0x1994 msisadrv - ok
11:47:31.0849 0x1994 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\windows\system32\iscsiexe.dll
11:47:31.0893 0x1994 MSiSCSI - ok
11:47:31.0899 0x1994 msiserver - ok
11:47:31.0936 0x1994 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
11:47:31.0986 0x1994 MSKSSRV - ok
11:47:32.0006 0x1994 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
11:47:32.0056 0x1994 MSPCLOCK - ok
11:47:32.0070 0x1994 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\windows\system32\drivers\MSPQM.sys
11:47:32.0104 0x1994 MSPQM - ok
11:47:32.0188 0x1994 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
11:47:32.0208 0x1994 MsRPC - ok
11:47:32.0249 0x1994 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
11:47:32.0260 0x1994 mssmbios - ok
11:47:32.0264 0x1994 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\windows\system32\drivers\MSTEE.sys
11:47:32.0308 0x1994 MSTEE - ok
11:47:32.0322 0x1994 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
11:47:32.0351 0x1994 MTConfig - ok
11:47:32.0388 0x1994 [ AA0C2BA3782E92BD85E2264BE418E67C, 8B0953926E83274DF16670F1EF6F4E302F7EE17418F486975C353A406850298C ] Mup C:\windows\system32\Drivers\mup.sys
11:47:32.0401 0x1994 Mup - ok
11:47:32.0438 0x1994 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\windows\system32\qagentRT.dll
11:47:32.0496 0x1994 napagent - ok
11:47:32.0531 0x1994 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
11:47:32.0556 0x1994 NativeWifiP - ok
11:47:32.0628 0x1994 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\windows\system32\drivers\ndis.sys
11:47:32.0662 0x1994 NDIS - ok
11:47:32.0689 0x1994 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
11:47:32.0723 0x1994 NdisCap - ok
11:47:32.0753 0x1994 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
11:47:32.0786 0x1994 NdisTapi - ok
11:47:32.0819 0x1994 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
11:47:32.0863 0x1994 Ndisuio - ok
11:47:32.0894 0x1994 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
11:47:32.0939 0x1994 NdisWan - ok
11:47:32.0957 0x1994 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
11:47:33.0005 0x1994 NDProxy - ok
11:47:33.0027 0x1994 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
11:47:33.0078 0x1994 NetBIOS - ok
11:47:33.0099 0x1994 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
11:47:33.0137 0x1994 NetBT - ok
11:47:33.0149 0x1994 [ 3E9BDCA3994E2B6B6AC16BAA76722934, A77FEE9D78C1151B13C9509FA89B64024442D00C3C9EA19954045413D8A69D73 ] Netlogon C:\windows\system32\lsass.exe
11:47:33.0172 0x1994 Netlogon - ok
11:47:33.0217 0x1994 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\windows\System32\netman.dll
11:47:33.0274 0x1994 Netman - ok
11:47:33.0350 0x1994 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:47:33.0376 0x1994 NetMsmqActivator - ok
11:47:33.0398 0x1994 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:47:33.0411 0x1994 NetPipeActivator - ok
11:47:33.0439 0x1994 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\windows\System32\netprofm.dll
11:47:33.0493 0x1994 netprofm - ok
11:47:33.0510 0x1994 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:47:33.0524 0x1994 NetTcpActivator - ok
11:47:33.0530 0x1994 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:47:33.0545 0x1994 NetTcpPortSharing - ok
11:47:33.0626 0x1994 [ 02A0D43320E1F711310BC51B02B3E22B, 3904FA144F74D99A2804E47A866E961D0CE144E58358AA14412B22DD9F4B1F22 ] NetworkManagement C:\Program Files\Advanced Monitoring Agent Network Management\NetworkManagement.exe
11:47:33.0638 0x1994 NetworkManagement - ok
11:47:33.0661 0x1994 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
11:47:33.0673 0x1994 nfrd960 - ok
11:47:33.0692 0x1994 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\windows\System32\nlasvc.dll
11:47:33.0727 0x1994 NlaSvc - ok
11:47:33.0743 0x1994 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\windows\system32\drivers\Npfs.sys
11:47:33.0774 0x1994 Npfs - ok
11:47:33.0803 0x1994 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\windows\system32\nsisvc.dll
11:47:33.0849 0x1994 nsi - ok
11:47:33.0862 0x1994 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
11:47:33.0909 0x1994 nsiproxy - ok
11:47:34.0005 0x1994 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
11:47:34.0066 0x1994 Ntfs - ok
11:47:34.0086 0x1994 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\windows\system32\drivers\Null.sys
11:47:34.0135 0x1994 Null - ok
11:47:34.0179 0x1994 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\windows\system32\drivers\nvraid.sys
11:47:34.0193 0x1994 nvraid - ok
11:47:34.0224 0x1994 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\windows\system32\drivers\nvstor.sys
11:47:34.0238 0x1994 nvstor - ok
11:47:34.0266 0x1994 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\windows\system32\drivers\nv_agp.sys
11:47:34.0279 0x1994 nv_agp - ok
11:47:34.0305 0x1994 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
11:47:34.0348 0x1994 ohci1394 - ok
11:47:34.0400 0x1994 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:47:34.0414 0x1994 ose - ok
11:47:34.0640 0x1994 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:47:34.0755 0x1994 osppsvc - ok
11:47:34.0803 0x1994 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\windows\system32\pnrpsvc.dll
11:47:34.0878 0x1994 p2pimsvc - ok
11:47:34.0902 0x1994 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\windows\system32\p2psvc.dll
11:47:34.0942 0x1994 p2psvc - ok
11:47:34.0974 0x1994 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\windows\system32\DRIVERS\parport.sys
11:47:34.0997 0x1994 Parport - ok
11:47:35.0023 0x1994 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\windows\system32\drivers\partmgr.sys
11:47:35.0035 0x1994 partmgr - ok
11:47:35.0066 0x1994 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\windows\System32\pcasvc.dll
11:47:35.0121 0x1994 PcaSvc - ok
11:47:35.0164 0x1994 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\windows\system32\drivers\pci.sys
11:47:35.0178 0x1994 pci - ok
11:47:35.0216 0x1994 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\windows\system32\drivers\pciide.sys
11:47:35.0229 0x1994 pciide - ok
11:47:35.0238 0x1994 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
11:47:35.0253 0x1994 pcmcia - ok
11:47:35.0274 0x1994 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\windows\system32\drivers\pcw.sys
11:47:35.0286 0x1994 pcw - ok
11:47:35.0332 0x1994 pdfcDispatcher - ok
11:47:35.0380 0x1994 [ 8F924F00F2F81422FD7C340FDA0E00D8, BCB4AD154FB54C878D53E046C4238EEF52B38E0C14157D120FDCF8F9E98679B4 ] PdiService C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
11:47:35.0392 0x1994 PdiService - ok
11:47:35.0426 0x1994 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\windows\system32\drivers\peauth.sys
11:47:35.0483 0x1994 PEAUTH - ok
11:47:35.0545 0x1994 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\windows\system32\peerdistsvc.dll
11:47:35.0643 0x1994 PeerDistSvc - ok
11:47:35.0743 0x1994 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\windows\SysWow64\perfhost.exe
11:47:35.0774 0x1994 PerfHost - ok
11:47:35.0846 0x1994 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\windows\system32\pla.dll
11:47:35.0944 0x1994 pla - ok
11:47:36.0012 0x1994 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\windows\system32\umpnpmgr.dll
11:47:36.0084 0x1994 PlugPlay - ok
11:47:36.0096 0x1994 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
11:47:36.0128 0x1994 PNRPAutoReg - ok
11:47:36.0147 0x1994 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\windows\system32\pnrpsvc.dll
11:47:36.0166 0x1994 PNRPsvc - ok
11:47:36.0209 0x1994 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
11:47:36.0276 0x1994 PolicyAgent - ok
11:47:36.0314 0x1994 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\windows\system32\umpo.dll
11:47:36.0361 0x1994 Power - ok
11:47:36.0395 0x1994 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
11:47:36.0428 0x1994 PptpMiniport - ok
11:47:36.0451 0x1994 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\windows\system32\DRIVERS\processr.sys
11:47:36.0479 0x1994 Processor - ok
11:47:36.0519 0x1994 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\windows\system32\profsvc.dll
11:47:36.0577 0x1994 ProfSvc - ok
11:47:36.0592 0x1994 [ 3E9BDCA3994E2B6B6AC16BAA76722934, A77FEE9D78C1151B13C9509FA89B64024442D00C3C9EA19954045413D8A69D73 ] ProtectedStorage C:\windows\system32\lsass.exe
11:47:36.0604 0x1994 ProtectedStorage - ok
11:47:36.0644 0x1994 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\windows\system32\DRIVERS\pacer.sys
11:47:36.0693 0x1994 Psched - ok
11:47:36.0756 0x1994 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
11:47:36.0829 0x1994 ql2300 - ok
11:47:36.0852 0x1994 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
11:47:36.0865 0x1994 ql40xx - ok
11:47:36.0898 0x1994 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\windows\system32\qwave.dll
11:47:36.0922 0x1994 QWAVE - ok
11:47:36.0941 0x1994 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
11:47:36.0973 0x1994 QWAVEdrv - ok
11:47:36.0990 0x1994 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
11:47:37.0029 0x1994 RasAcd - ok
11:47:37.0073 0x1994 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
11:47:37.0118 0x1994 RasAgileVpn - ok
11:47:37.0143 0x1994 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\windows\System32\rasauto.dll
11:47:37.0186 0x1994 RasAuto - ok
11:47:37.0217 0x1994 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
11:47:37.0265 0x1994 Rasl2tp - ok
11:47:37.0304 0x1994 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\windows\System32\rasmans.dll
11:47:37.0358 0x1994 RasMan - ok
11:47:37.0376 0x1994 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
11:47:37.0422 0x1994 RasPppoe - ok
11:47:37.0452 0x1994 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
11:47:37.0485 0x1994 RasSstp - ok
11:47:37.0532 0x1994 [ 71B6F78D6444CCE6F77BC42917A4E8F7, 34927A2C1CA349D251A327ED1F30018B065A8E6B886D9B5080A8AE2F6A8C0914 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
11:47:37.0586 0x1994 rdbss - ok
11:47:37.0600 0x1994 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
11:47:37.0615 0x1994 rdpbus - ok
11:47:37.0627 0x1994 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
11:47:37.0658 0x1994 RDPCDD - ok
11:47:37.0699 0x1994 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\windows\system32\drivers\rdpdr.sys
11:47:37.0756 0x1994 RDPDR - ok
11:47:37.0770 0x1994 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
11:47:37.0817 0x1994 RDPENCDD - ok
11:47:37.0834 0x1994 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
11:47:37.0866 0x1994 RDPREFMP - ok
11:47:37.0939 0x1994 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
11:47:38.0020 0x1994 RdpVideoMiniport - ok
11:47:38.0055 0x1994 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\windows\system32\drivers\RDPWD.sys
11:47:38.0114 0x1994 RDPWD - ok
11:47:38.0150 0x1994 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\windows\system32\drivers\rdyboost.sys
11:47:38.0166 0x1994 rdyboost - ok
11:47:38.0216 0x1994 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\windows\System32\mprdim.dll
11:47:38.0269 0x1994 RemoteAccess - ok
11:47:38.0299 0x1994 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\windows\system32\regsvc.dll
11:47:38.0339 0x1994 RemoteRegistry - ok
11:47:38.0400 0x1994 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
11:47:38.0420 0x1994 RFCOMM - ok
11:47:38.0435 0x1994 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
11:47:38.0469 0x1994 RpcEptMapper - ok
11:47:38.0489 0x1994 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\windows\system32\locator.exe
11:47:38.0516 0x1994 RpcLocator - ok
11:47:38.0554 0x1994 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\windows\system32\rpcss.dll
11:47:38.0596 0x1994 RpcSs - ok
11:47:38.0624 0x1994 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
11:47:38.0671 0x1994 rspndr - ok
11:47:38.0714 0x1994 [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
11:47:38.0741 0x1994 RTL8167 - ok
11:47:38.0784 0x1994 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\windows\system32\drivers\vms3cap.sys
11:47:38.0834 0x1994 s3cap - ok
11:47:38.0848 0x1994 [ 3E9BDCA3994E2B6B6AC16BAA76722934, A77FEE9D78C1151B13C9509FA89B64024442D00C3C9EA19954045413D8A69D73 ] SamSs C:\windows\system32\lsass.exe
11:47:38.0872 0x1994 SamSs - ok
11:47:38.0905 0x1994 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\windows\system32\drivers\sbp2port.sys
11:47:38.0918 0x1994 sbp2port - ok
11:47:38.0942 0x1994 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\windows\System32\SCardSvr.dll
11:47:38.0980 0x1994 SCardSvr - ok
11:47:39.0021 0x1994 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
11:47:39.0076 0x1994 scfilter - ok
11:47:39.0185 0x1994 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\windows\system32\schedsvc.dll
11:47:39.0265 0x1994 Schedule - ok
11:47:39.0286 0x1994 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\windows\System32\certprop.dll
11:47:39.0317 0x1994 SCPolicySvc - ok
11:47:39.0380 0x1994 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\windows\system32\drivers\sdbus.sys
11:47:39.0412 0x1994 sdbus - ok
11:47:39.0450 0x1994 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\windows\System32\SDRSVC.dll
11:47:39.0497 0x1994 SDRSVC - ok
11:47:39.0639 0x1994 [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
11:47:39.0685 0x1994 SDScannerService - ok
11:47:39.0805 0x1994 [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
11:47:39.0860 0x1994 SDUpdateService - ok
11:47:39.0883 0x1994 [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
11:47:39.0896 0x1994 SDWSCService - ok
11:47:39.0926 0x1994 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\windows\system32\drivers\secdrv.sys
11:47:39.0967 0x1994 secdrv - ok
11:47:39.0988 0x1994 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\windows\system32\seclogon.dll
11:47:40.0030 0x1994 seclogon - ok
11:47:40.0074 0x1994 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\windows\System32\sens.dll
11:47:40.0108 0x1994 SENS - ok
11:47:40.0140 0x1994 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\windows\system32\sensrsvc.dll
11:47:40.0175 0x1994 SensrSvc - ok
11:47:40.0199 0x1994 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
11:47:40.0229 0x1994 Serenum - ok
11:47:40.0249 0x1994 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\windows\system32\DRIVERS\serial.sys
11:47:40.0283 0x1994 Serial - ok
11:47:40.0342 0x1994 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
11:47:40.0373 0x1994 sermouse - ok
11:47:40.0418 0x1994 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\windows\system32\sessenv.dll
11:47:40.0454 0x1994 SessionEnv - ok
11:47:40.0480 0x1994 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\windows\system32\drivers\sffdisk.sys
11:47:40.0514 0x1994 sffdisk - ok
11:47:40.0528 0x1994 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
11:47:40.0541 0x1994 sffp_mmc - ok
11:47:40.0551 0x1994 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
11:47:40.0579 0x1994 sffp_sd - ok
11:47:40.0584 0x1994 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
11:47:40.0610 0x1994 sfloppy - ok
11:47:40.0640 0x1994 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\windows\System32\ipnathlp.dll
11:47:40.0680 0x1994 SharedAccess - ok
11:47:40.0727 0x1994 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
11:47:40.0768 0x1994 ShellHWDetection - ok
11:47:40.0800 0x1994 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
11:47:40.0811 0x1994 SiSRaid2 - ok
11:47:40.0830 0x1994 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
11:47:40.0844 0x1994 SiSRaid4 - ok
11:47:40.0921 0x1994 [ 0B70786BD1062CD4C6B58E412B9C3E55, 60ED027642FFF97BFFA55AE3EFFCCBB6D6AD8196D35E9ED06F9AF431E3C0402A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
11:47:40.0941 0x1994 SkypeUpdate - ok
11:47:40.0959 0x1994 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\windows\system32\DRIVERS\smb.sys
11:47:40.0994 0x1994 Smb - ok
11:47:41.0023 0x1994 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\windows\System32\snmptrap.exe
11:47:41.0055 0x1994 SNMPTRAP - ok
11:47:41.0158 0x1994 [ 43FBAA2C9E6B01B6AFC40B69019C27EC, 43772CACDD280A8E9D6B01BD967BE2970CA40CDB6F7FB322B64D487D36EA3754 ] SNP2UVC C:\windows\system32\DRIVERS\snp2uvc.sys
11:47:41.0241 0x1994 SNP2UVC - ok
11:47:41.0264 0x1994 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\windows\system32\drivers\spldr.sys
11:47:41.0275 0x1994 spldr - ok
11:47:41.0315 0x1994 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\windows\System32\spoolsv.exe
11:47:41.0395 0x1994 Spooler - ok
11:47:41.0566 0x1994 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\windows\system32\sppsvc.exe
11:47:41.0749 0x1994 sppsvc - ok
11:47:41.0772 0x1994 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\windows\system32\sppuinotify.dll
11:47:41.0824 0x1994 sppuinotify - ok
11:47:41.0863 0x1994 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\windows\system32\DRIVERS\srv.sys
11:47:41.0917 0x1994 srv - ok
11:47:41.0943 0x1994 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
11:47:41.0975 0x1994 srv2 - ok
11:47:42.0013 0x1994 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
11:47:42.0037 0x1994 srvnet - ok
11:47:42.0061 0x1994 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
11:47:42.0114 0x1994 SSDPSRV - ok
11:47:42.0131 0x1994 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\windows\system32\sstpsvc.dll
11:47:42.0181 0x1994 SstpSvc - ok
11:47:42.0239 0x1994 [ 0CDEA5ACBB69C45F642E96D81E906CCD, F7F4E9D5CBE0161611A8F66D9950D4CC8F408B6A42B80454962F3C059D60400E ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
11:47:42.0258 0x1994 STacSV - ok
11:47:42.0285 0x1994 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
11:47:42.0296 0x1994 stexstor - ok
11:47:42.0343 0x1994 [ 5C8D6072D1D09F11789C6A014688048A, 06D762E8C0201600E9F3F5A8FC2D943789572903C3DCAA1C8A8166F9F76BE608 ] STHDA C:\windows\system32\DRIVERS\stwrt64.sys
11:47:42.0387 0x1994 STHDA - ok
11:47:42.0462 0x1994 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\windows\System32\wiaservc.dll
11:47:42.0501 0x1994 stisvc - ok
11:47:42.0551 0x1994 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\windows\system32\drivers\vmstorfl.sys
11:47:42.0568 0x1994 storflt - ok
11:47:42.0594 0x1994 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\windows\system32\storsvc.dll
11:47:42.0649 0x1994 StorSvc - ok
11:47:42.0661 0x1994 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\windows\system32\drivers\storvsc.sys
11:47:42.0674 0x1994 storvsc - ok
11:47:42.0687 0x1994 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\windows\system32\drivers\swenum.sys
11:47:42.0697 0x1994 swenum - ok
11:47:42.0723 0x1994 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\windows\System32\swprv.dll
11:47:42.0791 0x1994 swprv - ok
11:47:42.0966 0x1994 [ 1BFDD504F8C2E76B74E86CCF11283368, 63D9512577241F79D71C045E8E01E9F3CABAABEB03DCA2AA41910F35D024DFA6 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
11:47:43.0014 0x1994 SynTP - ok
11:47:43.0138 0x1994 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\windows\system32\sysmain.dll
11:47:43.0222 0x1994 SysMain - ok
11:47:43.0264 0x1994 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
11:47:43.0299 0x1994 TabletInputService - ok
11:47:43.0346 0x1994 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\windows\System32\tapisrv.dll
11:47:43.0401 0x1994 TapiSrv - ok
11:47:43.0433 0x1994 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\windows\System32\tbssvc.dll
11:47:43.0472 0x1994 TBS - ok
11:47:43.0628 0x1994 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\windows\system32\drivers\tcpip.sys
11:47:43.0690 0x1994 Tcpip - ok
11:47:43.0757 0x1994 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
11:47:43.0809 0x1994 TCPIP6 - ok
11:47:43.0849 0x1994 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
11:47:43.0870 0x1994 tcpipreg - ok
11:47:43.0901 0x1994 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
11:47:43.0958 0x1994 TDPIPE - ok
11:47:43.0992 0x1994 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
11:47:44.0005 0x1994 TDTCP - ok
11:47:44.0049 0x1994 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\windows\system32\DRIVERS\tdx.sys
11:47:44.0094 0x1994 tdx - ok
11:47:44.0376 0x1994 [ 9F08C8C7977D30FE23591EDD3444105E, 8293400D1A568B1C2A6256A6F1DEAFA528DC46FCB5B119152944706EF1C5A248 ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
11:47:44.0506 0x1994 TeamViewer - ok
11:47:44.0541 0x1994 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\windows\system32\drivers\termdd.sys
11:47:44.0555 0x1994 TermDD - ok
11:47:44.0611 0x1994 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\windows\System32\termsrv.dll
11:47:44.0665 0x1994 TermService - ok
11:47:44.0693 0x1994 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\windows\system32\themeservice.dll
11:47:44.0729 0x1994 Themes - ok
11:47:44.0758 0x1994 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\windows\system32\mmcss.dll
11:47:44.0790 0x1994 THREADORDER - ok
11:47:44.0820 0x1994 [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM C:\windows\system32\drivers\tpm.sys
11:47:44.0833 0x1994 TPM - ok
11:47:44.0849 0x1994 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\windows\System32\trkwks.dll
11:47:44.0900 0x1994 TrkWks - ok
11:47:44.0991 0x1994 [ FE3D70DE933A481284FCE7D5DB5DCE50, A2A1C6AEED6417FCEE5990CD766B2A78D9037583B57617418242D98C031617F2 ] trufos C:\windows\system32\DRIVERS\trufos.sys
11:47:45.0013 0x1994 trufos - ok
11:47:45.0067 0x1994 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
11:47:45.0100 0x1994 TrustedInstaller - ok
11:47:45.0143 0x1994 [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
11:47:45.0155 0x1994 tssecsrv - ok
11:47:45.0185 0x1994 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
11:47:45.0238 0x1994 TsUsbFlt - ok
11:47:45.0281 0x1994 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
11:47:45.0325 0x1994 tunnel - ok
11:47:45.0330 0x1994 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
11:47:45.0342 0x1994 uagp35 - ok
11:47:45.0390 0x1994 [ D5994AB5C2B2D72D6320A7004D52617C, 6F5BCDE29233EA43EA29223CAC91119123CE01F87B3228E5F6FBCB6C14A675DE ] uArcCapture C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
11:47:45.0408 0x1994 uArcCapture - ok
11:47:45.0433 0x1994 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\windows\system32\DRIVERS\udfs.sys
11:47:45.0478 0x1994 udfs - ok
11:47:45.0499 0x1994 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\windows\system32\UI0Detect.exe
11:47:45.0513 0x1994 UI0Detect - ok
11:47:45.0529 0x1994 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
11:47:45.0542 0x1994 uliagpkx - ok
11:47:45.0584 0x1994 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\windows\system32\drivers\umbus.sys
11:47:45.0615 0x1994 umbus - ok
11:47:45.0644 0x1994 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\windows\system32\DRIVERS\umpass.sys
11:47:45.0674 0x1994 UmPass - ok
11:47:45.0716 0x1994 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\windows\System32\umrdp.dll
11:47:45.0740 0x1994 UmRdpService - ok
11:47:45.0885 0x1994 [ A69CD6BDB82872999D2E46F9324ADA83, 1F06D5B716D48E693A082C1FC49D80405F50D60C78FDF5829FF51F1CC11CF011 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
11:47:45.0949 0x1994 UNS - ok
11:47:46.0048 0x1994 [ 8151A6EAA6F93BEB1963DFEBCA33DF61, 5F4A4AB2CABED47EFBFCA15707A29BEEF7D159A293A884C478CBF99BDC25F07D ] UpdateService C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\UpdateService.exe
11:47:46.0102 0x1994 UpdateService - ok
11:47:46.0132 0x1994 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\windows\System32\upnphost.dll
11:47:46.0199 0x1994 upnphost - ok
11:47:46.0239 0x1994 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
11:47:46.0282 0x1994 usbccgp - ok
11:47:46.0312 0x1994 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\windows\system32\drivers\usbcir.sys
11:47:46.0341 0x1994 usbcir - ok
11:47:46.0379 0x1994 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\windows\system32\drivers\usbehci.sys
11:47:46.0409 0x1994 usbehci - ok
11:47:46.0454 0x1994 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
11:47:46.0520 0x1994 usbhub - ok
11:47:46.0542 0x1994 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\windows\system32\drivers\usbohci.sys
11:47:46.0556 0x1994 usbohci - ok
11:47:46.0597 0x1994 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
11:47:46.0624 0x1994 usbprint - ok
11:47:46.0658 0x1994 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
11:47:46.0722 0x1994 USBSTOR - ok
11:47:46.0735 0x1994 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
11:47:46.0762 0x1994 usbuhci - ok
11:47:46.0793 0x1994 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
11:47:46.0828 0x1994 usbvideo - ok
11:47:46.0845 0x1994 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\windows\System32\uxsms.dll
11:47:46.0879 0x1994 UxSms - ok
11:47:46.0936 0x1994 [ 3E9BDCA3994E2B6B6AC16BAA76722934, A77FEE9D78C1151B13C9509FA89B64024442D00C3C9EA19954045413D8A69D73 ] VaultSvc C:\windows\system32\lsass.exe
11:47:46.0948 0x1994 VaultSvc - ok
11:47:47.0089 0x1994 [ 41EEF971DD82A3674D07F275A4DEF702, 67F5CAAD5FCDAFBF6C5140662B00921BEBF2F65C368D42E50047E596465F1451 ] vcsFPService C:\windows\system32\vcsFPService.exe
11:47:47.0168 0x1994 vcsFPService - ok
11:47:47.0196 0x1994 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
11:47:47.0207 0x1994 vdrvroot - ok
11:47:47.0252 0x1994 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\windows\System32\vds.exe
11:47:47.0320 0x1994 vds - ok
11:47:47.0343 0x1994 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
11:47:47.0357 0x1994 vga - ok
11:47:47.0373 0x1994 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\windows\System32\drivers\vga.sys
11:47:47.0403 0x1994 VgaSave - ok
11:47:47.0446 0x1994 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\windows\system32\drivers\vhdmp.sys
11:47:47.0462 0x1994 vhdmp - ok
11:47:47.0492 0x1994 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\windows\system32\drivers\viaide.sys
11:47:47.0503 0x1994 viaide - ok
11:47:47.0526 0x1994 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\windows\system32\drivers\vmbus.sys
11:47:47.0541 0x1994 vmbus - ok
11:47:47.0558 0x1994 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\windows\system32\drivers\VMBusHID.sys
11:47:47.0578 0x1994 VMBusHID - ok
11:47:47.0613 0x1994 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\windows\system32\drivers\volmgr.sys
11:47:47.0625 0x1994 volmgr - ok
11:47:47.0665 0x1994 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\windows\system32\drivers\volmgrx.sys
11:47:47.0685 0x1994 volmgrx - ok
11:47:47.0709 0x1994 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\windows\system32\drivers\volsnap.sys
11:47:47.0729 0x1994 volsnap - ok
11:47:47.0766 0x1994 [ B4A73CA4EF9A02B9738CEA9AD5FE5917, B6A8086189FE2F1C3FE5B3F484FBA3DB2E5E1836F3154D30090F136C27D16166 ] vpcbus C:\windows\system32\DRIVERS\vpchbus.sys
11:47:47.0782 0x1994 vpcbus - ok
11:47:47.0794 0x1994 [ E675FB2B48C54F09895482E2253B289C, 68BBFBF2356C849722E429CA753CC309A3CCE8CF00EBDBBD2695ECD292324DF2 ] vpcnfltr C:\windows\system32\DRIVERS\vpcnfltr.sys
11:47:47.0831 0x1994 vpcnfltr - ok
11:47:47.0852 0x1994 [ 5FB42082B0D19A0268705F1DD343DF20, 62F8EEE6A507CE6A8BD638020118D71B78332F79BA82654AB702AE46B04767D9 ] vpcusb C:\windows\system32\DRIVERS\vpcusb.sys
11:47:47.0866 0x1994 vpcusb - ok
11:47:47.0895 0x1994 [ 207B6539799CC1C112661A9B620DD233, 6B915CC7F77C867516D94865D7BF2E5C815402EF0A4488C3EB2FEF7CFA6C98F6 ] vpcvmm C:\windows\system32\drivers\vpcvmm.sys
11:47:47.0925 0x1994 vpcvmm - ok
11:47:47.0960 0x1994 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
11:47:47.0974 0x1994 vsmraid - ok
11:47:48.0033 0x1994 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\windows\system32\vssvc.exe
11:47:48.0135 0x1994 VSS - ok
11:47:48.0141 0x1994 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
11:47:48.0164 0x1994 vwifibus - ok
11:47:48.0185 0x1994 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
11:47:48.0216 0x1994 vwififlt - ok
11:47:48.0255 0x1994 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\windows\system32\w32time.dll
11:47:48.0314 0x1994 W32Time - ok
11:47:48.0337 0x1994 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
11:47:48.0364 0x1994 WacomPen - ok
11:47:48.0430 0x1994 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
11:47:48.0472 0x1994 WANARP - ok
11:47:48.0507 0x1994 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
11:47:48.0537 0x1994 Wanarpv6 - ok
11:47:48.0610 0x1994 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
11:47:48.0671 0x1994 WatAdminSvc - ok
11:47:48.0743 0x1994 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\windows\system32\wbengine.exe
11:47:48.0834 0x1994 wbengine - ok
11:47:48.0858 0x1994 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\windows\System32\wbiosrvc.dll
11:47:48.0898 0x1994 WbioSrvc - ok
11:47:48.0947 0x1994 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\windows\System32\wcncsvc.dll
11:47:48.0981 0x1994 wcncsvc - ok
11:47:49.0003 0x1994 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
11:47:49.0050 0x1994 WcsPlugInService - ok
11:47:49.0064 0x1994 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\windows\system32\DRIVERS\wd.sys
11:47:49.0075 0x1994 Wd - ok
11:47:49.0132 0x1994 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
11:47:49.0179 0x1994 Wdf01000 - ok
11:47:49.0218 0x1994 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\windows\system32\wdi.dll
11:47:49.0248 0x1994 WdiServiceHost - ok
11:47:49.0252 0x1994 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\windows\system32\wdi.dll
11:47:49.0266 0x1994 WdiSystemHost - ok
11:47:49.0307 0x1994 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\windows\System32\webclnt.dll
11:47:49.0349 0x1994 WebClient - ok
11:47:49.0372 0x1994 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\windows\system32\wecsvc.dll
11:47:49.0427 0x1994 Wecsvc - ok
11:47:49.0445 0x1994 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\windows\System32\wercplsupport.dll
11:47:49.0507 0x1994 wercplsupport - ok
11:47:49.0540 0x1994 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\windows\System32\WerSvc.dll
11:47:49.0585 0x1994 WerSvc - ok
11:47:49.0606 0x1994 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
11:47:49.0640 0x1994 WfpLwf - ok
11:47:49.0673 0x1994 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\windows\system32\drivers\wimmount.sys
11:47:49.0685 0x1994 WIMMount - ok
11:47:49.0706 0x1994 WinDefend - ok
11:47:49.0714 0x1994 WinHttpAutoProxySvc - ok
11:47:49.0784 0x1994 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
11:47:49.0834 0x1994 Winmgmt - ok
11:47:49.0924 0x1994 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\windows\system32\WsmSvc.dll
11:47:50.0033 0x1994 WinRM - ok
11:47:50.0061 0x1994 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUSB C:\windows\system32\DRIVERS\WinUSB.sys
11:47:50.0090 0x1994 WinUSB - ok
11:47:50.0145 0x1994 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\windows\System32\wlansvc.dll
11:47:50.0197 0x1994 Wlansvc - ok
11:47:50.0354 0x1994 [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:47:50.0412 0x1994 wlidsvc - ok
11:47:50.0454 0x1994 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
11:47:50.0477 0x1994 WmiAcpi - ok
11:47:50.0505 0x1994 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
11:47:50.0523 0x1994 wmiApSrv - ok
11:47:50.0533 0x1994 WMPNetworkSvc - ok
11:47:50.0564 0x1994 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\windows\System32\wpcsvc.dll
11:47:50.0595 0x1994 WPCSvc - ok
11:47:50.0631 0x1994 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
11:47:50.0664 0x1994 WPDBusEnum - ok
11:47:50.0691 0x1994 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
11:47:50.0735 0x1994 ws2ifsl - ok
11:47:50.0758 0x1994 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\windows\System32\wscsvc.dll
11:47:50.0779 0x1994 wscsvc - ok
11:47:50.0782 0x1994 WSearch - ok
11:47:50.0891 0x1994 [ 291778E1A36716182AFBC1731B2DFEAB, C0B928CCCE8C496C90C42E0D294BAB51DC67C02B0D20CFB6A16B0AE1F51CC497 ] wuauserv C:\windows\system32\wuaueng.dll
11:47:51.0026 0x1994 wuauserv - ok
11:47:51.0062 0x1994 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
11:47:51.0105 0x1994 WudfPf - ok
11:47:51.0136 0x1994 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
11:47:51.0169 0x1994 WUDFRd - ok
11:47:51.0202 0x1994 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\windows\System32\WUDFSvc.dll
11:47:51.0228 0x1994 wudfsvc - ok
11:47:51.0265 0x1994 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\windows\System32\wwansvc.dll
11:47:51.0301 0x1994 WwanSvc - ok
11:47:51.0340 0x1994 ================ Scan global ===============================
11:47:51.0372 0x1994 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\windows\system32\basesrv.dll
11:47:51.0412 0x1994 [ 8927015C999D55D9B4AC66000EE5343D, 2AC4896880BAD44192822063A31785F4A716D992201B3E6A590A2D75D9729A4A ] C:\windows\system32\winsrv.dll
11:47:51.0435 0x1994 [ 8927015C999D55D9B4AC66000EE5343D, 2AC4896880BAD44192822063A31785F4A716D992201B3E6A590A2D75D9729A4A ] C:\windows\system32\winsrv.dll
11:47:51.0476 0x1994 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
11:47:51.0525 0x1994 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\windows\system32\services.exe
11:47:51.0534 0x1994 [ Global ] - ok
11:47:51.0534 0x1994 ================ Scan MBR ==================================
11:47:51.0560 0x1994 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:47:52.0023 0x1994 \Device\Harddisk0\DR0 - ok
11:47:52.0024 0x1994 ================ Scan VBR ==================================
11:47:52.0026 0x1994 [ D651B19D4C8D044C9403244DF76DEFB5 ] \Device\Harddisk0\DR0\Partition1
11:47:52.0028 0x1994 \Device\Harddisk0\DR0\Partition1 - ok
11:47:52.0030 0x1994 [ 96C5BCCE9A67D3ECD90D205A204EFD7E ] \Device\Harddisk0\DR0\Partition2
11:47:52.0032 0x1994 \Device\Harddisk0\DR0\Partition2 - ok
11:47:52.0034 0x1994 [ 4E45B941D4A250022475B62BBDEB0ABE ] \Device\Harddisk0\DR0\Partition3
11:47:52.0036 0x1994 \Device\Harddisk0\DR0\Partition3 - ok
11:47:52.0038 0x1994 [ 9276383CC3B6447694A835EF9121E0A3 ] \Device\Harddisk0\DR0\Partition4
11:47:52.0039 0x1994 \Device\Harddisk0\DR0\Partition4 - ok
11:47:52.0040 0x1994 ================ Scan generic autorun ======================
11:47:52.0119 0x1994 [ B13D24EBC32B570F40CBEF8C6AAA08D5, 9F4DEF06A571E93447BFAF89AC315E5C832CCC32431B4EC451D1E09D161EA452 ] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe
11:47:52.0129 0x1994 HPPowerAssistant - ok
11:47:52.0130 0x1994 SynTPEnh - ok
11:47:52.0159 0x1994 [ E5E36F473EE6C78D59BD146AEA72126E, 53C5C5885C96D7CEA9983ECF857D35E0DEF5882C041AB3BFA9FA855E6B15512C ] C:\windows\system32\igfxtray.exe
11:47:52.0172 0x1994 IgfxTray - ok
11:47:52.0198 0x1994 [ B344EFF1EF4B8B38E62285C879DEEF15, 0D5CF8C9DD4ADFDF8F7A98A15157B96BF8D719B20939DE3A5BDE557534AA211C ] C:\windows\system32\hkcmd.exe
11:47:52.0215 0x1994 HotKeysCmds - ok
11:47:52.0234 0x1994 [ C08DE420FED6773828CEB64E38D5CE73, C08C01711D625386145802FD0E627DF5D22BCBBA7F0FACAA22BC1977176DF3EC ] C:\windows\system32\igfxpers.exe
11:47:52.0252 0x1994 Persistence - ok
11:47:52.0326 0x1994 [ E600CE78AF8F386AA4E2A18B36EEE728, EB996E0C567626F27D9680E023046589A258AC3006CB11DC70BAEC78EC71652B ] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
11:47:52.0359 0x1994 AtherosBtStack - detected UnsignedFile.Multi.Generic ( 1 )
11:47:54.0827 0x1994 Detect skipped due to KSN trusted
11:47:54.0828 0x1994 AtherosBtStack - ok
11:47:54.0884 0x1994 [ 43E822906AC752CF864A7B73D2B9B1C5, 5F167F8ACDD5F5B655F197C78DF544F30F38927397EBCD065B63B2D6A70795ED ] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
11:47:54.0908 0x1994 AthBtTray - detected UnsignedFile.Multi.Generic ( 1 )
11:47:57.0123 0x1ab8 Object required for P2P: [ A69CD6BDB82872999D2E46F9324ADA83 ] UNS
11:47:57.0344 0x1994 Detect skipped due to KSN trusted
11:47:57.0344 0x1994 AthBtTray - ok
11:47:57.0432 0x1994 [ AF891F9CA22113D229B5EF18AFAEEFB7, 0CFC5326C819542CFCEDE22B8AA059F7C93E66552C4F995D11D6C4CB7D57A458 ] C:\Program Files\IDT\WDM\sttray64.exe
11:47:57.0478 0x1994 SysTrayApp - ok
11:47:57.0539 0x1994 [ CAC998C8D3E0D56D2F245E42C2F70809, 99148E6C7EB6A299B00320350C31D9AAB9326DF85089E92E50E175C1355549EC ] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
11:47:57.0555 0x1994 QLBController - ok
11:47:57.0640 0x1994 [ D1918E94EF4A1AF8B8D87766B752496B, 649D01870E244E6CA7D67021D2E39E7711DAB5BC5121DB39D0F4957B57ED4AC6 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
11:47:57.0688 0x1994 StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
11:47:59.0694 0x1ab8 Object send P2P result: true
11:48:00.0064 0x1994 Detect skipped due to KSN trusted
11:48:00.0064 0x1994 StartCCC - ok
11:48:00.0159 0x1994 [ 20E2FB1FF86FDEA6894F98AC31568396, B9F84A13BBEDF1D7033269B34E7F9B7B7BDC629AE60C2D6BE48853898E987F33 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
11:48:00.0174 0x1994 IAStorIcon - ok
11:48:00.0213 0x1994 [ 45CA20470C941959C97B43B8B458C2CD, 9986A587F36B2715BE9106FBBD49519B156595555DC59BB4DBFCEDA3A49D8644 ] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
11:48:00.0223 0x1994 HPConnectionManager - ok
11:48:00.0307 0x1994 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:48:00.0406 0x1994 Sidebar - ok
11:48:00.0444 0x1994 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:48:00.0473 0x1994 mctadmin - ok
11:48:00.0504 0x1994 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:48:00.0555 0x1994 Sidebar - ok
11:48:00.0562 0x1994 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:48:00.0579 0x1994 mctadmin - ok
11:48:00.0850 0x1994 [ 15914F30482983E349FF9544B2DCAF11, 457833C665AB340D6DEE6B489947EE2D5202D4C93097C194A9DF196AFE4E4898 ] C:\Program Files\CCleaner\CCleaner64.exe
11:48:01.0035 0x1994 CCleaner Monitoring - ok
11:48:01.0123 0x1994 [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
11:48:01.0178 0x1994 SpybotPostWindows10UpgradeReInstall - detected UnsignedFile.Multi.Generic ( 1 )
11:48:03.0630 0x1994 Detect skipped due to KSN trusted
11:48:03.0630 0x1994 SpybotPostWindows10UpgradeReInstall - ok
11:48:03.0754 0x1994 [ 72FBD174CB8BCA9C94809C557031FA96, 08A50B4E783DB7389AAE3EDC90ED49C91ECC0910D2D1CCF6EBD5FBF4F5105441 ] C:\Program Files (x86)\ownCloud\owncloud.exe
11:48:03.0834 0x1994 ownCloud - detected UnsignedFile.Multi.Generic ( 1 )
11:48:06.0334 0x1994 Detect skipped due to KSN trusted
11:48:06.0334 0x1994 ownCloud - ok
11:48:06.0335 0x1994 Waiting for KSN requests completion. In queue: 9
11:48:06.0983 0x1658 Object required for P2P: [ 15914F30482983E349FF9544B2DCAF11 ] C:\Program Files\CCleaner\CCleaner64.exe
11:48:07.0335 0x1994 Waiting for KSN requests completion. In queue: 1
11:48:08.0335 0x1994 Waiting for KSN requests completion. In queue: 1
11:48:09.0335 0x1994 Waiting for KSN requests completion. In queue: 1
11:48:09.0561 0x1658 Object send P2P result: true
11:48:10.0463 0x1994 AV detected via SS2: Managed Antivirus-Anti-Malware, C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\ProductActionCenterFix.exe ( 5.3.26.727 ), 0x41000 ( enabled : updated )
11:48:10.0491 0x1994 Win FW state via NFP2: enabled ( trusted )
11:48:12.0918 0x1994 ============================================================
11:48:12.0918 0x1994 Scan finished
11:48:12.0918 0x1994 ============================================================
11:48:12.0927 0x1c14 Detected object count: 1
11:48:12.0927 0x1c14 Actual detected object count: 1
11:54:25.0292 0x1c14 Advanced Monitoring Agent ( UnsignedFile.Multi.Generic ) - skipped by user
11:54:25.0292 0x1c14 Advanced Monitoring Agent ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:54:31.0482 0x1c34 Deinitialize success
|
|
08.11.2015, 20:28
| #7 |
| /// the machine /// TB-Ausbilder | Bank Austria Onlinebanking, falsche Webseite hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.11.2015, 12:29
| #8 |
| | Bank Austria Onlinebanking, falsche Webseite Hallo! Code:
ATTFilter ComboFix 15-11-09.01 - Herbert.Bruckmueller 09.11.2015 11:55:10.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.43.1031.18.4030.1319 [GMT 1:00]
ausgeführt von:: c:\users\herbert.bruckmueller\Downloads\ComboFix.exe
AV: Managed Antivirus-Anti-Malware *Enabled/Updated* {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
SP: Managed Antivirus-Anti-Malware *Enabled/Updated* {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
SP: Spybot - Search and Destroy *Disabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_UpdateService
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-10-09 bis 2015-11-09 ))))))))))))))))))))))))))))))
.
.
2015-11-09 11:05 . 2015-11-09 11:05 -------- d-----w- c:\users\herbert\AppData\Local\temp
2015-11-09 11:05 . 2015-11-09 11:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-11-07 16:47 . 2015-11-07 16:47 -------- d-----w- c:\program files (x86)\ESET
2015-11-07 14:42 . 2015-11-08 10:42 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-11-07 10:48 . 2015-11-07 10:52 -------- d-----w- C:\FRST
2015-10-22 11:43 . 2015-10-22 11:43 -------- d-----w- c:\users\herbert.bruckmueller\AppData\Local\Diagnostics
2015-10-22 09:44 . 2015-10-22 09:44 -------- d-----w- c:\program files (x86)\Common Files\Java
2015-10-15 08:58 . 2015-11-09 11:05 -------- d-----w- c:\users\herbert.bruckmueller\AppData\Local\ownCloud
2015-10-15 08:58 . 2015-10-27 09:32 -------- d-----w- c:\users\herbert.bruckmueller\SIVAG Wiki
2015-10-15 08:56 . 2015-10-29 08:15 -------- d-----w- c:\program files (x86)\ownCloud
2015-10-13 08:27 . 2015-10-13 11:34 -------- d-----w- c:\program files\HitmanPro
2015-10-13 08:27 . 2015-10-13 09:20 -------- d-----w- c:\programdata\HitmanPro
2015-10-13 08:22 . 2015-10-22 09:44 -------- d-----w- c:\users\herbert.bruckmueller\.oracle_jre_usage
2015-10-13 08:21 . 2015-10-22 09:43 97888 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-10-13 08:21 . 2015-10-22 09:44 -------- d-----w- c:\programdata\Oracle
2015-10-13 08:21 . 2015-10-22 09:43 -------- d-----w- c:\program files (x86)\Java
2015-10-12 17:25 . 2015-10-12 23:53 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0
2015-10-12 14:09 . 2015-11-07 16:24 -------- d-----w- C:\AdwCleaner
2015-10-12 12:35 . 2015-07-30 13:13 103120 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-10-12 12:35 . 2015-07-30 13:13 124624 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-10-12 11:53 . 2015-07-15 18:10 1743360 ----a-w- c:\windows\system32\sysmain.dll
2015-10-12 11:53 . 2015-07-15 18:15 94656 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2015-10-12 11:53 . 2015-07-15 20:23 2560 ----a-w- c:\windows\system32\drivers\de-DE\mountmgr.sys.mui
2015-10-12 11:53 . 2015-07-15 18:10 11264 ----a-w- c:\windows\system32\msmmsp.dll
2015-10-12 11:53 . 2015-07-30 18:06 1648128 ----a-w- c:\windows\system32\DWrite.dll
2015-10-12 11:53 . 2015-07-30 18:06 1180160 ----a-w- c:\windows\system32\FntCache.dll
2015-10-12 11:53 . 2015-07-30 17:57 1251328 ----a-w- c:\windows\SysWow64\DWrite.dll
2015-10-12 11:53 . 2015-07-30 18:06 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2015-10-12 11:53 . 2015-07-30 17:57 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2015-10-12 11:53 . 2015-07-15 03:17 2048 ----a-w- c:\windows\system32\tzres.dll
2015-10-12 11:53 . 2015-07-15 02:54 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2015-10-12 11:53 . 2015-06-02 00:07 254976 ----a-w- c:\windows\system32\cewmdm.dll
2015-10-12 11:53 . 2015-06-01 23:47 210432 ----a-w- c:\windows\SysWow64\cewmdm.dll
2015-10-12 11:51 . 2015-06-17 17:47 404992 ----a-w- c:\windows\system32\gdi32.dll
2015-10-12 11:31 . 2015-08-27 18:18 1887232 ----a-w- c:\windows\system32\msxml3.dll
2015-10-12 11:31 . 2015-08-27 18:18 2004480 ----a-w- c:\windows\system32\msxml6.dll
2015-10-12 11:31 . 2015-08-27 18:13 2048 ----a-w- c:\windows\system32\msxml6r.dll
2015-10-12 11:31 . 2015-08-27 18:13 2048 ----a-w- c:\windows\system32\msxml3r.dll
2015-10-12 11:31 . 2015-08-27 17:58 1391104 ----a-w- c:\windows\SysWow64\msxml6.dll
2015-10-12 11:31 . 2015-08-27 17:58 1241088 ----a-w- c:\windows\SysWow64\msxml3.dll
2015-10-12 11:31 . 2015-08-27 17:51 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll
2015-10-12 11:31 . 2015-08-27 17:51 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2015-10-12 11:31 . 2015-07-10 17:51 14177280 ----a-w- c:\windows\system32\shell32.dll
2015-10-12 11:22 . 2015-09-02 01:51 3209216 ----a-w- c:\windows\system32\win32k.sys
2015-10-12 11:22 . 2015-09-02 03:04 41984 ----a-w- c:\windows\system32\lpk.dll
2015-10-12 11:22 . 2015-09-02 03:04 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-10-12 11:22 . 2015-09-02 03:04 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-10-12 11:22 . 2015-09-02 03:04 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-10-12 11:22 . 2015-09-02 02:48 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-10-12 11:22 . 2015-09-02 02:48 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-10-12 11:22 . 2015-09-02 02:48 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-10-12 11:22 . 2015-09-02 02:47 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-10-12 11:22 . 2015-09-02 01:47 372736 ----a-w- c:\windows\system32\atmfd.dll
2015-10-12 11:22 . 2015-09-02 01:33 299520 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-10-12 11:05 . 2015-10-12 11:05 -------- d-----w- c:\program files\Common Files\AV
2015-10-12 11:01 . 2013-09-20 08:49 21040 ----a-w- c:\windows\system32\sdnclean64.exe
2015-10-12 11:01 . 2015-10-12 12:07 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2015-10-12 11:01 . 2015-10-12 11:16 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-11-08 10:16 . 2015-09-28 07:55 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-11-08 10:15 . 2015-09-28 07:54 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-11-07 19:43 . 2015-05-28 11:37 1600520 ----a-w- c:\windows\system32\drivers\avc3.sys
2015-11-07 19:41 . 2015-05-28 12:21 775424 ----a-w- c:\windows\system32\drivers\avckf.sys
2015-11-07 19:40 . 2015-09-03 07:16 477272 ----a-w- c:\windows\system32\drivers\trufos.sys
2015-10-18 16:53 . 2015-03-06 11:41 780488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-10-18 16:53 . 2015-03-06 11:41 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-10-05 08:50 . 2015-09-28 07:54 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-10-05 08:50 . 2015-09-28 07:54 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-08-26 16:37 . 2015-03-06 11:44 134753440 ----a-w- c:\windows\system32\MRT.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ownCloud"="c:\program files (x86)\ownCloud\owncloud.exe" [2015-10-21 1704974]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2011-01-28 299576]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-03-28 336384]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-26 283160]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2011-04-05 94264]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2014-06-24 4101576]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-10-06 597040]
.
c:\users\herbert.bruckmueller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
aBMainFX - Verknüpfung.lnk - \\SRVBER\artBase\aB-Agenta Programm\aBMainFX.exe [2015-10-2 582144]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Outlook 2010.lnk - c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe [2015-3-5 304296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
R2 Mobile Partner. RunOuc;Mobile Partner. OUC;c:\program files (x86)\Mobile Partner\UpdateDog\ouc.exe;c:\program files (x86)\Mobile Partner\UpdateDog\ouc.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys;c:\windows\SYSNATIVE\DRIVERS\avc3.sys [x]
S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys;c:\windows\SYSNATIVE\drivers\gfibto.sys [x]
S0 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys;c:\windows\SYSNATIVE\DRIVERS\gzflt.sys [x]
S2 Advanced Monitoring Agent;Advanced Monitoring Agent;c:\program files (x86)\Advanced Monitoring Agent\winagent.exe;c:\program files (x86)\Advanced Monitoring Agent\winagent.exe [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 EndpointIntegration;IT@WORK GmbH Antivirus Endpoint Integration Service;c:\program files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\EndpointIntegration.exe;c:\program files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\EndpointIntegration.exe [x]
S2 EndpointService;IT@WORK GmbH Antivirus Endpoint Host Service;c:\program files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\EndpointService.exe;c:\program files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\EndpointService.exe [x]
S2 epag;IT@WORK GmbH Antivirus Endpoint Agent;c:\program files\Common Files\IT@WORK GmbH Antivirus\Endpoint Agent\epag.exe;c:\program files\Common Files\IT@WORK GmbH Antivirus\Endpoint Agent\epag.exe [x]
S2 gfi_lanss11_attservice;GFI LanGuard 11 Attendant Service;c:\progra~2\ADVANC~1\patchman\lnssatt.exe;c:\progra~2\ADVANC~1\patchman\lnssatt.exe [x]
S2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [x]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [x]
S2 ManagedAntivirus;IT@WORK GmbH Antivirus Endpoint Master Service;c:\program files\Managed Antivirus\Managed Antivirus Master Service\ManagedAntivirus.exe;c:\program files\Managed Antivirus\Managed Antivirus Master Service\ManagedAntivirus.exe [x]
S2 NetworkManagement;Advanced Monitoring Agent Network Management;c:\program files\Advanced Monitoring Agent Network Management\NetworkManagement.exe;c:\program files\Advanced Monitoring Agent Network Management\NetworkManagement.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [x]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
S2 uArcCapture;ArcCapture;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftVCapture.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys;c:\windows\SYSNATIVE\DRIVERS\avckf.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-10-27 09:50 997704 ----a-w- c:\program files (x86)\Google\Chrome\Application\46.0.2490.80\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-11-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-06 16:53]
.
2015-11-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-03-26 18:39]
.
2015-11-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-03-26 18:39]
.
2015-11-07 c:\windows\Tasks\HPCeeScheduleForHERBERT-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OCError]
@="{0960F090-F328-48A3-B746-276B1E3C3722}"
[HKEY_CLASSES_ROOT\CLSID\{0960F090-F328-48A3-B746-276B1E3C3722}]
2015-06-19 01:31 274432 ----a-w- c:\program files (x86)\ownCloud\shellext\OCOverlays_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OCErrorShared]
@="{0960F091-F328-48A3-B746-276B1E3C3722}"
[HKEY_CLASSES_ROOT\CLSID\{0960F091-F328-48A3-B746-276B1E3C3722}]
2015-06-19 01:31 274432 ----a-w- c:\program files (x86)\ownCloud\shellext\OCOverlays_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OCOK]
@="{0960F092-F328-48A3-B746-276B1E3C3722}"
[HKEY_CLASSES_ROOT\CLSID\{0960F092-F328-48A3-B746-276B1E3C3722}]
2015-06-19 01:31 274432 ----a-w- c:\program files (x86)\ownCloud\shellext\OCOverlays_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OCOKShared]
@="{0960F093-F328-48A3-B746-276B1E3C3722}"
[HKEY_CLASSES_ROOT\CLSID\{0960F093-F328-48A3-B746-276B1E3C3722}]
2015-06-19 01:31 274432 ----a-w- c:\program files (x86)\ownCloud\shellext\OCOverlays_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OCSync]
@="{0960F094-F328-48A3-B746-276B1E3C3722}"
[HKEY_CLASSES_ROOT\CLSID\{0960F094-F328-48A3-B746-276B1E3C3722}]
2015-06-19 01:31 274432 ----a-w- c:\program files (x86)\ownCloud\shellext\OCOverlays_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OCSyncShared]
@="{0960F095-F328-48A3-B746-276B1E3C3722}"
[HKEY_CLASSES_ROOT\CLSID\{0960F095-F328-48A3-B746-276B1E3C3722}]
2015-06-19 01:31 274432 ----a-w- c:\program files (x86)\ownCloud\shellext\OCOverlays_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OCWarning]
@="{0960F096-F328-48A3-B746-276B1E3C3722}"
[HKEY_CLASSES_ROOT\CLSID\{0960F096-F328-48A3-B746-276B1E3C3722}]
2015-06-19 01:31 274432 ----a-w- c:\program files (x86)\ownCloud\shellext\OCOverlays_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OCWarningShared]
@="{0960F097-F328-48A3-B746-276B1E3C3722}"
[HKEY_CLASSES_ROOT\CLSID\{0960F097-F328-48A3-B746-276B1E3C3722}]
2015-06-19 01:31 274432 ----a-w- c:\program files (x86)\ownCloud\shellext\OCOverlays_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe" [2011-01-27 13880]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-27 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-27 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-27 418328]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-01-06 615584]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-01-06 379040]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-01-27 835072]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
uLocal Page = c:\windows\system32\blank.htm
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.3.10
TCP: Interfaces\{CBA08DEB-ACD3-4B93-9CDF-84E237E532BE}: NameServer = 194.48.139.254 194.48.128.199
FF - ProfilePath - c:\users\herbert.bruckmueller\AppData\Roaming\Mozilla\Firefox\Profiles\otkxoekz.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxps://www.google.at/?gws_rd=ssl
FF - prefs.js: network.proxy.type - 2
.
.
------- Dateityp-Verknüpfung -------
.
inifile="%SystemRoot%\system32\NOTEPAD.EXE" %1
txtfile="%SystemRoot%\system32\NOTEPAD.EXE" %1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
Notify-SDWinLogon - SDWinLogon.dll
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_226_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_226_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_226_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_226_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_226.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.19"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_226.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_226.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_226.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\programdata\Mobile Partner\OnlineUpdate\ouc.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\TeamViewer\TeamViewer_Desktop.exe
c:\program files (x86)\teamviewer\TeamViewer.exe
c:\program files (x86)\TeamViewer\tv_w32.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-11-09 12:28:19 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2015-11-09 11:28
.
Vor Suchlauf: 13 Verzeichnis(se), 516.016.508.928 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 515.688.415.232 Bytes frei
.
- - End Of File - - C88333F570B3A8E7EB320045CA8B7EC1
|
|
10.11.2015, 20:38
| #9 |
| /// the machine /// TB-Ausbilder | Bank Austria Onlinebanking, falsche Webseite Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.11.2015, 12:51
| #10 |
| | Bank Austria Onlinebanking, falsche Webseite Hallo! Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 11.11.2015 Suchlaufzeit: 07:58 Protokolldatei: Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2015.11.11.02 Rootkit-Datenbank: v2015.11.04.02 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Herbert.Bruckmueller Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 470625 Abgelaufene Zeit: 13 Min., 17 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v5.019 - Bericht erstellt am 11/11/2015 um 08:26:46
# Aktualisiert am 08/11/2015 von Xplode
# Datenbank : 2015-11-09.1 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)
# Benutzername : Herbert.Bruckmueller - HERBERT-HP
# Gestartet von : C:\Users\herbert.bruckmueller\Downloads\AdwCleaner_5.019.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKCU\Software\OCS
***** [ Internetbrowser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [932 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 7 Professional x64
Ran by Herbert.Bruckmueller on 11.11.2015 at 8:45:13,43
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
~~~ Files
~~~ Folders
~~~ Chrome
[C:\Users\herbert.bruckmueller\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\herbert.bruckmueller\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\herbert.bruckmueller\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\herbert.bruckmueller\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.11.2015 at 8:51:55,20
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
durchgeführt von Herbert.Bruckmueller (Administrator) auf HERBERT-HP (11-11-2015 12:49:38)
Gestartet von C:\Users\herbert.bruckmueller\Downloads
Geladene Profile: Herbert.Bruckmueller (Verfügbare Profile: Herbert.Bruckmueller & Administrator & herbert & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Remote Monitoring) C:\Program Files (x86)\Advanced Monitoring Agent\winagent.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Bitdefender) C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\endpointintegration.exe
(Bitdefender) C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\endpointservice.exe
(Bitdefender) C:\Program Files\Common Files\IT@WORK GmbH Antivirus\Endpoint Agent\epag.exe
(GFI Software Development Ltd.) C:\Program Files (x86)\Advanced Monitoring Agent\patchman\lnssatt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(LogicNow Ltd) C:\Program Files\Managed Antivirus\Managed Antivirus Master Service\ManagedAntivirus.exe
(LogicNow Ltd) C:\Program Files\Advanced Monitoring Agent Network Management\NetworkManagement.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Bitdefender) C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\console.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files (x86)\ownCloud\owncloud.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\herbert.bruckmueller\Downloads\FRST64(1).exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2919992 2011-01-27] (Hewlett-Packard Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2803496 2011-06-24] (Synaptics Incorporated)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [615584 2011-01-06] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2011-01-06] (Atheros Commnucations)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [835072 2011-01-27] (IDT, Inc.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [299576 2011-01-28] (Hewlett-Packard Company)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation)
HKLM-x32\...\Run: [HPConnectionManager] => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [94264 2011-04-05] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\...\Run: [ownCloud] => C:\Program Files (x86)\ownCloud\owncloud.exe [1704974 2015-10-21] ()
ShellIconOverlayIdentifiers: [ OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCErrorShared] -> {0960F091-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCSyncShared] -> {0960F095-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCWarningShared] -> {0960F097-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Outlook 2010.lnk [2015-03-05]
ShortcutTarget: Microsoft Outlook 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe ()
Startup: C:\Users\herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\aBMainFX - Verknüpfung.lnk [2015-03-05]
ShortcutTarget: aBMainFX - Verknüpfung.lnk -> \\SRVBER\artBase\aB-Agenta Programm\aBMainFX.exe (artBase! Software GmbH)
Startup: C:\Users\herbert.bruckmueller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\aBMainFX - Verknüpfung.lnk [2015-03-05]
ShortcutTarget: aBMainFX - Verknüpfung.lnk -> \\SRVBER\artBase\aB-Agenta Programm\aBMainFX.exe (artBase! Software GmbH)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.3.10
Tcpip\..\Interfaces\{4D81B0A2-95DD-45B4-88CE-7F88B7454444}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{666BA3F3-F79E-49C5-BBB4-558596EF1C92}: [DhcpNameServer] 192.168.3.10
Tcpip\..\Interfaces\{C72A97B7-69C3-42BF-90C4-A85317D8F4EB}: [NameServer]
Tcpip\..\Interfaces\{C72A97B7-69C3-42BF-90C4-A85317D8F4EB}: [DhcpNameServer] 194.48.128.199 194.48.139.254
Tcpip\..\Interfaces\{CBA08DEB-ACD3-4B93-9CDF-84E237E532BE}: [NameServer] 194.48.139.254 194.48.128.199
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: PDFXChange 2012 -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} -> C:\Program Files\Tracker Software\PDF-XChange 5\Win32\PXCIEaddin5.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-22] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-06] (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-22] (Oracle Corporation)
Toolbar: HKLM-x32 - PDFXChange 2012 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange 5\Win32\PXCIEaddin5.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FireFox:
========
FF ProfilePath: C:\Users\herbert.bruckmueller\AppData\Roaming\Mozilla\Firefox\Profiles\otkxoekz.default
FF SearchEngineOrder.1: Ask Search
FF SelectedSearchEngine: Google
FF Homepage: hxxps://www.google.at/?gws_rd=ssl
FF NetworkProxy: "autoconfig_url", "https://tonnelrock.net/tonnel.js"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-18] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2274497662-1395199413-223734523-1123: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
Chrome:
=======
CHR Profile: C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-26]
CHR Extension: (Docs) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-26]
CHR Extension: (Google Drive) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-27]
CHR Extension: (YouTube) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-26]
CHR Extension: (Google-Suche) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-27]
CHR Extension: (Google Tabellen) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-26]
CHR Extension: (Google Präsentationen) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-21]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-27]
CHR Extension: (Google Mail) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-27]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Advanced Monitoring Agent; C:\Program Files (x86)\Advanced Monitoring Agent\winagent.exe [8523264 2015-10-21] (Remote Monitoring) [Datei ist nicht signiert]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-01-06] (Atheros) [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [53920 2011-01-06] (Atheros Commnucations) [Datei ist nicht signiert]
R2 EndpointIntegration; C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\EndpointIntegration.exe [398480 2015-11-07] (Bitdefender)
R2 EndpointService; C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\EndpointService.exe [398480 2015-11-07] (Bitdefender)
R2 epag; C:\Program Files\Common Files\IT@WORK GmbH Antivirus\Endpoint Agent\epag.exe [3626976 2015-11-07] (Bitdefender)
R2 gfi_lanss11_attservice; C:\Program Files (x86)\Advanced Monitoring Agent\patchman\lnssatt.exe [118640 2012-07-17] (GFI Software Development Ltd.)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [281656 2011-01-28] (Hewlett-Packard Company)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 ManagedAntivirus; C:\Program Files\Managed Antivirus\Managed Antivirus Master Service\ManagedAntivirus.exe [278248 2015-11-03] (LogicNow Ltd)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [655712 2012-05-09] ()
R2 NetworkManagement; C:\Program Files\Advanced Monitoring Agent Network Management\NetworkManagement.exe [186088 2015-11-09] (LogicNow Ltd)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5490448 2015-06-18] (TeamViewer GmbH)
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1600520 2015-11-07] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [775424 2015-11-07] (BitDefender)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2015-02-11] (GFI Software)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [161592 2015-07-22] (BitDefender LLC)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [238080 2012-04-23] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1826048 2010-12-21] ()
R2 trufos; C:\Windows\System32\DRIVERS\trufos.sys [477272 2015-11-07] (BitDefender S.R.L.)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-11 12:48 - 2015-11-11 12:49 - 02198528 _____ (Farbar) C:\Users\herbert.bruckmueller\Downloads\FRST64(1).exe
2015-11-11 08:23 - 2015-11-11 08:23 - 01798976 _____ (Malwarebytes) C:\Users\herbert.bruckmueller\Downloads\JRT(1).exe
2015-11-11 07:59 - 2015-11-11 07:59 - 01712128 _____ C:\Users\herbert.bruckmueller\Downloads\AdwCleaner_5.019.exe
2015-11-09 13:03 - 2015-09-18 20:31 - 00391784 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-11-09 13:03 - 2015-09-18 19:58 - 00345688 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-11-09 13:03 - 2015-09-16 05:48 - 25851904 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-11-09 13:03 - 2015-09-16 05:36 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-11-09 13:03 - 2015-09-16 05:36 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-11-09 13:03 - 2015-09-16 05:22 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-11-09 13:03 - 2015-09-16 05:21 - 02886656 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-11-09 13:03 - 2015-09-16 05:21 - 00585728 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-11-09 13:03 - 2015-09-16 05:21 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-11-09 13:03 - 2015-09-16 05:21 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-11-09 13:03 - 2015-09-16 05:21 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-11-09 13:03 - 2015-09-16 05:14 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-11-09 13:03 - 2015-09-16 05:13 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-11-09 13:03 - 2015-09-16 05:10 - 00616960 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-11-09 13:03 - 2015-09-16 05:09 - 05990912 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-11-09 13:03 - 2015-09-16 05:08 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-11-09 13:03 - 2015-09-16 05:08 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-11-09 13:03 - 2015-09-16 05:08 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-11-09 13:03 - 2015-09-16 05:08 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-11-09 13:03 - 2015-09-16 05:01 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-11-09 13:03 - 2015-09-16 04:58 - 20357632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-11-09 13:03 - 2015-09-16 04:58 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-11-09 13:03 - 2015-09-16 04:50 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-11-09 13:03 - 2015-09-16 04:46 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-11-09 13:03 - 2015-09-16 04:45 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-11-09 13:03 - 2015-09-16 04:45 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-11-09 13:03 - 2015-09-16 04:43 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-11-09 13:03 - 2015-09-16 04:41 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2015-11-09 13:03 - 2015-09-16 04:33 - 00504832 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-11-09 13:03 - 2015-09-16 04:33 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-11-09 13:03 - 2015-09-16 04:32 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-11-09 13:03 - 2015-09-16 04:32 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-11-09 13:03 - 2015-09-16 04:31 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2015-11-09 13:03 - 2015-09-16 04:31 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-11-09 13:03 - 2015-09-16 04:29 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-11-09 13:03 - 2015-09-16 04:29 - 00720896 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-11-09 13:03 - 2015-09-16 04:28 - 02279936 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-11-09 13:03 - 2015-09-16 04:28 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-11-09 13:03 - 2015-09-16 04:26 - 02126336 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-11-09 13:03 - 2015-09-16 04:26 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-11-09 13:03 - 2015-09-16 04:26 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-11-09 13:03 - 2015-09-16 04:24 - 00480256 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-11-09 13:03 - 2015-09-16 04:23 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-11-09 13:03 - 2015-09-16 04:22 - 14458368 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-11-09 13:03 - 2015-09-16 04:22 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-11-09 13:03 - 2015-09-16 04:22 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-11-09 13:03 - 2015-09-16 04:15 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-11-09 13:03 - 2015-09-16 04:11 - 02487808 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-11-09 13:03 - 2015-09-16 04:10 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-09 13:03 - 2015-09-16 04:07 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-11-09 13:03 - 2015-09-16 04:06 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-11-09 13:03 - 2015-09-16 04:05 - 04527616 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-11-09 13:03 - 2015-09-16 04:05 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-11-09 13:03 - 2015-09-16 04:04 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2015-11-09 13:03 - 2015-09-16 03:59 - 01546752 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-11-09 13:03 - 2015-09-16 03:58 - 12853760 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-11-09 13:03 - 2015-09-16 03:58 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2015-11-09 13:03 - 2015-09-16 03:56 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-11-09 13:03 - 2015-09-16 03:55 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-11-09 13:03 - 2015-09-16 03:55 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-11-09 13:03 - 2015-09-16 03:48 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-11-09 13:03 - 2015-09-16 03:37 - 02011136 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-11-09 13:03 - 2015-09-16 03:34 - 01311232 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-11-09 13:03 - 2015-09-16 03:32 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-11-09 13:02 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-11-09 13:02 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-11-09 13:02 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-11-09 13:02 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-11-09 13:02 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-11-09 13:02 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-11-09 13:02 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-11-09 13:02 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-11-09 13:02 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-11-09 13:02 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-11-09 13:02 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-11-09 13:02 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-11-09 13:02 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-11-09 13:02 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-11-09 13:02 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-11-09 13:02 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-11-09 13:02 - 2015-10-01 19:06 - 00692672 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2015-11-09 13:02 - 2015-10-01 19:04 - 00616360 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2015-11-09 13:02 - 2015-10-01 19:00 - 00147456 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2015-11-09 13:02 - 2015-10-01 19:00 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2015-11-09 13:02 - 2015-10-01 19:00 - 00059392 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2015-11-09 13:02 - 2015-10-01 19:00 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2015-11-09 13:02 - 2015-10-01 19:00 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2015-11-09 13:02 - 2015-10-01 18:50 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2015-11-09 13:02 - 2015-10-01 18:00 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2015-11-09 13:02 - 2015-09-29 04:16 - 05569472 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-11-09 13:02 - 2015-09-29 04:13 - 01730496 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-11-09 13:02 - 2015-09-29 04:11 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-11-09 13:02 - 2015-09-29 04:11 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-11-09 13:02 - 2015-09-29 04:11 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-11-09 13:02 - 2015-09-29 04:11 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-11-09 13:02 - 2015-09-29 04:11 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-11-09 13:02 - 2015-09-29 04:11 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-11-09 13:02 - 2015-09-29 04:11 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-11-09 13:02 - 2015-09-29 04:11 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-11-09 13:02 - 2015-09-29 04:10 - 01216512 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2015-11-09 13:02 - 2015-09-29 04:10 - 01164800 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-11-09 13:02 - 2015-09-29 04:10 - 00729088 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-11-09 13:02 - 2015-09-29 04:10 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-11-09 13:02 - 2015-09-29 04:10 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-11-09 13:02 - 2015-09-29 04:10 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-11-09 13:02 - 2015-09-29 04:10 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-11-09 13:02 - 2015-09-29 04:10 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2015-11-09 13:02 - 2015-09-29 04:10 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-11-09 13:02 - 2015-09-29 04:10 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-11-09 13:02 - 2015-09-29 04:10 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-11-09 13:02 - 2015-09-29 04:09 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-11-09 13:02 - 2015-09-29 04:09 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-11-09 13:02 - 2015-09-29 04:05 - 03990976 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-11-09 13:02 - 2015-09-29 04:05 - 03936192 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-11-09 13:02 - 2015-09-29 04:05 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-11-09 13:02 - 2015-09-29 04:05 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-11-09 13:02 - 2015-09-29 04:02 - 01311768 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:59 - 00552960 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-11-09 13:02 - 2015-09-29 03:59 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-11-09 13:02 - 2015-09-29 03:59 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-11-09 13:02 - 2015-09-29 03:59 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-11-09 13:02 - 2015-09-29 03:59 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-11-09 13:02 - 2015-09-29 03:59 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-11-09 13:02 - 2015-09-29 03:58 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-11-09 13:02 - 2015-09-29 03:58 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2015-11-09 13:02 - 2015-09-29 03:58 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-11-09 13:02 - 2015-09-29 03:58 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-11-09 13:02 - 2015-09-29 03:57 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-11-09 13:02 - 2015-09-29 03:57 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2015-11-09 13:02 - 2015-09-29 03:57 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-11-09 13:02 - 2015-09-29 03:57 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-11-09 13:02 - 2015-09-29 03:53 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-11-09 13:02 - 2015-09-29 03:53 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 02:50 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2015-11-09 13:02 - 2015-09-29 02:49 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2015-11-09 13:02 - 2015-09-29 02:49 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2015-11-09 13:02 - 2015-09-29 02:43 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-11-09 13:02 - 2015-09-29 02:43 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-11-09 13:02 - 2015-09-29 02:40 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 02:40 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 02:40 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 02:40 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-09 13:02 - 2015-09-15 19:17 - 00157016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-11-09 13:02 - 2015-09-15 19:17 - 00097112 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-11-09 13:02 - 2015-09-15 19:11 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-11-09 13:02 - 2015-09-15 19:11 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-11-09 13:02 - 2015-09-15 19:11 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-11-09 13:02 - 2015-09-15 19:11 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-11-09 13:02 - 2015-09-15 19:11 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-11-09 13:02 - 2015-09-15 19:11 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-11-09 13:02 - 2015-09-15 19:10 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-11-09 13:02 - 2015-09-15 18:36 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-11-09 13:02 - 2015-09-15 18:36 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-11-09 13:02 - 2015-09-15 18:36 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-11-09 13:02 - 2015-09-15 18:35 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-11-09 13:01 - 2015-08-06 19:04 - 14176768 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-11-09 13:01 - 2015-08-06 19:03 - 01866752 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2015-11-09 13:01 - 2015-08-06 18:44 - 12875776 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2015-11-09 13:01 - 2015-08-06 18:44 - 01498624 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2015-11-09 12:53 - 2015-09-14 20:45 - 03210240 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-11-09 12:28 - 2015-11-09 12:28 - 00030328 _____ C:\ComboFix.txt
2015-11-09 11:50 - 2011-06-26 07:45 - 00256000 _____ C:\windows\PEV.exe
2015-11-09 11:50 - 2010-11-07 18:20 - 00208896 _____ C:\windows\MBR.exe
2015-11-09 11:50 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2015-11-09 11:50 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2015-11-09 11:50 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2015-11-09 11:50 - 2000-08-31 01:00 - 00098816 _____ C:\windows\sed.exe
2015-11-09 11:50 - 2000-08-31 01:00 - 00080412 _____ C:\windows\grep.exe
2015-11-09 11:50 - 2000-08-31 01:00 - 00068096 _____ C:\windows\zip.exe
2015-11-09 11:44 - 2015-11-09 12:28 - 00000000 ____D C:\Qoobox
2015-11-09 11:44 - 2015-11-09 12:26 - 00000000 ____D C:\windows\erdnt
2015-11-09 11:43 - 2015-11-09 11:43 - 05638248 ____R (Swearware) C:\Users\herbert.bruckmueller\Downloads\ComboFix.exe
2015-11-08 11:45 - 2015-11-08 11:46 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\herbert.bruckmueller\Downloads\tdsskiller(1).exe
2015-11-08 11:12 - 2015-11-08 11:13 - 16563352 _____ (Malwarebytes Corp.) C:\Users\herbert.bruckmueller\Downloads\mbar-1.09.3.1001.exe
2015-11-07 21:27 - 2015-11-07 21:27 - 01466656 _____ C:\Users\herbert.bruckmueller\Downloads\HitmanPro Alert - CHIP-Installer.exe
2015-11-07 21:26 - 2015-11-10 10:35 - 00000000 ____D C:\Users\herbert.bruckmueller\ownCloud
2015-11-07 19:06 - 2015-11-07 19:06 - 00852720 _____ C:\Users\herbert.bruckmueller\Downloads\SecurityCheck.exe
2015-11-07 17:47 - 2015-11-07 17:47 - 02870984 _____ (ESET) C:\Users\herbert.bruckmueller\Downloads\esetsmartinstaller_deu.exe
2015-11-07 17:47 - 2015-11-07 17:47 - 00000000 ____D C:\Program Files (x86)\ESET
2015-11-07 17:22 - 2015-11-07 17:22 - 01798976 _____ (Malwarebytes) C:\Users\herbert.bruckmueller\Downloads\JRT.exe
2015-11-07 16:33 - 2015-11-07 16:33 - 01713664 _____ C:\Users\herbert.bruckmueller\Downloads\AdwCleaner_5.018.exe
2015-11-07 16:21 - 2015-11-07 16:21 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\herbert.bruckmueller\Downloads\tdsskiller.exe
2015-11-07 15:42 - 2015-11-08 11:42 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-11-07 15:40 - 2015-11-07 15:40 - 16563352 _____ (Malwarebytes Corp.) C:\Users\herbert.bruckmueller\Downloads\mbar-1.09.3.1001(1).exe
2015-11-07 11:51 - 2015-11-07 11:52 - 00040663 _____ C:\Users\herbert.bruckmueller\Downloads\Addition.txt
2015-11-07 11:50 - 2015-11-11 12:49 - 00023864 _____ C:\Users\herbert.bruckmueller\Downloads\FRST.txt
2015-11-07 11:48 - 2015-11-11 12:49 - 00000000 ____D C:\FRST
2015-11-07 11:48 - 2015-11-07 11:48 - 02198528 _____ (Farbar) C:\Users\herbert.bruckmueller\Downloads\FRST64.exe
2015-11-04 13:29 - 2015-11-07 17:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-02 11:41 - 2015-11-02 11:41 - 00028806 _____ C:\Users\herbert.bruckmueller\Desktop\Kopie von Herbert Kunden Report 2015.xlsx
2015-10-29 09:13 - 2015-10-29 09:14 - 00000000 ____D C:\Users\herbert.bruckmueller\Desktop\Katzinger
2015-10-27 10:30 - 2015-11-09 12:07 - 00001536 _____ C:\windows\PFRO.log
2015-10-19 08:46 - 2015-10-19 08:46 - 00026500 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(5).aspx
2015-10-19 08:46 - 2015-10-19 08:46 - 00026500 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(4).aspx
2015-10-19 08:45 - 2015-10-19 08:45 - 00026299 _____ C:\Users\herbert.bruckmueller\Downloads\FileView.aspx
2015-10-19 08:45 - 2015-10-19 08:45 - 00026299 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(3).aspx
2015-10-19 08:45 - 2015-10-19 08:45 - 00026299 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(2).aspx
2015-10-19 08:45 - 2015-10-19 08:45 - 00026299 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(1).aspx
2015-10-15 10:01 - 2015-10-15 10:01 - 00001251 _____ C:\Users\herbert.bruckmueller\Desktop\SIVAG Wiki.lnk
2015-10-15 09:58 - 2015-11-11 12:51 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\Local\ownCloud
2015-10-15 09:58 - 2015-10-27 10:32 - 00000000 ____D C:\Users\herbert.bruckmueller\SIVAG Wiki
2015-10-15 09:57 - 2015-10-29 09:15 - 00001019 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ownCloud.lnk
2015-10-15 09:57 - 2015-10-29 09:15 - 00001007 _____ C:\Users\Public\Desktop\ownCloud.lnk
2015-10-15 09:56 - 2015-10-29 09:15 - 00000000 ____D C:\Program Files (x86)\ownCloud
2015-10-15 09:50 - 2015-10-15 09:52 - 39174288 _____ (ownCloud) C:\Users\herbert.bruckmueller\Downloads\ownCloud-2.0.1.5446-setup.exe
2015-10-13 09:27 - 2015-10-13 12:34 - 00000000 ____D C:\Program Files\HitmanPro
2015-10-13 09:27 - 2015-10-13 10:20 - 00000000 ____D C:\ProgramData\HitmanPro
2015-10-13 09:24 - 2015-11-07 21:28 - 13380715 _____ C:\Users\herbert.bruckmueller\Downloads\HitmanPro_3.7.9.242.zip
2015-10-13 09:22 - 2015-10-22 10:44 - 00000000 ____D C:\Users\herbert.bruckmueller\.oracle_jre_usage
2015-10-13 09:22 - 2015-10-13 09:22 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\Roaming\Sun
2015-10-13 09:22 - 2015-10-13 09:22 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\LocalLow\Sun
2015-10-13 09:21 - 2015-10-22 10:44 - 00000000 ____D C:\ProgramData\Oracle
2015-10-13 09:21 - 2015-10-22 10:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-13 09:21 - 2015-10-22 10:43 - 00097888 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2015-10-13 09:21 - 2015-10-22 10:43 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-13 09:20 - 2015-10-13 09:20 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\LocalLow\Oracle
2015-10-13 09:19 - 2015-10-13 09:19 - 00584288 _____ (Oracle Corporation) C:\Users\herbert.bruckmueller\Downloads\jxpiinstall.exe
2015-10-12 18:25 - 2015-10-13 00:53 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2015-10-12 15:21 - 2015-11-11 11:26 - 00001176 _____ C:\windows\setupact.log
2015-10-12 15:21 - 2015-10-12 15:21 - 00000000 _____ C:\windows\setuperr.log
2015-10-12 15:09 - 2015-11-11 08:26 - 00000000 ____D C:\AdwCleaner
2015-10-12 15:08 - 2015-10-12 15:08 - 01682432 _____ C:\Users\herbert.bruckmueller\Downloads\adwcleaner_5.013.exe
2015-10-12 13:35 - 2015-07-30 14:13 - 00124624 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-10-12 13:35 - 2015-07-30 14:13 - 00103120 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 01390592 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2015-10-12 12:54 - 2015-07-23 01:02 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2015-10-12 12:54 - 2015-07-22 18:53 - 00641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2015-10-12 12:54 - 2015-07-22 18:53 - 00635392 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2015-10-12 12:54 - 2015-07-22 17:48 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2015-10-12 12:54 - 2015-07-15 04:19 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\basesrv.dll
2015-10-12 12:54 - 2015-06-09 19:03 - 03180544 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2015-10-12 12:54 - 2015-06-09 19:03 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2015-10-12 12:53 - 2015-07-30 19:06 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2015-10-12 12:53 - 2015-07-30 19:06 - 01648128 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-10-12 12:53 - 2015-07-30 19:06 - 01180160 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-10-12 12:53 - 2015-07-30 18:57 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2015-10-12 12:53 - 2015-07-30 18:57 - 01251328 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2015-10-12 12:53 - 2015-07-15 19:15 - 00094656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2015-10-12 12:53 - 2015-07-15 19:10 - 01743360 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2015-10-12 12:53 - 2015-07-15 19:10 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2015-10-12 12:53 - 2015-07-15 04:17 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2015-10-12 12:53 - 2015-07-15 03:54 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2015-10-12 12:53 - 2015-06-02 01:07 - 00254976 _____ (Microsoft Corporation) C:\windows\system32\cewmdm.dll
2015-10-12 12:53 - 2015-06-02 00:47 - 00210432 _____ (Microsoft Corporation) C:\windows\SysWOW64\cewmdm.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 01110016 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll
2015-10-12 12:52 - 2015-08-05 18:56 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\icaapi.dll
2015-10-12 12:52 - 2015-08-05 18:40 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll
2015-10-12 12:52 - 2015-08-05 18:06 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2015-10-12 12:52 - 2015-07-16 20:12 - 06131200 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2015-10-12 12:52 - 2015-07-16 20:12 - 00856064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2015-10-12 12:52 - 2015-07-16 20:12 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2015-10-12 12:52 - 2015-07-16 20:11 - 07077376 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-10-12 12:52 - 2015-07-16 20:11 - 01057792 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2015-10-12 12:52 - 2015-07-16 20:11 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2015-10-12 12:52 - 2015-07-11 14:15 - 00429568 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2015-10-12 12:52 - 2015-06-25 11:06 - 00115136 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2015-10-12 12:52 - 2015-06-25 11:01 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2015-10-12 12:52 - 2015-06-25 11:01 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2015-10-12 12:52 - 2015-06-25 10:44 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2015-10-12 12:51 - 2015-09-18 20:22 - 00025432 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2015-10-12 12:51 - 2015-09-18 20:19 - 01291264 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-10-12 12:51 - 2015-09-18 20:19 - 00766464 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-10-12 12:51 - 2015-09-18 20:19 - 00700416 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-10-12 12:51 - 2015-09-18 20:19 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-10-12 12:51 - 2015-09-18 20:19 - 00073216 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-10-12 12:51 - 2015-09-18 20:09 - 01163776 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-10-12 12:51 - 2015-07-09 18:57 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\notepad.exe
2015-10-12 12:51 - 2015-07-09 18:57 - 00193536 _____ (Microsoft Corporation) C:\windows\notepad.exe
2015-10-12 12:51 - 2015-07-09 18:42 - 00179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\notepad.exe
2015-10-12 12:51 - 2015-07-04 19:07 - 02087424 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2015-10-12 12:51 - 2015-07-04 18:48 - 01414656 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2015-10-12 12:51 - 2015-07-01 21:49 - 00260096 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2015-10-12 12:51 - 2015-07-01 21:48 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2015-10-12 12:51 - 2015-07-01 21:30 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2015-10-12 12:51 - 2015-07-01 21:30 - 00082432 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
2015-10-12 12:51 - 2015-06-17 18:47 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-10-12 12:51 - 2015-06-17 18:37 - 00312320 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2015-10-12 12:51 - 2015-06-15 22:45 - 03242496 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2015-10-12 12:51 - 2015-06-15 22:45 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2015-10-12 12:51 - 2015-06-15 22:44 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2015-10-12 12:51 - 2015-06-15 22:43 - 02364416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2015-10-12 12:51 - 2015-06-15 22:43 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2015-10-12 12:51 - 2015-06-15 22:42 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2015-10-12 12:51 - 2015-06-15 22:42 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2015-10-12 12:51 - 2015-06-15 22:37 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00984448 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00901264 _____ (Microsoft Corporation) C:\windows\SysWOW64\ucrtbase.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00066400 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00063840 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00022368 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00020832 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-12 12:36 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-12 12:36 - 2015-07-09 18:58 - 01632256 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2015-10-12 12:36 - 2015-07-09 18:58 - 00082944 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2015-10-12 12:36 - 2015-07-09 18:42 - 01372160 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2015-10-12 12:36 - 2015-07-09 18:42 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmapi.dll
2015-10-12 12:31 - 2015-08-27 19:18 - 02004480 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2015-10-12 12:31 - 2015-08-27 19:18 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-10-12 12:31 - 2015-08-27 19:13 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2015-10-12 12:31 - 2015-08-27 19:13 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-10-12 12:31 - 2015-08-27 18:58 - 01391104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2015-10-12 12:31 - 2015-08-27 18:58 - 01241088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2015-10-12 12:31 - 2015-08-27 18:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2015-10-12 12:31 - 2015-08-27 18:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2015-10-12 12:22 - 2015-09-02 04:04 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-10-12 12:22 - 2015-09-02 04:04 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-10-12 12:22 - 2015-09-02 04:04 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-10-12 12:22 - 2015-09-02 04:04 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-10-12 12:22 - 2015-09-02 03:48 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2015-10-12 12:22 - 2015-09-02 03:48 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-10-12 12:22 - 2015-09-02 03:48 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2015-10-12 12:22 - 2015-09-02 03:47 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2015-10-12 12:22 - 2015-09-02 02:47 - 00372736 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-10-12 12:22 - 2015-09-02 02:33 - 00299520 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-10-12 12:05 - 2015-10-12 12:05 - 00000000 ____D C:\Program Files\Common Files\AV
2015-10-12 12:02 - 2015-10-12 12:02 - 00000000 ____D C:\windows\System32\Tasks\Safer-Networking
2015-10-12 12:01 - 2015-10-12 13:07 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-10-12 12:01 - 2015-10-12 12:16 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-10-12 12:01 - 2015-10-12 12:01 - 00001391 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-10-12 12:01 - 2015-10-12 12:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-10-12 12:01 - 2013-09-20 09:49 - 00021040 _____ (Safer Networking Limited) C:\windows\system32\sdnclean64.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-11 12:50 - 2015-03-26 19:39 - 00001110 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-11 12:03 - 2015-03-06 12:41 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-11-11 12:02 - 2015-03-05 15:30 - 00000000 ____D C:\Program Files (x86)\Advanced Monitoring Agent
2015-11-11 11:36 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-11 11:36 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-11 11:34 - 2015-09-07 07:36 - 419922944 _____ C:\Users\herbert.bruckmueller\Documents\herbert.bruckmueller@sivag.at
2015-11-11 11:34 - 2015-04-08 07:07 - 00003222 _____ C:\windows\System32\Tasks\HPCeeScheduleForHERBERT-HP$
2015-11-11 11:34 - 2015-04-08 07:07 - 00000346 _____ C:\windows\Tasks\HPCeeScheduleForHERBERT-HP$.job
2015-11-11 11:34 - 2011-05-03 19:08 - 00705108 _____ C:\windows\system32\perfh007.dat
2015-11-11 11:34 - 2011-05-03 19:08 - 00151476 _____ C:\windows\system32\perfc007.dat
2015-11-11 11:34 - 2009-07-14 06:13 - 01629436 _____ C:\windows\system32\PerfStringBackup.INI
2015-11-11 11:33 - 2015-08-31 08:21 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-11-11 11:33 - 2015-03-05 13:37 - 00000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini
2015-11-11 11:31 - 2015-03-26 19:39 - 00001106 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-11 11:27 - 2011-05-03 19:23 - 00000000 ____D C:\ProgramData\PDFC
2015-11-11 11:26 - 2015-03-05 13:43 - 00000128 _____ C:\windows\system32\config\netlogon.ftl
2015-11-11 11:26 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-11-11 11:25 - 2015-03-05 20:49 - 01722227 _____ C:\windows\WindowsUpdate.log
2015-11-11 10:12 - 2015-08-31 08:21 - 00000000 ____D C:\Program Files\Advanced Monitoring Agent Network Management
2015-11-11 07:57 - 2015-09-28 08:55 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-09 21:27 - 2015-03-05 20:55 - 00000000 ____D C:\windows\rescache
2015-11-09 13:26 - 2015-03-11 13:21 - 00000000 ___RD C:\Users\herbert.bruckmueller\Virtual Machines
2015-11-09 13:21 - 2009-07-14 05:45 - 00410232 _____ C:\windows\system32\FNTCACHE.DAT
2015-11-09 13:11 - 2015-03-05 13:58 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-09 13:09 - 2009-07-14 03:34 - 00000478 _____ C:\windows\win.ini
2015-11-09 12:23 - 2009-07-14 03:34 - 00000215 _____ C:\windows\system.ini
2015-11-09 12:06 - 2009-07-14 03:34 - 99090432 _____ C:\windows\system32\config\SOFTWARE.bak
2015-11-09 12:06 - 2009-07-14 03:34 - 18087936 _____ C:\windows\system32\config\SYSTEM.bak
2015-11-09 12:06 - 2009-07-14 03:34 - 106168320 _____ C:\windows\system32\config\COMPONENTS.bak
2015-11-09 12:06 - 2009-07-14 03:34 - 00786432 _____ C:\windows\system32\config\DEFAULT.bak
2015-11-09 12:06 - 2009-07-14 03:34 - 00262144 _____ C:\windows\system32\config\SECURITY.bak
2015-11-08 11:15 - 2015-09-28 08:54 - 00109272 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2015-11-07 21:26 - 2015-03-11 13:21 - 00000000 ____D C:\Users\herbert.bruckmueller
2015-11-07 20:43 - 2015-05-28 12:37 - 01600520 _____ (BitDefender) C:\windows\system32\Drivers\avc3.sys
2015-11-07 20:41 - 2015-05-28 13:21 - 00775424 _____ (BitDefender) C:\windows\system32\Drivers\avckf.sys
2015-11-07 20:40 - 2015-09-03 08:16 - 00477272 _____ (BitDefender S.R.L.) C:\windows\system32\Drivers\trufos.sys
2015-11-07 17:25 - 2015-03-05 14:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-07 16:31 - 2015-09-28 08:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-11-07 16:31 - 2015-09-28 08:54 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-11-02 18:20 - 2015-03-11 13:21 - 00000000 ____D C:\Users\herbert.bruckmueller\Documents\Bluetooth Folder
2015-10-29 10:57 - 2015-09-16 07:49 - 00000000 ____D C:\Users\herbert.bruckmueller\Desktop\PRO MAKLER
2015-10-28 09:24 - 2015-03-23 10:28 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\Local\CrashDumps
2015-10-27 10:52 - 2015-03-26 19:40 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-22 12:43 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\NDF
2015-10-22 08:48 - 2015-09-03 08:14 - 00000000 ____D C:\ProgramData\ManagedAntivirus
2015-10-20 11:15 - 2015-03-05 14:10 - 00000000 ____D C:\Users\herbert.bruckmueller\Documents\Eigene Dateien
2015-10-18 17:53 - 2015-03-06 12:41 - 00780488 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-10-18 17:53 - 2015-03-06 12:41 - 00142536 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-18 17:53 - 2015-03-06 12:41 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-10-15 09:57 - 2015-07-02 08:31 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-12 14:54 - 2015-03-05 15:45 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-10-12 14:54 - 2015-03-05 15:45 - 00000000 ____D C:\Program Files\CCleaner
2015-10-12 14:22 - 2015-03-05 16:39 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-10-12 14:22 - 2015-03-05 16:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-10-12 14:18 - 2015-04-15 14:48 - 00000000 ___SD C:\windows\system32\CompatTel
2015-10-12 14:18 - 2015-04-15 14:48 - 00000000 ____D C:\windows\system32\appraiser
2015-10-12 14:18 - 2015-04-07 10:33 - 00000000 ___SD C:\windows\SysWOW64\GWX
2015-10-12 14:18 - 2015-04-07 10:33 - 00000000 ___SD C:\windows\system32\GWX
2015-10-12 14:18 - 2009-07-27 15:36 - 00000000 ____D C:\Program Files\Windows Journal
2015-10-12 14:18 - 2009-07-14 04:20 - 00000000 ____D C:\windows\PolicyDefinitions
2015-10-12 13:31 - 2015-03-06 12:44 - 00000000 ____D C:\windows\system32\MRT
2015-10-12 09:16 - 2015-03-05 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
Einige Dateien in TEMP:
====================
C:\Users\herbert.bruckmueller\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-11-10 00:00
==================== Ende von FRST.txt ============================
|
|
12.11.2015, 16:58
| #11 |
| /// the machine /// TB-Ausbilder | Bank Austria Onlinebanking, falsche WebseiteESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
12.11.2015, 21:31
| #12 |
| | Bank Austria Onlinebanking, falsche Webseite Hi! Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a1567e0dff2a424a8908e701109167a9
# end=init
# utc_time=2015-11-07 04:47:55
# local_time=2015-11-07 05:47:55 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 26614
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a1567e0dff2a424a8908e701109167a9
# end=updated
# utc_time=2015-11-07 04:52:04
# local_time=2015-11-07 05:52:04 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=a1567e0dff2a424a8908e701109167a9
# engine=26614
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-11-07 06:28:17
# local_time=2015-11-07 07:28:17 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Endpoint Security by Bitdefender Antimalware'
# compatibility_mode=2069 16777213 66 100 9907 139282505 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 21300608 198550747 0 0
# scanned=302854
# found=3
# cleaned=0
# scan_time=5772
sh=62BFF91A7E351CB1A21EF92320815874B2D2DFA8 ft=1 fh=fc2555afc5bde153 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\herbert.bruckmueller\AppData\Local\Temp\DMR\dmr_72.exe"
sh=CDFC279C21EADA2BD981FAFA46546ADC1CEAAD6F ft=1 fh=55c227375fc27c4d vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\herbert.bruckmueller\Downloads\HitmanPro Alert - CHIP-Installer.exe"
sh=405EA8286471409C393114B2F85A4D57B2EAB751 ft=1 fh=7f3971b0c2134346 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\herbert.bruckmueller\Downloads\SpyBot Search Destroy - CHIP-Installer.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a1567e0dff2a424a8908e701109167a9
# end=init
# utc_time=2015-11-07 06:41:43
# local_time=2015-11-07 07:41:43 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=53251
Update Finalize
Updated modules version: 26614
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a1567e0dff2a424a8908e701109167a9
# end=updated
# utc_time=2015-11-07 06:42:02
# local_time=2015-11-07 07:42:02 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=a1567e0dff2a424a8908e701109167a9
# engine=26614
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-11-07 08:16:08
# local_time=2015-11-07 09:16:08 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Endpoint Security by Bitdefender Antimalware'
# compatibility_mode=2069 16777213 66 100 9601 139288975 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 21307078 198557217 0 0
# scanned=303283
# found=5
# cleaned=5
# scan_time=5645
sh=62BFF91A7E351CB1A21EF92320815874B2D2DFA8 ft=1 fh=fc2555afc5bde153 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\herbert.bruckmueller\AppData\Local\Temp\DMR\dmr_72.exe"
sh=2CF9F87AA2EA689D9B9F5CCED4C51B2595C19027 ft=1 fh=4b16eff5bfe216f3 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\herbert.bruckmueller\Downloads\ccsetup510.exe"
sh=9E4084FFC1A61081AFF2EA0EBB911EFA6DF5EEE3 ft=1 fh=48c3ec7a87c42728 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\herbert.bruckmueller\Downloads\HitmanPro Alert - CHIP-Installer(1).exe"
sh=CDFC279C21EADA2BD981FAFA46546ADC1CEAAD6F ft=1 fh=55c227375fc27c4d vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\herbert.bruckmueller\Downloads\HitmanPro Alert - CHIP-Installer.exe"
sh=405EA8286471409C393114B2F85A4D57B2EAB751 ft=1 fh=7f3971b0c2134346 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\herbert.bruckmueller\Downloads\SpyBot Search Destroy - CHIP-Installer.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a1567e0dff2a424a8908e701109167a9
# end=init
# utc_time=2015-11-12 04:35:40
# local_time=2015-11-12 05:35:40 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 26695
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a1567e0dff2a424a8908e701109167a9
# end=updated
# utc_time=2015-11-12 04:37:33
# local_time=2015-11-12 05:37:33 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=a1567e0dff2a424a8908e701109167a9
# engine=26695
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-11-12 06:20:59
# local_time=2015-11-12 07:20:59 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Endpoint Security by Bitdefender Antimalware'
# compatibility_mode=2069 16777213 66 100 10378 139714067 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 21732170 198982309 0 0
# scanned=331709
# found=1
# cleaned=0
# scan_time=6205
sh=E3F4FCDD159BAFA19F568BA4EC7F9F3ED451708F ft=1 fh=f80411e151b2c307 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\herbert.bruckmueller\Downloads\HitmanPro Alert - CHIP-Installer.exe"
Code:
ATTFilter Results of screen317's Security Check version 1.009
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Managed Antivirus-Anti-Malware
Antivirus out of date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Spybot - Search & Destroy
Java 8 Update 65
Java version 32-bit out of Date!
Adobe Flash Player 19.0.0.245
Mozilla Firefox (42.0)
Google Chrome (46.0.2490.80)
Google Chrome (46.0.2490.86)
````````Process Check: objlist.exe by Laurent````````
Spybot Teatimer.exe is disabled!
Managed Antivirus Managed Antivirus Engine IT@WORK GmbH Antivirus Managed Antivirus\EndpointIntegration.exe
Managed Antivirus Managed Antivirus Engine IT@WORK GmbH Antivirus Managed Antivirus\EndpointService.exe
Common Files IT@WORK GmbH Antivirus Endpoint Agent epag.exe
Managed Antivirus Managed Antivirus Master Service ManagedAntivirus.exe
Managed Antivirus Managed Antivirus Engine IT@WORK GmbH Antivirus Managed Antivirus\Console.exe
Mobile Partner OnlineUpdate ouc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
durchgeführt von Herbert.Bruckmueller (Administrator) auf HERBERT-HP (12-11-2015 21:28:40)
Gestartet von C:\Users\herbert.bruckmueller\Downloads
Geladene Profile: Herbert.Bruckmueller (Verfügbare Profile: Herbert.Bruckmueller & Administrator & herbert & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Remote Monitoring) C:\Program Files (x86)\Advanced Monitoring Agent\winagent.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Bitdefender) C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\endpointintegration.exe
(Bitdefender) C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\endpointservice.exe
(Bitdefender) C:\Program Files\Common Files\IT@WORK GmbH Antivirus\Endpoint Agent\epag.exe
(GFI Software Development Ltd.) C:\Program Files (x86)\Advanced Monitoring Agent\patchman\lnssatt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(LogicNow Ltd) C:\Program Files\Managed Antivirus\Managed Antivirus Master Service\ManagedAntivirus.exe
(LogicNow Ltd) C:\Program Files\Advanced Monitoring Agent Network Management\NetworkManagement.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Bitdefender) C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\console.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files (x86)\ownCloud\owncloud.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\herbert.bruckmueller\Downloads\FRST64(1).exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2919992 2011-01-27] (Hewlett-Packard Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2803496 2011-06-24] (Synaptics Incorporated)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [615584 2011-01-06] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2011-01-06] (Atheros Commnucations)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [835072 2011-01-27] (IDT, Inc.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [299576 2011-01-28] (Hewlett-Packard Company)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation)
HKLM-x32\...\Run: [HPConnectionManager] => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [94264 2011-04-05] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\...\Run: [ownCloud] => C:\Program Files (x86)\ownCloud\owncloud.exe [1704974 2015-10-21] ()
ShellIconOverlayIdentifiers: [ OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCErrorShared] -> {0960F091-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCSyncShared] -> {0960F095-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCWarningShared] -> {0960F097-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Outlook 2010.lnk [2015-03-05]
ShortcutTarget: Microsoft Outlook 2010.lnk -> C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe ()
Startup: C:\Users\herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\aBMainFX - Verknüpfung.lnk [2015-03-05]
ShortcutTarget: aBMainFX - Verknüpfung.lnk -> \\SRVBER\artBase\aB-Agenta Programm\aBMainFX.exe (artBase! Software GmbH)
Startup: C:\Users\herbert.bruckmueller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\aBMainFX - Verknüpfung.lnk [2015-03-05]
ShortcutTarget: aBMainFX - Verknüpfung.lnk -> \\SRVBER\artBase\aB-Agenta Programm\aBMainFX.exe (artBase! Software GmbH)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.3.10
Tcpip\..\Interfaces\{4D81B0A2-95DD-45B4-88CE-7F88B7454444}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{666BA3F3-F79E-49C5-BBB4-558596EF1C92}: [DhcpNameServer] 192.168.3.10
Tcpip\..\Interfaces\{C72A97B7-69C3-42BF-90C4-A85317D8F4EB}: [NameServer]
Tcpip\..\Interfaces\{C72A97B7-69C3-42BF-90C4-A85317D8F4EB}: [DhcpNameServer] 194.48.128.199 194.48.139.254
Tcpip\..\Interfaces\{CBA08DEB-ACD3-4B93-9CDF-84E237E532BE}: [NameServer] 194.48.139.254 194.48.128.199
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2274497662-1395199413-223734523-1123\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: PDFXChange 2012 -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} -> C:\Program Files\Tracker Software\PDF-XChange 5\Win32\PXCIEaddin5.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-22] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-06] (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-22] (Oracle Corporation)
Toolbar: HKLM-x32 - PDFXChange 2012 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange 5\Win32\PXCIEaddin5.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FireFox:
========
FF ProfilePath: C:\Users\herbert.bruckmueller\AppData\Roaming\Mozilla\Firefox\Profiles\otkxoekz.default
FF SearchEngineOrder.1: Ask Search
FF SelectedSearchEngine: Google
FF Homepage: hxxps://www.google.at/?gws_rd=ssl
FF NetworkProxy: "autoconfig_url", "https://tonnelrock.net/tonnel.js"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2274497662-1395199413-223734523-1123: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
Chrome:
=======
CHR Profile: C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-26]
CHR Extension: (Docs) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-26]
CHR Extension: (Google Drive) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-27]
CHR Extension: (YouTube) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-26]
CHR Extension: (Google-Suche) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-27]
CHR Extension: (Google Tabellen) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-26]
CHR Extension: (Google Präsentationen) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-21]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-27]
CHR Extension: (Google Mail) - C:\Users\herbert.bruckmueller\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-27]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Advanced Monitoring Agent; C:\Program Files (x86)\Advanced Monitoring Agent\winagent.exe [8523264 2015-10-21] (Remote Monitoring) [Datei ist nicht signiert]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-01-06] (Atheros) [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [53920 2011-01-06] (Atheros Commnucations) [Datei ist nicht signiert]
R2 EndpointIntegration; C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\EndpointIntegration.exe [398480 2015-11-07] (Bitdefender)
R2 EndpointService; C:\Program Files\Managed Antivirus\Managed Antivirus Engine\IT@WORK GmbH Antivirus\Managed Antivirus\EndpointService.exe [398480 2015-11-07] (Bitdefender)
R2 epag; C:\Program Files\Common Files\IT@WORK GmbH Antivirus\Endpoint Agent\epag.exe [3626976 2015-11-07] (Bitdefender)
R2 gfi_lanss11_attservice; C:\Program Files (x86)\Advanced Monitoring Agent\patchman\lnssatt.exe [118640 2012-07-17] (GFI Software Development Ltd.)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [281656 2011-01-28] (Hewlett-Packard Company)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 ManagedAntivirus; C:\Program Files\Managed Antivirus\Managed Antivirus Master Service\ManagedAntivirus.exe [278248 2015-11-03] (LogicNow Ltd)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [655712 2012-05-09] ()
R2 NetworkManagement; C:\Program Files\Advanced Monitoring Agent Network Management\NetworkManagement.exe [186088 2015-11-09] (LogicNow Ltd)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5490448 2015-06-18] (TeamViewer GmbH)
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1600520 2015-11-07] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [775424 2015-11-07] (BitDefender)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2015-02-11] (GFI Software)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [161592 2015-07-22] (BitDefender LLC)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [238080 2012-04-23] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1826048 2010-12-21] ()
R2 trufos; C:\Windows\System32\DRIVERS\trufos.sys [477272 2015-11-07] (BitDefender S.R.L.)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-12 17:36 - 2015-11-12 17:36 - 00852720 _____ C:\Users\herbert.bruckmueller\Downloads\SecurityCheck(1).exe
2015-11-12 17:35 - 2015-11-12 17:35 - 02870984 _____ (ESET) C:\Users\herbert.bruckmueller\Downloads\esetsmartinstaller_deu(1).exe
2015-11-11 12:48 - 2015-11-11 12:49 - 02198528 _____ (Farbar) C:\Users\herbert.bruckmueller\Downloads\FRST64(1).exe
2015-11-11 08:23 - 2015-11-11 08:23 - 01798976 _____ (Malwarebytes) C:\Users\herbert.bruckmueller\Downloads\JRT(1).exe
2015-11-11 07:59 - 2015-11-11 07:59 - 01712128 _____ C:\Users\herbert.bruckmueller\Downloads\AdwCleaner_5.019.exe
2015-11-09 13:03 - 2015-09-18 20:31 - 00391784 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-11-09 13:03 - 2015-09-18 19:58 - 00345688 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-11-09 13:03 - 2015-09-16 05:48 - 25851904 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-11-09 13:03 - 2015-09-16 05:36 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-11-09 13:03 - 2015-09-16 05:36 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-11-09 13:03 - 2015-09-16 05:22 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-11-09 13:03 - 2015-09-16 05:21 - 02886656 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-11-09 13:03 - 2015-09-16 05:21 - 00585728 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-11-09 13:03 - 2015-09-16 05:21 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-11-09 13:03 - 2015-09-16 05:21 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-11-09 13:03 - 2015-09-16 05:21 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-11-09 13:03 - 2015-09-16 05:14 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-11-09 13:03 - 2015-09-16 05:13 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-11-09 13:03 - 2015-09-16 05:10 - 00616960 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-11-09 13:03 - 2015-09-16 05:09 - 05990912 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-11-09 13:03 - 2015-09-16 05:08 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-11-09 13:03 - 2015-09-16 05:08 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-11-09 13:03 - 2015-09-16 05:08 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-11-09 13:03 - 2015-09-16 05:08 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-11-09 13:03 - 2015-09-16 05:01 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-11-09 13:03 - 2015-09-16 04:58 - 20357632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-11-09 13:03 - 2015-09-16 04:58 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-11-09 13:03 - 2015-09-16 04:50 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-11-09 13:03 - 2015-09-16 04:46 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-11-09 13:03 - 2015-09-16 04:45 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-11-09 13:03 - 2015-09-16 04:45 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-11-09 13:03 - 2015-09-16 04:43 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-11-09 13:03 - 2015-09-16 04:41 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2015-11-09 13:03 - 2015-09-16 04:33 - 00504832 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-11-09 13:03 - 2015-09-16 04:33 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-11-09 13:03 - 2015-09-16 04:32 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-11-09 13:03 - 2015-09-16 04:32 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-11-09 13:03 - 2015-09-16 04:31 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2015-11-09 13:03 - 2015-09-16 04:31 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-11-09 13:03 - 2015-09-16 04:29 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-11-09 13:03 - 2015-09-16 04:29 - 00720896 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-11-09 13:03 - 2015-09-16 04:28 - 02279936 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-11-09 13:03 - 2015-09-16 04:28 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-11-09 13:03 - 2015-09-16 04:26 - 02126336 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-11-09 13:03 - 2015-09-16 04:26 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-11-09 13:03 - 2015-09-16 04:26 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-11-09 13:03 - 2015-09-16 04:24 - 00480256 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-11-09 13:03 - 2015-09-16 04:23 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-11-09 13:03 - 2015-09-16 04:22 - 14458368 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-11-09 13:03 - 2015-09-16 04:22 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-11-09 13:03 - 2015-09-16 04:22 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-11-09 13:03 - 2015-09-16 04:15 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-11-09 13:03 - 2015-09-16 04:11 - 02487808 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-11-09 13:03 - 2015-09-16 04:10 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-09 13:03 - 2015-09-16 04:07 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-11-09 13:03 - 2015-09-16 04:06 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-11-09 13:03 - 2015-09-16 04:05 - 04527616 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-11-09 13:03 - 2015-09-16 04:05 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-11-09 13:03 - 2015-09-16 04:04 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2015-11-09 13:03 - 2015-09-16 03:59 - 01546752 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-11-09 13:03 - 2015-09-16 03:58 - 12853760 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-11-09 13:03 - 2015-09-16 03:58 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2015-11-09 13:03 - 2015-09-16 03:56 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-11-09 13:03 - 2015-09-16 03:55 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-11-09 13:03 - 2015-09-16 03:55 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-11-09 13:03 - 2015-09-16 03:48 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-11-09 13:03 - 2015-09-16 03:37 - 02011136 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-11-09 13:03 - 2015-09-16 03:34 - 01311232 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-11-09 13:03 - 2015-09-16 03:32 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-11-09 13:02 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-11-09 13:02 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-11-09 13:02 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-11-09 13:02 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-11-09 13:02 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-11-09 13:02 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-11-09 13:02 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-11-09 13:02 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-11-09 13:02 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-11-09 13:02 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-11-09 13:02 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-11-09 13:02 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-11-09 13:02 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-11-09 13:02 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-11-09 13:02 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-11-09 13:02 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-11-09 13:02 - 2015-10-01 19:06 - 00692672 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2015-11-09 13:02 - 2015-10-01 19:04 - 00616360 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2015-11-09 13:02 - 2015-10-01 19:00 - 00147456 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2015-11-09 13:02 - 2015-10-01 19:00 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2015-11-09 13:02 - 2015-10-01 19:00 - 00059392 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2015-11-09 13:02 - 2015-10-01 19:00 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2015-11-09 13:02 - 2015-10-01 19:00 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2015-11-09 13:02 - 2015-10-01 18:50 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2015-11-09 13:02 - 2015-10-01 18:00 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2015-11-09 13:02 - 2015-09-29 04:16 - 05569472 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-11-09 13:02 - 2015-09-29 04:13 - 01730496 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-11-09 13:02 - 2015-09-29 04:11 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-11-09 13:02 - 2015-09-29 04:11 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-11-09 13:02 - 2015-09-29 04:11 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-11-09 13:02 - 2015-09-29 04:11 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-11-09 13:02 - 2015-09-29 04:11 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-11-09 13:02 - 2015-09-29 04:11 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-11-09 13:02 - 2015-09-29 04:11 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-11-09 13:02 - 2015-09-29 04:11 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-11-09 13:02 - 2015-09-29 04:10 - 01216512 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2015-11-09 13:02 - 2015-09-29 04:10 - 01164800 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-11-09 13:02 - 2015-09-29 04:10 - 00729088 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-11-09 13:02 - 2015-09-29 04:10 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-11-09 13:02 - 2015-09-29 04:10 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-11-09 13:02 - 2015-09-29 04:10 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-11-09 13:02 - 2015-09-29 04:10 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-11-09 13:02 - 2015-09-29 04:10 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2015-11-09 13:02 - 2015-09-29 04:10 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-11-09 13:02 - 2015-09-29 04:10 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-11-09 13:02 - 2015-09-29 04:10 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-11-09 13:02 - 2015-09-29 04:09 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-11-09 13:02 - 2015-09-29 04:09 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-11-09 13:02 - 2015-09-29 04:05 - 03990976 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-11-09 13:02 - 2015-09-29 04:05 - 03936192 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-11-09 13:02 - 2015-09-29 04:05 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-11-09 13:02 - 2015-09-29 04:05 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-11-09 13:02 - 2015-09-29 04:02 - 01311768 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:59 - 00552960 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-11-09 13:02 - 2015-09-29 03:59 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-11-09 13:02 - 2015-09-29 03:59 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-11-09 13:02 - 2015-09-29 03:59 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-11-09 13:02 - 2015-09-29 03:59 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-11-09 13:02 - 2015-09-29 03:59 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-11-09 13:02 - 2015-09-29 03:58 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-11-09 13:02 - 2015-09-29 03:58 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2015-11-09 13:02 - 2015-09-29 03:58 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-11-09 13:02 - 2015-09-29 03:58 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-11-09 13:02 - 2015-09-29 03:57 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-11-09 13:02 - 2015-09-29 03:57 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2015-11-09 13:02 - 2015-09-29 03:57 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-11-09 13:02 - 2015-09-29 03:57 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-11-09 13:02 - 2015-09-29 03:53 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-11-09 13:02 - 2015-09-29 03:53 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 02:50 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2015-11-09 13:02 - 2015-09-29 02:49 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2015-11-09 13:02 - 2015-09-29 02:49 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2015-11-09 13:02 - 2015-09-29 02:43 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-11-09 13:02 - 2015-09-29 02:43 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-11-09 13:02 - 2015-09-29 02:40 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 02:40 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 02:40 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-09 13:02 - 2015-09-29 02:40 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-09 13:02 - 2015-09-15 19:17 - 00157016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-11-09 13:02 - 2015-09-15 19:17 - 00097112 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-11-09 13:02 - 2015-09-15 19:11 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-11-09 13:02 - 2015-09-15 19:11 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-11-09 13:02 - 2015-09-15 19:11 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-11-09 13:02 - 2015-09-15 19:11 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-11-09 13:02 - 2015-09-15 19:11 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-11-09 13:02 - 2015-09-15 19:11 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-11-09 13:02 - 2015-09-15 19:10 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-11-09 13:02 - 2015-09-15 18:36 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-11-09 13:02 - 2015-09-15 18:36 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-11-09 13:02 - 2015-09-15 18:36 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-11-09 13:02 - 2015-09-15 18:35 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-11-09 13:01 - 2015-08-06 19:04 - 14176768 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-11-09 13:01 - 2015-08-06 19:03 - 01866752 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2015-11-09 13:01 - 2015-08-06 18:44 - 12875776 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2015-11-09 13:01 - 2015-08-06 18:44 - 01498624 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2015-11-09 12:53 - 2015-09-14 20:45 - 03210240 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-11-09 12:28 - 2015-11-09 12:28 - 00030328 _____ C:\ComboFix.txt
2015-11-09 11:50 - 2011-06-26 07:45 - 00256000 _____ C:\windows\PEV.exe
2015-11-09 11:50 - 2010-11-07 18:20 - 00208896 _____ C:\windows\MBR.exe
2015-11-09 11:50 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2015-11-09 11:50 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2015-11-09 11:50 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2015-11-09 11:50 - 2000-08-31 01:00 - 00098816 _____ C:\windows\sed.exe
2015-11-09 11:50 - 2000-08-31 01:00 - 00080412 _____ C:\windows\grep.exe
2015-11-09 11:50 - 2000-08-31 01:00 - 00068096 _____ C:\windows\zip.exe
2015-11-09 11:44 - 2015-11-09 12:28 - 00000000 ____D C:\Qoobox
2015-11-09 11:44 - 2015-11-09 12:26 - 00000000 ____D C:\windows\erdnt
2015-11-09 11:43 - 2015-11-09 11:43 - 05638248 ____R (Swearware) C:\Users\herbert.bruckmueller\Downloads\ComboFix.exe
2015-11-08 11:45 - 2015-11-08 11:46 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\herbert.bruckmueller\Downloads\tdsskiller(1).exe
2015-11-08 11:12 - 2015-11-08 11:13 - 16563352 _____ (Malwarebytes Corp.) C:\Users\herbert.bruckmueller\Downloads\mbar-1.09.3.1001.exe
2015-11-07 21:27 - 2015-11-07 21:27 - 01466656 _____ C:\Users\herbert.bruckmueller\Downloads\HitmanPro Alert - CHIP-Installer.exe
2015-11-07 21:26 - 2015-11-12 16:48 - 00000000 ____D C:\Users\herbert.bruckmueller\ownCloud
2015-11-07 19:06 - 2015-11-07 19:06 - 00852720 _____ C:\Users\herbert.bruckmueller\Downloads\SecurityCheck.exe
2015-11-07 17:47 - 2015-11-07 17:47 - 02870984 _____ (ESET) C:\Users\herbert.bruckmueller\Downloads\esetsmartinstaller_deu.exe
2015-11-07 17:22 - 2015-11-07 17:22 - 01798976 _____ (Malwarebytes) C:\Users\herbert.bruckmueller\Downloads\JRT.exe
2015-11-07 16:33 - 2015-11-07 16:33 - 01713664 _____ C:\Users\herbert.bruckmueller\Downloads\AdwCleaner_5.018.exe
2015-11-07 16:21 - 2015-11-07 16:21 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\herbert.bruckmueller\Downloads\tdsskiller.exe
2015-11-07 15:42 - 2015-11-08 11:42 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-11-07 15:40 - 2015-11-07 15:40 - 16563352 _____ (Malwarebytes Corp.) C:\Users\herbert.bruckmueller\Downloads\mbar-1.09.3.1001(1).exe
2015-11-07 11:51 - 2015-11-07 11:52 - 00040663 _____ C:\Users\herbert.bruckmueller\Downloads\Addition.txt
2015-11-07 11:50 - 2015-11-12 21:28 - 00024094 _____ C:\Users\herbert.bruckmueller\Downloads\FRST.txt
2015-11-07 11:48 - 2015-11-12 21:28 - 00000000 ____D C:\FRST
2015-11-07 11:48 - 2015-11-07 11:48 - 02198528 _____ (Farbar) C:\Users\herbert.bruckmueller\Downloads\FRST64.exe
2015-11-04 13:29 - 2015-11-07 17:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-02 11:41 - 2015-11-02 11:41 - 00028806 _____ C:\Users\herbert.bruckmueller\Desktop\Kopie von Herbert Kunden Report 2015.xlsx
2015-10-29 09:13 - 2015-10-29 09:14 - 00000000 ____D C:\Users\herbert.bruckmueller\Desktop\Katzinger
2015-10-27 10:30 - 2015-11-09 12:07 - 00001536 _____ C:\windows\PFRO.log
2015-10-19 08:46 - 2015-10-19 08:46 - 00026500 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(5).aspx
2015-10-19 08:46 - 2015-10-19 08:46 - 00026500 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(4).aspx
2015-10-19 08:45 - 2015-10-19 08:45 - 00026299 _____ C:\Users\herbert.bruckmueller\Downloads\FileView.aspx
2015-10-19 08:45 - 2015-10-19 08:45 - 00026299 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(3).aspx
2015-10-19 08:45 - 2015-10-19 08:45 - 00026299 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(2).aspx
2015-10-19 08:45 - 2015-10-19 08:45 - 00026299 _____ C:\Users\herbert.bruckmueller\Downloads\FileView(1).aspx
2015-10-15 10:01 - 2015-10-15 10:01 - 00001251 _____ C:\Users\herbert.bruckmueller\Desktop\SIVAG Wiki.lnk
2015-10-15 09:58 - 2015-11-12 21:29 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\Local\ownCloud
2015-10-15 09:58 - 2015-10-27 10:32 - 00000000 ____D C:\Users\herbert.bruckmueller\SIVAG Wiki
2015-10-15 09:57 - 2015-10-29 09:15 - 00001019 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ownCloud.lnk
2015-10-15 09:57 - 2015-10-29 09:15 - 00001007 _____ C:\Users\Public\Desktop\ownCloud.lnk
2015-10-15 09:56 - 2015-10-29 09:15 - 00000000 ____D C:\Program Files (x86)\ownCloud
2015-10-15 09:50 - 2015-10-15 09:52 - 39174288 _____ (ownCloud) C:\Users\herbert.bruckmueller\Downloads\ownCloud-2.0.1.5446-setup.exe
2015-10-13 09:27 - 2015-10-13 12:34 - 00000000 ____D C:\Program Files\HitmanPro
2015-10-13 09:27 - 2015-10-13 10:20 - 00000000 ____D C:\ProgramData\HitmanPro
2015-10-13 09:24 - 2015-11-07 21:28 - 13380715 _____ C:\Users\herbert.bruckmueller\Downloads\HitmanPro_3.7.9.242.zip
2015-10-13 09:22 - 2015-10-22 10:44 - 00000000 ____D C:\Users\herbert.bruckmueller\.oracle_jre_usage
2015-10-13 09:22 - 2015-10-13 09:22 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\Roaming\Sun
2015-10-13 09:22 - 2015-10-13 09:22 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\LocalLow\Sun
2015-10-13 09:21 - 2015-10-22 10:44 - 00000000 ____D C:\ProgramData\Oracle
2015-10-13 09:21 - 2015-10-22 10:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-13 09:21 - 2015-10-22 10:43 - 00097888 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2015-10-13 09:21 - 2015-10-22 10:43 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-13 09:20 - 2015-10-13 09:20 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\LocalLow\Oracle
2015-10-13 09:19 - 2015-10-13 09:19 - 00584288 _____ (Oracle Corporation) C:\Users\herbert.bruckmueller\Downloads\jxpiinstall.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-12 21:03 - 2015-03-06 12:41 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-11-12 21:02 - 2015-03-05 15:30 - 00000000 ____D C:\Program Files (x86)\Advanced Monitoring Agent
2015-11-12 20:50 - 2015-03-26 19:39 - 00001110 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-12 20:14 - 2015-03-05 13:43 - 00000128 _____ C:\windows\system32\config\netlogon.ftl
2015-11-12 18:55 - 2015-03-05 20:49 - 01765554 _____ C:\windows\WindowsUpdate.log
2015-11-12 13:38 - 2015-03-05 13:37 - 00000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini
2015-11-12 10:36 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-12 10:36 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-12 07:50 - 2015-03-26 19:39 - 00001106 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-11 21:02 - 2015-08-31 08:21 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-11-11 19:53 - 2015-03-26 19:40 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-11 16:03 - 2015-03-06 12:41 - 00780488 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-11-11 16:03 - 2015-03-06 12:41 - 00142536 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-11 16:03 - 2015-03-06 12:41 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-11-11 11:34 - 2015-09-07 07:36 - 419922944 _____ C:\Users\herbert.bruckmueller\Documents\herbert.bruckmueller@sivag.at
2015-11-11 11:34 - 2015-04-08 07:07 - 00003222 _____ C:\windows\System32\Tasks\HPCeeScheduleForHERBERT-HP$
2015-11-11 11:34 - 2015-04-08 07:07 - 00000346 _____ C:\windows\Tasks\HPCeeScheduleForHERBERT-HP$.job
2015-11-11 11:34 - 2011-05-03 19:08 - 00705108 _____ C:\windows\system32\perfh007.dat
2015-11-11 11:34 - 2011-05-03 19:08 - 00151476 _____ C:\windows\system32\perfc007.dat
2015-11-11 11:34 - 2009-07-14 06:13 - 01629436 _____ C:\windows\system32\PerfStringBackup.INI
2015-11-11 11:27 - 2011-05-03 19:23 - 00000000 ____D C:\ProgramData\PDFC
2015-11-11 11:26 - 2015-10-12 15:21 - 00001176 _____ C:\windows\setupact.log
2015-11-11 11:26 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-11-11 10:12 - 2015-08-31 08:21 - 00000000 ____D C:\Program Files\Advanced Monitoring Agent Network Management
2015-11-11 08:26 - 2015-10-12 15:09 - 00000000 ____D C:\AdwCleaner
2015-11-11 07:57 - 2015-09-28 08:55 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-09 21:27 - 2015-03-05 20:55 - 00000000 ____D C:\windows\rescache
2015-11-09 13:26 - 2015-03-11 13:21 - 00000000 ___RD C:\Users\herbert.bruckmueller\Virtual Machines
2015-11-09 13:21 - 2009-07-14 05:45 - 00410232 _____ C:\windows\system32\FNTCACHE.DAT
2015-11-09 13:11 - 2015-03-05 13:58 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-09 13:09 - 2009-07-14 03:34 - 00000478 _____ C:\windows\win.ini
2015-11-09 12:23 - 2009-07-14 03:34 - 00000215 _____ C:\windows\system.ini
2015-11-09 12:06 - 2009-07-14 03:34 - 99090432 _____ C:\windows\system32\config\SOFTWARE.bak
2015-11-09 12:06 - 2009-07-14 03:34 - 18087936 _____ C:\windows\system32\config\SYSTEM.bak
2015-11-09 12:06 - 2009-07-14 03:34 - 106168320 _____ C:\windows\system32\config\COMPONENTS.bak
2015-11-09 12:06 - 2009-07-14 03:34 - 00786432 _____ C:\windows\system32\config\DEFAULT.bak
2015-11-09 12:06 - 2009-07-14 03:34 - 00262144 _____ C:\windows\system32\config\SECURITY.bak
2015-11-08 11:15 - 2015-09-28 08:54 - 00109272 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2015-11-07 21:26 - 2015-03-11 13:21 - 00000000 ____D C:\Users\herbert.bruckmueller
2015-11-07 20:43 - 2015-05-28 12:37 - 01600520 _____ (BitDefender) C:\windows\system32\Drivers\avc3.sys
2015-11-07 20:41 - 2015-05-28 13:21 - 00775424 _____ (BitDefender) C:\windows\system32\Drivers\avckf.sys
2015-11-07 20:40 - 2015-09-03 08:16 - 00477272 _____ (BitDefender S.R.L.) C:\windows\system32\Drivers\trufos.sys
2015-11-07 17:25 - 2015-03-05 14:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-07 16:31 - 2015-09-28 08:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-11-07 16:31 - 2015-09-28 08:54 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-11-02 18:20 - 2015-03-11 13:21 - 00000000 ____D C:\Users\herbert.bruckmueller\Documents\Bluetooth Folder
2015-10-29 10:57 - 2015-09-16 07:49 - 00000000 ____D C:\Users\herbert.bruckmueller\Desktop\PRO MAKLER
2015-10-28 09:24 - 2015-03-23 10:28 - 00000000 ____D C:\Users\herbert.bruckmueller\AppData\Local\CrashDumps
2015-10-22 12:43 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\NDF
2015-10-22 08:48 - 2015-09-03 08:14 - 00000000 ____D C:\ProgramData\ManagedAntivirus
2015-10-20 11:15 - 2015-03-05 14:10 - 00000000 ____D C:\Users\herbert.bruckmueller\Documents\Eigene Dateien
2015-10-15 09:57 - 2015-07-02 08:31 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-13 00:53 - 2015-10-12 18:25 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
Einige Dateien in TEMP:
====================
C:\Users\herbert.bruckmueller\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-11-10 00:00
==================== Ende von FRST.txt ============================
|
|
14.11.2015, 11:51
| #13 |
| /// the machine /// TB-Ausbilder | Bank Austria Onlinebanking, falsche Webseite In welchem Browser kommt das noch? Kommt es auch in mehreren?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
16.11.2015, 13:12
| #14 |
| | Bank Austria Onlinebanking, falsche Webseite Hallo! Bei Firefox ja! Bei Chrome und IE nicht mehr, die sind sauber! Danke! |
|
17.11.2015, 18:11
| #15 |
| /// the machine /// TB-Ausbilder | Bank Austria Onlinebanking, falsche Webseite Revo Uninstaller - Download - Filepony damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren. Dann: https://support.mozilla.org/de/kb/fi...einfach-loesen Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Users\herbert.bruckmueller\AppData\Local\Temp\DMR\dmr_72.exe
C:\Users\herbert.bruckmueller\Downloads\HitmanPro Alert - CHIP-Installer.exe
C:\Users\herbert.bruckmueller\Downloads\SpyBot Search Destroy - CHIP-Installer.exe
C:\Users\herbert.bruckmueller\Downloads\ccsetup510.exe
C:\Users\herbert.bruckmueller\Downloads\HitmanPro Alert - CHIP-Installer(1).exe
Emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Downloadverhalten überdenken: CHIP-Installer - was ist das? - Anleitungen Frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Bank Austria Onlinebanking, falsche Webseite |
| bank austria onlinebanking, bereits, board, direkt, ebanking, falsche, falsche webseite trojaner, frage, gefunde, geklärt, hilfe, hilfe!, onlinebanking, problem, troja, trojaner, unter, webseite |
WARNUNG an die MITLESER: 
Linear-Darstellung
