Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 10.02.2016, 14:27   #1
duat
 
Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt - Standard

Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt



Hallo liebe Community,

schon mehrfach habe ich von der Telekom (Abuse-Team) einen Brief bekommen mit dem Betreff: "Wichtige Sicherheitswarnung zu Ihrem Internetzugang". Laut telefonischer Aussage von der Hotline soll sich ein "Citadell-Virus" auf einem meiner Rechner befinden.

Ich nutze über meinen Internetzugang einen Laptop und ein Smartphone. Weiterhin befinden sich noch eine PS3- und PS4-Konsole sowie ein Smart-TV im Netzwerk, die man wohl ausschließen kann.

Laut meinem Antivirenprogramm "Microsoft Security Essentials" befindet sich kein Virus auf dem Laptop.

Ich hänge mal meine 2 Logs von FRST an:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:07-02-2016
durchgeführt von privat (Administrator) auf CHRIS-PC (10-02-2016 14:47:38)
Gestartet von C:\Users\privat\Downloads
Geladene Profile: privat (Verfügbare Profile: Chris & privat)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files\Dell Wireless\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files\Dell Wireless\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
() C:\ProgramData\DatacardService\HWDeviceService.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Atheros Communications) C:\Program Files\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Atheros Commnucations) C:\Program Files\Dell Wireless\Bluetooth Suite\AthBtTray.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe
(Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_20_0_0_267_Plugin.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-06-08] (Intel Corporation)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files\Dell Wireless\Bluetooth Suite\BtvStack.exe [474272 2010-09-02] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files\Dell Wireless\Bluetooth Suite\AthBtTray.exe [298144 2010-09-02] (Atheros Commnucations)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM\...\Run: [RemoteControl9] => C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
HKLM\...\Run: [PDVD9LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-04-29] (CyberLink Corp.)
HKLM\...\Run: [Dell Webcam Central] => C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [487562 2010-08-20] (Creative Technology Ltd)
HKLM\...\Run: [RoxWatchTray] => C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-09-04] (Sonic Solutions)
HKLM\...\Run: [Desktop Disc Tool] => C:\Program Files\Roxio\oem\Roxio Burn\RoxioBurnLauncher.exe [522736 2010-11-01] ()
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [1797488 2011-01-07] (Microsoft Corporation)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-12-17] (Apple Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-29] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157456 2015-12-17] (Apple Inc.)
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [EPSON SX510W Series] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE [199680 2008-11-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [EPSON SX510W Series (Kopie 1)] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE [199680 2008-11-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [Device Detection] => C:\Program Files\Lidl_Fotos\dd.exe [860528 2013-10-30] ()
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [] => [X]
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [NokiaSuite.exe] => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1090040 2012-12-21] (Nokia)
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [Guiqmex] => C:\Users\privat\AppData\Roaming\Bayd\noyr.exe [253440 2013-01-12] ()
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {1305b0a3-f675-11e1-a1da-90004e013ab8} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {41144100-92dc-11e1-8581-90004e013ab8} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {4114411a-92dc-11e1-8581-90004e013ab8} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {41144133-92dc-11e1-8581-90004e013ab8} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {7357d7ff-4967-11e2-8651-f04da26bc8e0} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {7357d81a-4967-11e2-8651-f04da26bc8e0} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {750a411f-34c9-11e0-b132-806e6f6e6963} - D:\autorun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {dc37c5b5-6a52-11e2-b7ff-f04da26bc8e0} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {f8f69999-c40f-11e2-a005-f04da26bc8e0} - E:\AutoRun.exe
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll [2013-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll [2013-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll [2013-03-12] (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{2258AB48-4D93-4911-96B8-1B32A6796175}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{448221D6-933B-418F-8123-42221C7068BA}: [DhcpNameServer] 139.7.30.126 139.7.30.125
Tcpip\..\Interfaces\{8A4DA0DA-3D99-4A6E-9C53-1FCE9296A33F}: [NameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{A85015A4-C874-4C44-846D-25AEC4860175}: [NameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{AF10391C-F1D8-4024-BC6B-26BD4465F675}: [NameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{BBE6AA86-1C5F-45F8-8486-9DB31DA9A39B}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=10&cc=&mi=e816127f00000000000090004e013ab7
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USSMB/8
SearchScopes: HKLM -> DefaultScope {4B9FC999-DF9D-4DA9-B7D2-A17ED9193392} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {4B9FC999-DF9D-4DA9-B7D2-A17ED9193392} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-583576071-2610798785-2159693280-1003 -> DefaultScope {B6A9F6CA-8C02-4118-92F4-807A7285F11B} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=e816127f00000000000090004e013ab7&r=415
SearchScopes: HKU\S-1-5-21-583576071-2610798785-2159693280-1003 -> {4B9FC999-DF9D-4DA9-B7D2-A17ED9193392} URL = 
SearchScopes: HKU\S-1-5-21-583576071-2610798785-2159693280-1003 -> {B6A9F6CA-8C02-4118-92F4-807A7285F11B} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=e816127f00000000000090004e013ab7&r=415
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-30] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2011-05-13] (Microsoft Corporation)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-04-01] (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-30] (Oracle Corporation)
BHO: Softonic Helper Object -> {E87806B5-E908-45FD-AF5E-957D83E58E68} -> C:\Program Files\Softonic\Softonic\1.8.21.14\bh\Softonic.dll [2013-06-11] (Softonic.com)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2015-01-28] (DVDVideoSoft Ltd.)
BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-04-01] (Microsoft Corporation.)
Toolbar: HKLM - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files\Softonic\Softonic\1.8.21.14\SoftonicTlbr.dll [2013-06-11] (Softonic.com)
Toolbar: HKU\S-1-5-21-583576071-2610798785-2159693280-1003 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\privat\AppData\Roaming\Mozilla\Firefox\Profiles\wwe6u0x0.default-1431504965002
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF Homepage: hxxps://www.google.de/?gws_rd=ssl
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_267.dll [2016-01-14] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-30] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2012-12-21] ( )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\privat\AppData\Roaming\Mozilla\Firefox\Profiles\wwe6u0x0.default-1431504965002\user.js [2016-01-04]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2008-10-24] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Extension: WEB.DE MailCheck - C:\Users\privat\AppData\Roaming\Mozilla\Firefox\Profiles\wwe6u0x0.default-1431504965002\extensions\mailcheck@web.de [2015-12-16]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-01-08] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2016-01-08] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2016-01-08] [ist nicht signiert]
FF Extension: UITBAutoInstaller - C:\Program Files\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2016-01-08] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - c:\Program Files\Trend Micro\Client Server Security Agent\bho\1056\FirefoxExtension => nicht gefunden
FF HKLM\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx32\addon
FF Extension: Bytemobile Optimization Client - C:\Program Files\T-Mobile\InternetManager_H\OCx32\addon [2012-12-19] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff => nicht gefunden
FF HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\privat\AppData\Roaming\Mozilla\Firefox\Profiles\kpwvyoo0.default\extensions\cliqz@cliqz.com => nicht gefunden
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-11-16]

Chrome: 
=======
CHR Profile: C:\Users\privat\AppData\Local\Google\Chrome\User Data\default
CHR Extension: (Softonic Chrome Toolbar) - C:\Users\privat\AppData\Local\Google\Chrome\User Data\default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf [2013-10-23]
CHR HKLM\...\Chrome\Extension: [elchiiiejkobdbblfejjkbphbddgmljf] - C:\Program Files\Softonic\Softonic\1.8.21.14\Softonic.crx [2013-06-11]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Atheros Bt&Wlan Coex Agent; C:\Program Files\Dell Wireless\Ath_CoexAgent.exe [151552 2010-05-24] (Atheros) [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files\Dell Wireless\Bluetooth Suite\adminservice.exe [56480 2010-09-02] (Atheros Commnucations) [Datei ist nicht signiert]
R2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
R2 EPSON_EB_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE [143872 2007-12-17] (SEIKO EPSON CORPORATION)
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [113664 2007-01-11] (SEIKO EPSON CORPORATION)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2011-02-10] (Macrovision Europe Ltd.) [Datei ist nicht signiert]
R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [270176 2011-01-28] ()
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Datei ist nicht signiert]
S2 Internet Manager. RunOuc; C:\Program Files\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [224096 2012-12-19] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
S3 RoxMediaDB12OEM; C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [1116656 2010-09-04] (Sonic Solutions)
S2 RoxWatch12; C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [219632 2010-09-04] (Sonic Solutions)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AthBTPort; C:\Windows\System32\DRIVERS\btath_flt.sys [37224 2010-07-08] (Atheros)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281504 2013-04-29] ()
R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [13184 2012-12-19] (Bytemobile, Inc.) [Datei ist nicht signiert]
S3 BTATH_A2DP; C:\Windows\System32\drivers\btath_a2dp.sys [257896 2010-07-08] (Atheros)
R3 BTATH_BUS; C:\Windows\System32\DRIVERS\btath_bus.sys [26984 2010-07-08] (Atheros)
S3 BTATH_HCRP; C:\Windows\System32\DRIVERS\btath_hcrp.sys [178024 2010-07-08] (Atheros)
S3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [47976 2010-09-02] (Atheros)
S3 BTATH_RCP; C:\Windows\System32\DRIVERS\btath_rcp.sys [143336 2010-07-08] (Atheros)
S3 BtFilter; C:\Windows\System32\DRIVERS\btfilter.sys [237416 2010-08-31] (Atheros)
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [63464 2013-01-22] (FTDI Ltd.)
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [90112 2012-12-19] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [26624 2012-12-19] (Huawei Technologies Co., Ltd.)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [181760 2012-12-19] (Huawei Technologies Co., Ltd.)
S3 KMWDFILTERx86; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [25088 2009-04-29] (Windows (R) Codename Longhorn DDK provider)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2013-04-29] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
R1 MpKsl12950f27; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{445E671A-CBFD-4210-99BE-CFCC493851C1}\MpKsl12950f27.sys [39168 2016-02-10] (Microsoft Corporation)
S3 mvusbcomm; C:\Windows\System32\Drivers\mvusbcomm.sys [17408 2013-08-22] (Marvell Semiconductor, Inc.)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl.sys [18432 2012-03-26] (Apple Inc.) [Datei ist nicht signiert]
R2 risdpcie; C:\Windows\System32\DRIVERS\risdpe86.sys [49152 2009-06-30] (REDC)
S3 rixdpcie; C:\Windows\system32\DRIVERS\rixdpe86.sys [38400 2009-07-04] (REDC)
R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [172416 2010-11-20] (Microsoft Corporation)
R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [48128 2010-11-20] (Microsoft Corporation)
R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2010-11-20] (Microsoft Corporation)
R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [296064 2010-11-20] (Microsoft Corporation)
S3 adxapie; \??\C:\Users\privat\AppData\Local\Temp\adxapie.sys [X]
S3 PCDSRVC{E9D79540-57D5953E-06020101}_0; \??\c:\program files\dell support center\pcdsrvc.pkms [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-10 14:47 - 2016-02-10 14:49 - 00025102 _____ C:\Users\privat\Downloads\FRST.txt
2016-02-10 14:47 - 2016-02-10 14:47 - 00000000 ____D C:\FRST
2016-02-10 14:46 - 2016-02-10 14:46 - 01721344 _____ (Farbar) C:\Users\privat\Downloads\FRST.exe
2016-02-10 14:23 - 2016-02-10 14:24 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\privat\Downloads\SpyHunter-Installer (1).exe
2016-02-10 14:23 - 2016-02-10 14:23 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\privat\Downloads\SpyHunter-Installer.exe
2016-02-10 04:12 - 2016-02-10 04:12 - 00000000 ____D C:\ef66c554362ecf4d43f9d71f6f1364ae
2016-02-09 22:03 - 2016-01-16 19:42 - 00022464 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-02-09 22:03 - 2016-01-16 19:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-09 22:03 - 2016-01-16 19:34 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-02-09 22:03 - 2016-01-11 15:07 - 01198080 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-02-09 22:03 - 2016-01-11 15:07 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-02-09 22:03 - 2016-01-11 15:07 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-02-09 22:03 - 2016-01-11 15:07 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-02-09 22:03 - 2016-01-11 15:07 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-02-09 22:00 - 2016-01-22 07:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-02-09 22:00 - 2016-01-22 07:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-09 22:00 - 2016-01-22 07:09 - 01310232 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-09 22:00 - 2016-01-22 07:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-09 22:00 - 2016-01-22 07:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-09 22:00 - 2016-01-22 07:02 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-09 22:00 - 2016-01-22 07:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-09 22:00 - 2016-01-22 07:02 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-09 22:00 - 2016-01-22 07:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
2016-02-09 22:00 - 2016-01-22 07:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-09 22:00 - 2016-01-22 06:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-02-09 22:00 - 2016-01-07 18:47 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-09 22:00 - 2016-01-07 18:35 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-09 22:00 - 2016-01-06 19:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-02-09 22:00 - 2016-01-06 18:56 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-02-09 22:00 - 2015-12-20 19:45 - 02745856 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-02-09 22:00 - 2015-12-20 19:45 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-02-09 22:00 - 2015-12-20 17:16 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-02-09 21:59 - 2016-01-22 07:13 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-09 21:59 - 2016-01-22 07:13 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-02-09 21:59 - 2016-01-22 07:06 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-02-09 21:59 - 2016-01-22 07:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-02-09 21:59 - 2016-01-22 07:06 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-02-09 21:59 - 2016-01-22 07:06 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-02-09 21:59 - 2016-01-22 07:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-02-09 21:59 - 2016-01-22 07:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-02-09 21:59 - 2016-01-22 07:05 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-09 21:59 - 2016-01-22 07:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-02-09 21:59 - 2016-01-22 07:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-02-09 21:59 - 2016-01-22 07:02 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-09 21:59 - 2016-01-22 07:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-09 21:59 - 2016-01-22 07:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-02-09 21:59 - 2016-01-22 07:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-02-09 21:59 - 2016-01-22 07:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-02-09 21:59 - 2016-01-22 06:01 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-02-09 21:59 - 2016-01-22 06:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-02-09 21:59 - 2016-01-22 05:53 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-02-09 21:59 - 2016-01-22 05:53 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-09 21:59 - 2016-01-22 05:53 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-09 21:59 - 2016-01-22 05:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-02-09 21:59 - 2016-01-22 05:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-02-09 21:59 - 2016-01-22 05:51 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-02-09 21:59 - 2016-01-22 05:51 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-02-09 21:59 - 2016-01-22 05:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 05:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 05:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 05:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-09 21:58 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-09 21:58 - 2016-02-06 10:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-02-09 21:58 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-09 21:58 - 2016-02-06 10:38 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-02-09 21:58 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-09 21:58 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-09 21:58 - 2016-01-22 21:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-09 21:58 - 2016-01-22 07:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-02-09 21:58 - 2016-01-22 07:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-02-09 21:58 - 2016-01-22 07:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-02-09 21:58 - 2016-01-22 07:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-02-09 21:58 - 2016-01-22 06:55 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-02-09 21:58 - 2016-01-22 06:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-02-09 21:58 - 2016-01-22 06:52 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-02-09 21:58 - 2016-01-22 06:51 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-02-09 21:58 - 2016-01-22 06:51 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-02-09 21:58 - 2016-01-22 06:46 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-09 21:58 - 2016-01-22 06:43 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-02-09 21:58 - 2016-01-22 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-09 21:58 - 2016-01-22 06:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-02-09 21:58 - 2016-01-22 06:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-02-09 21:58 - 2016-01-22 06:34 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-02-09 21:58 - 2016-01-22 06:33 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-02-09 21:58 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-09 21:58 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-09 21:58 - 2016-01-22 06:25 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-09 21:58 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-09 21:58 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-09 21:58 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-09 21:57 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-09 21:57 - 2016-01-22 07:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-02-09 21:57 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-09 21:57 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-09 21:57 - 2016-01-22 06:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-02-09 21:57 - 2016-01-22 06:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-02-09 21:56 - 2016-01-11 19:47 - 02956288 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-02-09 21:56 - 2016-01-11 19:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-02-09 21:56 - 2016-01-11 19:35 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-02-09 21:56 - 2016-01-11 19:17 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-09 21:56 - 2016-01-11 19:14 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-02-09 21:56 - 2016-01-11 19:14 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-02-09 21:56 - 2016-01-11 19:14 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-02-09 21:56 - 2016-01-11 19:14 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-02-09 21:56 - 2016-01-11 19:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-02-09 21:56 - 2016-01-11 19:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-02-09 21:56 - 2016-01-11 19:14 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-01-20 13:19 - 2016-01-20 13:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-01-20 13:11 - 2016-01-20 13:19 - 00000000 ____D C:\Program Files\QuickTime
2016-01-13 22:45 - 2016-01-13 22:45 - 00000000 ____D C:\Users\Chris\AppData\Local\Apple
2016-01-13 09:44 - 2015-12-08 22:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-01-13 09:44 - 2015-12-08 22:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 01202688 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-13 09:44 - 2015-12-08 22:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-01-13 09:44 - 2015-12-08 22:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-13 09:44 - 2015-12-08 22:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-01-13 09:44 - 2015-12-08 22:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-01-13 09:44 - 2015-12-08 22:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-01-13 09:44 - 2015-12-08 22:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-01-13 09:44 - 2015-12-08 22:43 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-01-13 09:44 - 2015-12-08 22:11 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-01-13 09:44 - 2015-12-08 22:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-01-13 09:44 - 2015-11-16 21:12 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-01-13 09:44 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-01-13 09:44 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-01-13 09:44 - 2015-11-13 23:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-10 14:50 - 2011-02-17 16:11 - 00000422 _____ C:\Windows\Tasks\SystemToolsDailyTest.job
2016-02-10 14:48 - 2011-06-24 16:32 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-10 14:40 - 2009-07-14 05:34 - 00025216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-10 14:40 - 2009-07-14 05:34 - 00025216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-10 14:35 - 2011-02-10 12:53 - 00000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini
2016-02-10 10:03 - 2011-02-10 12:07 - 02293438 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-10 10:03 - 2009-07-14 09:47 - 00964984 _____ C:\Windows\system32\perfh007.dat
2016-02-10 10:03 - 2009-07-14 09:47 - 00238790 _____ C:\Windows\system32\perfc007.dat
2016-02-10 10:03 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-02-10 10:01 - 2011-06-24 16:32 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-10 05:09 - 2015-02-26 04:23 - 00000000 ____D C:\Windows\rescache
2016-02-10 04:19 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-10 04:16 - 2015-10-12 11:34 - 00000946 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-02-10 04:16 - 2009-07-14 05:33 - 00663416 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-10 04:13 - 2014-12-12 03:34 - 00000000 ____D C:\Windows\system32\appraiser
2016-02-10 04:13 - 2014-05-07 02:02 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-02-10 04:13 - 2009-07-14 09:57 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 03:56 - 2009-07-14 03:04 - 00000478 _____ C:\Windows\win.ini
2016-02-10 03:28 - 2013-08-15 20:25 - 00000000 ____D C:\Windows\system32\MRT
2016-02-10 03:14 - 2011-02-19 11:57 - 144254680 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-09 22:42 - 2014-09-02 17:32 - 00000000 ____D C:\Users\privat\AppData\Local\Adobe
2016-02-09 22:42 - 2012-04-22 17:31 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-02-09 22:42 - 2011-05-19 18:23 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-02-09 19:54 - 2011-03-21 18:09 - 00000240 _____ C:\Windows\Tasks\Epson Printer Software Downloader.job
2016-02-08 20:36 - 2013-01-16 20:35 - 00000000 ____D C:\Users\privat\Documents\Outlook-Dateien
2016-02-07 00:51 - 2011-04-23 18:46 - 00000000 ____D C:\Users\privat\AppData\Local\CrashDumps
2016-02-04 13:05 - 2011-03-26 11:36 - 00000000 ____D C:\Program Files\Opera
2016-02-01 13:29 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2016-01-18 22:19 - 2015-02-19 20:41 - 00229113 _____ C:\Users\privat\Documents\RK-2015-Taudte NEU.xlsx
2016-01-14 19:33 - 2011-02-17 16:11 - 00000564 _____ C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2016-01-14 08:50 - 2015-11-30 11:23 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-14 03:50 - 2016-01-08 09:23 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-01-14 03:50 - 2012-05-13 20:13 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-01-14 03:50 - 2011-02-10 12:34 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-14 03:28 - 2011-02-10 12:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-11-18 10:07 - 2015-11-18 10:07 - 0207386 _____ () C:\Users\privat\AppData\Local\ars.cache
2015-11-18 10:07 - 2015-11-18 10:07 - 0333491 _____ () C:\Users\privat\AppData\Local\census.cache
2011-09-09 20:57 - 2013-05-08 18:45 - 0008704 _____ () C:\Users\privat\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-18 09:28 - 2015-11-18 09:28 - 0000036 _____ () C:\Users\privat\AppData\Local\housecall.guid.cache
2012-01-07 13:04 - 2015-12-17 20:46 - 0007602 _____ () C:\Users\privat\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
C:\Users\Chris\AppData\Local\Temp\bitmaps.dll
C:\Users\Chris\AppData\Local\Temp\DiscoveryLib.dll
C:\Users\Chris\AppData\Local\Temp\DiscoveryLib64.dll
C:\Users\Chris\AppData\Local\Temp\fwDownloadLib.dll
C:\Users\Chris\AppData\Local\Temp\fwDownloadLib64.dll
C:\Users\Chris\AppData\Local\Temp\fwupdate.exe
C:\Users\Chris\AppData\Local\Temp\InstallLib.dll
C:\Users\Chris\AppData\Local\Temp\InstallLib64.dll
C:\Users\Chris\AppData\Local\Temp\InstallSeqLib.dll
C:\Users\Chris\AppData\Local\Temp\InstallSeqLib64.dll
C:\Users\Chris\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Chris\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Chris\AppData\Local\Temp\openslp32.dll
C:\Users\Chris\AppData\Local\Temp\openslp64.dll
C:\Users\Chris\AppData\Local\Temp\Setup.exe
C:\Users\Chris\AppData\Local\Temp\Uninstall.exe
C:\Users\Chris\AppData\Local\Temp\winstaller.exe
C:\Users\Chris\AppData\Local\Temp\winstaller64.exe
C:\Users\privat\AppData\Local\Temp\NOSEventMessages.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-02-10 05:01

==================== Ende vom FRST.txt ============================
         

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:07-02-2016
durchgeführt von privat (2016-02-10 14:50:36)
Gestartet von C:\Users\privat\Downloads
Microsoft Windows 7 Professional  Service Pack 1 (X86) (2011-02-17 15:08:49)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-583576071-2610798785-2159693280-500 - Administrator - Disabled)
Chris (S-1-5-21-583576071-2610798785-2159693280-1000 - Administrator - Enabled) => C:\Users\Chris
Gast (S-1-5-21-583576071-2610798785-2159693280-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-583576071-2610798785-2159693280-1002 - Limited - Enabled)
privat (S-1-5-21-583576071-2610798785-2159693280-1003 - Administrator - Enabled) => C:\Users\privat

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
ABBYY FineReader 6.0 Sprint (HKLM\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House)
Adobe Acrobat  9 Standard - English, Français, Deutsch (HKLM\...\{AC76BA86-1033-F400-BA7E-000000000004}{AC76BA86-1033-F400-BA7E-000000000004}) (Version: 9.5.5 - Adobe Systems)
Adobe Acrobat 9.5.5 - CPSID_83708 (HKLM\...\{AC76BA86-1033-F400-BA7E-000000000004}_955) (Version:  - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM\...\{2BD2FA21-B51D-4F01-94A7-AC16737B2163}) (Version: 10.0.12.36 - Adobe Systems, Inc.)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Flash Player 20 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
ANNO 1503 (HKLM\...\{EBBB1DEF-8878-4CB8-BC0D-1196B30E7527}) (Version:  - )
Anno 1701 (HKLM\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.00 - Sunflowers)
Apple Application Support (32-Bit) (HKLM\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{9A629DCB-415D-4A50-85B9-5C2E4F8F74A8}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Beyond Good & Evil (HKLM\...\{6BF81CE7-3D5A-497F-8912-2A65A0253E1B}) (Version: 1.01.000 - )
Bing Bar (HKLM\...\{449CE12D-E2C7-4B97-B19E-55D163EA9435}) (Version: 7.0.619.0 - Microsoft Corporation)
Bluetooth Win7 Suite (HKLM\...\{101A497C-7EF6-4001-834D-E5FA1C70FEFA}) (Version: 7.2.0.6 - Atheros Communications)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
Broken Sword 2.5 (HKLM\...\Broken Sword 2.5_is1) (Version:  - mindFactory)
CCleaner (HKLM\...\CCleaner) (Version: 3.20 - Piriform)
Cliqz (HKLM\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
combit address manager 15 Workstation Einrichtung (HKLM\...\combit address manager 15 Workstation Einrichtung) (Version: 1.0.0 - combit GmbH)
Commandos 2: Men of Courage (HKLM\...\{F7963BA0-EE1C-11D4-9FA5-00A0C9E6A342}) (Version:  - )
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.129.0.64 - Conexant)
CyberLink PowerDVD 9.5 (HKLM\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.3225 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery Manager (HKLM\...\{4688EB75-28E2-4731-9BCB-55E624F7CD45}) (Version: 1.3 - Dell Inc.)
Dell Bluetooth Installation (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{3138EAD3-700B-4A10-B617-B3F8096EE30D}) (Version: 1.0.0 - Dell Inc)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.0.5621.01 - Dell Inc.)
Dell Support Center (Version: 3.0.5621.01 - PC-Doctor, Inc.) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1007.101.102 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Central (HKLM\...\Dell Webcam Central) (Version: 2.00.35 - Creative Technology Ltd)
Der Pate® Das Spiel (HKLM\...\{1D2CF076-A63F-41A5-00A1-5924FADFAD9D}) (Version:  - )
Desperados 1.0 (HKLM\...\Desperados 1.0) (Version:  - )
DialUp (HKLM\...\DialUp) (Version: 12.08.101 - Huawei Technologies Co.,Ltd)
Die Gilde (HKLM\...\Die Gilde) (Version:  - )
Die Gilde Update 1.05 Beta 3 (HKLM\...\Die Gilde Update 1.05 Beta 3) (Version:  - )
DIE SIEDLER - Aufstieg eines Königreichs (HKLM\...\{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}) (Version: 1.00.0000 - Ubisoft)
DIE SIEDLER - Das Erbe der Könige - Gold Edition (HKLM\...\{E08DE897-B6AF-4DFF-9E90-131E80C876B4}) (Version: 1.00.0000 - Blue Byte)
Die Siedler 2 - Die nächste Generation (HKLM\...\{ED56EF4F-35FF-48D4-B616-A66E791EF1B6}) (Version: 1.00.0000 - UBISOFT)
DirectX 9 Runtime (Version: 1.00.0000 - Sonic Solutions) Hidden
Drakensang (HKLM\...\Drakensang_is1) (Version:  - dtp)
Dropbox (HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Dropbox) (Version: 1.6.18 - Dropbox, Inc.)
Dungeon Keeper (HKLM\...\Keeper) (Version:  - )
Emulator Starter (HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\32bce9526e87661e) (Version: 1.0.0.141 - Free Game Empire)
Epson Easy Photo Print 2 (HKLM\...\{87C2248A-C7DD-49ED-9BCD-B312A9D0819E}) (Version: 2.1.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation)
Epson Printer Software Downloader (HKLM\...\Epson Printer Software Downloader) (Version:  - )
Epson Printer Software Downloader (Version: 2.0.0 - SEIKO EPSON CORPORATION) Hidden
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - )
Epson Stylus SX510W_TX550W Handbuch (HKLM\...\Epson Stylus SX510W_TX550W Benutzerhandbuch) (Version:  - )
EPSON SX510W Series Printer Uninstall (HKLM\...\EPSON SX510W Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4i - SEIKO EPSON CORPORATION)
EpsonNet Setup (HKLM\...\{FFFAE01B-466F-4C07-9821-A94FD753BDDA}) (Version: 3.1c - SEIKO EPSON CORPORATION)
EXIFeditor (HKLM\...\{50FC1CE8-FF32-4F3B-B654-050DD6ECD474}) (Version: 1.0.0 - kiwi.software.NET)
Fallout 3 (HKLM\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
FlexMail 4.0 (HKLM\...\{A95AD78E-D9C4-4ECE-8D54-CED21CEB2D52}) (Version: 4.00.0000 - Flex Systems B.V.)
fotokasten comfort 5.4 (HKLM\...\fotokasten comfort_is1) (Version:  - )
Foto-Mosaik-Edda Standard V6.6.12082.1 (HKLM\...\{A2D6ECD0-7E52-42B7-9236-DB2951436616}_is1) (Version:  - Steffen Schirmer)
Fotor 1.3.0 (HKLM\...\Fotor) (Version: 1.3.0 - Everimaging Co., Ltd.)
FP-PostBase (HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\32b33acc94e46eaf) (Version: 1.8.0.0 - Francotyp-Postalia)
Free YouTube to MP3 Converter version 3.12.54.128 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.54.128 - DVDVideoSoft Ltd.)
FUJIdirekt Bestellsoftware 5.1 (HKLM\...\FUJIdirekt Bestellsoftware_is1) (Version:  - )
Garmin Trip and Waypoint Manager v5 (HKLM\...\{414A373B-59DF-4102-94CA-9FE9A74CBDDA}) (Version: 5.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
GIMP 2.6.11 (HKLM\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
GLtron version 0.70 (HKLM\...\GLtron_is1) (Version:  - )
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
GPSBabel 1.4.2 (HKLM\...\{1B8FE958-A304-4902-BF7A-4E2F0F5B7017}_is1) (Version:  - GPSBabel)
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.7.50 - Conexant Systems)
Hex-Editor MX (HKLM\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2182 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.4.1002 - Intel Corporation)
Internet Manager (HKLM\...\Internet Manager) (Version: 22.001.18.00.748 - Huawei Technologies Co.,Ltd)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iTunes (HKLM\...\{2C741651-87E0-4479-9703-6DD0D7988B84}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 66 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lidl-Fotos (HKLM\...\Lidl-Fotos_is1) (Version:  - )
locr GPS Photo (HKLM\...\{E58A0BB1-1FA1-40DC-AFA4-2C86D0A3B879}) (Version: 1.2.4 - locr)
Luminance HDR 2.3.1 (HKLM\...\{7020FC34-6E04-4858-924D-354B28CB2402}_is1) (Version:  - Luminance HDR Dev Team)
M Series Driver (HKLM\...\M Series Driver) (Version:  - )
mailcredit (HKLM\...\{986D05F1-1487-4865-BBAF-70A969B95A24}) (Version: 1.2.4 - Francotyp-Postalia)
mailreport (HKLM\...\{1C9F6F44-3990-48AE-926B-C5F3B8D23B45}) (Version: 1.6.0 - FP)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
MFCLOC (Version: 1.00.0000 - Dell Inc.) Hidden
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Age of Empires II (HKLM\...\Age of Empires 2.0) (Version:  - )
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}) (Version: 3.0.19.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.0 (HKLM\...\{CD232781-26CA-4E18-BC70-4343A2F0D583}) (Version: 8.01.249.0 - Microsoft)
Microsoft Office Access Runtime (English) 2007 (HKLM\...\{90120000-001C-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Access Runtime (German) 2007 (HKLM\...\{90120000-001C-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Minecraft (HKLM\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mobile Partner (HKLM\...\Mobile Partner) (Version: 16.001.06.01.500 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 43.0.4 (x86 de) (HKLM\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Navigator Base Components (HKLM\...\{759F0957-BB9E-4C55-88A7-86961F9099A8}) (Version: 1.3.0.0 - FP)
NehrimUninstaller (HKLM\...\Nehrim - Am Rande des Schicksals_is1) (Version: 1.0.0 - SureAI)
Nokia Connectivity Cable Driver (HKLM\...\{6FE12C01-2FBC-42E2-AEB9-4CA2238C462F}) (Version: 7.1.101.0 - Nokia)
Nokia PC Suite (HKLM\...\Nokia PC Suite) (Version: 7.1.60.0 - Nokia)
Nokia PC Suite (Version: 7.1.60.0 - Nokia) Hidden
Nokia Suite (HKLM\...\Nokia Suite) (Version: 3.7.22.0 - Nokia)
Nokia Suite (Version: 3.7.22.0 - Nokia) Hidden
Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
NVIDIA PhysX (HKLM\...\{B83FC356-B7C0-441F-8A4D-D71E088E7974}) (Version: 9.09.0428 - NVIDIA Corporation)
Nvu 1.0 (HKLM\...\Nvu_is1) (Version: 1.0 - Thorsten Fritz)
Oblivion (HKLM\...\{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}) (Version: 1.2.0416 - Bethesda Softworks)
OpenAL (HKLM\...\OpenAL) (Version:  - )
OpenTTD 1.1.1 (HKLM\...\OpenTTD) (Version: 1.1.1 - OpenTTD)
Opera 12.17 (HKLM\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Opera Stable 35.0.2066.37 (HKLM\...\Opera 35.0.2066.37) (Version: 35.0.2066.37 - Opera Software)
Origin (HKLM\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
OSM World Routable (HKLM\...\OSM World Routable) (Version:  - )
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}) (Version: 3.60.0 - dotPDN LLC)
PC Connectivity Solution (HKLM\...\{6B722793-E77B-41F5-BAB3-6C9832274E75}) (Version: 12.0.76.0 - Nokia)
Perfect Effects 4.0.1 (HKLM\...\{385E6A4D-A440-43E2-9BAF-A012FB5FC2E2}) (Version: 4.0.1 - onOne Software)
PhotoShowExpress (Version: 2.0.028 - Sonic Solutions) Hidden
Picture Collage Maker Free 2.1.2 (HKLM\...\{DEB7295A-D00E-4D45-846C-2947E8C3F080}_is1) (Version:  - PearlMountain Soft)
PL-2303 Vista Driver Installer (HKLM\...\{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}) (Version: 3.0.1.0 - Prolific)
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Risen (HKLM\...\{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}) (Version: 1.00.0000 - Deep Silver)
Roxio Burn (HKLM\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.8.57.4 - Roxio)
Roxio Creator Starter (HKLM\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.40.0 - Roxio)
ScummVM 1.5.0 (HKLM\...\ScummVM_is1) (Version:  - The ScummVM Team)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shape Collage (HKLM\...\ShapeCollage) (Version:  - Shape Collage Inc.)
Sid Meier's Civilization IV Colonization (HKLM\...\{EF36A836-BF89-4A4F-B079-057B0C68C1E0}) (Version: 1.00 - Firaxis Games)
Sid Meier's Pirates! (HKLM\...\InstallShield_{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}) (Version: 1.00.0000 - Ihr Firmenname)
Sid Meier's Pirates! (Version: 1.00.0000 - Ihr Firmenname) Hidden
SimCity 3000 (HKLM\...\SimCity 3000) (Version:  - )
Snapseed (HKLM\...\{D5BEB842-5696-4AE8-A222-03D06384856D}) (Version: 1.2.1 - Nik Software, Inc.)
Softonic toolbar  on IE and Chrome (HKLM\...\Softonic) (Version: 1.8.21.14 - Softonic) <==== ACHTUNG
Sonic CinePlayer Decoder Pack (Version: 4.3.0 - Sonic Solutions) Hidden
System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version:  - )
TB-Logger (HKLM\...\{0A6E0A7D-0F43-4D71-849C-C3DBB03FDF72}) (Version: 1.00.0000 - Seelenreiter Software)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.01 - Ghisler Software GmbH)
Transport Tycoon Deluxe (HKLM\...\ft_Transport Tycoon Deluxe) (Version:  - )
Tropico 3: Absolute Power (HKLM\...\Tropico3) (Version: 2.01 - Kalypso Media)
VLC media player 1.1.11 (HKLM\...\VLC media player) (Version: 1.1.11 - VideoLAN)
WEB.DE MailCheck für Mozilla Firefox (HKLM\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 3.0.1.1739 - 1&1 Mail & Media GmbH)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)
Windows-Treiberpaket - Nokia Modem  (06/09/2010 7.01.0.8) (HKLM\...\E5372C32E8562C76C24DBA6525002B1031495F34) (Version: 06/09/2010 7.01.0.8 - Nokia)
Windows-Treiberpaket - Nokia Modem  (10/07/2010 4.6) (HKLM\...\6DA48AFDE796708D5A4C9121A83E7617A63A9A15) (Version: 10/07/2010 4.6 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\privat\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{3A999A50-AB25-4A20-90A9-08F71FCE320F}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\W32X86\3\HPCDMC32.DLL (HP)
CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{98087D89-B93F-4BCF-A998-AE4D9F607C14}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\W32X86\3\HPCDMC32.DLL (HP)
CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{B286F068-5B17-4AE8-989B-8F9A199C47BA}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\W32X86\3\HPCDMC32.DLL (HP)
CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {06FA2F6D-6D2F-4739-AFDF-011FCFD6B4ED} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-06-22] (Piriform Ltd)
Task: {0833FD78-E630-457E-9947-33225F0994AD} - System32\Tasks\{9B46B8A8-F2CE-4EFA-A9EA-21D54C46250D} => pcalua.exe -a C:\Users\privat\Downloads\freecol-0.10.7-installer.exe -d C:\Users\privat\Downloads
Task: {106C5547-C970-48C4-98D3-9A69E1E8217D} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell Support Center\pcdrcui.exe [2010-08-05] (PC-Doctor, Inc.)
Task: {305297D7-3F18-4448-958C-463AA931B8BC} - System32\Tasks\{432716FB-6E5B-48C0-B400-ADA1E77754EA} => pcalua.exe -a "E:\Drivers\Huawei Win Driver 3.17.00.00\DriverSetup.exe" -d "E:\Drivers\Huawei Win Driver 3.17.00.00"
Task: {31ED0145-0072-4BE0-B2F8-3E0773E4E233} - System32\Tasks\Epson Printer Software Downloader => C:\Program Files\EPSON\EPAPDL\E_SAPDL2.EXE [2009-05-26] (SEIKO EPSON CORPORATION)
Task: {3683B6EC-41DE-4347-B438-1DFB3360EC75} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe [2010-08-05] (PC-Doctor, Inc.)
Task: {47906A49-AACC-4DDE-BE34-84FA8036A59E} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-11-09] (Oracle Corporation)
Task: {53DDFE59-4F7F-452F-81BB-85BFAFC07A80} - System32\Tasks\{AC89E59D-1720-4EF5-A2AA-AEA3059E64D8} => C:\Program Files\Railroad Tycoon 3\RT3.EXE
Task: {5792CAA8-BDDF-478E-A175-683AF94919D3} - System32\Tasks\{6795A8F1-12C3-4B30-95E2-E56FF108CAB8} => pcalua.exe -a C:\Users\Chris\Downloads\Francotyp\dotnetfx35.exe -d C:\Users\Chris\Downloads\Francotyp
Task: {5C172A1C-E728-4FB2-AFA0-EAEAB9078C64} - System32\Tasks\{32694C1D-C6FD-445E-862F-98800CCC474E} => pcalua.exe -a D:\Desperados.exe -d D:\ -c -autorun
Task: {6427F481-55CF-4BFC-8EF2-51E3132043CE} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-01-07] (Microsoft Corporation)
Task: {72C7C7E6-2016-4A49-9947-A96D3708455B} - System32\Tasks\{FACA8AB1-8477-4456-85AE-07DBE1AA83B6} => C:\Spiele\Black Isle\BGII - SvA\baldur.exe
Task: {906BEC28-8275-42EE-BD7B-6725E865EE5B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {97D56506-9867-477D-B10A-80C5E2A42F1C} - System32\Tasks\{9FA1911B-70FF-4B59-AD46-7A38C41BA63A} => pcalua.exe -a C:\Users\Chris\Downloads\Francotyp\SSM-PC²\SSM-PC²_2.9.3\dotnetfx.exe -d C:\Users\Chris\Downloads\Francotyp\SSM-PC²\SSM-PC²_2.9.3
Task: {A9122413-B787-4F21-B0D1-8ACA54041341} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe [2016-02-09] (Adobe Systems Incorporated)
Task: {B680FFBC-F40E-4A0A-9E59-73C67D95A013} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {B9468491-1DD7-41F7-AB2D-C0BC34B4EE7C} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {C0E586BE-4F89-4744-AD68-FC203C7D70EE} - System32\Tasks\{BB66391B-993D-4607-AA35-975E7C3830D7} => pcalua.exe -a C:\Users\privat\Downloads\TagesSetup.exe -d "C:\Program Files\Mozilla Firefox"
Task: {CECF4D3E-CB7B-4DA8-9D83-6DC2E7336D83} - System32\Tasks\{624BB5A4-6322-4841-9017-29740BA7C313} => pcalua.exe -a D:\Setup.exe -d D:\
Task: {D1CD5220-A3B6-4926-B75A-BDA6A4914B96} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2010-08-05] ()
Task: {D8C246C0-6B69-46E0-8F2C-9AA3E87BF665} - System32\Tasks\{1EAB8755-15D3-451C-8C4A-BD15D1B399AB} => pcalua.exe -a C:\Users\Chris\Downloads\Francotyp\SSM-PC²\SSM-PC²_2.9.3\Setup.Exe -d C:\Users\Chris\Downloads\Francotyp\SSM-PC²\SSM-PC²_2.9.3
Task: {D9E449DA-6E3C-455C-A00B-8FC79791DBED} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {E3B1F8CF-6126-46AD-AC3B-C8775117E667} - System32\Tasks\Opera scheduled Autoupdate 1418247860 => C:\Program Files\Opera\launcher.exe [2016-02-01] (Opera Software)
Task: {E8702BC3-28A3-4036-BC22-5E08F68D94AE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {EC0040A7-BE93-43A4-B831-933AAD10B65B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {F6CEE181-C99B-48E7-B472-26CC0E000C8A} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\system32\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe
Task: C:\Windows\Tasks\Epson Printer Software Downloader.job => C:\Program Files\EPSON\EPAPDL\E_SAPDL2.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\Dell Support Center\uaclauncher.exeo-backgroundmon scripts\defaultscan.xml
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\Dell Support Center\pcdrcui.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-01-14 09:52 - 2013-12-06 08:00 - 00032768 _____ () C:\Windows\System32\splmk14O.DLL
2013-08-22 12:26 - 2013-08-22 12:26 - 00108544 _____ () C:\Windows\System32\zlm_AstroMSeries.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 04:46 - 2015-10-13 04:46 - 01040144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-01-28 05:03 - 2011-01-28 05:03 - 00270176 _____ () C:\ProgramData\DatacardService\HWDeviceService.exe
2012-12-19 00:00 - 2012-12-19 10:41 - 00224096 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
2012-12-19 00:00 - 2012-05-02 16:51 - 00011362 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll
2012-12-19 00:00 - 2012-05-02 16:51 - 00043008 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll
2012-12-19 00:00 - 2012-05-02 16:51 - 02415104 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll
2012-12-19 00:00 - 2012-05-02 16:51 - 01148416 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll
2011-02-10 12:05 - 2010-06-08 17:44 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-05-19 08:58 - 2009-02-27 23:39 - 00019968 _____ () C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.deu
2011-03-21 18:06 - 2009-03-12 15:45 - 00135168 ____N () C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
2011-03-21 18:06 - 2008-11-21 13:58 - 00057344 ____N () C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll
2016-02-04 13:05 - 2016-02-04 13:04 - 62319736 _____ () C:\Program Files\Opera\35.0.2066.37\opera.dll
2016-02-04 13:05 - 2016-02-04 13:03 - 02074232 _____ () C:\Program Files\Opera\35.0.2066.37\libglesv2.dll
2016-02-04 13:05 - 2016-02-04 13:03 - 00081528 _____ () C:\Program Files\Opera\35.0.2066.37\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-583576071-2610798785-2159693280-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\privat\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{3C38CCF7-702E-4CB8-9F0F-063583B21CE5}] => (Allow) C:\Program Files\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{44B096DD-0713-4CA9-823C-1847ECA6FFFA}] => (Allow) C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{B0606A41-F54E-475D-B9AC-A31B6D52A66B}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C60B7DEF-0C69-4797-A9C4-1CB93170BC55}] => (Allow) LPort=2869
FirewallRules: [{C1B020ED-762D-4FC4-91F6-2CDF212E0987}] => (Allow) LPort=1900
FirewallRules: [{290BE0B2-C46D-4E32-8EE5-7A2F13570D77}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{1AC0F625-12FF-49A8-80D8-B1C9BF4F3ADE}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe
FirewallRules: [{3D45F63A-3FDA-49DC-B21C-7369AFE16C74}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [TCP Query User{4E054D63-38F8-43E6-8964-5734EBFD0965}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{14DC5B4C-3581-4462-A607-AB2E42FEB050}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [{72E9878D-0E75-4D16-8F68-247D43DFBCB2}] => (Allow) C:\Program Files\EpsonNet\EpsonNet Setup\tool09\ENEasyApp.exe
FirewallRules: [{A05BC5AC-A497-4A9D-BB84-F6D2DA5B58EB}] => (Allow) C:\Program Files\EpsonNet\EpsonNet Setup\tool09\ENEasyApp.exe
FirewallRules: [TCP Query User{72864067-6E8E-4F1E-992D-EE2B459C9350}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{CC565558-9E3F-44B3-B6A6-5B3FA2E2C6F8}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [{B0BE42B7-89B0-4A03-9304-4350DFCBBE75}] => (Allow) C:\Program Files\Opera\opera.exe
FirewallRules: [{65A064CA-FA6B-4C45-9EEA-B9477BFBF08F}] => (Allow) C:\Program Files\Opera\opera.exe
FirewallRules: [TCP Query User{2209214F-FB63-4126-AA51-63EDED0B7EC1}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{099C7999-1BCE-41F0-A4BD-E05C357D11BD}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{502B46D3-DE80-4545-AE55-CCEDEEC70760}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{CB9D4E65-5D32-4C63-A5E6-DDD749FEA1C8}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{1EE0DBA3-1F76-4866-B1B4-3B8F13190D87}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [UDP Query User{B992EE84-3205-45A6-8B03-2588478CEC4C}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [{CC47A10B-8AFF-4277-86C6-942636607F2B}] => (Allow) C:\Program Files\Ubisoft\DIE SIEDLER - Aufstieg eines Königreichs\base\bin\Settlers6.exe
FirewallRules: [{2D1653DE-5270-4CF1-B49B-399F4632D9C0}] => (Allow) C:\Program Files\Ubisoft\DIE SIEDLER - Aufstieg eines Königreichs\base\bin\Settlers6.exe
FirewallRules: [{D3EE7C81-2420-4E04-BA73-5DF577FF4C64}] => (Allow) C:\Users\privat\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{B13429D1-CB1F-4DA1-83F8-1914AB8A0E15}] => (Allow) C:\Users\privat\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{E3EF4AD6-237A-496D-8C7E-77224B490224}C:\users\privat\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\privat\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{DD4B8ADE-9311-4B6A-A3D5-0E8DD1EECE16}C:\users\privat\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\privat\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{0AF52037-981E-4BE4-B347-2FBEAB0B29DD}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe
FirewallRules: [UDP Query User{78E1F88C-F4F3-4BF4-A348-EBF3E3B15AEA}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe
FirewallRules: [TCP Query User{FCBE8810-6AF2-4F0A-84DB-55AA6DAC1443}C:\program files\microsoft games\age of empires ii\empires2.exe] => (Block) C:\program files\microsoft games\age of empires ii\empires2.exe
FirewallRules: [UDP Query User{EB009E32-192A-4DF1-882F-C4233FDDEC3D}C:\program files\microsoft games\age of empires ii\empires2.exe] => (Block) C:\program files\microsoft games\age of empires ii\empires2.exe
FirewallRules: [{17463ADF-BA96-4C5E-899C-1601D47E2727}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{037F7F0B-A9E4-42F8-A3A1-6CC3EBB19222}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DBECFA57-8DF9-41B2-8498-16D7F62CC1D5}] => (Allow) C:\Program Files\nokia\nokia suite\nokiasuite.exe
FirewallRules: [TCP Query User{5D96BB2B-D88B-4CCE-8C9B-E1C75DAB932B}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [UDP Query User{8A0B0BE5-6DF6-4CAF-81CC-9795EC3C02AD}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [TCP Query User{5B78E45C-8A86-4715-9F6C-EC9CB92FE479}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [UDP Query User{FE52BCC7-B2A3-46B6-BDBE-FDEC371F87E5}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [TCP Query User{20F703AE-2A27-49A6-8C81-AAB5FF0276BE}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [UDP Query User{7BBDCE2C-3C36-45DE-9C70-EF5442EE0811}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [TCP Query User{7041B9BF-BF63-4E58-AEBE-13EB105972A4}C:\program files\onone software\perfect effects 4\perfect effects 4.exe] => (Allow) C:\program files\onone software\perfect effects 4\perfect effects 4.exe
FirewallRules: [UDP Query User{AC0B7146-3890-43F8-984D-7ECA353BAC65}C:\program files\onone software\perfect effects 4\perfect effects 4.exe] => (Allow) C:\program files\onone software\perfect effects 4\perfect effects 4.exe
FirewallRules: [TCP Query User{BE488148-EB2A-4243-95DC-842E5397AA7E}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [UDP Query User{2695B1F1-7F82-4650-B210-17851DC6B263}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [{80BE2064-51E8-4C05-840C-B904A274945D}] => (Allow) C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization IV Colonization\Colonization.exe
FirewallRules: [{29B9E2B6-05B0-4C06-B70D-DCB3F226E8BB}] => (Allow) C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization IV Colonization\Colonization.exe
FirewallRules: [TCP Query User{F410B639-5D80-4B30-99B7-A89888DB4C0C}C:\program files\electronic arts\eadm\core.exe] => (Allow) C:\program files\electronic arts\eadm\core.exe
FirewallRules: [UDP Query User{D4F17FD8-601A-49EA-8437-35D3775DAC62}C:\program files\electronic arts\eadm\core.exe] => (Allow) C:\program files\electronic arts\eadm\core.exe
FirewallRules: [TCP Query User{4A5DC1A0-88F5-4A5D-B2C5-8ADEA5C22CE0}C:\program files\electronic arts\eadm\core.exe] => (Block) C:\program files\electronic arts\eadm\core.exe
FirewallRules: [UDP Query User{C8CC75B5-ED27-4B58-A4B8-198263C44A8F}C:\program files\electronic arts\eadm\core.exe] => (Block) C:\program files\electronic arts\eadm\core.exe
FirewallRules: [TCP Query User{F59809A6-A9E2-44A9-834A-4558E763D0B9}C:\program files\onone software\perfect effects 4\perfect effects 4.exe] => (Allow) C:\program files\onone software\perfect effects 4\perfect effects 4.exe
FirewallRules: [UDP Query User{1F91DFAB-B552-4DE3-9951-DAB1F7111844}C:\program files\onone software\perfect effects 4\perfect effects 4.exe] => (Allow) C:\program files\onone software\perfect effects 4\perfect effects 4.exe
FirewallRules: [TCP Query User{7742D69F-F040-48FF-91CD-3DEDB71BF335}C:\program files\memjet\m series driver\toolbox\usb2http.exe] => (Allow) C:\program files\memjet\m series driver\toolbox\usb2http.exe
FirewallRules: [UDP Query User{5E91F9CF-ACC6-4D96-868C-DA6612C5DC67}C:\program files\memjet\m series driver\toolbox\usb2http.exe] => (Allow) C:\program files\memjet\m series driver\toolbox\usb2http.exe
FirewallRules: [TCP Query User{FCB67176-167B-46EC-912D-BF0558389E75}C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\bin\settlershok.exe] => (Allow) C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\bin\settlershok.exe
FirewallRules: [UDP Query User{F935B6B0-23A4-4708-9EBC-03C46BEE021C}C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\bin\settlershok.exe] => (Allow) C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\bin\settlershok.exe
FirewallRules: [TCP Query User{D650801F-1A42-4E33-AF26-0FE2CBE3EC4D}C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\extra1\bin\settlershok.exe] => (Block) C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\extra1\bin\settlershok.exe
FirewallRules: [UDP Query User{975EA1D6-8B3F-4162-B1CC-9C027911B38E}C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\extra1\bin\settlershok.exe] => (Block) C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\extra1\bin\settlershok.exe
FirewallRules: [{ED91245C-E5D4-450B-B728-F92B83C2AD03}] => (Allow) C:\Program Files\fotokasten comfort\Loader.exe
FirewallRules: [{E5B7E9F0-1676-4A3A-A109-E3F7B01C7BB6}] => (Allow) C:\Program Files\fotokasten comfort\Loader.exe
FirewallRules: [{A901D81D-AC94-4362-B2BE-D22F967E52A1}] => (Allow) C:\Program Files\fotokasten comfort\Loader.exe
FirewallRules: [{AA7E2350-244C-45B6-959E-DF330D5A3A49}] => (Allow) C:\Program Files\fotokasten comfort\Loader.exe
FirewallRules: [{FE68019C-9EF3-4589-B6FC-295543D050DD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{91330218-F13B-49E8-98D8-7C1BE66CFC36}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3B3674F8-FD09-4E15-B14A-D826AA47888A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{600CF4EB-D0D9-4ECA-BC82-82159D0079DB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{15B905FC-11C5-4596-81DE-600FE7C157DE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{BB3AC775-3CC8-452D-BEE0-A94691721D25}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{2CA81FCE-C86F-4C3F-BFBD-0F93D5589729}] => (Allow) C:\Program Files\iTunes\iTunes.exe

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Dell Wireless 1702 Bluetooth v3.0+HS
Description: Dell Wireless 1702 Bluetooth v3.0+HS
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/10/2016 02:35:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 512447

Error: (02/10/2016 02:35:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 512447

Error: (02/10/2016 02:35:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/10/2016 02:27:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8205

Error: (02/10/2016 02:27:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8205

Error: (02/10/2016 02:27:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/10/2016 02:27:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7067

Error: (02/10/2016 02:27:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7067

Error: (02/10/2016 02:27:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/10/2016 02:27:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6068


Systemfehler:
=============
Error: (02/10/2016 10:14:13 AM) (Source: DCOM) (EventID: 10000) (User: )
Description: "C:\Program Files\Adobe\Acrobat Reader DC\AcroRd32Info.exe" /PDFShell -Embedding2{98D9A6F1-4696-4B5E-A2E8-36B3F9C1E12C}

Error: (02/10/2016 05:17:59 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (02/10/2016 04:20:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Internet Manager. OUC" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (02/10/2016 04:20:01 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Internet Manager. OUC erreicht.

Error: (02/10/2016 04:16:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Internet Manager. OUC" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (02/10/2016 04:16:52 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Internet Manager. OUC erreicht.

Error: (02/10/2016 04:12:34 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f0902 fehlgeschlagen: Update für Windows 7 (KB3123862)

Error: (02/10/2016 04:12:32 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 1.213.5692.0

	Aktualisierungsquelle: %NT-AUTORITÄT59

	Aktualisierungsphase: 4.8.0204.00

	Quellpfad: 4.8.0204.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\SYSTEM

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (02/10/2016 04:12:32 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 1.213.5692.0

	Aktualisierungsquelle: %NT-AUTORITÄT59

	Aktualisierungsphase: 4.8.0204.00

	Quellpfad: 4.8.0204.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\SYSTEM

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (02/10/2016 03:36:13 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU T6670 @ 2.20GHz
Prozentuale Nutzung des RAM: 64%
Installierter physikalischer RAM: 3036.36 MB
Verfügbarer physikalischer RAM: 1085.12 MB
Summe virtueller Speicher: 6071.04 MB
Verfügbarer virtueller Speicher: 3784.52 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:283.4 GB) (Free:2.65 GB) NTFS
Drive d: (Disc 2) (CDROM) (Total:0.34 GB) (Free:0 GB) CDFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 11121702)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=283.4 GB) - (Type=07 NTFS)

==================== Ende vom Addition.txt ============================
         

Ich hoffe, ihr könnt mir weiterhelfen. Vielen Dank im Voraus...Chris

Alt 10.02.2016, 14:37   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt - Standard

Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt



Moin

Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 10.02.2016, 19:23   #3
duat
 
Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt - Standard

Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt



Danke für die schnelle Antwort.

Der Scan hat ganz schön lange gedauert, hat aber 2 Sachen gefunden:

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.02.10.04
  rootkit: v2016.02.08.01

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.18204
privat :: CHRIS-PC [administrator]

10.02.2016 16:49:18
mbar-log-2016-02-10 (16-49-18).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 450943
Time elapsed: 3 hour(s), 19 minute(s), 46 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Guiqmex (Virus.Expiro) -> Data: C:\Users\privat\AppData\Roaming\Bayd\noyr.exe -> Delete on reboot. [e92379e628711d19d2096352986835cb]

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\privat\AppData\Roaming\Bayd\noyr.exe (Virus.Expiro) -> Delete on reboot. [e92379e628711d19d2096352986835cb]

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
__________________

Alt 10.02.2016, 22:05   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt - Standard

Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt



MBAR bitte wiederholen bis es nix mehr findet
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 11.02.2016, 07:36   #5
duat
 
Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt - Standard

Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt



2. Scan:

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.02.10.05
  rootkit: v2016.02.08.01

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.18204
privat :: CHRIS-PC [administrator]

10.02.2016 20:26:21
mbar-log-2016-02-10 (20-26-21).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 450502
Time elapsed: 4 hour(s), 15 minute(s), 35 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         


Alt 11.02.2016, 08:04   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt - Standard

Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt



Ok, ein Check mit TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
--> Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt

Alt 11.02.2016, 08:26   #7
duat
 
Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt - Standard

Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt



Code:
ATTFilter
09:23:44.0356 0x04dc  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
09:23:52.0956 0x04dc  ============================================================
09:23:52.0957 0x04dc  Current date / time: 2016/02/11 09:23:52.0956
09:23:52.0957 0x04dc  SystemInfo:
09:23:52.0957 0x04dc  
09:23:52.0957 0x04dc  OS Version: 6.1.7601 ServicePack: 1.0
09:23:52.0957 0x04dc  Product type: Workstation
09:23:52.0957 0x04dc  ComputerName: CHRIS-PC
09:23:52.0957 0x04dc  UserName: privat
09:23:52.0957 0x04dc  Windows directory: C:\Windows
09:23:52.0957 0x04dc  System windows directory: C:\Windows
09:23:52.0957 0x04dc  Processor architecture: Intel x86
09:23:52.0957 0x04dc  Number of processors: 2
09:23:52.0957 0x04dc  Page size: 0x1000
09:23:52.0957 0x04dc  Boot type: Normal boot
09:23:52.0958 0x04dc  ============================================================
09:23:54.0210 0x04dc  KLMD registered as C:\Windows\system32\drivers\15082493.sys
09:23:56.0008 0x04dc  System UUID: {0ABAEB6E-E6E6-B8EA-CE03-EFEA5470A469}
09:23:57.0340 0x04dc  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:23:57.0343 0x04dc  ============================================================
09:23:57.0343 0x04dc  \Device\Harddisk0\DR0:
09:23:57.0343 0x04dc  MBR partitions:
09:23:57.0343 0x04dc  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000
09:23:57.0343 0x04dc  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D5F9C5, BlocksNum 0x236CE8EB
09:23:57.0343 0x04dc  ============================================================
09:23:57.0364 0x04dc  C: <-> \Device\Harddisk0\DR0\Partition2
09:23:57.0365 0x04dc  ============================================================
09:23:57.0365 0x04dc  Initialize success
09:23:57.0365 0x04dc  ============================================================
09:24:14.0104 0x0e6c  ============================================================
09:24:14.0104 0x0e6c  Scan started
09:24:14.0104 0x0e6c  Mode: Manual; 
09:24:14.0104 0x0e6c  ============================================================
09:24:14.0104 0x0e6c  KSN ping started
09:24:16.0576 0x0e6c  KSN ping finished: true
09:24:17.0877 0x0e6c  ================ Scan system memory ========================
09:24:17.0877 0x0e6c  System memory - ok
09:24:17.0878 0x0e6c  ================ Scan services =============================
09:24:18.0330 0x0e6c  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
09:24:18.0339 0x0e6c  1394ohci - ok
09:24:18.0442 0x0e6c  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
09:24:18.0450 0x0e6c  ACPI - ok
09:24:18.0544 0x0e6c  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
09:24:18.0547 0x0e6c  AcpiPmi - ok
09:24:18.0723 0x0e6c  [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
09:24:18.0728 0x0e6c  AdobeARMservice - ok
09:24:18.0878 0x0e6c  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
09:24:18.0913 0x0e6c  adp94xx - ok
09:24:19.0017 0x0e6c  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
09:24:19.0031 0x0e6c  adpahci - ok
09:24:19.0048 0x0e6c  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
09:24:19.0057 0x0e6c  adpu320 - ok
09:24:19.0371 0x0e6c  adxapie - ok
09:24:19.0446 0x0e6c  [ 39AEAECE9F42407F176FE130D790BFBE, 19010DF87BDC1884268098CC04B4B15ECB710C94054A57157C0F9B7A795BDB28 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
09:24:19.0450 0x0e6c  AeLookupSvc - ok
09:24:19.0503 0x0e6c  [ 93B49FA857F7036A4EFF32371F6E7391, B9B2867D9A80E7F028E9D7C6ABCB9EC5198ACE28CEE101C5A846666B356B2843 ] AFD             C:\Windows\system32\drivers\afd.sys
09:24:19.0655 0x0e6c  AFD - ok
09:24:19.0719 0x0e6c  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
09:24:19.0723 0x0e6c  agp440 - ok
09:24:19.0758 0x0e6c  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
09:24:19.0763 0x0e6c  aic78xx - ok
09:24:19.0792 0x0e6c  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
09:24:19.0796 0x0e6c  ALG - ok
09:24:19.0837 0x0e6c  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
09:24:19.0839 0x0e6c  aliide - ok
09:24:19.0864 0x0e6c  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
09:24:19.0870 0x0e6c  amdagp - ok
09:24:19.0904 0x0e6c  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
09:24:19.0907 0x0e6c  amdide - ok
09:24:19.0926 0x0e6c  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
09:24:19.0930 0x0e6c  AmdK8 - ok
09:24:19.0940 0x0e6c  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
09:24:19.0944 0x0e6c  AmdPPM - ok
09:24:19.0989 0x0e6c  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
09:24:19.0997 0x0e6c  amdsata - ok
09:24:20.0015 0x0e6c  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
09:24:20.0023 0x0e6c  amdsbs - ok
09:24:20.0071 0x0e6c  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
09:24:20.0073 0x0e6c  amdxata - ok
09:24:20.0150 0x0e6c  [ E8A8E6072CB7E2032E85E7735DAA511F, 4FA1A2343CE53B5D69DA4BB375E00E87107E12736E4CFB82F6209ADA7A7AF720 ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
09:24:20.0162 0x0e6c  ApfiltrService - ok
09:24:20.0214 0x0e6c  [ FE4F2ADE5DBB3B888E9EB0A1FBA1F152, B17053A912C73835A2E80176D79885B530E15240B988125114B6B877C903D61C ] AppID           C:\Windows\system32\drivers\appid.sys
09:24:20.0248 0x0e6c  AppID - ok
09:24:20.0312 0x0e6c  [ A4DA304773AC1396792C5DE1D1EB601A, ECD23FF67FB1C4B94DBE23F6724E2DA0917CE0E479DE9C9F790A8635A2234950 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
09:24:20.0340 0x0e6c  AppIDSvc - ok
09:24:20.0421 0x0e6c  [ 133A7896E643D139443B47FDBFA327C7, 371FC602B531DF1EFDCEEC3A2F5497A0D0BE7F558B0583F572862C69A65BD454 ] Appinfo         C:\Windows\System32\appinfo.dll
09:24:20.0424 0x0e6c  Appinfo - ok
09:24:20.0497 0x0e6c  [ BB6093AD659360CB350F4E84B445F36D, 16E16AD8E58C3777E2C858C8223BEB3CC9999E6FDCD23A0013C39AAADC54193C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:24:20.0503 0x0e6c  Apple Mobile Device - ok
09:24:20.0568 0x0e6c  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
09:24:20.0576 0x0e6c  AppMgmt - ok
09:24:20.0589 0x0e6c  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\DRIVERS\arc.sys
09:24:20.0593 0x0e6c  arc - ok
09:24:20.0662 0x0e6c  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
09:24:20.0667 0x0e6c  arcsas - ok
09:24:20.0810 0x0e6c  [ 4170FD789CDDE8767972C7C87E6B3400, 36403DF991F451A2A539B7C9BBF1310768701F68AC5EFFA1E5EE0C07A427E5ED ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
09:24:20.0954 0x0e6c  aspnet_state - ok
09:24:20.0996 0x0e6c  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
09:24:20.0999 0x0e6c  AsyncMac - ok
09:24:21.0049 0x0e6c  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
09:24:21.0052 0x0e6c  atapi - ok
09:24:21.0106 0x0e6c  [ 61361A8A62A193C339DACB341D246E63, EB2F82E6F1F73450A9DECA90286D2A7237FCD79A6E81F2FCF8C0020FB59A04F6 ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
09:24:21.0109 0x0e6c  AthBTPort - ok
09:24:21.0191 0x0e6c  [ A6307F356D778E18A76E7783EF98C6AA, BD8326AA08B669517BDB54BAF53E6D3D6AFFE69359C67EF857114587A9064BA6 ] Atheros Bt&Wlan Coex Agent C:\Program Files\Dell Wireless\Ath_CoexAgent.exe
09:24:21.0336 0x0e6c  Atheros Bt&Wlan Coex Agent - ok
09:24:21.0401 0x0e6c  [ 183C82F856157F64BC377C100786E10C, 537D31D4F894C3A22699D959BD8D1677483E4255D50449679239CE9D2625D3E2 ] AtherosSvc      C:\Program Files\Dell Wireless\Bluetooth Suite\adminservice.exe
09:24:21.0404 0x0e6c  AtherosSvc - ok
09:24:21.0540 0x0e6c  [ C8BB2E935A5D195692140E795EA9AC14, 09B6A049E6A45673E43F733C03B1CAAD9C87B040ABE00AABAF3F651CB3D5AFD7 ] athr            C:\Windows\system32\DRIVERS\athr.sys
09:24:21.0646 0x0e6c  athr - ok
09:24:21.0706 0x0e6c  [ 70F72C50D39F5AFA76C17F86223A7C4F, 9C16BAB657BB399ACE84666E981BD3913E16E21A19DE0693B32AD4AC6A547B62 ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
09:24:21.0839 0x0e6c  atksgt - ok
09:24:21.0957 0x0e6c  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:24:22.0003 0x0e6c  AudioEndpointBuilder - ok
09:24:22.0029 0x0e6c  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
09:24:22.0047 0x0e6c  Audiosrv - ok
09:24:22.0133 0x0e6c  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
09:24:22.0139 0x0e6c  AxInstSV - ok
09:24:22.0207 0x0e6c  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
09:24:22.0275 0x0e6c  b06bdrv - ok
09:24:22.0308 0x0e6c  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
09:24:22.0319 0x0e6c  b57nd60x - ok
09:24:22.0429 0x0e6c  [ 0D1EA7509F394D8B705B239EE71F5118, 3F6EA4AC573460D19B40B772CBC85212381191BE2829F19C86AEBA267E614554 ] BBSvc           C:\Program Files\Microsoft\BingBar\BBSvc.EXE
09:24:22.0438 0x0e6c  BBSvc - ok
09:24:22.0469 0x0e6c  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
09:24:22.0474 0x0e6c  BDESVC - ok
09:24:22.0486 0x0e6c  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
09:24:22.0488 0x0e6c  Beep - ok
09:24:22.0548 0x0e6c  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
09:24:22.0570 0x0e6c  BFE - ok
09:24:22.0661 0x0e6c  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
09:24:22.0691 0x0e6c  BITS - ok
09:24:22.0727 0x0e6c  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
09:24:22.0729 0x0e6c  blbdrive - ok
09:24:22.0767 0x0e6c  [ 70CD6D71FC48BBBD1385D7B35AEADECC, B4F899D3072F4B6CAA9FFED8FD805EC8FB6B5BCF29875553FBBF3B90D3DAA4DF ] BMLoad          C:\Windows\system32\drivers\BMLoad.sys
09:24:22.0827 0x0e6c  BMLoad - ok
09:24:22.0914 0x0e6c  [ 5EA9C80F18CBC393EA7D9A2991DED4B5, 7E5EB1CE44FEBE93686174058D51581FA00BDFF0EBB84BD74BC08F6386019253 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:24:22.0947 0x0e6c  Bonjour Service - ok
09:24:23.0004 0x0e6c  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
09:24:23.0008 0x0e6c  bowser - ok
09:24:23.0017 0x0e6c  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:24:23.0020 0x0e6c  BrFiltLo - ok
09:24:23.0027 0x0e6c  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:24:23.0032 0x0e6c  BrFiltUp - ok
09:24:23.0074 0x0e6c  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
09:24:23.0078 0x0e6c  Browser - ok
09:24:23.0090 0x0e6c  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
09:24:23.0098 0x0e6c  Brserid - ok
09:24:23.0106 0x0e6c  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
09:24:23.0109 0x0e6c  BrSerWdm - ok
09:24:23.0115 0x0e6c  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
09:24:23.0117 0x0e6c  BrUsbMdm - ok
09:24:23.0123 0x0e6c  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
09:24:23.0125 0x0e6c  BrUsbSer - ok
09:24:23.0184 0x0e6c  [ BD9724F2E85F2F3E5B768121D4CF481E, 3EF2AC0B37E0B777E96CAD646FE0F5142F2585A3275909205FBB0690E5537CB8 ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
09:24:23.0191 0x0e6c  BTATH_A2DP - ok
09:24:23.0229 0x0e6c  [ 3D58BED2BFA9EC2F060811B8F5EF1D3B, A14EFFB0888AAF525A426C76D37767C60899FDABD0AEAAD8BC35A19F122E3ABB ] BTATH_BUS       C:\Windows\system32\DRIVERS\btath_bus.sys
09:24:23.0232 0x0e6c  BTATH_BUS - ok
09:24:23.0266 0x0e6c  [ C1D73E8E7570F8BBD27A034F8E3F890B, 847700952766436808CEA0EBB9FD7E7E8B11054BC8FB9FB0749161187E141EFA ] BTATH_HCRP      C:\Windows\system32\DRIVERS\btath_hcrp.sys
09:24:23.0274 0x0e6c  BTATH_HCRP - ok
09:24:23.0292 0x0e6c  [ 5352DD2BCE2675F40C19924AEE25D003, 2061C6FC1A68B255E0BD6BCC14839A7E3C8A6FA97EFF5008F99F48872FBC8DA3 ] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys
09:24:23.0296 0x0e6c  BTATH_LWFLT - ok
09:24:23.0326 0x0e6c  [ 954678976BBACCAB3F7D7ACE875AA193, C5A68BCC06566D2DA8AC898ACE9F8F43C574C1B57B7E8AACFA4BF4D14F9B28C3 ] BTATH_RCP       C:\Windows\system32\DRIVERS\btath_rcp.sys
09:24:23.0333 0x0e6c  BTATH_RCP - ok
09:24:23.0393 0x0e6c  [ 621805F2003FC5E6E758F3ED59BEF7EE, 8E7CC77BB4D4EF89A1AB8CF41AA9F0B6FA36EDEA29FF89A85F1F45616C374597 ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
09:24:23.0405 0x0e6c  BtFilter - ok
09:24:23.0470 0x0e6c  [ 2865A5C8E98C70C605F417908CEBB3A4, B1C5AC228BD7072AF8668C009C6CDC13EE9FCB9481F57524300F37C40BF1E935 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
09:24:23.0473 0x0e6c  BthEnum - ok
09:24:23.0503 0x0e6c  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
09:24:23.0507 0x0e6c  BTHMODEM - ok
09:24:23.0536 0x0e6c  [ AD1872E5829E8A2C3B5B4B641C3EAB0E, 8C2DBCAC08DDB41E2B44E257C55FA2D0272959B308EFF9EAF5FF9AE1E4A0AA39 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
09:24:23.0541 0x0e6c  BthPan - ok
09:24:23.0590 0x0e6c  [ 1153DE2E4F5941E10C399CB5592F78A1, 2B88AF246D62F72FA9F5B921B0375AE59A0F263672472D5EC9FDB5CA5EF51C31 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
09:24:23.0647 0x0e6c  BTHPORT - ok
09:24:23.0709 0x0e6c  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
09:24:23.0714 0x0e6c  bthserv - ok
09:24:23.0739 0x0e6c  [ C81E9413A25A439F436B1D4B6A0CF9E9, A4C290163207AED22C70C7F90B28F6FC24892889643D60D915059405AC5A4A72 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
09:24:23.0743 0x0e6c  BTHUSB - ok
09:24:23.0799 0x0e6c  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
09:24:23.0803 0x0e6c  cdfs - ok
09:24:23.0852 0x0e6c  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
09:24:23.0858 0x0e6c  cdrom - ok
09:24:23.0887 0x0e6c  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
09:24:23.0891 0x0e6c  CertPropSvc - ok
09:24:23.0932 0x0e6c  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
09:24:23.0936 0x0e6c  circlass - ok
09:24:23.0998 0x0e6c  [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS            C:\Windows\system32\CLFS.sys
09:24:24.0010 0x0e6c  CLFS - ok
09:24:24.0141 0x0e6c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:24:24.0147 0x0e6c  clr_optimization_v2.0.50727_32 - ok
09:24:24.0229 0x0e6c  [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:24:24.0319 0x0e6c  clr_optimization_v4.0.30319_32 - ok
09:24:24.0334 0x0e6c  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
09:24:24.0337 0x0e6c  CmBatt - ok
09:24:24.0373 0x0e6c  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
09:24:24.0376 0x0e6c  cmdide - ok
09:24:24.0432 0x0e6c  [ 780FFC005741C9316576086155E55F56, D863E5657F1468410BBDD657D5EA8A2FDDB70FED459CDE3178CB8FDB910058EC ] CNG             C:\Windows\system32\Drivers\cng.sys
09:24:24.0464 0x0e6c  CNG - ok
09:24:24.0568 0x0e6c  [ AE7C11564ECDE146CA5FE35E07CC227E, D9449251DF3EE239DC78F11196EE0F3A49960FBC1DF464D4304733FAD71EA5DA ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT32.sys
09:24:24.0615 0x0e6c  CnxtHdAudService - ok
09:24:24.0674 0x0e6c  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
09:24:24.0677 0x0e6c  Compbatt - ok
09:24:24.0725 0x0e6c  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
09:24:24.0729 0x0e6c  CompositeBus - ok
09:24:24.0737 0x0e6c  COMSysApp - ok
09:24:24.0759 0x0e6c  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
09:24:24.0762 0x0e6c  crcdisk - ok
09:24:24.0826 0x0e6c  [ 33F67BBCC3C0499D3F3382473114CFA8, FDDCC41CE005B7C1BEBB6F4ACA9A3F10E5972792ADFD7D294E70A0B781460981 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
09:24:24.0832 0x0e6c  CryptSvc - ok
09:24:24.0870 0x0e6c  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
09:24:24.0882 0x0e6c  CSC - ok
09:24:24.0968 0x0e6c  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
09:24:24.0986 0x0e6c  CscService - ok
09:24:25.0030 0x0e6c  [ 0F538DF1673E5216F3BAACB6911D9D0F, 640A0BA1F897E7F927A01E44408202EF4884D2FE68E4CCB185F315D2B6F2E262 ] CtAudDrv        C:\Windows\system32\Drivers\CtAudDrv.sys
09:24:25.0034 0x0e6c  CtAudDrv - ok
09:24:25.0081 0x0e6c  [ CEBA8413F9B2C73A4E9E16DBD127DC25, DE8C8F3ACD21224192B7551A8FCD33AF69FB7DE29AFF4EDE00E54FA6D19026B8 ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys
09:24:25.0086 0x0e6c  CtClsFlt - ok
09:24:25.0120 0x0e6c  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
09:24:25.0132 0x0e6c  DcomLaunch - ok
09:24:25.0166 0x0e6c  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
09:24:25.0173 0x0e6c  defragsvc - ok
09:24:25.0189 0x0e6c  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
09:24:25.0192 0x0e6c  DfsC - ok
09:24:25.0258 0x0e6c  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
09:24:25.0271 0x0e6c  Dhcp - ok
09:24:25.0421 0x0e6c  [ 0A3386E3CF9C5D089D695AC5A35F4C6F, D610071493EB95FCE39E24C457A0B5BBA131193159E43FDC1E8EDABB9C7AB81A ] DiagTrack       C:\Windows\system32\diagtrack.dll
09:24:25.0491 0x0e6c  DiagTrack - ok
09:24:25.0510 0x0e6c  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
09:24:25.0513 0x0e6c  discache - ok
09:24:25.0573 0x0e6c  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
09:24:25.0577 0x0e6c  Disk - ok
09:24:25.0622 0x0e6c  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
09:24:25.0629 0x0e6c  Dnscache - ok
09:24:25.0666 0x0e6c  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
09:24:25.0679 0x0e6c  dot3svc - ok
09:24:25.0779 0x0e6c  [ B5E479EB83707DD698F66953E922042C, 82891A4699F180A20EB25A0EC49A7E008B007A374BAA3279483AC1C95D125FE8 ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
09:24:25.0788 0x0e6c  Dot4 - ok
09:24:25.0833 0x0e6c  [ CAEFD09B6A6249C53A67D55A9A9FCABF, A76C951EA8A830E5BA22D8D393A946BBAEEDB76478539F647E58199B383F786B ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
09:24:25.0835 0x0e6c  Dot4Print - ok
09:24:25.0862 0x0e6c  [ CF491FF38D62143203C065260567E2F7, 4315FD8FC88CF627EBE469A2DF0F280B17C95D3004FC7A93D6F8E47F0D91A037 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
09:24:25.0865 0x0e6c  dot4usb - ok
09:24:25.0900 0x0e6c  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
09:24:25.0934 0x0e6c  DPS - ok
09:24:25.0978 0x0e6c  [ A3F684B866A7D89AE396276CE7AFD416, 1E4C034B7B106FA403B13842A199D88A33B492A577B58CDDAE0B4706266B9565 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
09:24:25.0999 0x0e6c  drmkaud - ok
09:24:26.0079 0x0e6c  [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
09:24:26.0181 0x0e6c  DXGKrnl - ok
09:24:26.0291 0x0e6c  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
09:24:26.0297 0x0e6c  EapHost - ok
09:24:26.0470 0x0e6c  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
09:24:26.0630 0x0e6c  ebdrv - ok
09:24:26.0691 0x0e6c  [ 7884C1EDF5BD21749C206E8C4B5DB409, 620638756A5EE6EA933A7A4C94E7DD2537E2A7345BBEFF72D28271C0174D10A2 ] EFS             C:\Windows\System32\lsass.exe
09:24:26.0753 0x0e6c  EFS - ok
09:24:26.0841 0x0e6c  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
09:24:26.0887 0x0e6c  ehRecvr - ok
09:24:26.0921 0x0e6c  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
09:24:26.0926 0x0e6c  ehSched - ok
09:24:26.0968 0x0e6c  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
09:24:27.0014 0x0e6c  elxstor - ok
09:24:27.0129 0x0e6c  [ ABDD5AD016AFFD34AD40E944CE94BF59, 61089124CD8FEA31142CD4D3C47224A6310B9BE7B7FA974956D9EDDAD4381503 ] EpsonBidirectionalService C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
09:24:27.0134 0x0e6c  EpsonBidirectionalService - ok
09:24:27.0314 0x0e6c  [ EC6A73CD8413F68655E5E0B99C415A21, 5F56B211E854B316A0512091D9EE5A10199EEF619712B8645A2034165253F2A0 ] EPSON_EB_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
09:24:27.0322 0x0e6c  EPSON_EB_RPCV4_01 - ok
09:24:27.0376 0x0e6c  [ 8FE6AB59CAB8F2C038FEA9522A5EEBA7, 539C4257DE460F881DAFAD4FD83C216363B558FDD06AE6779FBBCC2B84BCCF56 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
09:24:27.0382 0x0e6c  EPSON_PM_RPCV4_01 - ok
09:24:27.0418 0x0e6c  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
09:24:27.0420 0x0e6c  ErrDev - ok
09:24:27.0511 0x0e6c  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
09:24:27.0525 0x0e6c  EventSystem - ok
09:24:27.0626 0x0e6c  [ 026F6D48CC5293C7B8A696376618B9D2, 850B95FB6A8C8FD7B7F0B5BCE20DDD737CAC31E2A69D8CE7CBA287494492505D ] ewusbmbb        C:\Windows\system32\DRIVERS\ewusbwwan.sys
09:24:27.0658 0x0e6c  ewusbmbb - ok
09:24:27.0742 0x0e6c  [ 57C171EA22F0A7F068FCB0CAEDD1E8E7, 9AAF39AA22372FB8582C1422581C08E61444BF843E1CE2E199EB00FBEA6F9C06 ] ew_hwusbdev     C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
09:24:27.0748 0x0e6c  ew_hwusbdev - ok
09:24:27.0805 0x0e6c  [ 61A973F60E94A551BA7B15F3460444FB, FC2FB69978D99D75673AFE9F08176F3139DCBAEDE4D339BD09DA29CD3EC01005 ] ew_usbenumfilter C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys
09:24:27.0807 0x0e6c  ew_usbenumfilter - ok
09:24:27.0836 0x0e6c  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
09:24:27.0844 0x0e6c  exfat - ok
09:24:27.0884 0x0e6c  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
09:24:27.0892 0x0e6c  fastfat - ok
09:24:27.0956 0x0e6c  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
09:24:28.0002 0x0e6c  Fax - ok
09:24:28.0034 0x0e6c  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
09:24:28.0038 0x0e6c  fdc - ok
09:24:28.0058 0x0e6c  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
09:24:28.0062 0x0e6c  fdPHost - ok
09:24:28.0078 0x0e6c  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
09:24:28.0082 0x0e6c  FDResPub - ok
09:24:28.0092 0x0e6c  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
09:24:28.0096 0x0e6c  FileInfo - ok
09:24:28.0145 0x0e6c  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
09:24:28.0146 0x0e6c  Filetrace - ok
09:24:28.0222 0x0e6c  [ F76D04F7413B07DAA029F6520B64B4E8, 3EB13C0EFE737880853FB8952381E7A57723F9472E0E4ED7CDA8A0D7DE8DC90D ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
09:24:28.0269 0x0e6c  FLEXnet Licensing Service - ok
09:24:28.0315 0x0e6c  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
09:24:28.0317 0x0e6c  flpydisk - ok
09:24:28.0349 0x0e6c  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
09:24:28.0359 0x0e6c  FltMgr - ok
09:24:28.0449 0x0e6c  [ 23D3F12CA9DEB6EF02DEDC621EC661AC, AA3718715ADFE1666757BCD79D5A8DC591C2C5185802F51A27C119C4C30F360A ] FontCache       C:\Windows\system32\FntCache.dll
09:24:28.0623 0x0e6c  FontCache - ok
09:24:28.0758 0x0e6c  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:24:28.0760 0x0e6c  FontCache3.0.0.0 - ok
09:24:28.0813 0x0e6c  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
09:24:28.0817 0x0e6c  FsDepends - ok
09:24:28.0878 0x0e6c  [ BFAAA92861526BB0ADCD01E964AB6609, 5C0B7BAEF04F20C45897CE88559D4B5664121475EFD2489F3D89191DCFC7C8ED ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
09:24:28.0882 0x0e6c  fssfltr - ok
09:24:29.0017 0x0e6c  [ 40CDFAD174B3D5E80F95DDA003C0B97F, 2DA149CE42B87681ECDCC8905D0957443F430A9C7002FF78F22A95F9112A7C4C ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe
09:24:29.0101 0x0e6c  fsssvc - ok
09:24:29.0160 0x0e6c  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
09:24:29.0163 0x0e6c  Fs_Rec - ok
09:24:29.0213 0x0e6c  [ 8C89DAB1061E3D04E902404754D3FA29, 43249B36BCDB6A684ED709CCCE06380BEE92734EA7B2ACE2190B2F699E8E28D4 ] FTDIBUS         C:\Windows\system32\drivers\ftdibus.sys
09:24:29.0295 0x0e6c  FTDIBUS - ok
09:24:29.0351 0x0e6c  [ B14C967A0ADF2348258DD8312B6C0C58, E592DD0480E845E8A7AE11A2BC11BF4D0B8FD433CCB1A3A7F21E9C5EB5991F06 ] FTSER2K         C:\Windows\system32\drivers\ftser2k.sys
09:24:29.0397 0x0e6c  FTSER2K - ok
09:24:29.0440 0x0e6c  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
09:24:29.0450 0x0e6c  fvevol - ok
09:24:29.0490 0x0e6c  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
09:24:29.0495 0x0e6c  gagp30kx - ok
09:24:29.0545 0x0e6c  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:24:29.0547 0x0e6c  GEARAspiWDM - ok
09:24:29.0596 0x0e6c  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
09:24:29.0655 0x0e6c  gpsvc - ok
09:24:29.0826 0x0e6c  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
09:24:29.0831 0x0e6c  gupdate - ok
09:24:29.0846 0x0e6c  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
09:24:29.0852 0x0e6c  gupdatem - ok
09:24:29.0885 0x0e6c  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
09:24:29.0887 0x0e6c  hcw85cir - ok
09:24:29.0940 0x0e6c  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
09:24:29.0975 0x0e6c  HDAudBus - ok
09:24:30.0002 0x0e6c  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
09:24:30.0005 0x0e6c  HidBatt - ok
09:24:30.0024 0x0e6c  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
09:24:30.0030 0x0e6c  HidBth - ok
09:24:30.0057 0x0e6c  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
09:24:30.0060 0x0e6c  HidIr - ok
09:24:30.0103 0x0e6c  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
09:24:30.0108 0x0e6c  hidserv - ok
09:24:30.0146 0x0e6c  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
09:24:30.0149 0x0e6c  HidUsb - ok
09:24:30.0180 0x0e6c  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
09:24:30.0187 0x0e6c  hkmsvc - ok
09:24:30.0241 0x0e6c  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:24:30.0254 0x0e6c  HomeGroupListener - ok
09:24:30.0319 0x0e6c  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:24:30.0330 0x0e6c  HomeGroupProvider - ok
09:24:30.0363 0x0e6c  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
09:24:30.0368 0x0e6c  HpSAMD - ok
09:24:30.0438 0x0e6c  [ BFBDBCA42710795C4446C54243970FD1, 03B1D83FE3F5580A6E1FC7B8BF3F55425F7F1214EB386B52C4B4B6C4D8B58A5F ] HsfXAudioService C:\Windows\system32\XAudio32.dll
09:24:30.0495 0x0e6c  HsfXAudioService - ok
09:24:30.0573 0x0e6c  [ 0CEE084D6FD31836D830054E4D55DCB1, B22B76387F409E3654610740AA9A65C1BECD85DB98FED20EC1933EB957292E9C ] HSF_DPV         C:\Windows\system32\DRIVERS\HSX_DPV.sys
09:24:30.0676 0x0e6c  HSF_DPV - ok
09:24:30.0743 0x0e6c  [ 505A930DB626ABB3EC1E65F056551923, 515EC9C6D0892B1C8BED41A81FFEF381CE0FC7438D0E8DE24C13D8CD05835EB3 ] HSXHWAZL        C:\Windows\system32\DRIVERS\HSXHWAZL.sys
09:24:30.0749 0x0e6c  HSXHWAZL - ok
09:24:30.0861 0x0e6c  [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
09:24:30.0907 0x0e6c  HTTP - ok
09:24:30.0958 0x0e6c  [ 42A64382A0607B80C99C37170911B346, 54914F2C401824546E7F41F10A42FF242177740F5DE3F34EFC2B8F3E8F7C1480 ] huawei_cdcacm   C:\Windows\system32\DRIVERS\ew_jucdcacm.sys
09:24:30.0963 0x0e6c  huawei_cdcacm - ok
09:24:31.0004 0x0e6c  [ F44461E66F1B7DD267957FE9BAA63ED0, 5B51692F1670A43A8C1B9E2EECB4042AB04BA92AAA347405A61D3EA8C478BC5A ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
09:24:31.0009 0x0e6c  huawei_enumerator - ok
09:24:31.0029 0x0e6c  [ 69A103138B77AC0950EC3846E2E6F655, 082B59A5560BB58F314E7A7E4210DB7A2AB4F833CD72C5FFBA932F7928F78E3F ] huawei_ext_ctrl C:\Windows\system32\DRIVERS\ew_juextctrl.sys
09:24:31.0032 0x0e6c  huawei_ext_ctrl - ok
09:24:31.0062 0x0e6c  [ 7DE001BAB4056257E1792AF1FCFA489F, 8C446F5D869C6129392A724FB216469FE32AE2EFD731980B640D429942D5D42F ] huawei_wwanecm  C:\Windows\system32\DRIVERS\ew_juwwanecm.sys
09:24:31.0068 0x0e6c  huawei_wwanecm - ok
09:24:31.0131 0x0e6c  [ F547F862B8907F1BCBD9B72A72A6449E, 18045A85AF0060E599A386D2F50E333D0ADEBECD2987CB4EE6377D1537197285 ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
09:24:31.0141 0x0e6c  hwdatacard - ok
09:24:31.0194 0x0e6c  HWDeviceService.exe - ok
09:24:31.0261 0x0e6c  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
09:24:31.0264 0x0e6c  hwpolicy - ok
09:24:31.0323 0x0e6c  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
09:24:31.0328 0x0e6c  i8042prt - ok
09:24:31.0402 0x0e6c  [ D80AA0907748D7CC8EFAB3773F32629B, BEE52B4E6099B5B8CA5D6D4DE4A90B124AC7E3EE4A69565BFDD227AF261B6242 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
09:24:31.0419 0x0e6c  iaStor - ok
09:24:31.0519 0x0e6c  [ A9BE186ABF28B3D3D698CB855EDF457E, 03E1851132E1C8669CF9B3CEB1C9E6AE45BBAC2632FEEDD311F3B3FAA9B623DD ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
09:24:31.0521 0x0e6c  IAStorDataMgrSvc - ok
09:24:31.0598 0x0e6c  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
09:24:31.0628 0x0e6c  iaStorV - ok
09:24:31.0754 0x0e6c  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
09:24:31.0760 0x0e6c  IDriverT - ok
09:24:31.0877 0x0e6c  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:24:31.0944 0x0e6c  idsvc - ok
09:24:31.0992 0x0e6c  IEEtwCollectorService - ok
09:24:32.0429 0x0e6c  [ DCE0B53570703CCE580D066F89EF58CD, C5C2C4F51F2DB2BB6E7F1218472AEAAD996514AB99EA84946A473CB7A64D9E15 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
09:24:32.0765 0x0e6c  igfx - ok
09:24:32.0867 0x0e6c  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
09:24:32.0871 0x0e6c  iirsp - ok
09:24:32.0959 0x0e6c  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
09:24:33.0027 0x0e6c  IKEEXT - ok
09:24:33.0067 0x0e6c  [ E3C36AC5AE87EC970AE8EA2A93D59AE1, 8403A5243DF38EFC35A0200760EC081E42467744AF25A1F2168D5A8198AF6A5B ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
09:24:33.0074 0x0e6c  Impcd - ok
09:24:33.0113 0x0e6c  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
09:24:33.0115 0x0e6c  intelide - ok
09:24:33.0137 0x0e6c  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
09:24:33.0140 0x0e6c  intelppm - ok
09:24:33.0238 0x0e6c  [ 80A3CB16C3ABAB616D33C1D8B2DB0ECE, 7DE3D5445BB1BD4563E1DF81D01366032F28F4AD445FF80D4ED4DE35DD22269A ] Internet Manager. RunOuc C:\Program Files\T-Mobile\InternetManager_H\UpdateDog\ouc.exe
09:24:33.0362 0x0e6c  Internet Manager. RunOuc - ok
09:24:33.0425 0x0e6c  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
09:24:33.0429 0x0e6c  IPBusEnum - ok
09:24:33.0452 0x0e6c  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:24:33.0457 0x0e6c  IpFilterDriver - ok
09:24:33.0519 0x0e6c  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
09:24:33.0572 0x0e6c  iphlpsvc - ok
09:24:33.0656 0x0e6c  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
09:24:33.0660 0x0e6c  IPMIDRV - ok
09:24:33.0705 0x0e6c  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
09:24:33.0710 0x0e6c  IPNAT - ok
09:24:33.0858 0x0e6c  [ 6079D23EE84798D4EA0A68619E07FF70, 7E84549F90F8D08D268B8D05C82F32FF4ACDDE899DD95D022A9000E6C320CEDA ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
09:24:33.0904 0x0e6c  iPod Service - ok
09:24:33.0942 0x0e6c  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
09:24:33.0945 0x0e6c  IRENUM - ok
09:24:33.0970 0x0e6c  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
09:24:33.0977 0x0e6c  isapnp - ok
09:24:34.0004 0x0e6c  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
09:24:34.0026 0x0e6c  iScsiPrt - ok
09:24:34.0047 0x0e6c  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
09:24:34.0051 0x0e6c  kbdclass - ok
09:24:34.0090 0x0e6c  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
09:24:34.0093 0x0e6c  kbdhid - ok
09:24:34.0108 0x0e6c  [ 7884C1EDF5BD21749C206E8C4B5DB409, 620638756A5EE6EA933A7A4C94E7DD2537E2A7345BBEFF72D28271C0174D10A2 ] KeyIso          C:\Windows\system32\lsass.exe
09:24:34.0112 0x0e6c  KeyIso - ok
09:24:34.0142 0x0e6c  [ 4476FE98AAF505ACDCD3EE6360AABEC1, 1573C5B9F1B12FEEE6D771AFF8969FB9D06878B1E0BECCD4AF13DA9F194FB256 ] KMWDFILTERx86   C:\Windows\system32\DRIVERS\KMWDFILTER.sys
09:24:34.0146 0x0e6c  KMWDFILTERx86 - ok
09:24:34.0206 0x0e6c  [ 0C51E9B34F3521806C78325E511E93EF, 5FB73AADC60FE73023BC50B0DB75B68D74A1546F26A65979A6BFBF3963C6FB24 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
09:24:34.0210 0x0e6c  KSecDD - ok
09:24:34.0283 0x0e6c  [ CC5B7CF2D08FDDAF1112FE2785F33FAC, DC13591CBB72631C2008781FCF40881182DA87BA1A69F3A858DBD33E8D8FFC95 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
09:24:34.0290 0x0e6c  KSecPkg - ok
09:24:34.0358 0x0e6c  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
09:24:34.0375 0x0e6c  KtmRm - ok
09:24:34.0415 0x0e6c  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
09:24:34.0427 0x0e6c  LanmanServer - ok
09:24:34.0555 0x0e6c  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:24:34.0565 0x0e6c  LanmanWorkstation - ok
09:24:34.0605 0x0e6c  [ F8A7212D0864EF5E9185FB95E6623F4D, 277EAA06BD3D1CB31E6CD7B9ECD3A4B7D4AB7A369DB5FFF04EC7D749DF26E3D2 ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
09:24:34.0607 0x0e6c  lirsgt - ok
09:24:34.0630 0x0e6c  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
09:24:34.0636 0x0e6c  lltdio - ok
09:24:34.0676 0x0e6c  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
09:24:34.0688 0x0e6c  lltdsvc - ok
09:24:34.0709 0x0e6c  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
09:24:34.0714 0x0e6c  lmhosts - ok
09:24:34.0755 0x0e6c  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
09:24:34.0761 0x0e6c  LSI_FC - ok
09:24:34.0784 0x0e6c  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
09:24:34.0789 0x0e6c  LSI_SAS - ok
09:24:34.0809 0x0e6c  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:24:34.0813 0x0e6c  LSI_SAS2 - ok
09:24:34.0833 0x0e6c  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:24:34.0839 0x0e6c  LSI_SCSI - ok
09:24:34.0878 0x0e6c  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
09:24:34.0883 0x0e6c  luafv - ok
09:24:34.0931 0x0e6c  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
09:24:34.0938 0x0e6c  Mcx2Svc - ok
09:24:34.0963 0x0e6c  [ A027DE1E6C11BD2DAF61F6F276B2299F, E2B7A9EDE85DB440FE6ECBD87976B00F01A5BB5DB8D19A38AE8AE66A9962128E ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
09:24:34.0966 0x0e6c  mdmxsdk - ok
09:24:34.0989 0x0e6c  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
09:24:34.0992 0x0e6c  megasas - ok
09:24:35.0024 0x0e6c  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
09:24:35.0035 0x0e6c  MegaSR - ok
09:24:35.0073 0x0e6c  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
09:24:35.0079 0x0e6c  MMCSS - ok
09:24:35.0099 0x0e6c  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
09:24:35.0102 0x0e6c  Modem - ok
09:24:35.0121 0x0e6c  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
09:24:35.0122 0x0e6c  monitor - ok
09:24:35.0157 0x0e6c  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
09:24:35.0160 0x0e6c  mouclass - ok
09:24:35.0176 0x0e6c  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
09:24:35.0179 0x0e6c  mouhid - ok
09:24:35.0223 0x0e6c  [ BAD9C0366134BA181514E9263C8CE606, 7976B2D3DC283ACDBC21C7D197C0E2A650E6555F6569283302766B17D736BDB8 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
09:24:35.0228 0x0e6c  mountmgr - ok
09:24:35.0308 0x0e6c  [ 98DA127D0AB8B6CB5773546AF60D9217, BB07F34552342CA40E843F80AA32C928C29EF81789605E53C795EFD564F2DA7F ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:24:35.0451 0x0e6c  MozillaMaintenance - ok
09:24:35.0533 0x0e6c  [ F112DA773EC3E9D3CDE9221ED300E033, 693C416B281DA3489C096812D0E4E0413C05798D36AF534624C3B29551CE68A4 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
09:24:35.0544 0x0e6c  MpFilter - ok
09:24:35.0585 0x0e6c  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
09:24:35.0592 0x0e6c  mpio - ok
09:24:35.0751 0x0e6c  [ BB7BB66A8DAF16950F83AE7BF498AF8F, A96FC3BE055C52B98E7ECDF68D69081620F829B04B5496C73D87F271E40EA638 ] MpKsl974eb94c   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2532DCB5-DE2F-4D74-87A1-A8E1513FCFD4}\MpKsl974eb94c.sys
09:24:35.0754 0x0e6c  MpKsl974eb94c - ok
09:24:35.0786 0x0e6c  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
09:24:35.0790 0x0e6c  mpsdrv - ok
09:24:35.0846 0x0e6c  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
09:24:35.0892 0x0e6c  MpsSvc - ok
09:24:35.0937 0x0e6c  [ 6430A074F6E32176FBEF2DEB110AE952, 0161B3CBCF427F5F9C47EDBA7F6848D9D6EB58B7EF203881E0D288B5ABAEEB98 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
09:24:36.0012 0x0e6c  MRxDAV - ok
09:24:36.0087 0x0e6c  [ E900BD16B9EE8F09609D7FBE2027B376, CD71FD868B58EA717499E8D30C78E025DDBCBADA4A7174C4A2FA6E88331AE5E5 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
09:24:36.0184 0x0e6c  mrxsmb - ok
09:24:36.0241 0x0e6c  [ 34F71B69DD2875AF07C4DDF19563C457, C679477EFCF2ED385B89F5BE8739D508A6147CE954419EC2F7F4ECA4A6543CAF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:24:36.0334 0x0e6c  mrxsmb10 - ok
09:24:36.0394 0x0e6c  [ 14063258261AA807DAADC9233422A5E5, 685E5E4374F59CA500242918D2D887798EECAE5E7C31F05ABACA10F86E788EAD ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:24:36.0465 0x0e6c  mrxsmb20 - ok
09:24:36.0525 0x0e6c  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
09:24:36.0528 0x0e6c  msahci - ok
09:24:36.0587 0x0e6c  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
09:24:36.0594 0x0e6c  msdsm - ok
09:24:36.0621 0x0e6c  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
09:24:36.0632 0x0e6c  MSDTC - ok
09:24:36.0675 0x0e6c  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
09:24:36.0678 0x0e6c  Msfs - ok
09:24:36.0693 0x0e6c  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
09:24:36.0695 0x0e6c  mshidkmdf - ok
09:24:36.0701 0x0e6c  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
09:24:36.0703 0x0e6c  msisadrv - ok
09:24:36.0746 0x0e6c  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
09:24:36.0751 0x0e6c  MSiSCSI - ok
09:24:36.0757 0x0e6c  msiserver - ok
09:24:36.0793 0x0e6c  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
09:24:36.0795 0x0e6c  MSKSSRV - ok
09:24:36.0897 0x0e6c  [ CC09BB7FDEFC5763CCB3CF7DAE2D76CF, F8F00900EDBA2F64BF136DD0B6C83CAF07C72F24F3D49C78B7EA24757FDBC6D0 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
09:24:36.0899 0x0e6c  MsMpSvc - ok
09:24:36.0957 0x0e6c  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
09:24:36.0960 0x0e6c  MSPCLOCK - ok
09:24:36.0983 0x0e6c  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
09:24:36.0985 0x0e6c  MSPQM - ok
09:24:37.0010 0x0e6c  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
09:24:37.0019 0x0e6c  MsRPC - ok
09:24:37.0041 0x0e6c  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
09:24:37.0047 0x0e6c  mssmbios - ok
09:24:37.0062 0x0e6c  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
09:24:37.0064 0x0e6c  MSTEE - ok
09:24:37.0075 0x0e6c  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
09:24:37.0077 0x0e6c  MTConfig - ok
09:24:37.0091 0x0e6c  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
09:24:37.0094 0x0e6c  Mup - ok
09:24:37.0144 0x0e6c  [ B45CA4BF954D1C983BB0B9DB9759F708, 997E0CF5D432C565B5404E0E3D2C89EA8C7B74DE3587A67425388B33993391FF ] mvusbcomm       C:\Windows\system32\Drivers\mvusbcomm.sys
09:24:37.0181 0x0e6c  mvusbcomm - ok
09:24:37.0250 0x0e6c  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
09:24:37.0295 0x0e6c  napagent - ok
09:24:37.0368 0x0e6c  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
09:24:37.0386 0x0e6c  NativeWifiP - ok
09:24:37.0468 0x0e6c  [ 9804FB2E46077F2977552347DFCA7E05, A34B703462C6998AB2B3EA6389F4B89616CDC257D44C400C92663E6FB4A8F196 ] NDIS            C:\Windows\system32\drivers\ndis.sys
09:24:37.0527 0x0e6c  NDIS - ok
09:24:37.0562 0x0e6c  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
09:24:37.0565 0x0e6c  NdisCap - ok
09:24:37.0603 0x0e6c  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
09:24:37.0606 0x0e6c  NdisTapi - ok
09:24:37.0645 0x0e6c  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
09:24:37.0649 0x0e6c  Ndisuio - ok
09:24:37.0686 0x0e6c  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
09:24:37.0693 0x0e6c  NdisWan - ok
09:24:37.0749 0x0e6c  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
09:24:37.0753 0x0e6c  NDProxy - ok
09:24:37.0805 0x0e6c  [ 1352E1648213551923A0A822E441553C, F9BCA299249D8E1ADF88F54554F72428E267E39911143F4C99DFF562F0EE4E70 ] Netaapl         C:\Windows\system32\DRIVERS\netaapl.sys
09:24:37.0808 0x0e6c  Netaapl - ok
09:24:37.0833 0x0e6c  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
09:24:37.0837 0x0e6c  NetBIOS - ok
09:24:37.0871 0x0e6c  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
09:24:37.0881 0x0e6c  NetBT - ok
09:24:37.0917 0x0e6c  [ 7884C1EDF5BD21749C206E8C4B5DB409, 620638756A5EE6EA933A7A4C94E7DD2537E2A7345BBEFF72D28271C0174D10A2 ] Netlogon        C:\Windows\system32\lsass.exe
09:24:37.0921 0x0e6c  Netlogon - ok
09:24:37.0976 0x0e6c  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
09:24:38.0009 0x0e6c  Netman - ok
09:24:38.0096 0x0e6c  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:24:38.0248 0x0e6c  NetMsmqActivator - ok
09:24:38.0259 0x0e6c  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:24:38.0265 0x0e6c  NetPipeActivator - ok
09:24:38.0300 0x0e6c  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
09:24:38.0319 0x0e6c  netprofm - ok
09:24:38.0331 0x0e6c  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:24:38.0336 0x0e6c  NetTcpActivator - ok
09:24:38.0350 0x0e6c  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:24:38.0356 0x0e6c  NetTcpPortSharing - ok
09:24:38.0400 0x0e6c  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
09:24:38.0403 0x0e6c  nfrd960 - ok
09:24:38.0469 0x0e6c  [ 780FF28BCD8470C5FDDEEF69982AA295, 1ED386E87E0AA733F23D554D2BF4EF4168DB9A419B7BA0BA8FBA20F118BE21DF ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
09:24:38.0474 0x0e6c  NisDrv - ok
09:24:38.0518 0x0e6c  [ 3FF257F54649D4F19E39263C5D581CD1, 1F201EEE770A452AA30C6270AAA456A77F9F3A102F473E12C22D3B8809932C1B ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
09:24:38.0531 0x0e6c  NisSrv - ok
09:24:38.0580 0x0e6c  [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc          C:\Windows\System32\nlasvc.dll
09:24:38.0594 0x0e6c  NlaSvc - ok
09:24:38.0642 0x0e6c  [ 33A4B24A4C4DCF3C168E2C1151A62FC5, 451D3276B7604A2F13CC99CA4BA08C6CADD47F8C0BEB08822E078B348BC54690 ] nmwcd           C:\Windows\system32\drivers\ccdcmb.sys
09:24:38.0645 0x0e6c  nmwcd - ok
09:24:38.0699 0x0e6c  [ A77265EF7BF998B8BB22A1A23E72B45D, 52D3B06635600DAB7C7E43E6336FD313EC8C2F4D8756F7B6AF76BE2FC69AF68D ] nmwcdc          C:\Windows\system32\drivers\ccdcmbo.sys
09:24:38.0702 0x0e6c  nmwcdc - ok
09:24:38.0730 0x0e6c  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
09:24:38.0734 0x0e6c  Npfs - ok
09:24:38.0755 0x0e6c  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
09:24:38.0760 0x0e6c  nsi - ok
09:24:38.0782 0x0e6c  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
09:24:38.0785 0x0e6c  nsiproxy - ok
09:24:38.0889 0x0e6c  [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
09:24:38.0974 0x0e6c  Ntfs - ok
09:24:38.0997 0x0e6c  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
09:24:38.0999 0x0e6c  Null - ok
09:24:39.0043 0x0e6c  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
09:24:39.0050 0x0e6c  nvraid - ok
09:24:39.0105 0x0e6c  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
09:24:39.0113 0x0e6c  nvstor - ok
09:24:39.0188 0x0e6c  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
09:24:39.0194 0x0e6c  nv_agp - ok
09:24:39.0229 0x0e6c  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
09:24:39.0234 0x0e6c  ohci1394 - ok
09:24:39.0282 0x0e6c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:24:39.0290 0x0e6c  ose - ok
09:24:39.0632 0x0e6c  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:24:39.0851 0x0e6c  osppsvc - ok
09:24:39.0916 0x0e6c  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
09:24:39.0925 0x0e6c  p2pimsvc - ok
09:24:39.0978 0x0e6c  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
09:24:40.0034 0x0e6c  p2psvc - ok
09:24:40.0104 0x0e6c  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
09:24:40.0109 0x0e6c  Parport - ok
09:24:40.0145 0x0e6c  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
09:24:40.0149 0x0e6c  partmgr - ok
09:24:40.0165 0x0e6c  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
09:24:40.0168 0x0e6c  Parvdm - ok
09:24:40.0218 0x0e6c  [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc          C:\Windows\System32\pcasvc.dll
09:24:40.0229 0x0e6c  PcaSvc - ok
09:24:40.0294 0x0e6c  [ F451DCACBAA67F3307305EBD4A39EA07, C4435BF4C2D16F3DC0B35732BE3602FFA28DB0A5BC5576F45E0D32E5F4CD2DEA ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfd.sys
09:24:40.0297 0x0e6c  pccsmcfd - ok
09:24:40.0451 0x0e6c  [ 92FDDBED716BF5C3CB766101563CFCE5, BD77BEB532483FBDBE2D69A7D5193F1EB43514CA7A65934F17AE71DCF397CCD4 ] PCDSRVC{E9D79540-57D5953E-06020101}_0 c:\program files\dell support center\pcdsrvc.pkms
09:24:40.0548 0x0e6c  PCDSRVC{E9D79540-57D5953E-06020101}_0 - ok
09:24:40.0576 0x0e6c  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
09:24:40.0585 0x0e6c  pci - ok
09:24:40.0619 0x0e6c  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
09:24:40.0622 0x0e6c  pciide - ok
09:24:40.0657 0x0e6c  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
09:24:40.0667 0x0e6c  pcmcia - ok
09:24:40.0676 0x0e6c  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
09:24:40.0680 0x0e6c  pcw - ok
09:24:40.0731 0x0e6c  [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
09:24:40.0778 0x0e6c  PEAUTH - ok
09:24:40.0865 0x0e6c  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
09:24:40.0934 0x0e6c  PeerDistSvc - ok
09:24:41.0061 0x0e6c  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
09:24:41.0143 0x0e6c  pla - ok
09:24:41.0191 0x0e6c  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
09:24:41.0247 0x0e6c  PlugPlay - ok
09:24:41.0266 0x0e6c  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
09:24:41.0273 0x0e6c  PNRPAutoReg - ok
09:24:41.0298 0x0e6c  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
09:24:41.0311 0x0e6c  PNRPsvc - ok
09:24:41.0360 0x0e6c  [ 420336F91EB745811CF130C80EDE0653, DFF3D8B838277FD0E151EB298EE81EF0E41139F625CCBB4F1FD13E1754A9705A ] Point32         C:\Windows\system32\DRIVERS\point32.sys
09:24:41.0364 0x0e6c  Point32 - ok
09:24:41.0532 0x0e6c  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
09:24:41.0550 0x0e6c  PolicyAgent - ok
09:24:41.0605 0x0e6c  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
09:24:41.0614 0x0e6c  Power - ok
09:24:41.0637 0x0e6c  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
09:24:41.0641 0x0e6c  PptpMiniport - ok
09:24:41.0664 0x0e6c  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
09:24:41.0667 0x0e6c  Processor - ok
09:24:41.0716 0x0e6c  [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc         C:\Windows\system32\profsvc.dll
09:24:41.0723 0x0e6c  ProfSvc - ok
09:24:41.0739 0x0e6c  [ 7884C1EDF5BD21749C206E8C4B5DB409, 620638756A5EE6EA933A7A4C94E7DD2537E2A7345BBEFF72D28271C0174D10A2 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:24:41.0743 0x0e6c  ProtectedStorage - ok
09:24:41.0777 0x0e6c  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
09:24:41.0782 0x0e6c  Psched - ok
09:24:41.0826 0x0e6c  [ E42E3433DBB4CFFE8FDD91EAB29AEA8E, 20ABD8372B242FD356AC143E7EB56F93CFEA4988ED1B0C4434CB64C387D7F66C ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
09:24:41.0830 0x0e6c  PxHelp20 - ok
09:24:41.0956 0x0e6c  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
09:24:42.0098 0x0e6c  ql2300 - ok
09:24:42.0126 0x0e6c  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
09:24:42.0130 0x0e6c  ql40xx - ok
09:24:42.0173 0x0e6c  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
09:24:42.0182 0x0e6c  QWAVE - ok
09:24:42.0199 0x0e6c  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
09:24:42.0202 0x0e6c  QWAVEdrv - ok
09:24:42.0225 0x0e6c  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
09:24:42.0227 0x0e6c  RasAcd - ok
09:24:42.0261 0x0e6c  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
09:24:42.0265 0x0e6c  RasAgileVpn - ok
09:24:42.0285 0x0e6c  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
09:24:42.0294 0x0e6c  RasAuto - ok
09:24:42.0375 0x0e6c  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
09:24:42.0380 0x0e6c  Rasl2tp - ok
09:24:42.0463 0x0e6c  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
09:24:42.0479 0x0e6c  RasMan - ok
09:24:42.0494 0x0e6c  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
09:24:42.0499 0x0e6c  RasPppoe - ok
09:24:42.0513 0x0e6c  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
09:24:42.0517 0x0e6c  RasSstp - ok
09:24:42.0595 0x0e6c  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
09:24:42.0607 0x0e6c  rdbss - ok
09:24:42.0629 0x0e6c  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
09:24:42.0632 0x0e6c  rdpbus - ok
09:24:42.0674 0x0e6c  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
09:24:42.0677 0x0e6c  RDPCDD - ok
09:24:42.0718 0x0e6c  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
09:24:42.0726 0x0e6c  RDPDR - ok
09:24:42.0746 0x0e6c  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
09:24:42.0750 0x0e6c  RDPENCDD - ok
09:24:42.0762 0x0e6c  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
09:24:42.0767 0x0e6c  RDPREFMP - ok
09:24:42.0907 0x0e6c  [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
09:24:42.0936 0x0e6c  RdpVideoMiniport - ok
09:24:42.0978 0x0e6c  [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
09:24:42.0987 0x0e6c  RDPWD - ok
09:24:43.0029 0x0e6c  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
09:24:43.0041 0x0e6c  rdyboost - ok
09:24:43.0102 0x0e6c  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
09:24:43.0109 0x0e6c  RemoteAccess - ok
09:24:43.0127 0x0e6c  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
09:24:43.0137 0x0e6c  RemoteRegistry - ok
09:24:43.0183 0x0e6c  [ CB928D9E6DAF51879DD6BA8D02F01321, DFD263B67DDF98AE09AF6D6986CBC7BE3206BCE8403AAC51BCF9459E78233D12 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
09:24:43.0190 0x0e6c  RFCOMM - ok
09:24:43.0227 0x0e6c  [ DF672613FBBCD58C38BB0BC2694BCFB0, 9B574773C7E796B7E30481F7A22D996078D5D3D295270B5BA5931A2D2F03EB4B ] rimmptsk        C:\Windows\system32\DRIVERS\rimmptsk.sys
09:24:43.0231 0x0e6c  rimmptsk - ok
09:24:43.0263 0x0e6c  [ AF213955C4D952C914620E8DB0CD0CF7, 09BCA009E183B448B97677A4E24630BD9CD2B53AFD48828C9B1F980794097899 ] rimspci         C:\Windows\system32\DRIVERS\rimspe86.sys
09:24:43.0267 0x0e6c  rimspci - ok
09:24:43.0296 0x0e6c  [ 9BFB54D3559F2FF7301271D29D383564, DA7F9D7432D2DD4B8FCEEB5D995E4E0A2BF6226C3A244BE4EE6BF08EF29C8687 ] rimsptsk        C:\Windows\system32\DRIVERS\rimsptsk.sys
09:24:43.0300 0x0e6c  rimsptsk - ok
09:24:43.0328 0x0e6c  [ 6978DECC2C38C5CE10A8B0F2B12F4451, 1B211CD20E2D5F7F631FA74EFF124C324A5AAD57A2FE87CA8960155EA2DE3AB8 ] risdpcie        C:\Windows\system32\DRIVERS\risdpe86.sys
09:24:43.0332 0x0e6c  risdpcie - ok
09:24:43.0341 0x0e6c  [ DCB87DA83CC1010CBC9FC4DC9E395BBC, 2123B7CAD746141C69F7DFCB4C351905C32E5B433F806EDA50074B088DC886DC ] rismxdp         C:\Windows\system32\DRIVERS\rixdptsk.sys
09:24:43.0345 0x0e6c  rismxdp - ok
09:24:43.0370 0x0e6c  [ 764C1F3453E779724BA647327DE7DDD4, CB270BDDA4D4F9F3F1A1AA21DFF2F96F4B9CC6A21CB243B869666A7DB468C3CA ] rixdpcie        C:\Windows\system32\DRIVERS\rixdpe86.sys
09:24:43.0374 0x0e6c  rixdpcie - ok
09:24:43.0539 0x0e6c  [ BDDC447AB46625A54619808575D5CB46, 5321343BFB972A111D27DED7A3F3A3520E0C77104E6139ADC7765C76A459ED9C ] RoxMediaDB12OEM C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
09:24:43.0617 0x0e6c  RoxMediaDB12OEM - ok
09:24:43.0680 0x0e6c  [ CE203243ADF512540249DF9C264F12DD, 7BC0A6E9A422D832DDF046F28EA0F80A879A007B7116C4B830D6A39DCDD09EF5 ] RoxWatch12      C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
09:24:43.0687 0x0e6c  RoxWatch12 - ok
09:24:43.0724 0x0e6c  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
09:24:43.0731 0x0e6c  RpcEptMapper - ok
09:24:43.0815 0x0e6c  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
09:24:43.0820 0x0e6c  RpcLocator - ok
09:24:43.0879 0x0e6c  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
09:24:43.0897 0x0e6c  RpcSs - ok
09:24:43.0972 0x0e6c  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
09:24:43.0974 0x0e6c  rspndr - ok
09:24:44.0032 0x0e6c  [ 5283B9A27FF230F2FF70D92451FF409A, B8BAC70E1DE4485C79CA7B47D4DCFE0223CECEA8ED75CE4F128D47051F95FE5D ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
09:24:44.0067 0x0e6c  RTL8167 - ok
09:24:44.0141 0x0e6c  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
09:24:44.0143 0x0e6c  s3cap - ok
09:24:44.0169 0x0e6c  [ 7884C1EDF5BD21749C206E8C4B5DB409, 620638756A5EE6EA933A7A4C94E7DD2537E2A7345BBEFF72D28271C0174D10A2 ] SamSs           C:\Windows\system32\lsass.exe
09:24:44.0173 0x0e6c  SamSs - ok
09:24:44.0232 0x0e6c  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
09:24:44.0237 0x0e6c  sbp2port - ok
09:24:44.0284 0x0e6c  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
09:24:44.0296 0x0e6c  SCardSvr - ok
09:24:44.0367 0x0e6c  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
09:24:44.0371 0x0e6c  scfilter - ok
09:24:44.0446 0x0e6c  [ 9060B8D5BCD5F2B019249F85E3D811F3, 7FB32AB7FE118462988321B9230074DAA960B587417EB463187539C3215445AE ] Schedule        C:\Windows\system32\schedsvc.dll
09:24:44.0527 0x0e6c  Schedule - ok
09:24:44.0600 0x0e6c  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
09:24:44.0602 0x0e6c  SCPolicySvc - ok
09:24:44.0630 0x0e6c  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
09:24:44.0641 0x0e6c  SDRSVC - ok
09:24:44.0801 0x0e6c  [ 78779EE07231C658B483B1F38B5088DF, 42DE06151DA17C218067CA3A22509BC626CB505F87238E39D024CE29554EF47D ] SeaPort         C:\Program Files\Microsoft\BingBar\SeaPort.EXE
09:24:44.0813 0x0e6c  SeaPort - ok
09:24:44.0895 0x0e6c  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
09:24:44.0898 0x0e6c  secdrv - ok
09:24:44.0928 0x0e6c  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
09:24:44.0934 0x0e6c  seclogon - ok
09:24:44.0975 0x0e6c  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
09:24:44.0982 0x0e6c  SENS - ok
09:24:45.0069 0x0e6c  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
09:24:45.0075 0x0e6c  SensrSvc - ok
09:24:45.0141 0x0e6c  [ CB3E852B818946F396E35A976EE6B552, 2CA45BEBD2F607E66F13DBD23DE7FB4E0C74F9B93A649B270E96A97000B650CA ] Ser2pl          C:\Windows\system32\DRIVERS\ser2pl.sys
09:24:45.0146 0x0e6c  Ser2pl - ok
09:24:45.0180 0x0e6c  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
09:24:45.0183 0x0e6c  Serenum - ok
09:24:45.0208 0x0e6c  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
09:24:45.0214 0x0e6c  Serial - ok
09:24:45.0235 0x0e6c  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
09:24:45.0238 0x0e6c  sermouse - ok
09:24:45.0337 0x0e6c  [ 289E853881E688286AD24299FCC485D8, 14B2359D7301591EF4ECC3DCC75947935AB3C25D240BD26D45DFF8A0F81A4D45 ] ServiceLayer    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
09:24:45.0439 0x0e6c  ServiceLayer - ok
09:24:45.0521 0x0e6c  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
09:24:45.0531 0x0e6c  SessionEnv - ok
09:24:45.0624 0x0e6c  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
09:24:45.0627 0x0e6c  sffdisk - ok
09:24:45.0646 0x0e6c  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
09:24:45.0649 0x0e6c  sffp_mmc - ok
09:24:45.0673 0x0e6c  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
09:24:45.0676 0x0e6c  sffp_sd - ok
09:24:45.0697 0x0e6c  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
09:24:45.0700 0x0e6c  sfloppy - ok
09:24:45.0757 0x0e6c  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
09:24:45.0791 0x0e6c  SharedAccess - ok
09:24:45.0911 0x0e6c  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:24:45.0956 0x0e6c  ShellHWDetection - ok
09:24:46.0062 0x0e6c  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
09:24:46.0067 0x0e6c  sisagp - ok
09:24:46.0094 0x0e6c  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:24:46.0097 0x0e6c  SiSRaid2 - ok
09:24:46.0125 0x0e6c  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
09:24:46.0130 0x0e6c  SiSRaid4 - ok
09:24:46.0173 0x0e6c  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
09:24:46.0178 0x0e6c  Smb - ok
09:24:46.0270 0x0e6c  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
09:24:46.0276 0x0e6c  SNMPTRAP - ok
09:24:46.0287 0x0e6c  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
09:24:46.0290 0x0e6c  spldr - ok
09:24:46.0372 0x0e6c  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
09:24:46.0384 0x0e6c  Spooler - ok
09:24:46.0685 0x0e6c  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
09:24:46.0883 0x0e6c  sppsvc - ok
09:24:46.0964 0x0e6c  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
09:24:46.0972 0x0e6c  sppuinotify - ok
09:24:47.0076 0x0e6c  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
09:24:47.0091 0x0e6c  srv - ok
09:24:47.0194 0x0e6c  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
09:24:47.0237 0x0e6c  srv2 - ok
09:24:47.0249 0x0e6c  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
09:24:47.0255 0x0e6c  srvnet - ok
09:24:47.0365 0x0e6c  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
09:24:47.0377 0x0e6c  SSDPSRV - ok
09:24:47.0407 0x0e6c  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
09:24:47.0417 0x0e6c  SstpSvc - ok
09:24:47.0483 0x0e6c  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
09:24:47.0486 0x0e6c  stexstor - ok
09:24:47.0553 0x0e6c  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
09:24:47.0601 0x0e6c  StiSvc - ok
09:24:47.0656 0x0e6c  [ 9E182DD94496550A22A392CC1A8E0F52, 6F630982F7AFDF409F24BB0D9815592000FC8A47200F4FEC4A5C5ED241810244 ] stllssvr        C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
09:24:47.0853 0x0e6c  stllssvr - ok
09:24:47.0886 0x0e6c  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
09:24:47.0889 0x0e6c  storflt - ok
09:24:47.0951 0x0e6c  [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc         C:\Windows\system32\storsvc.dll
09:24:47.0958 0x0e6c  StorSvc - ok
09:24:47.0996 0x0e6c  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
09:24:47.0999 0x0e6c  storvsc - ok
09:24:48.0053 0x0e6c  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\drivers\swenum.sys
09:24:48.0056 0x0e6c  swenum - ok
09:24:48.0086 0x0e6c  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
09:24:48.0137 0x0e6c  swprv - ok
09:24:48.0323 0x0e6c  [ 4EE25AC85AFC3FD67D9F57ECDF566FF2, F1BFF1FB655F31B97FA9C6A49D433EFD33D8A35F6B28B4D83E45C27A05A86228 ] SysMain         C:\Windows\system32\sysmain.dll
09:24:48.0420 0x0e6c  SysMain - ok
09:24:48.0465 0x0e6c  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
09:24:48.0474 0x0e6c  TabletInputService - ok
09:24:48.0515 0x0e6c  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
09:24:48.0548 0x0e6c  TapiSrv - ok
09:24:48.0571 0x0e6c  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
09:24:48.0578 0x0e6c  TBS - ok
09:24:48.0685 0x0e6c  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
09:24:48.0744 0x0e6c  Tcpip - ok
09:24:48.0795 0x0e6c  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
09:24:48.0820 0x0e6c  TCPIP6 - ok
09:24:48.0861 0x0e6c  [ 74905EBCBB8CBDB1F3C0B1778BBCB4BC, D869FDFD98B9C972933FB6B7C521BB6181A47698D27D53CBEF329EE26C12F1BA ] tcpipBM         C:\Windows\system32\drivers\tcpipBM.sys
09:24:48.0928 0x0e6c  tcpipBM - ok
09:24:49.0020 0x0e6c  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
09:24:49.0023 0x0e6c  tcpipreg - ok
09:24:49.0056 0x0e6c  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
09:24:49.0059 0x0e6c  TDPIPE - ok
09:24:49.0097 0x0e6c  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
09:24:49.0100 0x0e6c  TDTCP - ok
09:24:49.0146 0x0e6c  [ BB8817D0508DD5EA69C770C8DEF5AB67, C55671524EEF6E16BBCC92556E83FD1D6457E707EA9330FC1CDD28FB11D99B77 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
09:24:49.0213 0x0e6c  tdx - ok
09:24:49.0287 0x0e6c  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\drivers\termdd.sys
09:24:49.0291 0x0e6c  TermDD - ok
09:24:49.0353 0x0e6c  [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService     C:\Windows\System32\termsrv.dll
09:24:49.0445 0x0e6c  TermService - ok
09:24:49.0494 0x0e6c  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
09:24:49.0502 0x0e6c  Themes - ok
09:24:49.0530 0x0e6c  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
09:24:49.0536 0x0e6c  THREADORDER - ok
09:24:49.0577 0x0e6c  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
09:24:49.0586 0x0e6c  TrkWks - ok
09:24:49.0662 0x0e6c  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:24:49.0672 0x0e6c  TrustedInstaller - ok
09:24:49.0771 0x0e6c  [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
09:24:49.0775 0x0e6c  tssecsrv - ok
09:24:49.0828 0x0e6c  [ 9CE253214ACAA5A7D323327D2055EFAA, 15E7DB578EDF36DD2FD5BA960C3941B2353037323B6B96702CDCDC07588EA724 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
09:24:49.0832 0x0e6c  TsUsbFlt - ok
09:24:49.0897 0x0e6c  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
09:24:49.0903 0x0e6c  tunnel - ok
09:24:49.0967 0x0e6c  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
09:24:49.0972 0x0e6c  uagp35 - ok
09:24:50.0050 0x0e6c  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
09:24:50.0063 0x0e6c  udfs - ok
09:24:50.0125 0x0e6c  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
09:24:50.0132 0x0e6c  UI0Detect - ok
09:24:50.0174 0x0e6c  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
09:24:50.0178 0x0e6c  uliagpkx - ok
09:24:50.0193 0x0e6c  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
09:24:50.0196 0x0e6c  umbus - ok
09:24:50.0227 0x0e6c  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
09:24:50.0230 0x0e6c  UmPass - ok
09:24:50.0278 0x0e6c  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
09:24:50.0290 0x0e6c  UmRdpService - ok
09:24:50.0357 0x0e6c  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
09:24:50.0374 0x0e6c  upnphost - ok
09:24:50.0459 0x0e6c  [ B671514497DF7417F83919A6A5BD6BB9, 6E407B0A7D9F2D570A18FF64B8CAF7DA49A8574139E8841641F11E939FBDED0E ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
09:24:50.0461 0x0e6c  upperdev - ok
09:24:50.0531 0x0e6c  [ A176718F0DF45F60F545CF3E14F4D108, 5E767CB0B51B3BA05B6F99A7E46BEC275489DCFE874343C9B992843AA1F2334E ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
09:24:50.0535 0x0e6c  USBAAPL - ok
09:24:50.0581 0x0e6c  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
09:24:50.0586 0x0e6c  usbccgp - ok
09:24:50.0630 0x0e6c  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
09:24:50.0635 0x0e6c  usbcir - ok
09:24:50.0670 0x0e6c  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
09:24:50.0674 0x0e6c  usbehci - ok
09:24:50.0712 0x0e6c  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
09:24:50.0725 0x0e6c  usbhub - ok
09:24:50.0747 0x0e6c  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
09:24:50.0751 0x0e6c  usbohci - ok
09:24:50.0779 0x0e6c  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
09:24:50.0783 0x0e6c  usbprint - ok
09:24:50.0821 0x0e6c  [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
09:24:50.0825 0x0e6c  usbscan - ok
09:24:50.0887 0x0e6c  [ 007C0C8D5B01D82ACEB70431D15083F6, 7EAF68CD3C38D3CD2CDFEE9ECE1DFB38E274F1F9E6F70B73BCE1336E87D5496C ] usbser          C:\Windows\system32\DRIVERS\usbser.sys
09:24:50.0890 0x0e6c  usbser - ok
09:24:50.0940 0x0e6c  [ FF358FD3176B2E5605C4ACCD5026A5AC, BD7B43B44BA4104A845D6329703B38F420DBE688938FEC37B372D212936AC05C ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
09:24:50.0943 0x0e6c  UsbserFilt - ok
09:24:50.0986 0x0e6c  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:24:51.0024 0x0e6c  USBSTOR - ok
09:24:51.0062 0x0e6c  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
09:24:51.0065 0x0e6c  usbuhci - ok
09:24:51.0121 0x0e6c  [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
09:24:51.0128 0x0e6c  usbvideo - ok
09:24:51.0162 0x0e6c  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
09:24:51.0169 0x0e6c  UxSms - ok
09:24:51.0240 0x0e6c  [ 7884C1EDF5BD21749C206E8C4B5DB409, 620638756A5EE6EA933A7A4C94E7DD2537E2A7345BBEFF72D28271C0174D10A2 ] VaultSvc        C:\Windows\system32\lsass.exe
09:24:51.0244 0x0e6c  VaultSvc - ok
09:24:51.0268 0x0e6c  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
09:24:51.0272 0x0e6c  vdrvroot - ok
09:24:51.0323 0x0e6c  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
09:24:51.0369 0x0e6c  vds - ok
09:24:51.0411 0x0e6c  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
09:24:51.0414 0x0e6c  vga - ok
09:24:51.0433 0x0e6c  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
09:24:51.0436 0x0e6c  VgaSave - ok
09:24:51.0472 0x0e6c  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
09:24:51.0478 0x0e6c  vhdmp - ok
09:24:51.0508 0x0e6c  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
09:24:51.0511 0x0e6c  viaagp - ok
09:24:51.0534 0x0e6c  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
09:24:51.0539 0x0e6c  ViaC7 - ok
09:24:51.0575 0x0e6c  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
09:24:51.0578 0x0e6c  viaide - ok
09:24:51.0593 0x0e6c  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
09:24:51.0603 0x0e6c  vmbus - ok
09:24:51.0625 0x0e6c  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
09:24:51.0628 0x0e6c  VMBusHID - ok
09:24:51.0641 0x0e6c  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
09:24:51.0645 0x0e6c  volmgr - ok
09:24:51.0668 0x0e6c  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
09:24:51.0681 0x0e6c  volmgrx - ok
09:24:51.0697 0x0e6c  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
09:24:51.0704 0x0e6c  volsnap - ok
09:24:51.0737 0x0e6c  [ B26536ADD1D748CDA104D856C979AE79, C88FBCD63DB3607232616FAB989F0FD7FB00ED542E6AC1BC76076A7C13A6FB22 ] vpcbus          C:\Windows\system32\DRIVERS\vpchbus.sys
09:24:51.0742 0x0e6c  vpcbus - ok
09:24:51.0764 0x0e6c  [ A0F7E923A6261760130F22B85DF9040E, E70ED14497262C75CC2D4B67B046BB43D8F47A4B8487D258694891E9B4C6DA44 ] vpcnfltr        C:\Windows\system32\DRIVERS\vpcnfltr.sys
09:24:51.0767 0x0e6c  vpcnfltr - ok
09:24:51.0788 0x0e6c  [ 5F4B55E91CE7E2523C9E1E0ECE858869, 3C395198C1845A15C4E39888383587A5E481E2761B885DBB5FC2C17C7075E6B4 ] vpcusb          C:\Windows\system32\DRIVERS\vpcusb.sys
09:24:51.0792 0x0e6c  vpcusb - ok
09:24:51.0847 0x0e6c  [ B487191FE18D6863381A1AC55482469A, 77A6C87E833E90FFD2FF51C6B28041D8AE9C6CE293DA4166E65470C18C017971 ] vpcvmm          C:\Windows\system32\drivers\vpcvmm.sys
09:24:51.0890 0x0e6c  vpcvmm - ok
09:24:51.0932 0x0e6c  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
09:24:51.0940 0x0e6c  vsmraid - ok
09:24:52.0070 0x0e6c  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
09:24:52.0119 0x0e6c  VSS - ok
09:24:52.0197 0x0e6c  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
09:24:52.0200 0x0e6c  vwifibus - ok
09:24:52.0209 0x0e6c  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
09:24:52.0214 0x0e6c  vwififlt - ok
09:24:52.0287 0x0e6c  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
09:24:52.0332 0x0e6c  W32Time - ok
09:24:52.0389 0x0e6c  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
09:24:52.0391 0x0e6c  WacomPen - ok
09:24:52.0418 0x0e6c  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
09:24:52.0423 0x0e6c  WANARP - ok
09:24:52.0431 0x0e6c  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
09:24:52.0434 0x0e6c  Wanarpv6 - ok
09:24:52.0527 0x0e6c  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
09:24:52.0576 0x0e6c  wbengine - ok
09:24:52.0621 0x0e6c  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
09:24:52.0634 0x0e6c  WbioSrvc - ok
09:24:52.0694 0x0e6c  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
09:24:52.0728 0x0e6c  wcncsvc - ok
09:24:52.0754 0x0e6c  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:24:52.0762 0x0e6c  WcsPlugInService - ok
09:24:52.0781 0x0e6c  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
09:24:52.0784 0x0e6c  Wd - ok
09:24:52.0844 0x0e6c  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
09:24:52.0891 0x0e6c  Wdf01000 - ok
09:24:52.0949 0x0e6c  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost  C:\Windows\system32\wdi.dll
09:24:52.0958 0x0e6c  WdiServiceHost - ok
09:24:52.0967 0x0e6c  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost   C:\Windows\system32\wdi.dll
09:24:52.0976 0x0e6c  WdiSystemHost - ok
09:24:53.0026 0x0e6c  [ 55C70654420DBF429604FD567E6F3CD3, 22191B049BCA76EF13AEDF8078E452E6B35E998A75AD63F14C542B541EA9F67D ] WebClient       C:\Windows\System32\webclnt.dll
09:24:53.0041 0x0e6c  WebClient - ok
09:24:53.0079 0x0e6c  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
09:24:53.0089 0x0e6c  Wecsvc - ok
09:24:53.0109 0x0e6c  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
09:24:53.0114 0x0e6c  wercplsupport - ok
09:24:53.0140 0x0e6c  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
09:24:53.0145 0x0e6c  WerSvc - ok
09:24:53.0163 0x0e6c  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
09:24:53.0165 0x0e6c  WfpLwf - ok
09:24:53.0188 0x0e6c  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
09:24:53.0189 0x0e6c  WIMMount - ok
09:24:53.0256 0x0e6c  [ 34B24B7A741F0DEC40699403C43A7093, 1A8C4C637628F728ACAB2FA723DA65773F3709057DF20DAA8A47893742467FA4 ] winachsf        C:\Windows\system32\DRIVERS\HSX_CNXT.sys
09:24:53.0285 0x0e6c  winachsf - ok
09:24:53.0412 0x0e6c  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
09:24:53.0514 0x0e6c  WinDefend - ok
09:24:53.0542 0x0e6c  WinHttpAutoProxySvc - ok
09:24:53.0609 0x0e6c  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
09:24:53.0618 0x0e6c  Winmgmt - ok
09:24:53.0719 0x0e6c  [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM           C:\Windows\system32\WsmSvc.dll
09:24:53.0844 0x0e6c  WinRM - ok
09:24:53.0891 0x0e6c  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
09:24:53.0893 0x0e6c  WinUsb - ok
09:24:53.0967 0x0e6c  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
09:24:54.0047 0x0e6c  Wlansvc - ok
09:24:54.0127 0x0e6c  [ 6067ACEF367E79914AF628FA1E9B5330, 491A705267B48C103E00B26BBD21FA8829DB03A88343CBC27264CEE5DE8C8DEF ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:24:54.0131 0x0e6c  wlcrasvc - ok
09:24:54.0296 0x0e6c  [ FB01D4AE207B9EFDBABFC55DC95C7E31, E0EFDBBE0BAC275230C8C1A053948C21BCF20B99B92E50939E95FFB9DC87F6BA ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:24:54.0397 0x0e6c  wlidsvc - ok
09:24:54.0440 0x0e6c  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
09:24:54.0441 0x0e6c  WmiAcpi - ok
09:24:54.0484 0x0e6c  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
09:24:54.0492 0x0e6c  wmiApSrv - ok
09:24:54.0594 0x0e6c  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
09:24:54.0637 0x0e6c  WMPNetworkSvc - ok
09:24:54.0665 0x0e6c  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
09:24:54.0670 0x0e6c  WPCSvc - ok
09:24:54.0708 0x0e6c  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
09:24:54.0717 0x0e6c  WPDBusEnum - ok
09:24:54.0748 0x0e6c  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
09:24:54.0751 0x0e6c  ws2ifsl - ok
09:24:54.0771 0x0e6c  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
09:24:54.0780 0x0e6c  wscsvc - ok
09:24:54.0810 0x0e6c  [ 553F6CCD7C58EB98D4A8FBDAF283D7A9, 71FBE50C470D1F54FDAADCECEC2CB021AE240CD59DE4E8EB5BCAA6E7F2F86560 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
09:24:54.0813 0x0e6c  WSDPrintDevice - ok
09:24:54.0854 0x0e6c  [ 7DC0270CFD4A05B4112E3EBBF083B595, DF4FCDE511F0B68B6C6E28C820EB722C34710F31A16023A9A297EAD228E00137 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
09:24:54.0858 0x0e6c  WSDScan - ok
09:24:54.0866 0x0e6c  WSearch - ok
09:24:55.0007 0x0e6c  [ 67AFFF96F5C6B072CE986D91212527C0, 8E7FACC7AB3405A28374F3140C0BA7089DFA21D855B2F4629DF4593832197041 ] wuauserv        C:\Windows\system32\wuaueng.dll
09:24:55.0089 0x0e6c  wuauserv - ok
09:24:55.0107 0x0e6c  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
09:24:55.0110 0x0e6c  WudfPf - ok
09:24:55.0131 0x0e6c  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
09:24:55.0138 0x0e6c  WUDFRd - ok
09:24:55.0181 0x0e6c  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
09:24:55.0193 0x0e6c  wudfsvc - ok
09:24:55.0245 0x0e6c  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
09:24:55.0259 0x0e6c  WwanSvc - ok
09:24:55.0310 0x0e6c  [ 311FAFFB280FCA0D4A7739E2474EAC9F, 59EBA4B6403CD092DF710247180A15E6C5D122B94053F16D8909BDA685700F3D ] XAudio          C:\Windows\system32\DRIVERS\XAudio32.sys
09:24:55.0313 0x0e6c  XAudio - ok
09:24:55.0384 0x0e6c  ================ Scan global ===============================
09:24:55.0415 0x0e6c  [ 5E7C5DE85AF978495C3A9A0B720B9811, 142CDEBED78E3BAEE8D2DBF6A97CE26313932024010548EC2E570CAE480AF7C3 ] C:\Windows\system32\basesrv.dll
09:24:55.0478 0x0e6c  [ C2E10DD5F72368909C516B24A02CFF12, 6D3E6ED8C6F8617A671737F913E41A292BEE1FD268458BA479B2213B33365D6C ] C:\Windows\system32\winsrv.dll
09:24:55.0578 0x0e6c  [ C2E10DD5F72368909C516B24A02CFF12, 6D3E6ED8C6F8617A671737F913E41A292BEE1FD268458BA479B2213B33365D6C ] C:\Windows\system32\winsrv.dll
09:24:55.0647 0x0e6c  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
09:24:55.0711 0x0e6c  [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
09:24:55.0726 0x0e6c  [ Global ] - ok
09:24:55.0727 0x0e6c  ================ Scan MBR ==================================
09:24:55.0744 0x0e6c  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
09:24:56.0220 0x0e6c  \Device\Harddisk0\DR0 - ok
09:24:56.0220 0x0e6c  ================ Scan VBR ==================================
09:24:56.0224 0x0e6c  [ 5F409A8A8C7F3E59175A897F47ECBA4B ] \Device\Harddisk0\DR0\Partition1
09:24:56.0228 0x0e6c  \Device\Harddisk0\DR0\Partition1 - ok
09:24:56.0233 0x0e6c  [ 7D54A58CCBFCFC80CDCC679EA42F0E05 ] \Device\Harddisk0\DR0\Partition2
09:24:56.0274 0x0e6c  \Device\Harddisk0\DR0\Partition2 - ok
09:24:56.0275 0x0e6c  ================ Scan generic autorun ======================
09:24:56.0362 0x0e6c  [ CBEBF85763814AD2CA23491050B08D76, E67ECEB3B9921DF8EB4236FC811E4C40AE7EE3272ED5D1E6CBF1ACB1E205963B ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
09:24:56.0374 0x0e6c  IAStorIcon - ok
09:24:56.0444 0x0e6c  [ 77B4FB94F52885F9B2D0F5589DBC7A2D, 719001C1C90A1CD7CFAD9C4C6193E10D295C4986F8B7F6CBAEDB2AA4CE2B3198 ] C:\Program Files\Dell Wireless\Bluetooth Suite\BtvStack.exe
09:24:56.0465 0x0e6c  AtherosBtStack - ok
09:24:56.0499 0x0e6c  [ 82FE2CDDC4AC7451B88C6F8A6C683F6E, ED7FCE292E7DA459550160EBDA5151E2CFDE2F56F83AAF6E89EC2D3FF02E9DA4 ] C:\Program Files\Dell Wireless\Bluetooth Suite\AthBtTray.exe
09:24:56.0512 0x0e6c  AthBtTray - ok
09:24:56.0689 0x0e6c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
09:24:56.0735 0x0e6c  Sidebar - ok
09:24:56.0776 0x0e6c  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
09:24:56.0782 0x0e6c  mctadmin - ok
09:24:56.0836 0x0e6c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
09:24:56.0866 0x0e6c  Sidebar - ok
09:24:56.0875 0x0e6c  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
09:24:56.0879 0x0e6c  mctadmin - ok
09:24:56.0965 0x0e6c  [ 8BE7AF668EDC9C65C11FB367F4B74942, 30BCC564BF84A1E9F05E8AA441230C8C6DB9C8CB00C0A160275AA59559B09A5B ] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE
09:24:56.0990 0x0e6c  Epson Stylus SX510W(Netzwerk) - ok
09:24:57.0011 0x0e6c  [ 8BE7AF668EDC9C65C11FB367F4B74942, 30BCC564BF84A1E9F05E8AA441230C8C6DB9C8CB00C0A160275AA59559B09A5B ] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE
09:24:57.0018 0x0e6c  EPSON SX510W Series - ok
09:24:57.0039 0x0e6c  [ 8BE7AF668EDC9C65C11FB367F4B74942, 30BCC564BF84A1E9F05E8AA441230C8C6DB9C8CB00C0A160275AA59559B09A5B ] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE
09:24:57.0044 0x0e6c  EPSON SX510W Series (Kopie 1) - ok
09:24:57.0181 0x0e6c  [ BA19D31653730C19A0753C0C032EC628, D11586C8F5BFD79C2F4BCECDB2470CF29529ABDF336149DA83209F95245949E3 ] C:\Program Files\Lidl_Fotos\dd.exe
09:24:57.0211 0x0e6c  Device Detection - ok
09:24:57.0254 0x0e6c  FlashPlayerUpdate - ok
09:24:57.0339 0x0e6c  [ 20DE1CDD37A5D3D4177B8D9FEF907D81, F6CE80984852595A677C92B8C555F9B0D398BAE36768E0D6FC7F8C7211D962D2 ] C:\Program Files\Microsoft Security Client\msseces.exe
09:24:57.0401 0x0e6c  Application Restart #0 - ok
09:24:57.0426 0x0e6c  [ 8BE7AF668EDC9C65C11FB367F4B74942, 30BCC564BF84A1E9F05E8AA441230C8C6DB9C8CB00C0A160275AA59559B09A5B ] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE
09:24:57.0434 0x0e6c  EPSON SX510W Series - ok
09:24:57.0455 0x0e6c  [ 8BE7AF668EDC9C65C11FB367F4B74942, 30BCC564BF84A1E9F05E8AA441230C8C6DB9C8CB00C0A160275AA59559B09A5B ] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE
09:24:57.0459 0x0e6c  EPSON SX510W Series (Kopie 1) - ok
09:24:57.0502 0x0e6c  [ BA19D31653730C19A0753C0C032EC628, D11586C8F5BFD79C2F4BCECDB2470CF29529ABDF336149DA83209F95245949E3 ] C:\Program Files\Lidl_Fotos\dd.exe
09:24:57.0518 0x0e6c  Device Detection - ok
09:24:57.0521 0x0e6c  Waiting for KSN requests completion. In queue: 167
09:24:58.0521 0x0e6c  Waiting for KSN requests completion. In queue: 167
09:24:59.0521 0x0e6c  Waiting for KSN requests completion. In queue: 167
09:25:00.0541 0x0e6c  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.8.204.0 ), 0x61000 ( enabled : updated )
09:25:00.0548 0x0e6c  Win FW state via NFP2: enabled ( trusted )
09:25:02.0930 0x0e6c  ============================================================
09:25:02.0930 0x0e6c  Scan finished
09:25:02.0930 0x0e6c  ============================================================
09:25:02.0950 0x128c  Detected object count: 0
09:25:02.0950 0x128c  Actual detected object count: 0
09:25:29.0773 0x0eb0  Deinitialize success
         

Alt 11.02.2016, 08:33   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt - Standard

Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt



Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 11.02.2016, 09:12   #9
duat
 
Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt - Standard

Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt



1. Scan

Code:
ATTFilter
# AdwCleaner v5.033 - Bericht erstellt am 11/02/2016 um 09:45:39
# Aktualisiert am 07/02/2016 von Xplode
# Datenbank : 2016-02-07.2 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x86)
# Benutzername : privat - CHRIS-PC
# Gestartet von : C:\Users\privat\Downloads\AdwCleaner_5.033.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\Program Files\Softonic
[-] Ordner Gelöscht : C:\Program Files\Common Files\Plasmoo
[-] Ordner Gelöscht : C:\Users\privat\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf
[-] Ordner Gelöscht : C:\Users\privat\AppData\LocalLow\Softonic
[-] Ordner Gelöscht : C:\Users\privat\AppData\Roaming\dvdvideosoftiehelpers
[-] Ordner Gelöscht : C:\Users\privat\AppData\Roaming\OpenCandy
[-] Ordner Gelöscht : C:\Users\privat\AppData\Roaming\RHEng
[-] Ordner Gelöscht : C:\Users\privat\AppData\Roaming\Systweak

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\Users\privat\AppData\Roaming\Mozilla\Firefox\Profiles\wwe6u0x0.default-1431504965002\user.js
[-] Datei Gelöscht : C:\Windows\system32\roboot.exe

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
[-] Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\elchiiiejkobdbblfejjkbphbddgmljf
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{44B50C01-4993-48E2-ADEE-D812BAE2E9A2}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CA0167C2-6295-41B8-9BDA-704B2F5E4CD9}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{0C58B7D1-D415-492B-A149-E976156BD3B8}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445}
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{5018CFD2-804D-4C99-9F81-25EAEA2769DE}]
[-] Schlüssel Gelöscht : HKCU\Software\InstallCore
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\Softonic
[-] Schlüssel Gelöscht : HKCU\Software\SoftonicToolbar
[-] Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Softonic
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Vittalia
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softonic
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B6A9F6CA-8C02-4118-92F4-807A7285F11B}
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search.softonic.com
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.com

***** [ Internetbrowser ] *****

[-] [C:\Users\privat\AppData\Roaming\Mozilla\Firefox\Profiles\wwe6u0x0.default-1431504965002\prefs.js] [Preference] Gelöscht : user_pref("browser.newtab.url", "chrome://unitedtb/content/newtab/newtab-page.xhtml");

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [8335 Bytes] ##########
         
2. Scan

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.2 (01.06.2016)
Operating System: Windows 7 Professional x86 
Ran by privat (Administrator) on 11.02.2016 at  9:53:51,40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 27 

Successfully deleted: C:\Program Files\mozilla firefox\defaults\pref\itms.js (File) 
Successfully deleted: C:\Users\privat\AppData\Local\{3B09D72B-749E-4201-98BF-EF7B1E076509} (Empty Folder)
Successfully deleted: C:\Users\privat\AppData\Local\{3F79B348-939E-40CF-9CBB-2AF92813792F} (Empty Folder)
Successfully deleted: C:\Users\privat\AppData\Local\{3FC5B6F3-FAA1-434C-8FE1-7F0C033324ED} (Empty Folder)
Successfully deleted: C:\Users\privat\AppData\Local\{41249AB0-B07D-44A8-9D9D-4F1CFDBEBA67} (Empty Folder)
Successfully deleted: C:\Users\privat\AppData\Local\{518F232A-B275-44C1-9FD9-3D0052ADC045} (Empty Folder)
Successfully deleted: C:\Users\privat\AppData\Local\{5CD2B17C-03A2-439F-8BA1-E2D0E05A478A} (Empty Folder)
Successfully deleted: C:\Users\privat\AppData\Local\{60CE2BB3-5453-484E-9ED9-72FEBAB1F482} (Empty Folder)
Successfully deleted: C:\Users\privat\AppData\Local\{60D90076-B9FA-4C71-9021-453DB6B587E0} (Empty Folder)
Successfully deleted: C:\Users\privat\AppData\Local\{67F619D8-869E-4814-AA75-9058D344AD9F} (Empty Folder)
Successfully deleted: C:\Users\privat\AppData\Local\{8561B854-6248-48AF-AD55-3497E51C6D8A} (Empty Folder)
Successfully deleted: C:\Users\privat\AppData\Local\{8B8B4D5D-48CC-4150-ADBC-22DD63190A27} (Empty Folder)
Successfully deleted: C:\Users\privat\AppData\Local\{95CBC2EA-A387-4EC0-B251-A39A122B31B9} (Empty Folder)
Successfully deleted: C:\Users\privat\AppData\Local\{AC67BB82-0D3B-4A3F-B4C0-8BEC4E0E8757} (Empty Folder)
Successfully deleted: C:\Users\privat\AppData\Local\{B6E2635D-B375-4739-9BF7-5F0FC0745A2C} (Empty Folder)
Successfully deleted: C:\Users\privat\AppData\Local\{C6485B43-0AF8-4334-BBD7-9E794CA76057} (Empty Folder)
Successfully deleted: C:\Users\privat\AppData\Local\{CBEAC313-43EE-4371-82F6-D62A57CD4B14} (Empty Folder)
Successfully deleted: C:\Users\privat\AppData\Local\{DF1767D4-4864-44FE-A944-B0A21DF38F6A} (Empty Folder)
Successfully deleted: C:\Users\privat\AppData\Local\{EA8219FB-00DB-4574-8DAB-8D9EB657358B} (Empty Folder)
Successfully deleted: C:\Users\privat\AppData\Local\{EFB2D5FA-8609-4343-AB62-5467160B3EBC} (Empty Folder)
Successfully deleted: C:\Users\privat\AppData\Roaming\Mozilla\Firefox\Profiles\wwe6u0x0.default-1431504965002\extensions\mailcheck@web.de\searchplugins\mailcom-search.xml (File) 
Successfully deleted: C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask (Task)
Successfully deleted: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job (Task) 
Successfully deleted: C:\Users\privat\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IOMA25N9 (Folder) 
Successfully deleted: C:\Users\privat\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYGO247E (Folder) 
Successfully deleted: C:\Users\privat\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RRF6QBNK (Folder) 
Successfully deleted: C:\Users\privat\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SVIFX1I9 (Folder) 



Registry: 2 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4B9FC999-DF9D-4DA9-B7D2-A17ED9193392} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.02.2016 at 10:01:06,62
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
3. Scan

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:07-02-2016
durchgeführt von privat (Administrator) auf CHRIS-PC (11-02-2016 10:07:38)
Gestartet von C:\Users\privat\Downloads
Geladene Profile: privat (Verfügbare Profile: Chris & privat)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files\Dell Wireless\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files\Dell Wireless\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
() C:\ProgramData\DatacardService\HWDeviceService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-06-08] (Intel Corporation)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files\Dell Wireless\Bluetooth Suite\BtvStack.exe [474272 2010-09-02] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files\Dell Wireless\Bluetooth Suite\AthBtTray.exe [298144 2010-09-02] (Atheros Commnucations)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM\...\Run: [RemoteControl9] => C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
HKLM\...\Run: [PDVD9LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-04-29] (CyberLink Corp.)
HKLM\...\Run: [Dell Webcam Central] => C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [487562 2010-08-20] (Creative Technology Ltd)
HKLM\...\Run: [RoxWatchTray] => C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-09-04] (Sonic Solutions)
HKLM\...\Run: [Desktop Disc Tool] => C:\Program Files\Roxio\oem\Roxio Burn\RoxioBurnLauncher.exe [522736 2010-11-01] ()
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [1797488 2011-01-07] (Microsoft Corporation)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-12-17] (Apple Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-29] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157456 2015-12-17] (Apple Inc.)
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [EPSON SX510W Series] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE [199680 2008-11-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [EPSON SX510W Series (Kopie 1)] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE [199680 2008-11-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [Device Detection] => C:\Program Files\Lidl_Fotos\dd.exe [860528 2013-10-30] ()
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [] => [X]
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [NokiaSuite.exe] => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1090040 2012-12-21] (Nokia)
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {1305b0a3-f675-11e1-a1da-90004e013ab8} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {41144100-92dc-11e1-8581-90004e013ab8} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {4114411a-92dc-11e1-8581-90004e013ab8} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {41144133-92dc-11e1-8581-90004e013ab8} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {7357d7ff-4967-11e2-8651-f04da26bc8e0} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {7357d81a-4967-11e2-8651-f04da26bc8e0} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {750a411f-34c9-11e0-b132-806e6f6e6963} - D:\autorun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {dc37c5b5-6a52-11e2-b7ff-f04da26bc8e0} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {f8f69999-c40f-11e2-a005-f04da26bc8e0} - E:\AutoRun.exe
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll [2013-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll [2013-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll [2013-03-12] (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{2258AB48-4D93-4911-96B8-1B32A6796175}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{448221D6-933B-418F-8123-42221C7068BA}: [DhcpNameServer] 139.7.30.126 139.7.30.125
Tcpip\..\Interfaces\{8A4DA0DA-3D99-4A6E-9C53-1FCE9296A33F}: [NameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{A85015A4-C874-4C44-846D-25AEC4860175}: [NameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{AF10391C-F1D8-4024-BC6B-26BD4465F675}: [NameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{BBE6AA86-1C5F-45F8-8486-9DB31DA9A39B}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USSMB/8
SearchScopes: HKLM -> DefaultScope {4B9FC999-DF9D-4DA9-B7D2-A17ED9193392} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
SearchScopes: HKLM -> {4B9FC999-DF9D-4DA9-B7D2-A17ED9193392} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-30] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2011-05-13] (Microsoft Corporation)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-04-01] (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-30] (Oracle Corporation)
BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-04-01] (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-583576071-2610798785-2159693280-1003 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\privat\AppData\Roaming\Mozilla\Firefox\Profiles\wwe6u0x0.default-1431504965002
FF Homepage: hxxps://www.google.de/?gws_rd=ssl
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_267.dll [2016-01-14] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-30] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2012-12-21] ( )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2008-10-24] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Extension: WEB.DE MailCheck - C:\Users\privat\AppData\Roaming\Mozilla\Firefox\Profiles\wwe6u0x0.default-1431504965002\extensions\mailcheck@web.de [2015-12-16]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-01-08] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2016-01-08] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2016-01-08] [ist nicht signiert]
FF Extension: UITBAutoInstaller - C:\Program Files\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2016-01-08] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - c:\Program Files\Trend Micro\Client Server Security Agent\bho\1056\FirefoxExtension => nicht gefunden
FF HKLM\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx32\addon
FF Extension: Bytemobile Optimization Client - C:\Program Files\T-Mobile\InternetManager_H\OCx32\addon [2012-12-19] [ist nicht signiert]
FF HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\privat\AppData\Roaming\Mozilla\Firefox\Profiles\kpwvyoo0.default\extensions\cliqz@cliqz.com => nicht gefunden

Chrome: 
=======
CHR Profile: C:\Users\privat\AppData\Local\Google\Chrome\User Data\default

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Atheros Bt&Wlan Coex Agent; C:\Program Files\Dell Wireless\Ath_CoexAgent.exe [151552 2010-05-24] (Atheros) [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files\Dell Wireless\Bluetooth Suite\adminservice.exe [56480 2010-09-02] (Atheros Commnucations) [Datei ist nicht signiert]
R2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
R2 EPSON_EB_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE [143872 2007-12-17] (SEIKO EPSON CORPORATION)
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [113664 2007-01-11] (SEIKO EPSON CORPORATION)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2011-02-10] (Macrovision Europe Ltd.) [Datei ist nicht signiert]
R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [270176 2011-01-28] ()
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Datei ist nicht signiert]
S2 Internet Manager. RunOuc; C:\Program Files\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [224096 2012-12-19] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
S3 RoxMediaDB12OEM; C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [1116656 2010-09-04] (Sonic Solutions)
S2 RoxWatch12; C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [219632 2010-09-04] (Sonic Solutions)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AthBTPort; C:\Windows\System32\DRIVERS\btath_flt.sys [37224 2010-07-08] (Atheros)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281504 2013-04-29] ()
R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [13184 2012-12-19] (Bytemobile, Inc.) [Datei ist nicht signiert]
S3 BTATH_A2DP; C:\Windows\System32\drivers\btath_a2dp.sys [257896 2010-07-08] (Atheros)
R3 BTATH_BUS; C:\Windows\System32\DRIVERS\btath_bus.sys [26984 2010-07-08] (Atheros)
S3 BTATH_HCRP; C:\Windows\System32\DRIVERS\btath_hcrp.sys [178024 2010-07-08] (Atheros)
S3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [47976 2010-09-02] (Atheros)
S3 BTATH_RCP; C:\Windows\System32\DRIVERS\btath_rcp.sys [143336 2010-07-08] (Atheros)
S3 BtFilter; C:\Windows\System32\DRIVERS\btfilter.sys [237416 2010-08-31] (Atheros)
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [63464 2013-01-22] (FTDI Ltd.)
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [90112 2012-12-19] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [26624 2012-12-19] (Huawei Technologies Co., Ltd.)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [181760 2012-12-19] (Huawei Technologies Co., Ltd.)
S3 KMWDFILTERx86; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [25088 2009-04-29] (Windows (R) Codename Longhorn DDK provider)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2013-04-29] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
R1 MpKslacae96fb; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2532DCB5-DE2F-4D74-87A1-A8E1513FCFD4}\MpKslacae96fb.sys [39168 2016-02-11] (Microsoft Corporation)
S3 mvusbcomm; C:\Windows\System32\Drivers\mvusbcomm.sys [17408 2013-08-22] (Marvell Semiconductor, Inc.)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl.sys [18432 2012-03-26] (Apple Inc.) [Datei ist nicht signiert]
R2 risdpcie; C:\Windows\System32\DRIVERS\risdpe86.sys [49152 2009-06-30] (REDC)
S3 rixdpcie; C:\Windows\system32\DRIVERS\rixdpe86.sys [38400 2009-07-04] (REDC)
R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [172416 2010-11-20] (Microsoft Corporation)
R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [48128 2010-11-20] (Microsoft Corporation)
R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2010-11-20] (Microsoft Corporation)
R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [296064 2010-11-20] (Microsoft Corporation)
S3 adxapie; \??\C:\Users\privat\AppData\Local\Temp\adxapie.sys [X]
S3 PCDSRVC{E9D79540-57D5953E-06020101}_0; \??\c:\program files\dell support center\pcdsrvc.pkms [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-11 10:01 - 2016-02-11 10:01 - 00003795 _____ C:\Users\privat\Desktop\JRT.txt
2016-02-11 09:51 - 2016-02-11 09:51 - 01609032 _____ (Malwarebytes) C:\Users\privat\Downloads\JRT.exe
2016-02-11 09:37 - 2016-02-11 09:45 - 00000000 ____D C:\AdwCleaner
2016-02-11 09:37 - 2016-02-11 09:37 - 01508352 _____ C:\Users\privat\Downloads\AdwCleaner_5.033.exe
2016-02-11 09:23 - 2016-02-11 09:25 - 00231950 _____ C:\TDSSKiller.3.1.0.9_11.02.2016_09.23.44_log.txt
2016-02-11 09:23 - 2016-02-11 09:23 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\privat\Downloads\tdsskiller.exe
2016-02-10 17:55 - 2016-02-10 17:55 - 00058954 _____ C:\Users\privat\Downloads\Abrechnung_4475888970027369_20151114(1).PDF
2016-02-10 17:55 - 2016-02-10 17:55 - 00058558 _____ C:\Users\privat\Downloads\Abrechnung_4475888970027369_20151014.PDF
2016-02-10 17:55 - 2016-02-10 17:55 - 00058089 _____ C:\Users\privat\Downloads\Konto_1163325135-Auszug_2015_005(1).PDF
2016-02-10 17:55 - 2016-02-10 17:55 - 00057300 _____ C:\Users\privat\Downloads\Abrechnung_4475888970027369_20160114.PDF
2016-02-10 17:55 - 2016-02-10 17:55 - 00037353 _____ C:\Users\privat\Downloads\Abrechnung_4475888970027369_20151214(1).PDF
2016-02-10 17:54 - 2016-02-10 17:55 - 00073615 _____ C:\Users\privat\Downloads\Konto_1355011481-Auszug_2015_011(1).PDF
2016-02-10 17:54 - 2016-02-10 17:55 - 00070354 _____ C:\Users\privat\Downloads\Konto_1355011481-Auszug_2015_012(1).PDF
2016-02-10 17:54 - 2016-02-10 17:55 - 00062457 _____ C:\Users\privat\Downloads\Konto_1163325135-Auszug_2015_006(1).PDF
2016-02-10 17:54 - 2016-02-10 17:55 - 00056629 _____ C:\Users\privat\Downloads\Konto_1163325135-Auszug_2015_007(1).PDF
2016-02-10 17:54 - 2016-02-10 17:55 - 00029101 _____ C:\Users\privat\Downloads\Konto_3330022433-Auszug_2015_004(1).PDF
2016-02-10 17:53 - 2016-02-10 17:55 - 00062288 _____ C:\Users\privat\Downloads\Konto_1355011481-Auszug_2016_001.PDF
2016-02-10 16:49 - 2016-02-11 03:25 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-02-10 16:49 - 2016-02-10 16:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-10 16:48 - 2016-02-10 20:25 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-10 16:47 - 2016-02-11 03:23 - 00000000 ____D C:\Users\privat\Desktop\mbar
2016-02-10 16:47 - 2016-02-10 20:24 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-02-10 16:46 - 2016-02-10 16:47 - 16563352 _____ (Malwarebytes Corp.) C:\Users\privat\Downloads\mbar-1.09.3.1001.exe
2016-02-10 14:50 - 2016-02-10 14:52 - 00050353 _____ C:\Users\privat\Downloads\Addition.txt
2016-02-10 14:47 - 2016-02-11 10:07 - 00021095 _____ C:\Users\privat\Downloads\FRST.txt
2016-02-10 14:47 - 2016-02-11 10:07 - 00000000 ____D C:\FRST
2016-02-10 14:46 - 2016-02-10 14:46 - 01721344 _____ (Farbar) C:\Users\privat\Downloads\FRST.exe
2016-02-10 14:23 - 2016-02-10 14:24 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\privat\Downloads\SpyHunter-Installer (1).exe
2016-02-10 14:23 - 2016-02-10 14:23 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\privat\Downloads\SpyHunter-Installer.exe
2016-02-10 04:12 - 2016-02-10 04:12 - 00000000 ____D C:\ef66c554362ecf4d43f9d71f6f1364ae
2016-02-09 22:03 - 2016-01-16 19:42 - 00022464 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-02-09 22:03 - 2016-01-16 19:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-09 22:03 - 2016-01-16 19:34 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-02-09 22:03 - 2016-01-11 15:07 - 01198080 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-02-09 22:03 - 2016-01-11 15:07 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-02-09 22:03 - 2016-01-11 15:07 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-02-09 22:03 - 2016-01-11 15:07 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-02-09 22:03 - 2016-01-11 15:07 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-02-09 22:02 - 2016-01-22 07:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-02-09 22:02 - 2016-01-22 07:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-02-09 22:02 - 2016-01-22 06:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-02-09 22:02 - 2016-01-22 06:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-02-09 22:00 - 2016-01-22 07:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-02-09 22:00 - 2016-01-22 07:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-09 22:00 - 2016-01-22 07:09 - 01310232 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-09 22:00 - 2016-01-22 07:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-09 22:00 - 2016-01-22 07:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-09 22:00 - 2016-01-22 07:02 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-09 22:00 - 2016-01-22 07:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-09 22:00 - 2016-01-22 07:02 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-09 22:00 - 2016-01-22 07:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
2016-02-09 22:00 - 2016-01-22 07:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-09 22:00 - 2016-01-22 06:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-02-09 22:00 - 2016-01-07 18:47 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-09 22:00 - 2016-01-07 18:35 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-09 22:00 - 2016-01-06 19:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-02-09 22:00 - 2016-01-06 18:56 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-02-09 22:00 - 2015-12-20 19:45 - 02745856 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-02-09 22:00 - 2015-12-20 19:45 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-02-09 22:00 - 2015-12-20 17:16 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-02-09 21:59 - 2016-01-22 07:13 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-09 21:59 - 2016-01-22 07:13 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-02-09 21:59 - 2016-01-22 07:06 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-02-09 21:59 - 2016-01-22 07:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-02-09 21:59 - 2016-01-22 07:06 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-02-09 21:59 - 2016-01-22 07:06 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-02-09 21:59 - 2016-01-22 07:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-02-09 21:59 - 2016-01-22 07:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-02-09 21:59 - 2016-01-22 07:05 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-09 21:59 - 2016-01-22 07:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-02-09 21:59 - 2016-01-22 07:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-02-09 21:59 - 2016-01-22 07:02 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-09 21:59 - 2016-01-22 07:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-09 21:59 - 2016-01-22 07:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-02-09 21:59 - 2016-01-22 07:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-02-09 21:59 - 2016-01-22 07:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-02-09 21:59 - 2016-01-22 06:01 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-02-09 21:59 - 2016-01-22 06:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-02-09 21:59 - 2016-01-22 05:53 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-02-09 21:59 - 2016-01-22 05:53 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-09 21:59 - 2016-01-22 05:53 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-09 21:59 - 2016-01-22 05:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-02-09 21:59 - 2016-01-22 05:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-02-09 21:59 - 2016-01-22 05:51 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-02-09 21:59 - 2016-01-22 05:51 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-02-09 21:59 - 2016-01-22 05:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 05:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 05:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 05:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-09 21:58 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-09 21:58 - 2016-02-06 10:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-02-09 21:58 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-09 21:58 - 2016-02-06 10:38 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-02-09 21:58 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-09 21:58 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-09 21:58 - 2016-01-22 21:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-09 21:58 - 2016-01-22 07:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-02-09 21:58 - 2016-01-22 07:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-02-09 21:58 - 2016-01-22 07:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-02-09 21:58 - 2016-01-22 07:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-02-09 21:58 - 2016-01-22 06:55 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-02-09 21:58 - 2016-01-22 06:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-02-09 21:58 - 2016-01-22 06:52 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-02-09 21:58 - 2016-01-22 06:51 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-02-09 21:58 - 2016-01-22 06:51 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-02-09 21:58 - 2016-01-22 06:46 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-09 21:58 - 2016-01-22 06:43 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-02-09 21:58 - 2016-01-22 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-09 21:58 - 2016-01-22 06:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-02-09 21:58 - 2016-01-22 06:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-02-09 21:58 - 2016-01-22 06:34 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-02-09 21:58 - 2016-01-22 06:33 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-02-09 21:58 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-09 21:58 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-09 21:58 - 2016-01-22 06:25 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-09 21:58 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-09 21:58 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-09 21:58 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-09 21:57 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-09 21:57 - 2016-01-22 07:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-02-09 21:57 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-09 21:57 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-09 21:57 - 2016-01-22 06:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-02-09 21:57 - 2016-01-22 06:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-02-09 21:56 - 2016-01-11 19:47 - 02956288 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-02-09 21:56 - 2016-01-11 19:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-02-09 21:56 - 2016-01-11 19:35 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-02-09 21:56 - 2016-01-11 19:17 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-09 21:56 - 2016-01-11 19:14 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-02-09 21:56 - 2016-01-11 19:14 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-02-09 21:56 - 2016-01-11 19:14 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-02-09 21:56 - 2016-01-11 19:14 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-02-09 21:56 - 2016-01-11 19:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-02-09 21:56 - 2016-01-11 19:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-02-09 21:56 - 2016-01-11 19:14 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-01-20 13:19 - 2016-01-20 13:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-01-20 13:11 - 2016-01-20 13:19 - 00000000 ____D C:\Program Files\QuickTime
2016-01-13 22:45 - 2016-01-13 22:45 - 00000000 ____D C:\Users\Chris\AppData\Local\Apple
2016-01-13 09:44 - 2015-12-08 22:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-01-13 09:44 - 2015-12-08 22:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 01202688 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-13 09:44 - 2015-12-08 22:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-01-13 09:44 - 2015-12-08 22:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-13 09:44 - 2015-12-08 22:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-01-13 09:44 - 2015-12-08 22:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-01-13 09:44 - 2015-12-08 22:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-01-13 09:44 - 2015-12-08 22:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-01-13 09:44 - 2015-12-08 22:43 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-01-13 09:44 - 2015-12-08 22:11 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-01-13 09:44 - 2015-12-08 22:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-01-13 09:44 - 2015-11-16 21:12 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-01-13 09:44 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-01-13 09:44 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-01-13 09:44 - 2015-11-13 23:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-11 09:58 - 2009-07-14 05:34 - 00025216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-11 09:58 - 2009-07-14 05:34 - 00025216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-11 09:48 - 2011-06-24 16:32 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-11 09:48 - 2011-06-24 16:32 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-11 09:48 - 2011-02-10 12:53 - 00000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini
2016-02-11 09:47 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-11 09:00 - 2011-02-17 16:11 - 00000422 _____ C:\Windows\Tasks\SystemToolsDailyTest.job
2016-02-11 08:30 - 2011-03-12 17:55 - 00000000 ___RD C:\Users\privat\Virtual Machines
2016-02-11 04:03 - 2015-02-26 04:23 - 00000000 ____D C:\Windows\rescache
2016-02-10 20:20 - 2013-11-30 20:20 - 00149504 ___SH C:\Users\privat\Thumbs.db
2016-02-10 20:11 - 2013-03-20 20:50 - 00000000 ____D C:\Users\privat\AppData\Roaming\Bayd
2016-02-10 18:09 - 2011-03-21 18:09 - 00000240 _____ C:\Windows\Tasks\Epson Printer Software Downloader.job
2016-02-10 10:03 - 2011-02-10 12:07 - 02293438 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-10 10:03 - 2009-07-14 09:47 - 00964984 _____ C:\Windows\system32\perfh007.dat
2016-02-10 10:03 - 2009-07-14 09:47 - 00238790 _____ C:\Windows\system32\perfc007.dat
2016-02-10 10:03 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-02-10 04:16 - 2015-10-12 11:34 - 00000946 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-02-10 04:16 - 2009-07-14 05:33 - 00663416 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-10 04:13 - 2014-12-12 03:34 - 00000000 ____D C:\Windows\system32\appraiser
2016-02-10 04:13 - 2014-05-07 02:02 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-02-10 04:13 - 2009-07-14 09:57 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 03:56 - 2009-07-14 03:04 - 00000478 _____ C:\Windows\win.ini
2016-02-10 03:28 - 2013-08-15 20:25 - 00000000 ____D C:\Windows\system32\MRT
2016-02-10 03:14 - 2011-02-19 11:57 - 144254680 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-09 22:42 - 2014-09-02 17:32 - 00000000 ____D C:\Users\privat\AppData\Local\Adobe
2016-02-09 22:42 - 2012-04-22 17:31 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-02-09 22:42 - 2011-05-19 18:23 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-02-08 20:36 - 2013-01-16 20:35 - 00000000 ____D C:\Users\privat\Documents\Outlook-Dateien
2016-02-07 00:51 - 2011-04-23 18:46 - 00000000 ____D C:\Users\privat\AppData\Local\CrashDumps
2016-02-04 13:05 - 2011-03-26 11:36 - 00000000 ____D C:\Program Files\Opera
2016-02-01 13:29 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2016-01-18 22:19 - 2015-02-19 20:41 - 00229113 _____ C:\Users\privat\Documents\RK-2015-Taudte NEU.xlsx
2016-01-14 08:50 - 2015-11-30 11:23 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-14 03:50 - 2016-01-08 09:23 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-01-14 03:50 - 2012-05-13 20:13 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-01-14 03:50 - 2011-02-10 12:34 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-14 03:28 - 2011-02-10 12:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-11-18 10:07 - 2015-11-18 10:07 - 0207386 _____ () C:\Users\privat\AppData\Local\ars.cache
2015-11-18 10:07 - 2015-11-18 10:07 - 0333491 _____ () C:\Users\privat\AppData\Local\census.cache
2011-09-09 20:57 - 2013-05-08 18:45 - 0008704 _____ () C:\Users\privat\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-18 09:28 - 2015-11-18 09:28 - 0000036 _____ () C:\Users\privat\AppData\Local\housecall.guid.cache
2012-01-07 13:04 - 2015-12-17 20:46 - 0007602 _____ () C:\Users\privat\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
C:\Users\Chris\AppData\Local\Temp\bitmaps.dll
C:\Users\Chris\AppData\Local\Temp\DiscoveryLib.dll
C:\Users\Chris\AppData\Local\Temp\DiscoveryLib64.dll
C:\Users\Chris\AppData\Local\Temp\fwDownloadLib.dll
C:\Users\Chris\AppData\Local\Temp\fwDownloadLib64.dll
C:\Users\Chris\AppData\Local\Temp\fwupdate.exe
C:\Users\Chris\AppData\Local\Temp\InstallLib.dll
C:\Users\Chris\AppData\Local\Temp\InstallLib64.dll
C:\Users\Chris\AppData\Local\Temp\InstallSeqLib.dll
C:\Users\Chris\AppData\Local\Temp\InstallSeqLib64.dll
C:\Users\Chris\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Chris\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Chris\AppData\Local\Temp\openslp32.dll
C:\Users\Chris\AppData\Local\Temp\openslp64.dll
C:\Users\Chris\AppData\Local\Temp\Setup.exe
C:\Users\Chris\AppData\Local\Temp\Uninstall.exe
C:\Users\Chris\AppData\Local\Temp\winstaller.exe
C:\Users\Chris\AppData\Local\Temp\winstaller64.exe
C:\Users\privat\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\privat\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-02-10 05:01

==================== Ende vom FRST.txt ============================
         

Alt 11.02.2016, 09:18   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt - Standard

Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt



Bitte auch ne neue Addition.txt erstellen, dazu FRST starten und einen Haken setzen bei Addition.txt, dann auf Untersuchen klicken.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 11.02.2016, 09:54   #11
duat
 
Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt - Standard

Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt



OK, beide Logs noch mal nachgereicht!

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:07-02-2016
durchgeführt von privat (Administrator) auf CHRIS-PC (11-02-2016 10:49:53)
Gestartet von C:\Users\privat\Downloads
Geladene Profile: privat (Verfügbare Profile: Chris & privat)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files\Dell Wireless\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files\Dell Wireless\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
() C:\ProgramData\DatacardService\HWDeviceService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-06-08] (Intel Corporation)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files\Dell Wireless\Bluetooth Suite\BtvStack.exe [474272 2010-09-02] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files\Dell Wireless\Bluetooth Suite\AthBtTray.exe [298144 2010-09-02] (Atheros Commnucations)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM\...\Run: [RemoteControl9] => C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
HKLM\...\Run: [PDVD9LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-04-29] (CyberLink Corp.)
HKLM\...\Run: [Dell Webcam Central] => C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [487562 2010-08-20] (Creative Technology Ltd)
HKLM\...\Run: [RoxWatchTray] => C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-09-04] (Sonic Solutions)
HKLM\...\Run: [Desktop Disc Tool] => C:\Program Files\Roxio\oem\Roxio Burn\RoxioBurnLauncher.exe [522736 2010-11-01] ()
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [1797488 2011-01-07] (Microsoft Corporation)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-12-17] (Apple Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-29] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157456 2015-12-17] (Apple Inc.)
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [EPSON SX510W Series] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE [199680 2008-11-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [EPSON SX510W Series (Kopie 1)] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE [199680 2008-11-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [Device Detection] => C:\Program Files\Lidl_Fotos\dd.exe [860528 2013-10-30] ()
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [] => [X]
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [NokiaSuite.exe] => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1090040 2012-12-21] (Nokia)
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {1305b0a3-f675-11e1-a1da-90004e013ab8} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {41144100-92dc-11e1-8581-90004e013ab8} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {4114411a-92dc-11e1-8581-90004e013ab8} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {41144133-92dc-11e1-8581-90004e013ab8} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {7357d7ff-4967-11e2-8651-f04da26bc8e0} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {7357d81a-4967-11e2-8651-f04da26bc8e0} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {750a411f-34c9-11e0-b132-806e6f6e6963} - D:\autorun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {dc37c5b5-6a52-11e2-b7ff-f04da26bc8e0} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {f8f69999-c40f-11e2-a005-f04da26bc8e0} - E:\AutoRun.exe
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll [2013-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll [2013-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll [2013-03-12] (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{2258AB48-4D93-4911-96B8-1B32A6796175}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{448221D6-933B-418F-8123-42221C7068BA}: [DhcpNameServer] 139.7.30.126 139.7.30.125
Tcpip\..\Interfaces\{8A4DA0DA-3D99-4A6E-9C53-1FCE9296A33F}: [NameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{A85015A4-C874-4C44-846D-25AEC4860175}: [NameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{AF10391C-F1D8-4024-BC6B-26BD4465F675}: [NameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{BBE6AA86-1C5F-45F8-8486-9DB31DA9A39B}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USSMB/8
SearchScopes: HKLM -> DefaultScope {4B9FC999-DF9D-4DA9-B7D2-A17ED9193392} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
SearchScopes: HKLM -> {4B9FC999-DF9D-4DA9-B7D2-A17ED9193392} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-30] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2011-05-13] (Microsoft Corporation)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-04-01] (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-30] (Oracle Corporation)
BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-04-01] (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-583576071-2610798785-2159693280-1003 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\privat\AppData\Roaming\Mozilla\Firefox\Profiles\wwe6u0x0.default-1431504965002
FF Homepage: hxxps://www.google.de/?gws_rd=ssl
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_267.dll [2016-01-14] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-30] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2012-12-21] ( )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2008-10-24] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Extension: WEB.DE MailCheck - C:\Users\privat\AppData\Roaming\Mozilla\Firefox\Profiles\wwe6u0x0.default-1431504965002\extensions\mailcheck@web.de [2015-12-16]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-01-08] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2016-01-08] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2016-01-08] [ist nicht signiert]
FF Extension: UITBAutoInstaller - C:\Program Files\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2016-01-08] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - c:\Program Files\Trend Micro\Client Server Security Agent\bho\1056\FirefoxExtension => nicht gefunden
FF HKLM\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx32\addon
FF Extension: Bytemobile Optimization Client - C:\Program Files\T-Mobile\InternetManager_H\OCx32\addon [2012-12-19] [ist nicht signiert]
FF HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\privat\AppData\Roaming\Mozilla\Firefox\Profiles\kpwvyoo0.default\extensions\cliqz@cliqz.com => nicht gefunden

Chrome: 
=======
CHR Profile: C:\Users\privat\AppData\Local\Google\Chrome\User Data\default

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Atheros Bt&Wlan Coex Agent; C:\Program Files\Dell Wireless\Ath_CoexAgent.exe [151552 2010-05-24] (Atheros) [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files\Dell Wireless\Bluetooth Suite\adminservice.exe [56480 2010-09-02] (Atheros Commnucations) [Datei ist nicht signiert]
R2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
R2 EPSON_EB_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE [143872 2007-12-17] (SEIKO EPSON CORPORATION)
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [113664 2007-01-11] (SEIKO EPSON CORPORATION)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2011-02-10] (Macrovision Europe Ltd.) [Datei ist nicht signiert]
R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [270176 2011-01-28] ()
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Datei ist nicht signiert]
S2 Internet Manager. RunOuc; C:\Program Files\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [224096 2012-12-19] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
S3 RoxMediaDB12OEM; C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [1116656 2010-09-04] (Sonic Solutions)
S2 RoxWatch12; C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [219632 2010-09-04] (Sonic Solutions)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AthBTPort; C:\Windows\System32\DRIVERS\btath_flt.sys [37224 2010-07-08] (Atheros)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281504 2013-04-29] ()
R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [13184 2012-12-19] (Bytemobile, Inc.) [Datei ist nicht signiert]
S3 BTATH_A2DP; C:\Windows\System32\drivers\btath_a2dp.sys [257896 2010-07-08] (Atheros)
R3 BTATH_BUS; C:\Windows\System32\DRIVERS\btath_bus.sys [26984 2010-07-08] (Atheros)
S3 BTATH_HCRP; C:\Windows\System32\DRIVERS\btath_hcrp.sys [178024 2010-07-08] (Atheros)
S3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [47976 2010-09-02] (Atheros)
S3 BTATH_RCP; C:\Windows\System32\DRIVERS\btath_rcp.sys [143336 2010-07-08] (Atheros)
S3 BtFilter; C:\Windows\System32\DRIVERS\btfilter.sys [237416 2010-08-31] (Atheros)
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [63464 2013-01-22] (FTDI Ltd.)
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [90112 2012-12-19] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [26624 2012-12-19] (Huawei Technologies Co., Ltd.)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [181760 2012-12-19] (Huawei Technologies Co., Ltd.)
S3 KMWDFILTERx86; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [25088 2009-04-29] (Windows (R) Codename Longhorn DDK provider)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2013-04-29] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
S3 mvusbcomm; C:\Windows\System32\Drivers\mvusbcomm.sys [17408 2013-08-22] (Marvell Semiconductor, Inc.)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl.sys [18432 2012-03-26] (Apple Inc.) [Datei ist nicht signiert]
R2 risdpcie; C:\Windows\System32\DRIVERS\risdpe86.sys [49152 2009-06-30] (REDC)
S3 rixdpcie; C:\Windows\system32\DRIVERS\rixdpe86.sys [38400 2009-07-04] (REDC)
R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [172416 2010-11-20] (Microsoft Corporation)
R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [48128 2010-11-20] (Microsoft Corporation)
R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2010-11-20] (Microsoft Corporation)
R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [296064 2010-11-20] (Microsoft Corporation)
S3 adxapie; \??\C:\Users\privat\AppData\Local\Temp\adxapie.sys [X]
S3 PCDSRVC{E9D79540-57D5953E-06020101}_0; \??\c:\program files\dell support center\pcdsrvc.pkms [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-11 10:01 - 2016-02-11 10:01 - 00003795 _____ C:\Users\privat\Desktop\JRT.txt
2016-02-11 09:51 - 2016-02-11 09:51 - 01609032 _____ (Malwarebytes) C:\Users\privat\Downloads\JRT.exe
2016-02-11 09:37 - 2016-02-11 09:45 - 00000000 ____D C:\AdwCleaner
2016-02-11 09:37 - 2016-02-11 09:37 - 01508352 _____ C:\Users\privat\Downloads\AdwCleaner_5.033.exe
2016-02-11 09:23 - 2016-02-11 09:25 - 00231950 _____ C:\TDSSKiller.3.1.0.9_11.02.2016_09.23.44_log.txt
2016-02-11 09:23 - 2016-02-11 09:23 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\privat\Downloads\tdsskiller.exe
2016-02-10 17:55 - 2016-02-10 17:55 - 00058954 _____ C:\Users\privat\Downloads\Abrechnung_4475888970027369_20151114(1).PDF
2016-02-10 17:55 - 2016-02-10 17:55 - 00058558 _____ C:\Users\privat\Downloads\Abrechnung_4475888970027369_20151014.PDF
2016-02-10 17:55 - 2016-02-10 17:55 - 00058089 _____ C:\Users\privat\Downloads\Konto_1163325135-Auszug_2015_005(1).PDF
2016-02-10 17:55 - 2016-02-10 17:55 - 00057300 _____ C:\Users\privat\Downloads\Abrechnung_4475888970027369_20160114.PDF
2016-02-10 17:55 - 2016-02-10 17:55 - 00037353 _____ C:\Users\privat\Downloads\Abrechnung_4475888970027369_20151214(1).PDF
2016-02-10 17:54 - 2016-02-10 17:55 - 00073615 _____ C:\Users\privat\Downloads\Konto_1355011481-Auszug_2015_011(1).PDF
2016-02-10 17:54 - 2016-02-10 17:55 - 00070354 _____ C:\Users\privat\Downloads\Konto_1355011481-Auszug_2015_012(1).PDF
2016-02-10 17:54 - 2016-02-10 17:55 - 00062457 _____ C:\Users\privat\Downloads\Konto_1163325135-Auszug_2015_006(1).PDF
2016-02-10 17:54 - 2016-02-10 17:55 - 00056629 _____ C:\Users\privat\Downloads\Konto_1163325135-Auszug_2015_007(1).PDF
2016-02-10 17:54 - 2016-02-10 17:55 - 00029101 _____ C:\Users\privat\Downloads\Konto_3330022433-Auszug_2015_004(1).PDF
2016-02-10 17:53 - 2016-02-10 17:55 - 00062288 _____ C:\Users\privat\Downloads\Konto_1355011481-Auszug_2016_001.PDF
2016-02-10 16:49 - 2016-02-11 03:25 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-02-10 16:49 - 2016-02-10 16:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-10 16:48 - 2016-02-10 20:25 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-10 16:47 - 2016-02-11 03:23 - 00000000 ____D C:\Users\privat\Desktop\mbar
2016-02-10 16:47 - 2016-02-10 20:24 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-02-10 16:46 - 2016-02-10 16:47 - 16563352 _____ (Malwarebytes Corp.) C:\Users\privat\Downloads\mbar-1.09.3.1001.exe
2016-02-10 14:50 - 2016-02-10 14:52 - 00050353 _____ C:\Users\privat\Downloads\Addition.txt
2016-02-10 14:47 - 2016-02-11 10:49 - 00021749 _____ C:\Users\privat\Downloads\FRST.txt
2016-02-10 14:47 - 2016-02-11 10:49 - 00000000 ____D C:\FRST
2016-02-10 14:46 - 2016-02-10 14:46 - 01721344 _____ (Farbar) C:\Users\privat\Downloads\FRST.exe
2016-02-10 14:23 - 2016-02-10 14:24 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\privat\Downloads\SpyHunter-Installer (1).exe
2016-02-10 14:23 - 2016-02-10 14:23 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\privat\Downloads\SpyHunter-Installer.exe
2016-02-10 04:12 - 2016-02-10 04:12 - 00000000 ____D C:\ef66c554362ecf4d43f9d71f6f1364ae
2016-02-09 22:03 - 2016-01-16 19:42 - 00022464 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-02-09 22:03 - 2016-01-16 19:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-09 22:03 - 2016-01-16 19:34 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-02-09 22:03 - 2016-01-11 15:07 - 01198080 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-02-09 22:03 - 2016-01-11 15:07 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-02-09 22:03 - 2016-01-11 15:07 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-02-09 22:03 - 2016-01-11 15:07 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-02-09 22:03 - 2016-01-11 15:07 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-02-09 22:02 - 2016-01-22 07:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-02-09 22:02 - 2016-01-22 07:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-02-09 22:02 - 2016-01-22 06:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-02-09 22:02 - 2016-01-22 06:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-02-09 22:00 - 2016-01-22 07:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-02-09 22:00 - 2016-01-22 07:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-09 22:00 - 2016-01-22 07:09 - 01310232 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-09 22:00 - 2016-01-22 07:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-09 22:00 - 2016-01-22 07:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-09 22:00 - 2016-01-22 07:02 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-09 22:00 - 2016-01-22 07:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-09 22:00 - 2016-01-22 07:02 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-09 22:00 - 2016-01-22 07:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
2016-02-09 22:00 - 2016-01-22 07:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-09 22:00 - 2016-01-22 06:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-02-09 22:00 - 2016-01-07 18:47 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-09 22:00 - 2016-01-07 18:35 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-09 22:00 - 2016-01-06 19:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-02-09 22:00 - 2016-01-06 18:56 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-02-09 22:00 - 2015-12-20 19:45 - 02745856 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-02-09 22:00 - 2015-12-20 19:45 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-02-09 22:00 - 2015-12-20 17:16 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-02-09 21:59 - 2016-01-22 07:13 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-09 21:59 - 2016-01-22 07:13 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-02-09 21:59 - 2016-01-22 07:06 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-02-09 21:59 - 2016-01-22 07:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-02-09 21:59 - 2016-01-22 07:06 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-02-09 21:59 - 2016-01-22 07:06 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-02-09 21:59 - 2016-01-22 07:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-02-09 21:59 - 2016-01-22 07:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-02-09 21:59 - 2016-01-22 07:05 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-09 21:59 - 2016-01-22 07:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-02-09 21:59 - 2016-01-22 07:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-02-09 21:59 - 2016-01-22 07:02 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-09 21:59 - 2016-01-22 07:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-09 21:59 - 2016-01-22 07:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-02-09 21:59 - 2016-01-22 07:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-02-09 21:59 - 2016-01-22 07:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-02-09 21:59 - 2016-01-22 06:01 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-02-09 21:59 - 2016-01-22 06:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-02-09 21:59 - 2016-01-22 05:53 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-02-09 21:59 - 2016-01-22 05:53 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-09 21:59 - 2016-01-22 05:53 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-09 21:59 - 2016-01-22 05:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-02-09 21:59 - 2016-01-22 05:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-02-09 21:59 - 2016-01-22 05:51 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-02-09 21:59 - 2016-01-22 05:51 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-02-09 21:59 - 2016-01-22 05:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 05:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 05:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 05:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-09 21:58 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-09 21:58 - 2016-02-06 10:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-02-09 21:58 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-09 21:58 - 2016-02-06 10:38 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-02-09 21:58 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-09 21:58 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-09 21:58 - 2016-01-22 21:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-09 21:58 - 2016-01-22 07:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-02-09 21:58 - 2016-01-22 07:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-02-09 21:58 - 2016-01-22 07:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-02-09 21:58 - 2016-01-22 07:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-02-09 21:58 - 2016-01-22 06:55 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-02-09 21:58 - 2016-01-22 06:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-02-09 21:58 - 2016-01-22 06:52 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-02-09 21:58 - 2016-01-22 06:51 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-02-09 21:58 - 2016-01-22 06:51 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-02-09 21:58 - 2016-01-22 06:46 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-09 21:58 - 2016-01-22 06:43 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-02-09 21:58 - 2016-01-22 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-09 21:58 - 2016-01-22 06:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-02-09 21:58 - 2016-01-22 06:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-02-09 21:58 - 2016-01-22 06:34 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-02-09 21:58 - 2016-01-22 06:33 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-02-09 21:58 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-09 21:58 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-09 21:58 - 2016-01-22 06:25 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-09 21:58 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-09 21:58 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-09 21:58 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-09 21:57 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-09 21:57 - 2016-01-22 07:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-02-09 21:57 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-09 21:57 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-09 21:57 - 2016-01-22 06:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-02-09 21:57 - 2016-01-22 06:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-02-09 21:56 - 2016-01-11 19:47 - 02956288 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-02-09 21:56 - 2016-01-11 19:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-02-09 21:56 - 2016-01-11 19:35 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-02-09 21:56 - 2016-01-11 19:17 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-09 21:56 - 2016-01-11 19:14 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-02-09 21:56 - 2016-01-11 19:14 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-02-09 21:56 - 2016-01-11 19:14 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-02-09 21:56 - 2016-01-11 19:14 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-02-09 21:56 - 2016-01-11 19:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-02-09 21:56 - 2016-01-11 19:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-02-09 21:56 - 2016-01-11 19:14 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-01-20 13:19 - 2016-01-20 13:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-01-20 13:11 - 2016-01-20 13:19 - 00000000 ____D C:\Program Files\QuickTime
2016-01-13 22:45 - 2016-01-13 22:45 - 00000000 ____D C:\Users\Chris\AppData\Local\Apple
2016-01-13 09:44 - 2015-12-08 22:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-01-13 09:44 - 2015-12-08 22:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 01202688 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-13 09:44 - 2015-12-08 22:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-01-13 09:44 - 2015-12-08 22:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-13 09:44 - 2015-12-08 22:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-01-13 09:44 - 2015-12-08 22:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-01-13 09:44 - 2015-12-08 22:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-01-13 09:44 - 2015-12-08 22:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-01-13 09:44 - 2015-12-08 22:43 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-01-13 09:44 - 2015-12-08 22:11 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-01-13 09:44 - 2015-12-08 22:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-01-13 09:44 - 2015-11-16 21:12 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-01-13 09:44 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-01-13 09:44 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-01-13 09:44 - 2015-11-13 23:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-11 10:48 - 2011-06-24 16:32 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-11 09:58 - 2009-07-14 05:34 - 00025216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-11 09:58 - 2009-07-14 05:34 - 00025216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-11 09:48 - 2011-06-24 16:32 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-11 09:48 - 2011-02-10 12:53 - 00000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini
2016-02-11 09:47 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-11 09:00 - 2011-02-17 16:11 - 00000422 _____ C:\Windows\Tasks\SystemToolsDailyTest.job
2016-02-11 08:30 - 2011-03-12 17:55 - 00000000 ___RD C:\Users\privat\Virtual Machines
2016-02-11 04:03 - 2015-02-26 04:23 - 00000000 ____D C:\Windows\rescache
2016-02-10 20:20 - 2013-11-30 20:20 - 00149504 ___SH C:\Users\privat\Thumbs.db
2016-02-10 20:11 - 2013-03-20 20:50 - 00000000 ____D C:\Users\privat\AppData\Roaming\Bayd
2016-02-10 18:09 - 2011-03-21 18:09 - 00000240 _____ C:\Windows\Tasks\Epson Printer Software Downloader.job
2016-02-10 10:03 - 2011-02-10 12:07 - 02293438 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-10 10:03 - 2009-07-14 09:47 - 00964984 _____ C:\Windows\system32\perfh007.dat
2016-02-10 10:03 - 2009-07-14 09:47 - 00238790 _____ C:\Windows\system32\perfc007.dat
2016-02-10 10:03 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-02-10 04:16 - 2015-10-12 11:34 - 00000946 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-02-10 04:16 - 2009-07-14 05:33 - 00663416 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-10 04:13 - 2014-12-12 03:34 - 00000000 ____D C:\Windows\system32\appraiser
2016-02-10 04:13 - 2014-05-07 02:02 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-02-10 04:13 - 2009-07-14 09:57 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 03:56 - 2009-07-14 03:04 - 00000478 _____ C:\Windows\win.ini
2016-02-10 03:28 - 2013-08-15 20:25 - 00000000 ____D C:\Windows\system32\MRT
2016-02-10 03:14 - 2011-02-19 11:57 - 144254680 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-09 22:42 - 2014-09-02 17:32 - 00000000 ____D C:\Users\privat\AppData\Local\Adobe
2016-02-09 22:42 - 2012-04-22 17:31 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-02-09 22:42 - 2011-05-19 18:23 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-02-08 20:36 - 2013-01-16 20:35 - 00000000 ____D C:\Users\privat\Documents\Outlook-Dateien
2016-02-07 00:51 - 2011-04-23 18:46 - 00000000 ____D C:\Users\privat\AppData\Local\CrashDumps
2016-02-04 13:05 - 2011-03-26 11:36 - 00000000 ____D C:\Program Files\Opera
2016-02-01 13:29 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2016-01-18 22:19 - 2015-02-19 20:41 - 00229113 _____ C:\Users\privat\Documents\RK-2015-Taudte NEU.xlsx
2016-01-14 08:50 - 2015-11-30 11:23 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-14 03:50 - 2016-01-08 09:23 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-01-14 03:50 - 2012-05-13 20:13 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-01-14 03:50 - 2011-02-10 12:34 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-14 03:28 - 2011-02-10 12:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-11-18 10:07 - 2015-11-18 10:07 - 0207386 _____ () C:\Users\privat\AppData\Local\ars.cache
2015-11-18 10:07 - 2015-11-18 10:07 - 0333491 _____ () C:\Users\privat\AppData\Local\census.cache
2011-09-09 20:57 - 2013-05-08 18:45 - 0008704 _____ () C:\Users\privat\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-18 09:28 - 2015-11-18 09:28 - 0000036 _____ () C:\Users\privat\AppData\Local\housecall.guid.cache
2012-01-07 13:04 - 2015-12-17 20:46 - 0007602 _____ () C:\Users\privat\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
C:\Users\Chris\AppData\Local\Temp\bitmaps.dll
C:\Users\Chris\AppData\Local\Temp\DiscoveryLib.dll
C:\Users\Chris\AppData\Local\Temp\DiscoveryLib64.dll
C:\Users\Chris\AppData\Local\Temp\fwDownloadLib.dll
C:\Users\Chris\AppData\Local\Temp\fwDownloadLib64.dll
C:\Users\Chris\AppData\Local\Temp\fwupdate.exe
C:\Users\Chris\AppData\Local\Temp\InstallLib.dll
C:\Users\Chris\AppData\Local\Temp\InstallLib64.dll
C:\Users\Chris\AppData\Local\Temp\InstallSeqLib.dll
C:\Users\Chris\AppData\Local\Temp\InstallSeqLib64.dll
C:\Users\Chris\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Chris\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Chris\AppData\Local\Temp\openslp32.dll
C:\Users\Chris\AppData\Local\Temp\openslp64.dll
C:\Users\Chris\AppData\Local\Temp\Setup.exe
C:\Users\Chris\AppData\Local\Temp\Uninstall.exe
C:\Users\Chris\AppData\Local\Temp\winstaller.exe
C:\Users\Chris\AppData\Local\Temp\winstaller64.exe
C:\Users\privat\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\privat\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-02-10 05:01

==================== Ende vom FRST.txt ============================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:07-02-2016
durchgeführt von privat (2016-02-11 10:50:51)
Gestartet von C:\Users\privat\Downloads
Microsoft Windows 7 Professional  Service Pack 1 (X86) (2011-02-17 15:08:49)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-583576071-2610798785-2159693280-500 - Administrator - Disabled)
Chris (S-1-5-21-583576071-2610798785-2159693280-1000 - Administrator - Enabled) => C:\Users\Chris
Gast (S-1-5-21-583576071-2610798785-2159693280-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-583576071-2610798785-2159693280-1002 - Limited - Enabled)
privat (S-1-5-21-583576071-2610798785-2159693280-1003 - Administrator - Enabled) => C:\Users\privat

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
ABBYY FineReader 6.0 Sprint (HKLM\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House)
Adobe Acrobat  9 Standard - English, Français, Deutsch (HKLM\...\{AC76BA86-1033-F400-BA7E-000000000004}{AC76BA86-1033-F400-BA7E-000000000004}) (Version: 9.5.5 - Adobe Systems)
Adobe Acrobat 9.5.5 - CPSID_83708 (HKLM\...\{AC76BA86-1033-F400-BA7E-000000000004}_955) (Version:  - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM\...\{2BD2FA21-B51D-4F01-94A7-AC16737B2163}) (Version: 10.0.12.36 - Adobe Systems, Inc.)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Flash Player 20 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
ANNO 1503 (HKLM\...\{EBBB1DEF-8878-4CB8-BC0D-1196B30E7527}) (Version:  - )
Anno 1701 (HKLM\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.00 - Sunflowers)
Apple Application Support (32-Bit) (HKLM\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{9A629DCB-415D-4A50-85B9-5C2E4F8F74A8}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Beyond Good & Evil (HKLM\...\{6BF81CE7-3D5A-497F-8912-2A65A0253E1B}) (Version: 1.01.000 - )
Bing Bar (HKLM\...\{449CE12D-E2C7-4B97-B19E-55D163EA9435}) (Version: 7.0.619.0 - Microsoft Corporation)
Bluetooth Win7 Suite (HKLM\...\{101A497C-7EF6-4001-834D-E5FA1C70FEFA}) (Version: 7.2.0.6 - Atheros Communications)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
Broken Sword 2.5 (HKLM\...\Broken Sword 2.5_is1) (Version:  - mindFactory)
CCleaner (HKLM\...\CCleaner) (Version: 3.20 - Piriform)
Cliqz (HKLM\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
combit address manager 15 Workstation Einrichtung (HKLM\...\combit address manager 15 Workstation Einrichtung) (Version: 1.0.0 - combit GmbH)
Commandos 2: Men of Courage (HKLM\...\{F7963BA0-EE1C-11D4-9FA5-00A0C9E6A342}) (Version:  - )
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.129.0.64 - Conexant)
CyberLink PowerDVD 9.5 (HKLM\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.3225 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery Manager (HKLM\...\{4688EB75-28E2-4731-9BCB-55E624F7CD45}) (Version: 1.3 - Dell Inc.)
Dell Bluetooth Installation (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{3138EAD3-700B-4A10-B617-B3F8096EE30D}) (Version: 1.0.0 - Dell Inc)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.0.5621.01 - Dell Inc.)
Dell Support Center (Version: 3.0.5621.01 - PC-Doctor, Inc.) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1007.101.102 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Central (HKLM\...\Dell Webcam Central) (Version: 2.00.35 - Creative Technology Ltd)
Der Pate® Das Spiel (HKLM\...\{1D2CF076-A63F-41A5-00A1-5924FADFAD9D}) (Version:  - )
Desperados 1.0 (HKLM\...\Desperados 1.0) (Version:  - )
DialUp (HKLM\...\DialUp) (Version: 12.08.101 - Huawei Technologies Co.,Ltd)
Die Gilde (HKLM\...\Die Gilde) (Version:  - )
Die Gilde Update 1.05 Beta 3 (HKLM\...\Die Gilde Update 1.05 Beta 3) (Version:  - )
DIE SIEDLER - Aufstieg eines Königreichs (HKLM\...\{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}) (Version: 1.00.0000 - Ubisoft)
DIE SIEDLER - Das Erbe der Könige - Gold Edition (HKLM\...\{E08DE897-B6AF-4DFF-9E90-131E80C876B4}) (Version: 1.00.0000 - Blue Byte)
Die Siedler 2 - Die nächste Generation (HKLM\...\{ED56EF4F-35FF-48D4-B616-A66E791EF1B6}) (Version: 1.00.0000 - UBISOFT)
DirectX 9 Runtime (Version: 1.00.0000 - Sonic Solutions) Hidden
Drakensang (HKLM\...\Drakensang_is1) (Version:  - dtp)
Dropbox (HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Dropbox) (Version: 1.6.18 - Dropbox, Inc.)
Dungeon Keeper (HKLM\...\Keeper) (Version:  - )
Emulator Starter (HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\32bce9526e87661e) (Version: 1.0.0.141 - Free Game Empire)
Epson Easy Photo Print 2 (HKLM\...\{87C2248A-C7DD-49ED-9BCD-B312A9D0819E}) (Version: 2.1.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation)
Epson Printer Software Downloader (HKLM\...\Epson Printer Software Downloader) (Version:  - )
Epson Printer Software Downloader (Version: 2.0.0 - SEIKO EPSON CORPORATION) Hidden
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - )
Epson Stylus SX510W_TX550W Handbuch (HKLM\...\Epson Stylus SX510W_TX550W Benutzerhandbuch) (Version:  - )
EPSON SX510W Series Printer Uninstall (HKLM\...\EPSON SX510W Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4i - SEIKO EPSON CORPORATION)
EpsonNet Setup (HKLM\...\{FFFAE01B-466F-4C07-9821-A94FD753BDDA}) (Version: 3.1c - SEIKO EPSON CORPORATION)
EXIFeditor (HKLM\...\{50FC1CE8-FF32-4F3B-B654-050DD6ECD474}) (Version: 1.0.0 - kiwi.software.NET)
Fallout 3 (HKLM\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
FlexMail 4.0 (HKLM\...\{A95AD78E-D9C4-4ECE-8D54-CED21CEB2D52}) (Version: 4.00.0000 - Flex Systems B.V.)
fotokasten comfort 5.4 (HKLM\...\fotokasten comfort_is1) (Version:  - )
Foto-Mosaik-Edda Standard V6.6.12082.1 (HKLM\...\{A2D6ECD0-7E52-42B7-9236-DB2951436616}_is1) (Version:  - Steffen Schirmer)
Fotor 1.3.0 (HKLM\...\Fotor) (Version: 1.3.0 - Everimaging Co., Ltd.)
FP-PostBase (HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\32b33acc94e46eaf) (Version: 1.8.0.0 - Francotyp-Postalia)
Free YouTube to MP3 Converter version 3.12.54.128 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.54.128 - DVDVideoSoft Ltd.)
FUJIdirekt Bestellsoftware 5.1 (HKLM\...\FUJIdirekt Bestellsoftware_is1) (Version:  - )
Garmin Trip and Waypoint Manager v5 (HKLM\...\{414A373B-59DF-4102-94CA-9FE9A74CBDDA}) (Version: 5.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
GIMP 2.6.11 (HKLM\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
GLtron version 0.70 (HKLM\...\GLtron_is1) (Version:  - )
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
GPSBabel 1.4.2 (HKLM\...\{1B8FE958-A304-4902-BF7A-4E2F0F5B7017}_is1) (Version:  - GPSBabel)
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.7.50 - Conexant Systems)
Hex-Editor MX (HKLM\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2182 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.4.1002 - Intel Corporation)
Internet Manager (HKLM\...\Internet Manager) (Version: 22.001.18.00.748 - Huawei Technologies Co.,Ltd)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iTunes (HKLM\...\{2C741651-87E0-4479-9703-6DD0D7988B84}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 66 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lidl-Fotos (HKLM\...\Lidl-Fotos_is1) (Version:  - )
locr GPS Photo (HKLM\...\{E58A0BB1-1FA1-40DC-AFA4-2C86D0A3B879}) (Version: 1.2.4 - locr)
Luminance HDR 2.3.1 (HKLM\...\{7020FC34-6E04-4858-924D-354B28CB2402}_is1) (Version:  - Luminance HDR Dev Team)
M Series Driver (HKLM\...\M Series Driver) (Version:  - )
mailcredit (HKLM\...\{986D05F1-1487-4865-BBAF-70A969B95A24}) (Version: 1.2.4 - Francotyp-Postalia)
mailreport (HKLM\...\{1C9F6F44-3990-48AE-926B-C5F3B8D23B45}) (Version: 1.6.0 - FP)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
MFCLOC (Version: 1.00.0000 - Dell Inc.) Hidden
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Age of Empires II (HKLM\...\Age of Empires 2.0) (Version:  - )
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}) (Version: 3.0.19.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.0 (HKLM\...\{CD232781-26CA-4E18-BC70-4343A2F0D583}) (Version: 8.01.249.0 - Microsoft)
Microsoft Office Access Runtime (English) 2007 (HKLM\...\{90120000-001C-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Access Runtime (German) 2007 (HKLM\...\{90120000-001C-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Minecraft (HKLM\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mobile Partner (HKLM\...\Mobile Partner) (Version: 16.001.06.01.500 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 43.0.4 (x86 de) (HKLM\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Navigator Base Components (HKLM\...\{759F0957-BB9E-4C55-88A7-86961F9099A8}) (Version: 1.3.0.0 - FP)
NehrimUninstaller (HKLM\...\Nehrim - Am Rande des Schicksals_is1) (Version: 1.0.0 - SureAI)
Nokia Connectivity Cable Driver (HKLM\...\{6FE12C01-2FBC-42E2-AEB9-4CA2238C462F}) (Version: 7.1.101.0 - Nokia)
Nokia PC Suite (HKLM\...\Nokia PC Suite) (Version: 7.1.60.0 - Nokia)
Nokia PC Suite (Version: 7.1.60.0 - Nokia) Hidden
Nokia Suite (HKLM\...\Nokia Suite) (Version: 3.7.22.0 - Nokia)
Nokia Suite (Version: 3.7.22.0 - Nokia) Hidden
Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
NVIDIA PhysX (HKLM\...\{B83FC356-B7C0-441F-8A4D-D71E088E7974}) (Version: 9.09.0428 - NVIDIA Corporation)
Nvu 1.0 (HKLM\...\Nvu_is1) (Version: 1.0 - Thorsten Fritz)
Oblivion (HKLM\...\{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}) (Version: 1.2.0416 - Bethesda Softworks)
OpenAL (HKLM\...\OpenAL) (Version:  - )
OpenTTD 1.1.1 (HKLM\...\OpenTTD) (Version: 1.1.1 - OpenTTD)
Opera 12.17 (HKLM\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Opera Stable 35.0.2066.37 (HKLM\...\Opera 35.0.2066.37) (Version: 35.0.2066.37 - Opera Software)
Origin (HKLM\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
OSM World Routable (HKLM\...\OSM World Routable) (Version:  - )
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}) (Version: 3.60.0 - dotPDN LLC)
PC Connectivity Solution (HKLM\...\{6B722793-E77B-41F5-BAB3-6C9832274E75}) (Version: 12.0.76.0 - Nokia)
Perfect Effects 4.0.1 (HKLM\...\{385E6A4D-A440-43E2-9BAF-A012FB5FC2E2}) (Version: 4.0.1 - onOne Software)
PhotoShowExpress (Version: 2.0.028 - Sonic Solutions) Hidden
Picture Collage Maker Free 2.1.2 (HKLM\...\{DEB7295A-D00E-4D45-846C-2947E8C3F080}_is1) (Version:  - PearlMountain Soft)
PL-2303 Vista Driver Installer (HKLM\...\{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}) (Version: 3.0.1.0 - Prolific)
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Risen (HKLM\...\{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}) (Version: 1.00.0000 - Deep Silver)
Roxio Burn (HKLM\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.8.57.4 - Roxio)
Roxio Creator Starter (HKLM\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.40.0 - Roxio)
ScummVM 1.5.0 (HKLM\...\ScummVM_is1) (Version:  - The ScummVM Team)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shape Collage (HKLM\...\ShapeCollage) (Version:  - Shape Collage Inc.)
Sid Meier's Civilization IV Colonization (HKLM\...\{EF36A836-BF89-4A4F-B079-057B0C68C1E0}) (Version: 1.00 - Firaxis Games)
Sid Meier's Pirates! (HKLM\...\InstallShield_{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}) (Version: 1.00.0000 - Ihr Firmenname)
Sid Meier's Pirates! (Version: 1.00.0000 - Ihr Firmenname) Hidden
SimCity 3000 (HKLM\...\SimCity 3000) (Version:  - )
Snapseed (HKLM\...\{D5BEB842-5696-4AE8-A222-03D06384856D}) (Version: 1.2.1 - Nik Software, Inc.)
Sonic CinePlayer Decoder Pack (Version: 4.3.0 - Sonic Solutions) Hidden
System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version:  - )
TB-Logger (HKLM\...\{0A6E0A7D-0F43-4D71-849C-C3DBB03FDF72}) (Version: 1.00.0000 - Seelenreiter Software)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.01 - Ghisler Software GmbH)
Transport Tycoon Deluxe (HKLM\...\ft_Transport Tycoon Deluxe) (Version:  - )
Tropico 3: Absolute Power (HKLM\...\Tropico3) (Version: 2.01 - Kalypso Media)
VLC media player 1.1.11 (HKLM\...\VLC media player) (Version: 1.1.11 - VideoLAN)
WEB.DE MailCheck für Mozilla Firefox (HKLM\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 3.0.1.1739 - 1&1 Mail & Media GmbH)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)
Windows-Treiberpaket - Nokia Modem  (06/09/2010 7.01.0.8) (HKLM\...\E5372C32E8562C76C24DBA6525002B1031495F34) (Version: 06/09/2010 7.01.0.8 - Nokia)
Windows-Treiberpaket - Nokia Modem  (10/07/2010 4.6) (HKLM\...\6DA48AFDE796708D5A4C9121A83E7617A63A9A15) (Version: 10/07/2010 4.6 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\privat\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{3A999A50-AB25-4A20-90A9-08F71FCE320F}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\W32X86\3\HPCDMC32.DLL (HP)
CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{98087D89-B93F-4BCF-A998-AE4D9F607C14}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\W32X86\3\HPCDMC32.DLL (HP)
CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{B286F068-5B17-4AE8-989B-8F9A199C47BA}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\W32X86\3\HPCDMC32.DLL (HP)
CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {06FA2F6D-6D2F-4739-AFDF-011FCFD6B4ED} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-06-22] (Piriform Ltd)
Task: {0833FD78-E630-457E-9947-33225F0994AD} - System32\Tasks\{9B46B8A8-F2CE-4EFA-A9EA-21D54C46250D} => pcalua.exe -a C:\Users\privat\Downloads\freecol-0.10.7-installer.exe -d C:\Users\privat\Downloads
Task: {106C5547-C970-48C4-98D3-9A69E1E8217D} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell Support Center\pcdrcui.exe [2010-08-05] (PC-Doctor, Inc.)
Task: {305297D7-3F18-4448-958C-463AA931B8BC} - System32\Tasks\{432716FB-6E5B-48C0-B400-ADA1E77754EA} => pcalua.exe -a "E:\Drivers\Huawei Win Driver 3.17.00.00\DriverSetup.exe" -d "E:\Drivers\Huawei Win Driver 3.17.00.00"
Task: {31ED0145-0072-4BE0-B2F8-3E0773E4E233} - System32\Tasks\Epson Printer Software Downloader => C:\Program Files\EPSON\EPAPDL\E_SAPDL2.EXE [2009-05-26] (SEIKO EPSON CORPORATION)
Task: {47906A49-AACC-4DDE-BE34-84FA8036A59E} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-11-09] (Oracle Corporation)
Task: {53DDFE59-4F7F-452F-81BB-85BFAFC07A80} - System32\Tasks\{AC89E59D-1720-4EF5-A2AA-AEA3059E64D8} => C:\Program Files\Railroad Tycoon 3\RT3.EXE
Task: {5792CAA8-BDDF-478E-A175-683AF94919D3} - System32\Tasks\{6795A8F1-12C3-4B30-95E2-E56FF108CAB8} => pcalua.exe -a C:\Users\Chris\Downloads\Francotyp\dotnetfx35.exe -d C:\Users\Chris\Downloads\Francotyp
Task: {5C172A1C-E728-4FB2-AFA0-EAEAB9078C64} - System32\Tasks\{32694C1D-C6FD-445E-862F-98800CCC474E} => pcalua.exe -a D:\Desperados.exe -d D:\ -c -autorun
Task: {6427F481-55CF-4BFC-8EF2-51E3132043CE} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-01-07] (Microsoft Corporation)
Task: {72C7C7E6-2016-4A49-9947-A96D3708455B} - System32\Tasks\{FACA8AB1-8477-4456-85AE-07DBE1AA83B6} => C:\Spiele\Black Isle\BGII - SvA\baldur.exe
Task: {906BEC28-8275-42EE-BD7B-6725E865EE5B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {97D56506-9867-477D-B10A-80C5E2A42F1C} - System32\Tasks\{9FA1911B-70FF-4B59-AD46-7A38C41BA63A} => pcalua.exe -a C:\Users\Chris\Downloads\Francotyp\SSM-PC²\SSM-PC²_2.9.3\dotnetfx.exe -d C:\Users\Chris\Downloads\Francotyp\SSM-PC²\SSM-PC²_2.9.3
Task: {A9122413-B787-4F21-B0D1-8ACA54041341} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe [2016-02-09] (Adobe Systems Incorporated)
Task: {B680FFBC-F40E-4A0A-9E59-73C67D95A013} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {BBE34391-4A80-476D-9187-2094EC9B77F6} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {C0E586BE-4F89-4744-AD68-FC203C7D70EE} - System32\Tasks\{BB66391B-993D-4607-AA35-975E7C3830D7} => pcalua.exe -a C:\Users\privat\Downloads\TagesSetup.exe -d "C:\Program Files\Mozilla Firefox"
Task: {C7A11EE7-92AE-4829-A260-DA80EE5D5998} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {CECF4D3E-CB7B-4DA8-9D83-6DC2E7336D83} - System32\Tasks\{624BB5A4-6322-4841-9017-29740BA7C313} => pcalua.exe -a D:\Setup.exe -d D:\
Task: {D1CD5220-A3B6-4926-B75A-BDA6A4914B96} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2010-08-05] ()
Task: {D8C246C0-6B69-46E0-8F2C-9AA3E87BF665} - System32\Tasks\{1EAB8755-15D3-451C-8C4A-BD15D1B399AB} => pcalua.exe -a C:\Users\Chris\Downloads\Francotyp\SSM-PC²\SSM-PC²_2.9.3\Setup.Exe -d C:\Users\Chris\Downloads\Francotyp\SSM-PC²\SSM-PC²_2.9.3
Task: {E3B1F8CF-6126-46AD-AC3B-C8775117E667} - System32\Tasks\Opera scheduled Autoupdate 1418247860 => C:\Program Files\Opera\launcher.exe [2016-02-01] (Opera Software)
Task: {E8702BC3-28A3-4036-BC22-5E08F68D94AE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {EC0040A7-BE93-43A4-B831-933AAD10B65B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {F6CEE181-C99B-48E7-B472-26CC0E000C8A} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\system32\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe
Task: C:\Windows\Tasks\Epson Printer Software Downloader.job => C:\Program Files\EPSON\EPAPDL\E_SAPDL2.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\Dell Support Center\pcdrcui.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-01-14 09:52 - 2013-12-06 08:00 - 00032768 _____ () C:\Windows\System32\splmk14O.DLL
2013-08-22 12:26 - 2013-08-22 12:26 - 00108544 _____ () C:\Windows\System32\zlm_AstroMSeries.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 04:46 - 2015-10-13 04:46 - 01040144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-01-28 05:03 - 2011-01-28 05:03 - 00270176 _____ () C:\ProgramData\DatacardService\HWDeviceService.exe
2016-02-10 04:27 - 2016-02-10 04:27 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\701ecb7450d652e9116d1dd67aa198db\IsdiInterop.ni.dll
2011-02-10 12:05 - 2010-06-08 17:44 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2016-02-04 13:05 - 2016-02-04 13:04 - 62319736 _____ () C:\Program Files\Opera\35.0.2066.37\opera.dll
2016-02-04 13:05 - 2016-02-04 13:03 - 02074232 _____ () C:\Program Files\Opera\35.0.2066.37\libglesv2.dll
2016-02-04 13:05 - 2016-02-04 13:03 - 00081528 _____ () C:\Program Files\Opera\35.0.2066.37\libegl.dll
2016-02-09 22:42 - 2016-02-09 22:42 - 16804032 _____ () C:\Windows\system32\Macromed\Flash\pepflashplayer32_20_0_0_306.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-583576071-2610798785-2159693280-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\privat\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{3C38CCF7-702E-4CB8-9F0F-063583B21CE5}] => (Allow) C:\Program Files\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{44B096DD-0713-4CA9-823C-1847ECA6FFFA}] => (Allow) C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{B0606A41-F54E-475D-B9AC-A31B6D52A66B}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C60B7DEF-0C69-4797-A9C4-1CB93170BC55}] => (Allow) LPort=2869
FirewallRules: [{C1B020ED-762D-4FC4-91F6-2CDF212E0987}] => (Allow) LPort=1900
FirewallRules: [{290BE0B2-C46D-4E32-8EE5-7A2F13570D77}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{1AC0F625-12FF-49A8-80D8-B1C9BF4F3ADE}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe
FirewallRules: [{3D45F63A-3FDA-49DC-B21C-7369AFE16C74}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [TCP Query User{4E054D63-38F8-43E6-8964-5734EBFD0965}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{14DC5B4C-3581-4462-A607-AB2E42FEB050}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [{72E9878D-0E75-4D16-8F68-247D43DFBCB2}] => (Allow) C:\Program Files\EpsonNet\EpsonNet Setup\tool09\ENEasyApp.exe
FirewallRules: [{A05BC5AC-A497-4A9D-BB84-F6D2DA5B58EB}] => (Allow) C:\Program Files\EpsonNet\EpsonNet Setup\tool09\ENEasyApp.exe
FirewallRules: [TCP Query User{72864067-6E8E-4F1E-992D-EE2B459C9350}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{CC565558-9E3F-44B3-B6A6-5B3FA2E2C6F8}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [{B0BE42B7-89B0-4A03-9304-4350DFCBBE75}] => (Allow) C:\Program Files\Opera\opera.exe
FirewallRules: [{65A064CA-FA6B-4C45-9EEA-B9477BFBF08F}] => (Allow) C:\Program Files\Opera\opera.exe
FirewallRules: [TCP Query User{2209214F-FB63-4126-AA51-63EDED0B7EC1}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{099C7999-1BCE-41F0-A4BD-E05C357D11BD}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{502B46D3-DE80-4545-AE55-CCEDEEC70760}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{CB9D4E65-5D32-4C63-A5E6-DDD749FEA1C8}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{1EE0DBA3-1F76-4866-B1B4-3B8F13190D87}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [UDP Query User{B992EE84-3205-45A6-8B03-2588478CEC4C}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [{CC47A10B-8AFF-4277-86C6-942636607F2B}] => (Allow) C:\Program Files\Ubisoft\DIE SIEDLER - Aufstieg eines Königreichs\base\bin\Settlers6.exe
FirewallRules: [{2D1653DE-5270-4CF1-B49B-399F4632D9C0}] => (Allow) C:\Program Files\Ubisoft\DIE SIEDLER - Aufstieg eines Königreichs\base\bin\Settlers6.exe
FirewallRules: [{D3EE7C81-2420-4E04-BA73-5DF577FF4C64}] => (Allow) C:\Users\privat\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{B13429D1-CB1F-4DA1-83F8-1914AB8A0E15}] => (Allow) C:\Users\privat\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{E3EF4AD6-237A-496D-8C7E-77224B490224}C:\users\privat\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\privat\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{DD4B8ADE-9311-4B6A-A3D5-0E8DD1EECE16}C:\users\privat\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\privat\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{0AF52037-981E-4BE4-B347-2FBEAB0B29DD}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe
FirewallRules: [UDP Query User{78E1F88C-F4F3-4BF4-A348-EBF3E3B15AEA}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe
FirewallRules: [TCP Query User{FCBE8810-6AF2-4F0A-84DB-55AA6DAC1443}C:\program files\microsoft games\age of empires ii\empires2.exe] => (Block) C:\program files\microsoft games\age of empires ii\empires2.exe
FirewallRules: [UDP Query User{EB009E32-192A-4DF1-882F-C4233FDDEC3D}C:\program files\microsoft games\age of empires ii\empires2.exe] => (Block) C:\program files\microsoft games\age of empires ii\empires2.exe
FirewallRules: [{17463ADF-BA96-4C5E-899C-1601D47E2727}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{037F7F0B-A9E4-42F8-A3A1-6CC3EBB19222}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DBECFA57-8DF9-41B2-8498-16D7F62CC1D5}] => (Allow) C:\Program Files\nokia\nokia suite\nokiasuite.exe
FirewallRules: [TCP Query User{5D96BB2B-D88B-4CCE-8C9B-E1C75DAB932B}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [UDP Query User{8A0B0BE5-6DF6-4CAF-81CC-9795EC3C02AD}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [TCP Query User{5B78E45C-8A86-4715-9F6C-EC9CB92FE479}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [UDP Query User{FE52BCC7-B2A3-46B6-BDBE-FDEC371F87E5}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [TCP Query User{20F703AE-2A27-49A6-8C81-AAB5FF0276BE}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [UDP Query User{7BBDCE2C-3C36-45DE-9C70-EF5442EE0811}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [TCP Query User{7041B9BF-BF63-4E58-AEBE-13EB105972A4}C:\program files\onone software\perfect effects 4\perfect effects 4.exe] => (Allow) C:\program files\onone software\perfect effects 4\perfect effects 4.exe
FirewallRules: [UDP Query User{AC0B7146-3890-43F8-984D-7ECA353BAC65}C:\program files\onone software\perfect effects 4\perfect effects 4.exe] => (Allow) C:\program files\onone software\perfect effects 4\perfect effects 4.exe
FirewallRules: [TCP Query User{BE488148-EB2A-4243-95DC-842E5397AA7E}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [UDP Query User{2695B1F1-7F82-4650-B210-17851DC6B263}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [{80BE2064-51E8-4C05-840C-B904A274945D}] => (Allow) C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization IV Colonization\Colonization.exe
FirewallRules: [{29B9E2B6-05B0-4C06-B70D-DCB3F226E8BB}] => (Allow) C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization IV Colonization\Colonization.exe
FirewallRules: [TCP Query User{F410B639-5D80-4B30-99B7-A89888DB4C0C}C:\program files\electronic arts\eadm\core.exe] => (Allow) C:\program files\electronic arts\eadm\core.exe
FirewallRules: [UDP Query User{D4F17FD8-601A-49EA-8437-35D3775DAC62}C:\program files\electronic arts\eadm\core.exe] => (Allow) C:\program files\electronic arts\eadm\core.exe
FirewallRules: [TCP Query User{4A5DC1A0-88F5-4A5D-B2C5-8ADEA5C22CE0}C:\program files\electronic arts\eadm\core.exe] => (Block) C:\program files\electronic arts\eadm\core.exe
FirewallRules: [UDP Query User{C8CC75B5-ED27-4B58-A4B8-198263C44A8F}C:\program files\electronic arts\eadm\core.exe] => (Block) C:\program files\electronic arts\eadm\core.exe
FirewallRules: [TCP Query User{F59809A6-A9E2-44A9-834A-4558E763D0B9}C:\program files\onone software\perfect effects 4\perfect effects 4.exe] => (Allow) C:\program files\onone software\perfect effects 4\perfect effects 4.exe
FirewallRules: [UDP Query User{1F91DFAB-B552-4DE3-9951-DAB1F7111844}C:\program files\onone software\perfect effects 4\perfect effects 4.exe] => (Allow) C:\program files\onone software\perfect effects 4\perfect effects 4.exe
FirewallRules: [TCP Query User{7742D69F-F040-48FF-91CD-3DEDB71BF335}C:\program files\memjet\m series driver\toolbox\usb2http.exe] => (Allow) C:\program files\memjet\m series driver\toolbox\usb2http.exe
FirewallRules: [UDP Query User{5E91F9CF-ACC6-4D96-868C-DA6612C5DC67}C:\program files\memjet\m series driver\toolbox\usb2http.exe] => (Allow) C:\program files\memjet\m series driver\toolbox\usb2http.exe
FirewallRules: [TCP Query User{FCB67176-167B-46EC-912D-BF0558389E75}C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\bin\settlershok.exe] => (Allow) C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\bin\settlershok.exe
FirewallRules: [UDP Query User{F935B6B0-23A4-4708-9EBC-03C46BEE021C}C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\bin\settlershok.exe] => (Allow) C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\bin\settlershok.exe
FirewallRules: [TCP Query User{D650801F-1A42-4E33-AF26-0FE2CBE3EC4D}C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\extra1\bin\settlershok.exe] => (Block) C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\extra1\bin\settlershok.exe
FirewallRules: [UDP Query User{975EA1D6-8B3F-4162-B1CC-9C027911B38E}C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\extra1\bin\settlershok.exe] => (Block) C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\extra1\bin\settlershok.exe
FirewallRules: [{ED91245C-E5D4-450B-B728-F92B83C2AD03}] => (Allow) C:\Program Files\fotokasten comfort\Loader.exe
FirewallRules: [{E5B7E9F0-1676-4A3A-A109-E3F7B01C7BB6}] => (Allow) C:\Program Files\fotokasten comfort\Loader.exe
FirewallRules: [{A901D81D-AC94-4362-B2BE-D22F967E52A1}] => (Allow) C:\Program Files\fotokasten comfort\Loader.exe
FirewallRules: [{AA7E2350-244C-45B6-959E-DF330D5A3A49}] => (Allow) C:\Program Files\fotokasten comfort\Loader.exe
FirewallRules: [{FE68019C-9EF3-4589-B6FC-295543D050DD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{91330218-F13B-49E8-98D8-7C1BE66CFC36}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3B3674F8-FD09-4E15-B14A-D826AA47888A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{600CF4EB-D0D9-4ECA-BC82-82159D0079DB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{15B905FC-11C5-4596-81DE-600FE7C157DE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{BB3AC775-3CC8-452D-BEE0-A94691721D25}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{2CA81FCE-C86F-4C3F-BFBD-0F93D5589729}] => (Allow) C:\Program Files\iTunes\iTunes.exe

==================== Wiederherstellungspunkte =========================

11-02-2016 09:53:51 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Dell Wireless 1702 Bluetooth v3.0+HS
Description: Dell Wireless 1702 Bluetooth v3.0+HS
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/10/2016 10:42:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 27503

Error: (02/10/2016 10:42:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 27503

Error: (02/10/2016 10:42:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/10/2016 10:42:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 26505

Error: (02/10/2016 10:42:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 26505

Error: (02/10/2016 10:42:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/10/2016 10:42:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 25491

Error: (02/10/2016 10:42:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 25491

Error: (02/10/2016 10:42:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/10/2016 10:42:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 24477


Systemfehler:
=============
Error: (02/11/2016 09:48:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Internet Manager. OUC" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (02/11/2016 09:48:56 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Internet Manager. OUC erreicht.

Error: (02/11/2016 09:46:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Apple Mobile Device" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%109

Error: (02/11/2016 09:46:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Druckwarteschlange" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (02/11/2016 09:46:36 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "Spooler" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%50

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (02/11/2016 09:46:08 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (02/11/2016 09:45:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ServiceLayer" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (02/11/2016 09:45:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (02/11/2016 09:45:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/11/2016 09:45:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU T6670 @ 2.20GHz
Prozentuale Nutzung des RAM: 51%
Installierter physikalischer RAM: 3036.36 MB
Verfügbarer physikalischer RAM: 1473.29 MB
Summe virtueller Speicher: 4993.46 MB
Verfügbarer virtueller Speicher: 3137.72 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:283.4 GB) (Free:4.03 GB) NTFS
Drive d: (Disc 2) (CDROM) (Total:0.34 GB) (Free:0 GB) CDFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 11121702)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=283.4 GB) - (Type=07 NTFS)

==================== Ende vom Addition.txt ============================
         

Alt 11.02.2016, 10:25   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt - Standard

Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt



FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [] => [X]
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} -  Keine Datei
FF HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\privat\AppData\Roaming\Mozilla\Firefox\Profiles\kpwvyoo0.default\extensions\cliqz@cliqz.com => nicht gefunden
S3 adxapie; \??\C:\Users\privat\AppData\Local\Temp\adxapie.sys [X]
emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 11.02.2016, 10:52   #13
duat
 
Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt - Standard

Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt



Hier ist der Log:

Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x86) Version:07-02-2016
durchgeführt von privat (2016-02-11 11:37:23) Run:1
Gestartet von C:\Users\privat\Downloads
Geladene Profile: privat (Verfügbare Profile: Chris & privat)
Start-Modus: Normal

==============================================

fixlist Inhalt:
*****************
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [] => [X]
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} -  Keine Datei
FF HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\privat\AppData\Roaming\Mozilla\Firefox\Profiles\kpwvyoo0.default\extensions\cliqz@cliqz.com => nicht gefunden
S3 adxapie; \??\C:\Users\privat\AppData\Local\Temp\adxapie.sys [X]
emptytemp:
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => Wert erfolgreich entfernt
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\Software\Microsoft\Windows\CurrentVersion\Run\\ => Wert erfolgreich entfernt
"HKCR\PROTOCOLS\Handler\tmpx" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{0E526CB5-7446-41D1-A403-19BFE95E8C23} => Schlüssel nicht gefunden. 
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\Software\Mozilla\Firefox\Extensions\\cliqz@cliqz.com => Wert erfolgreich entfernt
adxapie => service erfolgreich entfernt
EmptyTemp: => 4.5 GB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende vom Fixlog 11:44:56 ====
         
Ich hab nach dem Neustart meinen Virenscanner wieder aktiviert.

Alt 11.02.2016, 11:56   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt - Standard

Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt



Okay, dann Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte:


1. Schritt: MBAM

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




2. Schritt: ESET

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset




3. Schritt: SecurityCheck

Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 12.02.2016, 08:47   #15
duat
 
Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt - Standard

Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt



Alle 3 Scans durchgeführt, hier sind die Logs:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 11.02.2016
Suchlaufzeit: 20:03
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2016.02.11.04
Rootkit-Datenbank: v2016.02.08.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: privat

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 419769
Abgelaufene Zeit: 59 Min., 23 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 12
PUP.Optional.SofTonic, HKU\S-1-5-21-583576071-2610798785-2159693280-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}, In Quarantäne, [0769f7684653fc3a55c49901f111b749], 
PUP.Optional.SofTonic, HKLM\SOFTWARE\CLASSES\Softonic.dskBnd, In Quarantäne, [0769f7684653fc3a55c49901f111b749], 
PUP.Optional.SofTonic, HKLM\SOFTWARE\CLASSES\Softonic.dskBnd.1, In Quarantäne, [0769f7684653fc3a55c49901f111b749], 
PUP.Optional.SofTonic, HKU\S-1-5-21-583576071-2610798785-2159693280-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}, In Quarantäne, [0769f7684653fc3a55c49901f111b749], 
PUP.Optional.SofTonic, HKU\S-1-5-21-583576071-2610798785-2159693280-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{E87806B5-E908-45FD-AF5E-957D83E58E68}, In Quarantäne, [f37dff603d5cb48295af108a0200ce32], 
PUP.Optional.SofTonic, HKLM\SOFTWARE\CLASSES\Softonic.SoftonicHlpr, In Quarantäne, [f37dff603d5cb48295af108a0200ce32], 
PUP.Optional.SofTonic, HKLM\SOFTWARE\CLASSES\Softonic.SoftonicHlpr.1, In Quarantäne, [f37dff603d5cb48295af108a0200ce32], 
PUP.Optional.SofTonic, HKU\S-1-5-21-583576071-2610798785-2159693280-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{E87806B5-E908-45FD-AF5E-957D83E58E68}, In Quarantäne, [f37dff603d5cb48295af108a0200ce32], 
PUP.Optional.SofTonic, HKLM\SOFTWARE\CLASSES\srv.SoftonicSrvc, In Quarantäne, [ed83e6792970e254c9dd42ba8f749c64], 
PUP.Optional.SofTonic, HKLM\SOFTWARE\CLASSES\srv.SoftonicSrvc.1, In Quarantäne, [2f41c39c297051e53175c23a05febf41], 
PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\SYSTWEAK\ssd, In Quarantäne, [d997b4abc9d084b20e312dd88083e41c], 
PUP.Optional.SystemSpeedup, HKU\S-1-5-21-583576071-2610798785-2159693280-1003\SOFTWARE\SYSTWEAK\ssd, In Quarantäne, [1d53d68921781620ea54c83d887b48b8], 

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 6
PUP.Optional.InstallCore, C:\Users\privat\Downloads\cnet2_IDAutomation_PostnetFontAdvantageDEMO_zip.exe, In Quarantäne, [4c24adb2b0e98da9a73962f4e31e05fb], 
PUP.Optional.DownloadGuide, C:\Users\privat\Downloads\exiftoolgui515_CB-DL-Manager.exe, In Quarantäne, [b9b785da9207b08644b2ba7cf70ad927], 
PUP.Optional.SofTonic, C:\Users\privat\Downloads\SoftonicDownloader_fuer_snapseed.exe, In Quarantäne, [6e02a6b99900181e4ebe40f52fd22ed2], 
PUP.Optional.SofTonic, C:\Users\privat\Downloads\SoftonicDownloader_fuer_windows-live-movie-maker.exe, In Quarantäne, [3a364e11aaef3303db88ec4f3cc5bd43], 
PUP.Optional.VIT, C:\Users\privat\Downloads\installer_dungeon_keeper_2_free_Deutsch.exe, In Quarantäne, [a5cbdc83f9a0a98d09d2e9bad22e49b7], 
PUP.Optional.ChipDigital, C:\Users\privat\Downloads\CopyTrans Contacts - CHIP-Installer.exe, In Quarantäne, [cfa1e07fa4f560d62fc4339727dd649c], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=0803a88a5f3b9e438604041c6f6dbd01
# end=init
# utc_time=2016-02-11 08:33:48
# local_time=2016-02-11 09:33:48 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 28087
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=0803a88a5f3b9e438604041c6f6dbd01
# end=updated
# utc_time=2016-02-11 08:36:31
# local_time=2016-02-11 09:36:31 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=0803a88a5f3b9e438604041c6f6dbd01
# engine=28087
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-02-12 08:22:07
# local_time=2016-02-12 09:22:07 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 22862517 96575043 0 0
# scanned=385691
# found=16
# cleaned=0
# scan_time=42335
sh=42D1387CA070A110C07E056948621CDC4045DF2E ft=0 fh=0000000000000000 vn="Win32/Toolbar.Montiera.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\softonic.crx.vir"
sh=CF9209557CC4828F1A8536F5AF66358A81393A75 ft=1 fh=b354853738a44732 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\SoftonicApp.dll.vir"
sh=277966AAC8DD994109B77162DB82849EF1FC8D62 ft=1 fh=f7e7b232febc88cd vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\SoftonicEng.dll.vir"
sh=431CA401E93A36C4FB726D12B16B4CC058A2C770 ft=1 fh=7cd1c9f2502352b3 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\Softonicsrv.exe.vir"
sh=09AD2A1BCD218E1EA91FC53F55CB6A61770E1144 ft=1 fh=0234086e10d7e544 vn="Variante von Win32/Toolbar.Montiera.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\SoftonicTlbr.dll.vir"
sh=54002848ADA82AC181EAC551104FA02E8CBE4585 ft=1 fh=bfddd9982b578fa9 vn="Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\uninstall.exe.vir"
sh=54CBEECF2F4AB81622D6708E8A849E3663853F4D ft=1 fh=a481e6d08e557a48 vn="Variante von Win32/Toolbar.Escort.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Softonic\Softonic\1.8.21.14\bh\Softonic.dll.vir"
sh=E214737549AC8E5F5AEA4C9EBB68843D7B78A639 ft=1 fh=c71c00115e31d3cb vn="Win32/Toolbar.Montiera.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\privat\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\CrmAdpt.dll.vir"
sh=C5DB8386C3A901DD6D4FB8B66685B889FA1099F9 ft=0 fh=0000000000000000 vn="JS/SecurityDisabler.A.Gen evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\privat\AppData\Roaming\Mozilla\Firefox\Profiles\wwe6u0x0.default-1431504965002\user.js.vir"
sh=6FA2A2D98EF6B2CAA336F01CCCCF025D4F2E7CB9 ft=1 fh=16ae7ef5a70a6d29 vn="Win32/Toolbar.Montiera.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\privat\AppData\Roaming\OpenCandy\C8A1F813BBA549FAB028F8306AB4D056\Setupsft_chr_p1v5.exe.vir"
sh=775AB593B2D9373BB23EB26A9DC966BDD76F64AF ft=1 fh=47df90b3b1ccd1b2 vn="Win32/Wajam.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\privat\AppData\Roaming\RHEng\5F156CEDB6274CAC99622D3144E06374\WWE_1.2.0.53.exe.vir"
sh=64F52D0F082C758DBE89032616A5D6ABA9CCE9AC ft=1 fh=0bd034d550e78579 vn="Win32/Systweak.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\privat\AppData\Roaming\Systweak\ssd\SSDPTstub.exe.vir"
sh=05A2E943969BE29318675E105EE1605CC2B7FE50 ft=1 fh=28e73ed5b32e7ff9 vn="Variante von Win32/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\system32\roboot.exe.vir"
sh=C0F2EFFB4A4C9AD276821D19F391D4C7AB141F5F ft=0 fh=0000000000000000 vn="JS/SecurityDisabler.A.Gen evtl. unerwünschte Anwendung" ac=I fn="C:\Users\privat\AppData\Roaming\Mozilla\Firefox\Profiles\wwe6u0x0.default-1431504965002\prefs.js"
sh=FBDEC771FDB5384B956A28E8BBBAE8897CC9133A ft=0 fh=0000000000000000 vn="JS/SecurityDisabler.A.Gen evtl. unerwünschte Anwendung" ac=I fn="C:\Users\privat\Desktop\Alte Firefox-Daten\kpwvyoo0.default\prefs.js"
sh=C280836CCFD246C8DF1AB401A7134589B69E4BD8 ft=0 fh=0000000000000000 vn="JS/SecurityDisabler.A.Gen evtl. unerwünschte Anwendung" ac=I fn="C:\Users\privat\Desktop\Alte Firefox-Daten\kpwvyoo0.default\user.js"
         
Code:
ATTFilter
 Results of screen317's Security Check version 1.009  
 Windows 7 Service Pack 1 x86 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Microsoft Security Essentials   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:````````` 
 CCleaner     
 Java 8 Update 73  
 Java version 32-bit out of Date! 
 Adobe Flash Player 10 Flash Player out of Date! 
 Adobe Flash Player 	20.0.0.267  
 Mozilla Firefox (43.0.4) 
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
 Internet Manager OnlineUpdate ouc.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         

Antwort

Themen zu Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt
bonjour, converter, cpu, defender, desktop, dnsapi.dll, entfernen, flash player, homepage, iexplore.exe, installation, mozilla, netzwerk, object, programm, prozesse, registry, scan, security, services.exe, software, svchost.exe, system, vista, windows, wlan



Ähnliche Themen: Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt


  1. Telekom-Sicherheitswarnung - Dorkbot, mehr?
    Plagegeister aller Art und deren Bekämpfung - 01.01.2016 (9)
  2. Sicherheitswarnung Telekom Abuse Team
    Log-Analyse und Auswertung - 10.02.2015 (13)
  3. Sicherheitswarnung zu meinem Internetzugang durch die Telekom
    Log-Analyse und Auswertung - 23.01.2015 (30)
  4. Telekom Abuse Team Sicherheitswarnung: Spam-Mails
    Plagegeister aller Art und deren Bekämpfung - 09.01.2015 (23)
  5. Sicherheitswarnung von der Telekom
    Plagegeister aller Art und deren Bekämpfung - 13.03.2014 (7)
  6. Sicherheitswarnung der Telekom wegen Versendung von Schadsoftware
    Log-Analyse und Auswertung - 27.11.2013 (7)
  7. Wichtige Sicherheitswarnung von der Telekom - Hacking - Skinhole
    Plagegeister aller Art und deren Bekämpfung - 09.10.2013 (11)
  8. Sicherheitswarnung Telekom ZeuS/ZBot
    Plagegeister aller Art und deren Bekämpfung - 04.10.2013 (9)
  9. Windows 7: Sicherheitswarnung vom Telekom-Abuse-Team und Malwarebyte-Funde
    Log-Analyse und Auswertung - 18.09.2013 (35)
  10. Sicherheitswarnung von der Telekom und nun ???
    Plagegeister aller Art und deren Bekämpfung - 15.09.2013 (21)
  11. Sicherheitswarnung von Telekom, 2 Rechner beschädigt?
    Plagegeister aller Art und deren Bekämpfung - 09.09.2013 (19)
  12. Sicherheitswarnung Telekom wegen Zeus Zbot
    Plagegeister aller Art und deren Bekämpfung - 11.04.2013 (12)
  13. Sicherheitswarnung Telekom 2
    Log-Analyse und Auswertung - 22.02.2013 (24)
  14. Telekom - Sicherheitswarnung Internetzugang Massen-E-Mails
    Plagegeister aller Art und deren Bekämpfung - 18.02.2013 (50)
  15. Sicherheitswarnung von der Telekom/welcher PC betroffen?/Laie
    Log-Analyse und Auswertung - 07.02.2013 (15)
  16. Sicherheitswarnung der Telekom wegen Hacking
    Log-Analyse und Auswertung - 05.02.2013 (53)
  17. Erneute sicherheitswarnung zu ihrem internetzugang von telekom
    Log-Analyse und Auswertung - 29.11.2012 (15)

Zum Thema Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt - Hallo liebe Community, schon mehrfach habe ich von der Telekom (Abuse-Team) einen Brief bekommen mit dem Betreff: "Wichtige Sicherheitswarnung zu Ihrem Internetzugang". Laut telefonischer Aussage von der Hotline soll sich - Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt...
Archiv
Du betrachtest: Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.