Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Windows 7 schwarzer Bildschirm mit Mauszeiger, es geht nicht weiter

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 16.03.2017, 21:50   #1
sam61
 
Windows 7 schwarzer Bildschirm mit Mauszeiger, es geht nicht weiter - Standard

Windows 7 schwarzer Bildschirm mit Mauszeiger, es geht nicht weiter



Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by SYSTEM on MININT-KBTNC9V (16-03-2017 21:04:03)
Running from g:\
Platform: Windows 7 Home Premium (X64) Language: Englisch (USA)
Internet Explorer Version 11
Boot Mode: Recovery
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-18] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [828960 2009-08-05] (Acer Incorporated)
HKLM\...\Run: [Monitor] => C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [PAC7302_Monitor] => C:\Windows\PixArt\PAC7302\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-05] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [295936 2009-05-21] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-20] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] => C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [419112 2010-08-12] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [PlayMovie] => C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2010-08-13] (Acer Corp.)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [54520 2015-10-22] (Panda Security, S.L.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-12-09] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
BootExecute: autocheck autochk * PCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bit
GroupPolicyScripts-x32: Restriction <======= ATTENTION

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH)
S2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042032 2017-01-16] (Microsoft Corporation)
S2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2016-09-20] (Nero AG)
S2 LcSvrAdm; C:\ElsaWin\bin\LcSvrAdm.exe [240640 2013-01-17] (Volkswagen AG)
S3 LcSvrAuf; C:\ElsaWin\bin\LcSvrAuf.exe [1321984 2013-01-17] (Volkswagen AG)
S2 LcSvrDba; C:\ElsaWin\bin\LcSvrDba.exe [392704 2013-01-17] (Volkswagen AG)
S2 LcSvrHis; C:\ElsaWin\bin\LcSvrHis.exe [335360 2013-01-17] (Volkswagen AG)
S2 LcSvrPAS; C:\ElsaWin\bin\LcSvrPas.exe [478208 2013-01-17] (Volkswagen AG)
S2 LcSvrSaz; C:\ElsaWin\bin\LcSvrSaz.exe [373248 2013-01-17] (Volkswagen AG)
S2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2015-10-18] (Panda Security, S.L.)
S2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [73176 2016-02-22] (Panda Security, S.L.)
S2 panda_url_filtering; C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe [287752 2015-11-06] (Visicom Media Inc.)
S2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
S2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
S2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
S2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-10-22] (Panda Security, S.L.)
S2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-09] (TeamViewer GmbH)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S2 WiselinkPro; C:\Program Files (x86)\Samsung\PC Auto Backup\WiselinkPro.exe [7262263 2012-01-18] (Samsung)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 edicusb; C:\Windows\System32\DRIVERS\edicusb7x64.sys [37168 2013-06-10] (Softing Automotive Electronics GmbH)
S1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [94456 2015-07-09] (Panda Security, S.L.)
S1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [201976 2015-07-09] (Panda Security, S.L.)
S1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [110840 2015-07-09] (Panda Security, S.L.)
S1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [110840 2015-07-09] (Panda Security, S.L.)
S1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [57648 2015-05-20] (Panda Security, S.L.)
S1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [103160 2015-07-09] (Panda Security, S.L.)
S1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [73464 2015-08-31] (Panda Security, S.L.)
S1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [124152 2015-07-09] (Panda Security, S.L.)
S1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [300280 2015-07-09] (Panda Security, S.L.)
S1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [170232 2015-07-09] (Panda Security, S.L.)
S1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [113400 2015-07-09] (Panda Security, S.L.)
S1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [257784 2015-07-09] (Panda Security, S.L.)
S1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [106232 2015-07-09] (Panda Security, S.L.)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (PixArt Imaging Inc.)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [527872 2007-11-08] (PixArt Imaging Inc.)
S4 panda_url_filteringd; C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys [51288 2014-03-19] (Visicom Media Inc.)
S2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [164088 2015-07-19] (Panda Security, S.L.)
S2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121592 2015-07-19] (Panda Security, S.L.)
S1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [197880 2015-07-19] (Panda Security, S.L.)
S2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [124152 2015-07-19] (Panda Security, S.L.)
S2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [134392 2015-07-19] (Panda Security, S.L.)
S2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107768 2015-07-19] (Panda Security, S.L.)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [61712 2015-05-22] (Panda Security, S.L.)
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-02] (Realtek Semiconductor Corp.)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] ()
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 HTCAND64; System32\Drivers\ANDROIDUSB.sys [X]
S3 LVPr2M64; system32\DRIVERS\LVPr2M64.sys [X]
S3 Prot6Flt; system32\DRIVERS\Prot6Flt.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 9A4A1EEE802BF2F878EE8EAB407B21B7
C:\Windows\System32\DRIVERS\agrsm64.sys 2173E070647AC68C16B8214FE5C05EC3
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\amdsata.sys 53D8D46D51D390ABDB54ECA623165CB7
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\amdxata.sys 75C51148154E34EB3D7BB84749A758D5
C:\Windows\System32\DRIVERS\Apfiltr.sys 9815014F3E30357168DA272088C6F12F
C:\Windows\system32\drivers\appid.sys FCE5C79717A487BDC71F3DEC78A684CA
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\athrx.sys E857EEE6B92AAA473EBB3465ADD8F7E7
C:\Windows\System32\drivers\AtiHdmi.sys D481083348138B4933ACFE95812DB71C
C:\Windows\System32\DRIVERS\atikmdag.sys 37456BE85384E4CC38DC899F07F88C45
C:\Windows\System32\DRIVERS\AtiPcie.sys C07A040D6B5A42DD41EE386CF90974C8
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bcmwl664.sys 9E84A931DBEE0292E38ED672F6293A99
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ABA3984C822E4D3F889699912D85D6C5
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\BthEnum.sys CF98190A94F62E405C8CB255018B2315
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4
C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys 3D67C27DD17B254D7915FA16A5AE3573
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys A98CED39AD91B445E2E442A9BD67E8B4
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys 9B38580063D281A99E68EF5813022A5F
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys 616387BBD83372220B09DE95F4E67BBC
C:\Windows\SysWow64\Drivers\DKbFltr.sys D5BCB77BE83CF99F508943945D46343D
C:\Windows\system32\drivers\drmkaud.sys 26FE888505E5A945B0536AF9A2A27A6F
C:\Windows\System32\drivers\dxgkrnl.sys 3A9D7D464BDB3B70D7ECF689ADABBD4D
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\edicusb7x64.sys B0592B26525162D2FE816631F48B539A
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fssfltr.sys B16B626996C74B564005BA855C5DEE90
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\drivers\ftdibus.sys ED07200CFF78FACFB66EBB0B89F503A4
C:\Windows\System32\drivers\ftser2k.sys 9980E7584484A009E77E9BFA14C0C18A
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\htcnprot.sys B8B1B284362E1D8135112573395D5DA5
C:\Windows\System32\drivers\HTTP.sys F61634BEC53F73702A10DE69F6DCAF57
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\igdkmd64.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHD64.sys 9AA6A93852E36FE76C3F7FC2904F3B01
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\k57nd60a.sys 249EE2D26CB1530F3BEDE0AC8B9E3099
C:\Windows\system32\drivers\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 6F5F0C6160EF237F0243C1E416EEBA98
C:\Windows\System32\Drivers\ksecpkg.sys 05529E53B286FD60E7EF04EF138CABFD
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\L1E62x64.sys 2AC603C3188C704CFCE353659AA7AD71
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys 8ADB5445B29941CB41AF2846FD5C93C7
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 98DB1790F0A584E0A2528B92B052417F
C:\Windows\System32\DRIVERS\mrxsmb.sys 632E8A00090E4F85F304E152C92C7F2C
C:\Windows\System32\DRIVERS\mrxsmb10.sys 0D9C05484F2F4BD9D33A615D5DBE67EA
C:\Windows\System32\DRIVERS\mrxsmb20.sys 6123E6FECC1C164022868FB1982271BE
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys F7309F42555F8AAB7144A51A1F2585B0
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys E47D571FEC2C76E867935109AB2A770C
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NNSAlpc.sys 68AB4FAE948ED0116BC80763F962A34F
C:\Windows\System32\DRIVERS\NNSHttp.sys DFAEDED6712D6E1DD4E199C380D3625A
C:\Windows\System32\DRIVERS\NNSHttps.sys DCA68413569AB20356E5BDBDB7A5E5CF
C:\Windows\System32\DRIVERS\NNSIds.sys 48905D86912C8544F2D4D8FA8786172A
C:\Windows\System32\DRIVERS\NNSNAHSL.sys 3E5469215F92051C2F6AAA4D8C94AE2E
C:\Windows\System32\DRIVERS\NNSPicc.sys BA00DDDED5A00198E29AEF05D723919E
C:\Windows\System32\DRIVERS\NNSPihsw.sys 5522C8BCFF4BBD132D36DFD5A2E4074D
C:\Windows\System32\DRIVERS\NNSPop3.sys E28E12C1785D2CD9A1BEA996939E1F22
C:\Windows\System32\DRIVERS\NNSProt.sys 855F568B91BA260C68D1B06E7A898AA1
C:\Windows\System32\DRIVERS\NNSPrv.sys B62B6CA0CBCF1A9D47DFF4BAC8008A44
C:\Windows\System32\DRIVERS\NNSSmtp.sys 734D11039FCCEDDCF040B9973D4DB1A4
C:\Windows\System32\DRIVERS\NNSStrm.sys AE91263421F2EC327D333C2BCFB68119
C:\Windows\System32\DRIVERS\NNSTlsc.sys 2F40D7D2C226255F9AC79F0C761FD766
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 47B2D0B31BDC3EBE6090228E2BA3764D
C:\Windows\system32\drivers\NTIDrvr.sys 64DDD0DEE976302F4BD93E5EFCC2F013
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\PFC027.SYS 3A6DCEB1848470320E4A3C12D7A35B1C
C:\Windows\System32\DRIVERS\PAC7302.SYS D61B764B27BF05CCCADCC5E1E7B73A21
C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys 6925454E20B184E482CD65F297D51DB5
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys EA4D67448BE493D543F1730D6CD04694
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\PSINAflt.sys FBBCC2BAEA51014CC5B24839F74CED3C
C:\Windows\System32\DRIVERS\PSINFile.sys F3936B5CC371E81900887EA9B1460737
C:\Windows\System32\DRIVERS\psinknc.sys 5A77C1C126B8CD67129878444F1CD1F5
C:\Windows\System32\DRIVERS\PSINProc.sys 8BCC45C855ADDD1AC2483F42AF45F5AE
C:\Windows\System32\DRIVERS\PSINProt.sys 0328A149C311E305F41DD665304F41CC
C:\Windows\System32\DRIVERS\PSINReg.sys 422ABF1D3E93DB63D5769018DC936751
C:\Windows\System32\DRIVERS\PSKMAD.sys 34309132ABE90878D54B6597B559EDEC
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\DRIVERS\RMCAST.sys 5BD6B1EC997FF3DD779D62E05D2079A8
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\SysWOW64\Drivers\RtsUStor.sys DB30AA4DAA0D492FA5D7717D8181FFA1
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys EC666682FE8344CF7E6ED69E74FA9F4F
C:\Windows\System32\DRIVERS\srv2.sys E450C0318DCE8ED28ED272C8806B8495
C:\Windows\System32\DRIVERS\VSTAZL6.SYS 0C4540311E11664B245A263E1154CEF8
C:\Windows\System32\DRIVERS\VSTDPV6.SYS 02071D207A9858FBE3A48CBFD59C4A04
C:\Windows\System32\DRIVERS\VSTCNXT6.SYS 18E40C245DBFAF36FD0134A7EF2DF396
C:\Windows\System32\DRIVERS\srvnet.sys 9C12C78AD36C23D925711A4640228225
C:\Windows\System32\DRIVERS\ssadbus.sys 8F8324ED1DE63FFC7B1A02CD2D963C72
C:\Windows\System32\DRIVERS\ssadmdfl.sys 58221EFCB74167B73667F0024C661CE0
C:\Windows\System32\DRIVERS\ssadmdm.sys 4DA7C71BFAC5AD71255B7E4CAB980163
C:\Windows\System32\DRIVERS\ssadserd.sys D33D1BD3EC0E766211A234F56A12726D
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serscan.sys DECACB6921DED1A38642642685D77DAC
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SynTP.sys BCF305959B53B200CEB2AD25AD22F8A7
C:\Windows\System32\drivers\tcpip.sys B2875D7ABB82867DC3AA03D991940201
C:\Windows\System32\DRIVERS\tcpip.sys B2875D7ABB82867DC3AA03D991940201
C:\Windows\System32\drivers\tcpipreg.sys 7FE5586314EE7D6AA8483264A089E5AF
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys AA77EB517D2F07A947294F260E3ACA83
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\SysWOW64\Drivers\TFsExDisk.sys CE4B6956E4E12492715A53076E58761F
C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\system32\drivers\UBHelper.sys 2E22C1FD397A5A9FFEF55E9D1FC96C00
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl64.sys FB251567F41BC61988B26731DEC19E4B
C:\Windows\System32\drivers\usbaudio.sys B0435098C81D04CAFFF80DDB746CD3A2
C:\Windows\System32\DRIVERS\usbccgp.sys 28B81917A195B67617AF7DCF4DFE5736
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys B626F048318DAE65A3317F0592BE592C
C:\Windows\System32\DRIVERS\usbfilter.sys 858BE9C0E498C8E505E198E17EECE0D9
C:\Windows\system32\drivers\usbhub.sys 390109E8E05BA00375DCB1ED64DC60AF
C:\Windows\system32\drivers\usbohci.sys B4DF0F4C1D9D25DFE1DAD1D8670F1D4F
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24
C:\Windows\System32\DRIVERS\USBSTOR.SYS D029DD09E22EB24318A8FC3D8138BA43
C:\Windows\system32\drivers\usbuhci.sys CFEAAF96E666E3DCBD8F6DFF516784AE
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WSDPrint.sys 8D918B1DB190A4D9B1753A66FA8C96E8
C:\Windows\System32\DRIVERS\WSDScan.sys 4A2A5C50DD1A63577D3ACA94269FBC7F
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Three Months Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-04 16:23 - 2017-10-04 16:23 - 00009800 ____N C:\bootsqm.dat
2017-10-04 16:05 - 2017-03-16 10:38 - 00000000 _____ C:\Windows\ntbtlog.txt
2017-03-16 20:28 - 2017-03-16 21:04 - 00000000 ____D C:\FRST
2017-03-10 06:54 - 2017-03-10 06:54 - 00000000 __SHD C:\found.000
2017-03-05 13:49 - 2017-03-05 13:49 - 00377459 _____ C:\Users\lena\Downloads\Porsche_911_Gear_and_Pod_Odometer_Repair.pdf
2017-03-05 12:47 - 2017-03-05 12:47 - 05302552 _____ C:\Users\lena\Downloads\ED0053028750_Rev 00_MO_502_auto_DE.pdf
2017-02-26 08:14 - 2017-02-26 08:16 - 15025410 _____ C:\Users\lena\Downloads\D_944_91_KATALOG(1).pdf
2017-02-19 07:51 - 2017-02-19 07:51 - 00002148 _____ C:\Users\Public\Desktop\Google Earth.lnk
2017-02-19 07:51 - 2017-02-19 07:51 - 00002148 _____ C:\ProgramData\Desktop\Google Earth.lnk
2017-02-18 23:30 - 2017-02-18 23:30 - 09261616 _____ (Piriform Ltd) C:\Users\lena\Downloads\ccsetup527.exe
2017-02-16 20:33 - 2017-02-16 20:42 - 00000000 _____ C:\Recovery.txt
2017-02-14 10:18 - 2017-02-14 10:18 - 00323857 _____ C:\Users\lena\Downloads\75184_EBA_web.pdf
2017-02-08 01:45 - 2017-02-08 01:45 - 00019961 _____ C:\Users\lena\Desktop\INT_OTO1329958-L1.pdf
2017-02-08 01:44 - 2017-02-08 01:44 - 00017042 _____ C:\Users\lena\Downloads\INT_OTO1329958-L1.pdf
2017-02-06 10:53 - 2017-02-06 10:53 - 02504848 _____ C:\Users\lena\Downloads\fennek_katalog(2).pdf
2017-02-05 15:06 - 2017-02-05 15:07 - 37787046 _____ C:\Users\lena\Downloads\hazet_katalog_1976.pdf
2017-02-05 13:53 - 2017-02-05 13:53 - 00040767 _____ C:\Users\lena\Downloads\wartungsplan-944-turbo.pdf
2017-02-05 13:45 - 2017-02-05 13:45 - 02012097 _____ C:\Users\lena\Downloads\Zahnriemenwechsel.pdf
2017-01-30 13:04 - 2017-01-30 13:07 - 00000000 ____D C:\Users\lena\AppData\Roaming\MyPhoneExplorer
2017-01-30 13:04 - 2017-01-30 13:04 - 00002065 _____ C:\Users\Public\Desktop\MyPhoneExplorer.lnk
2017-01-30 13:04 - 2017-01-30 13:04 - 00002065 _____ C:\ProgramData\Desktop\MyPhoneExplorer.lnk
2017-01-30 13:04 - 2017-01-30 13:04 - 00000000 ____D C:\Program Files (x86)\MyPhoneExplorer
2017-01-30 13:02 - 2017-01-30 13:02 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH
2017-01-30 12:56 - 2017-01-30 12:56 - 01496584 _____ C:\Users\lena\Downloads\MyPhoneExplorer - CHIP-Installer(1).exe
2017-01-30 10:22 - 2017-01-30 10:22 - 03119183 _____ C:\Users\lena\Downloads\HTC_OneX_plus_User_Guide_DEU_MR.pdf
2017-01-30 09:47 - 2017-01-30 09:47 - 01496584 _____ C:\Users\lena\Downloads\MyPhoneExplorer - CHIP-Installer.exe
2017-01-29 07:29 - 2017-03-06 03:54 - 00000000 ____D C:\Users\lena\AppData\Local\HTC MediaHub
2017-01-29 07:29 - 2017-01-29 07:29 - 00000000 ____D C:\Users\lena\Documents\HTC
2017-01-29 07:28 - 2017-01-29 07:28 - 00002035 _____ C:\Users\Public\Desktop\HTC Sync Manager.lnk
2017-01-29 07:28 - 2017-01-29 07:28 - 00002035 _____ C:\ProgramData\Desktop\HTC Sync Manager.lnk
2017-01-29 07:28 - 2017-01-29 07:28 - 00000000 ____D C:\Program Files (x86)\Spirent Communications
2017-01-29 07:25 - 2017-01-29 07:27 - 147561816 _____ C:\Users\lena\Downloads\setup_3.1.77.0_htc_NO_EULA.exe
2017-01-28 09:59 - 2017-01-28 10:00 - 00000000 ____D C:\Program Files (x86)\Windows Phone
2017-01-28 09:59 - 2017-01-28 09:59 - 00000000 ____D C:\ProgramData\Applications
2017-01-28 09:58 - 2017-01-28 09:58 - 06745792 _____ (Microsoft Corporation) C:\Users\lena\Downloads\WindowsPhone.exe
2017-01-25 13:07 - 2017-01-25 13:07 - 02253957 _____ C:\Users\lena\Downloads\kti_2.pdf
2017-01-25 12:45 - 2017-01-25 12:45 - 01539511 _____ C:\Users\lena\Downloads\Seite_277-285.pdf
2017-01-25 12:37 - 2017-01-25 12:37 - 00024687 _____ C:\Users\lena\Downloads\Returning-parts price list A5.pdf
2017-01-25 12:37 - 2017-01-25 12:37 - 00024687 _____ C:\Users\lena\Downloads\Returning-parts price list A5(1).pdf
2017-01-24 12:41 - 2017-01-24 12:41 - 00566647 _____ C:\Users\lena\Downloads\katalog-web-28.pdf
2017-01-24 06:25 - 2017-01-24 06:25 - 06797234 _____ C:\Users\lena\Downloads\McDonalds_Gutscheine-01-2017.pdf
2017-01-22 00:34 - 2017-01-22 00:35 - 17719598 _____ C:\Users\lena\Downloads\zeitung5_3(2).pdf
2017-01-21 03:07 - 2017-01-21 03:07 - 03028427 _____ C:\Users\lena\Downloads\bedienungsanleitung_radio_concert.pdf
2017-01-19 13:21 - 2017-01-19 13:21 - 08813488 _____ (Piriform Ltd) C:\Users\lena\Downloads\ccsetup526.exe
2017-01-19 12:47 - 2017-01-19 12:48 - 15025410 _____ C:\Users\lena\Downloads\D_944_91_KATALOG.pdf
2017-01-19 11:54 - 2017-01-19 11:54 - 00064618 _____ C:\Users\lena\Downloads\92XT0220.pdf
2017-01-19 11:48 - 2017-01-19 11:48 - 00139204 _____ C:\Users\lena\Downloads\02TG0568.pdf
2017-01-19 11:47 - 2017-01-19 11:47 - 00111543 _____ C:\Users\lena\Downloads\82XT0202.pdf
2017-01-19 11:44 - 2017-01-19 11:44 - 00088228 _____ C:\Users\lena\Downloads\652F0586.pdf
2017-01-19 11:14 - 2017-01-05 10:55 - 00154856 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2017-01-19 11:14 - 2017-01-05 10:55 - 00095464 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2017-01-19 11:14 - 2017-01-05 10:52 - 01460736 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2017-01-19 11:14 - 2017-01-05 10:52 - 01212928 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2017-01-19 11:14 - 2017-01-05 10:52 - 00730624 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2017-01-19 11:14 - 2017-01-05 10:52 - 00463872 _____ (Microsoft Corporation) C:\Windows\System32\certcli.dll
2017-01-19 11:14 - 2017-01-05 10:52 - 00345600 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll
2017-01-19 11:14 - 2017-01-05 10:52 - 00316928 _____ (Microsoft Corporation) C:\Windows\System32\msv1_0.dll
2017-01-19 11:14 - 2017-01-05 10:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2017-01-19 11:14 - 2017-01-05 10:52 - 00210432 _____ (Microsoft Corporation) C:\Windows\System32\wdigest.dll
2017-01-19 11:14 - 2017-01-05 10:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2017-01-19 11:14 - 2017-01-05 10:52 - 00123904 _____ (Microsoft Corporation) C:\Windows\System32\bcrypt.dll
2017-01-19 11:14 - 2017-01-05 10:52 - 00086528 _____ (Microsoft Corporation) C:\Windows\System32\TSpkg.dll
2017-01-19 11:14 - 2017-01-05 09:43 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-01-19 11:14 - 2017-01-05 09:43 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-01-19 11:14 - 2017-01-05 09:43 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-01-19 11:14 - 2017-01-05 09:43 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-01-19 11:14 - 2017-01-05 09:43 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-01-19 11:14 - 2017-01-05 09:25 - 00159744 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2017-01-19 11:14 - 2017-01-05 09:24 - 00291328 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2017-01-19 11:13 - 2017-01-05 10:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\System32\adtschema.dll
2017-01-19 11:13 - 2017-01-05 10:52 - 00190464 _____ (Microsoft Corporation) C:\Windows\System32\rpchttp.dll
2017-01-19 11:13 - 2017-01-05 10:52 - 00146432 _____ (Microsoft Corporation) C:\Windows\System32\msaudite.dll
2017-01-19 11:13 - 2017-01-05 10:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\msobjs.dll
2017-01-19 11:13 - 2017-01-05 10:52 - 00043520 _____ (Microsoft Corporation) C:\Windows\System32\cryptbase.dll
2017-01-19 11:13 - 2017-01-05 10:52 - 00028672 _____ (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2017-01-19 11:13 - 2017-01-05 10:52 - 00028160 _____ (Microsoft Corporation) C:\Windows\System32\secur32.dll
2017-01-19 11:13 - 2017-01-05 10:52 - 00022016 _____ (Microsoft Corporation) C:\Windows\System32\credssp.dll
2017-01-19 11:13 - 2017-01-05 09:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-01-19 11:13 - 2017-01-05 09:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-01-19 11:13 - 2017-01-05 09:43 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-01-19 11:13 - 2017-01-05 09:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-01-19 11:13 - 2017-01-05 09:43 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-01-19 11:13 - 2017-01-05 09:43 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-01-19 11:13 - 2017-01-05 09:43 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-01-19 11:13 - 2017-01-05 09:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-01-19 11:13 - 2017-01-05 09:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-01-19 11:13 - 2017-01-05 09:43 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-01-19 11:13 - 2017-01-05 09:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-01-19 11:13 - 2017-01-05 09:32 - 00064000 _____ (Microsoft Corporation) C:\Windows\System32\auditpol.exe
2017-01-19 11:13 - 2017-01-05 09:24 - 00129536 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2017-01-19 11:13 - 2017-01-05 09:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\System32\lsass.exe
2017-01-19 11:13 - 2017-01-05 09:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-01-19 11:13 - 2017-01-05 09:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-01-17 10:17 - 2017-01-17 10:18 - 33208402 _____ C:\Users\lena\Downloads\4a803_Support manual_DE_V02.pdf
2017-01-16 10:52 - 2017-03-04 05:55 - 00000000 ____D C:\log
2017-01-16 10:36 - 2017-01-16 10:36 - 00002331 _____ C:\Users\Public\Desktop\Offboard Diagnostic Information System.lnk
2017-01-16 10:36 - 2017-01-16 10:36 - 00002331 _____ C:\ProgramData\Desktop\Offboard Diagnostic Information System.lnk
2017-01-16 10:36 - 2017-01-16 10:36 - 00002075 _____ C:\Users\Public\Desktop\ODIS Service Diagnostic Interface Configuration.lnk
2017-01-16 10:36 - 2017-01-16 10:36 - 00002075 _____ C:\ProgramData\Desktop\ODIS Service Diagnostic Interface Configuration.lnk
2017-01-16 10:36 - 2017-01-16 10:36 - 00000000 ____D C:\SIDIS
2017-01-16 10:36 - 2017-01-16 10:36 - 00000000 ____D C:\Program Files (x86)\DiTEST
2017-01-16 10:35 - 2017-01-16 10:35 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2017-01-16 10:35 - 2017-01-16 10:35 - 00000000 ____D C:\ProgramData\I+ME Actia GmbH
2017-01-16 10:35 - 2017-01-16 10:35 - 00000000 ____D C:\Program Files (x86)\I+ME Actia GmbH
2017-01-16 10:34 - 2017-03-04 06:09 - 00000000 ____D C:\Program Files (x86)\Offboard_Diagnostic_Information_System_Service
2017-01-16 10:34 - 2017-01-16 10:52 - 00000000 ____D C:\ODIS-DIAG-MODULES
2017-01-16 10:34 - 2017-01-16 10:36 - 00000000 ____D C:\ProgramData\D-PDU API
2017-01-16 10:34 - 2017-01-16 10:34 - 00000000 ____D C:\Windows\SysWOW64\SAG_VAS5051B
2017-01-16 10:34 - 2017-01-16 10:34 - 00000000 ____D C:\Windows\SysWOW64\HVMT_AVL
2017-01-16 10:34 - 2017-01-16 10:34 - 00000000 ____D C:\Windows\SysWOW64\AVL_VAS6356
2017-01-16 10:34 - 2017-01-16 10:34 - 00000000 ____D C:\ProgramData\Softing
2017-01-16 10:34 - 2017-01-16 10:34 - 00000000 ____D C:\Program Files (x86)\Softing
2017-01-16 10:34 - 2016-03-15 01:25 - 01470464 _____ (rd electronic gmbh) C:\Windows\SysWOW64\GICO22EngineAll.dll
2017-01-16 10:34 - 2016-03-15 01:25 - 00446464 _____ (rd electronic gmbh) C:\Windows\SysWOW64\GICO22_JNI.dll
2017-01-16 10:34 - 2016-03-15 01:25 - 00401408 _____ (rd electronic gmbh) C:\Windows\SysWOW64\PAWINNT4_4.dll
2017-01-16 10:34 - 2016-03-15 01:25 - 00221184 _____ (rd electronic gmbh) C:\Windows\SysWOW64\rde_paext_usb_433.dll
2017-01-16 10:34 - 2016-03-15 01:25 - 00188416 _____ (rd electronic gmbh) C:\Windows\SysWOW64\rde_paext_std_433.dll
2017-01-16 10:34 - 2016-03-15 01:25 - 00147456 _____ (rd electronic gmbh) C:\Windows\SysWOW64\avl_vas6558_paext_433.dll
2017-01-16 10:34 - 2016-03-15 01:25 - 00024576 _____ (rd electronic gmbh) C:\Windows\SysWOW64\PAWINNT4_3.dll
2017-01-16 10:34 - 2016-03-15 01:25 - 00024576 _____ (rd electronic gmbh) C:\Windows\SysWOW64\PAWINNT.dll
2017-01-16 10:34 - 2013-06-10 03:49 - 00131248 _____ (Softing Automotive Electronics GmbH) C:\Windows\SysWOW64\loaddpram.dll
2017-01-16 10:34 - 2013-06-10 03:49 - 00126128 _____ (Softing Automotive Electronics GmbH) C:\Windows\SysWOW64\loaddal.dll
2017-01-16 10:34 - 2013-06-10 03:49 - 00116912 _____ (Softing Automotive Electronics GmbH) C:\Windows\SysWOW64\edicblue.dll
2017-01-16 10:34 - 2013-06-10 03:49 - 00115888 _____ (Softing Automotive Electronics GmbH) C:\Windows\SysWOW64\edicusb.dll
2017-01-16 10:34 - 2013-06-10 03:49 - 00107184 _____ (Softing Automotive Electronics GmbH) C:\Windows\SysWOW64\edictcp.dll
2017-01-16 10:34 - 2013-06-10 03:49 - 00104624 _____ (Softing Automotive Electronics GmbH) C:\Windows\System32\Drivers\edic7x64.sys
2017-01-16 10:34 - 2013-06-10 03:49 - 00093360 _____ (Softing Automotive Electronics GmbH) C:\Windows\SysWOW64\conmansrv.exe
2017-01-16 10:34 - 2013-06-10 03:49 - 00088240 _____ (Softing Automotive Electronics GmbH) C:\Windows\SysWOW64\sysload.dll
2017-01-16 10:34 - 2013-06-10 03:49 - 00068272 _____ (Softing Automotive Electronics GmbH) C:\Windows\SysWOW64\edicdp32.dll
2017-01-16 10:34 - 2013-06-10 03:49 - 00052912 _____ (Softing Automotive Electronics GmbH) C:\Windows\SysWOW64\eahwconf7.dll
2017-01-16 10:34 - 2013-06-10 03:49 - 00042672 _____ (Softing Automotive Electronics GmbH) C:\Windows\SysWOW64\admincheck.dll
2017-01-16 10:34 - 2013-06-10 03:49 - 00037168 _____ (Softing Automotive Electronics GmbH) C:\Windows\System32\Drivers\edicusb7x64.sys
2017-01-16 10:34 - 2013-06-10 03:49 - 00020144 _____ (Softing Automotive Electronics GmbH) C:\Windows\SysWOW64\eaconfutil.dll
2017-01-16 09:32 - 2017-01-16 09:32 - 02310048 _____ C:\Users\lena\Downloads\winrar-x64-540d.exe
2017-01-16 09:31 - 2017-01-16 10:16 - 00000000 ____D C:\ODIS
2017-01-15 11:00 - 2017-01-15 11:00 - 13879497 _____ C:\Users\lena\Downloads\D_944_88_KATALOG.pdf
2017-01-14 15:27 - 2017-01-14 15:28 - 17719598 _____ C:\Users\lena\Downloads\zeitung5_3(1).pdf
2017-01-13 13:23 - 2017-01-13 13:24 - 17719598 _____ C:\Users\lena\Downloads\zeitung5_3.pdf
2017-01-06 15:41 - 2017-01-06 15:41 - 03213560 _____ C:\Users\lena\Downloads\versteigerungsliste_kfz_ofd.pdf
2017-01-06 15:24 - 2017-01-06 15:24 - 00210935 _____ C:\Users\lena\Downloads\Versteigerungsplan-2016.pdf
2017-01-06 15:24 - 2017-01-06 15:24 - 00084400 _____ C:\Users\lena\Downloads\Versteigerungsplan-2017.pdf
2017-01-06 15:20 - 2017-01-06 15:20 - 02649559 _____ C:\Users\lena\Downloads\mb64669_749828f640be58383fef1adbda7d6d06_pdffile.pdf
2017-01-06 15:18 - 2017-01-06 15:18 - 01446561 _____ C:\Users\lena\Downloads\mb64669_8d4c6ed274c593e963a774f2f7360cd9_pdffile.pdf
2016-12-30 16:16 - 2016-12-30 16:16 - 00842163 _____ C:\Users\lena\Downloads\audi_a5_2010_preise.pdf
2016-12-30 16:08 - 2016-12-30 16:08 - 00518354 _____ C:\Users\lena\Downloads\audi-a5-preise.pdf
2016-12-30 16:07 - 2016-12-30 16:07 - 02190995 _____ C:\Users\lena\Downloads\130424_KW17_A5_S5_Preisliste.pdf
2016-12-30 15:47 - 2016-12-30 15:47 - 08377484 _____ C:\Users\lena\Downloads\s5_coupe_033_1231(2).pdf
2016-12-30 15:42 - 2016-12-30 15:42 - 03930397 _____ C:\Users\lena\Downloads\pr-nummerntabelle-vw-audi(1).pdf
2016-12-30 11:06 - 2016-12-30 11:06 - 01895362 _____ C:\Users\lena\Downloads\W113.pdf
2016-12-30 11:04 - 2016-12-30 11:04 - 00230076 _____ C:\Users\lena\Downloads\Audi_A5_3_0_TDI_quattro__DPF_.pdf
2016-12-30 10:53 - 2016-12-30 10:53 - 00184135 _____ C:\Users\lena\Downloads\a5-par-0003-file.pdf
2016-12-30 10:51 - 2016-12-30 10:53 - 05335176 _____ C:\Users\lena\Downloads\a5-s5-coupe.pdf
2016-12-30 10:50 - 2016-12-30 10:50 - 12287564 _____ C:\Users\lena\Downloads\A5_A5Cab.pdf
2016-12-30 10:47 - 2016-12-30 10:47 - 05111835 _____ C:\Users\lena\Downloads\A5Mar2007.pdf
2016-12-30 10:41 - 2016-12-30 10:41 - 06230513 _____ C:\Users\lena\Downloads\A5-S5_Brochure.pdf
2016-12-30 10:36 - 2016-12-30 10:36 - 00018676 _____ C:\Users\lena\Downloads\Audi-S5---4.2-FSI-260-kW-quattro-HS-Coupé-S-Modell-2009(1).pdf
2016-12-30 10:31 - 2016-12-30 10:31 - 13373039 _____ C:\Users\lena\Downloads\a5_133_1230_52_00.pdf
2016-12-30 10:28 - 2016-12-30 10:29 - 29090261 _____ C:\Users\lena\Downloads\katalog_a5-coupe_a5-cabriolet_s5-coupe_s5-cabriolet.pdf
2016-12-30 10:14 - 2016-12-30 10:14 - 01850233 _____ C:\Users\lena\Downloads\preisliste_a5-coupe_a5-sportback_a5-cabriolet_s5-coupe_s5-sportback_s5-cabriolet.pdf
2016-12-30 06:05 - 2016-12-30 06:05 - 03930397 _____ C:\Users\lena\Downloads\pr-nummerntabelle-vw-audi.pdf
2016-12-30 06:02 - 2016-12-30 06:02 - 02192643 _____ C:\Users\lena\Downloads\090618_preisliste.pdf
2016-12-25 20:38 - 2016-12-25 20:38 - 00277262 _____ C:\Users\lena\Desktop\audi-wallpaper-wallpapers-desktop-cars-bodykit-car-body-background.jpg
2016-12-25 14:51 - 2016-12-25 14:51 - 00106633 _____ C:\Users\lena\Downloads\toyota0293.pdf
2016-12-25 14:37 - 2016-12-25 14:37 - 01524775 _____ C:\Users\lena\Downloads\RAV4_Preisliste_tcm-17-63685.pdf
2016-12-24 22:41 - 2016-12-24 22:41 - 01874818 _____ C:\Users\lena\Downloads\allparts1220.pdf
2016-12-24 13:23 - 2016-12-24 13:23 - 00062490 _____ C:\Users\lena\Downloads\8x17-et40.pdf
2016-12-24 13:21 - 2016-12-24 13:21 - 00061717 _____ C:\Users\lena\Downloads\00151776.pdf
2016-12-23 21:32 - 2016-12-24 22:09 - 00000000 ____D C:\Users\lena\Documents\MailStore Home
2016-12-23 21:32 - 2016-12-24 21:56 - 00000000 ____D C:\ProgramData\firebird
2016-12-23 21:32 - 2016-12-23 21:32 - 00001227 _____ C:\Users\Public\Desktop\MailStore Home.lnk
2016-12-23 21:32 - 2016-12-23 21:32 - 00001227 _____ C:\ProgramData\Desktop\MailStore Home.lnk
2016-12-23 21:32 - 2016-12-23 21:32 - 00000000 ____D C:\Users\lena\AppData\Local\MailStore Home
2016-12-23 21:31 - 2016-12-23 21:31 - 00000000 ____D C:\Program Files (x86)\deepinvent
2016-12-23 21:30 - 2016-12-23 21:31 - 10728576 _____ (Igor Pavlov) C:\Users\lena\Downloads\MailStoreHomeSetup-10.0.1.12148.exe
2016-12-22 12:00 - 2016-12-22 12:00 - 12009604 _____ C:\Users\lena\Downloads\Audi_S5_Coupe_2008_Owner_s_Manual.pdf
2016-12-22 11:58 - 2016-12-22 11:58 - 08377484 _____ C:\Users\lena\Downloads\s5_coupe_033_1231(1).pdf
2016-12-22 11:57 - 2016-12-22 11:57 - 08377484 _____ C:\Users\lena\Downloads\s5_coupe_033_1231.pdf
2016-12-22 11:52 - 2016-12-22 11:52 - 00018676 _____ C:\Users\lena\Downloads\Audi-S5---4.2-FSI-260-kW-quattro-HS-Coupé-S-Modell-2009.pdf
2016-12-22 11:36 - 2016-12-22 11:36 - 02003372 _____ C:\Users\lena\Downloads\kurzanleitung_a5.pdf
2016-12-22 11:33 - 2016-12-22 11:33 - 06117437 _____ C:\Users\lena\Downloads\audifahren.pdf
2016-12-20 12:29 - 2016-12-20 12:30 - 19724491 _____ C:\Users\lena\Downloads\RR_RE_125cc_air_2013_rev04(1).pdf

==================== Three Months Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-15 14:52 - 2016-02-01 11:07 - 00000000 ____D C:\ProgramData\panda_url_filtering
2017-03-15 11:34 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\inf
2017-03-07 12:53 - 2016-11-18 05:04 - 00000000 ____D C:\Users\lena\AppData\LocalLow\Mozilla
2017-03-07 12:39 - 2016-11-12 01:46 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-03-07 11:42 - 2016-11-17 12:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-07 11:42 - 2013-01-11 11:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-07 11:42 - 2012-09-12 12:42 - 00003018 _____ C:\Windows\wininit.ini
2017-03-07 11:32 - 2009-07-13 20:45 - 00025840 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-07 11:32 - 2009-07-13 20:45 - 00025840 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-07 11:27 - 2011-11-04 01:17 - 00003950 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F4D0EF7C-B6C4-4C71-959C-6232EFD479F8}
2017-03-06 03:54 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-05 05:09 - 2010-01-01 01:29 - 00001034 _____ C:\Windows\Tasks\Google Software Updater.job
2017-03-01 12:05 - 2014-02-06 00:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-03-01 12:01 - 2014-02-05 23:58 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-02-23 22:08 - 2013-07-13 20:37 - 00000000 ____D C:\Windows\System32\MRT
2017-02-23 22:03 - 2009-12-27 09:34 - 138020592 ____C (Microsoft Corporation) C:\Windows\System32\MRT.exe
2017-02-23 10:38 - 2009-07-13 21:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-02-19 07:51 - 2009-08-21 21:45 - 00000000 ____D C:\Program Files (x86)\Google
2017-02-18 23:31 - 2010-11-13 22:30 - 00001025 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-02-18 23:31 - 2010-11-13 22:30 - 00001025 _____ C:\ProgramData\Desktop\CCleaner.lnk
2017-02-17 22:08 - 2016-11-12 01:46 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-02-17 22:08 - 2012-04-30 21:32 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-02-17 22:08 - 2012-02-20 04:19 - 00000000 ____D C:\Windows\System32\Macromed
2017-02-17 22:08 - 2011-06-25 10:29 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-17 22:08 - 2009-08-21 21:24 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-02-16 21:38 - 2009-12-07 12:37 - 00000000 ___HD C:\users\lena
2017-02-16 21:29 - 2016-02-01 11:07 - 00000000 ____D C:\Users\lena\AppData\LocalLow\pandasecuritytb
2017-02-16 21:29 - 2016-02-01 11:07 - 00000000 ____D C:\Program Files\Panda Security URL Filtering
2017-02-16 21:29 - 2016-02-01 11:07 - 00000000 ____D C:\Program Files (x86)\pandasecuritytb
2017-02-16 21:29 - 2015-04-11 22:10 - 00000000 ____D C:\Users\lena\AppData\Roaming\IrfanView
2017-02-16 21:29 - 2013-12-08 06:36 - 00000000 ____D C:\Program Files (x86)\Panda Security
2017-02-16 21:29 - 2010-10-21 00:21 - 00000000 ____D C:\ProgramData\Panda Security
2017-02-16 21:29 - 2010-01-24 00:51 - 00000000 ____D C:\Windows\Minidump
2017-02-16 21:29 - 2009-12-08 13:14 - 00000000 ____D C:\Users\lena\AppData\Local\Mozilla
2017-02-16 21:29 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-02-16 21:29 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2017-02-16 20:27 - 2015-01-25 01:23 - 00000000 ____D C:\Users\lena\AppData\Roaming\Panda Security
2017-02-15 22:53 - 2014-09-10 10:13 - 00000000 ____D C:\KFZ

==================== Known DLLs (Whitelisted) =========================


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2016-10-20 18:39] - [2016-08-29 07:04] - 3229696 ____A (Microsoft Corporation) 38AE1B3C38FAEF56FE4907922F0385BA

C:\Windows\SysWOW64\explorer.exe
[2016-10-20 18:39] - [2016-08-29 06:55] - 2972672 ____A (Microsoft Corporation) 6DDCA324434FFA506CF7DC4E51DB7935

C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll
[2016-12-13 11:42] - [2016-11-10 08:32] - 1009152 ____A (Microsoft Corporation) 34BA256FBF83457F9D5E51A56DB54542

C:\Windows\SysWOW64\User32.dll
[2016-12-13 11:42] - [2016-11-10 08:19] - 0833024 ____A (Microsoft Corporation) 3CB074875AC88A7C1010A2A7F9881A8C

C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Association (Whitelisted) =============


==================== Restore Points =========================


==================== BCD ================================

Windows-Start-Manager
---------------------
Bezeichner              {bootmgr}
device                  partition=Y:
path                    \bootmgr
description             Windows Boot Manager
locale                  de-DE
inherit                 {globalsettings}
default                 {default}
resumeobject            {48c89c1b-9cd3-11de-89e0-a9c7a965dd11}
displayorder            {default}
toolsdisplayorder       {memdiag}
timeout                 30

Windows-Startladeprogramm
-------------------------
Bezeichner              {default}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  de-DE
inherit                 {bootloadersettings}
recoverysequence        {48c89c1d-9cd3-11de-89e0-a9c7a965dd11}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {48c89c1b-9cd3-11de-89e0-a9c7a965dd11}
nx                      OptIn
detecthal               Yes

Windows-Startladeprogramm
-------------------------
Bezeichner              {48c89c1d-9cd3-11de-89e0-a9c7a965dd11}

Windows-Startladeprogramm
-------------------------
Bezeichner              {48c89c1f-9cd3-11de-89e0-a9c7a965dd11}
device                  ramdisk=[C:]\Recovery\48c89c1d-9cd3-11de-89e0-a9c7a965dd11\Winre.wim,{48c89c20-9cd3-11de-89e0-a9c7a965dd11}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment (wiederhergestellt) 
locale                  
osdevice                ramdisk=[C:]\Recovery\48c89c1d-9cd3-11de-89e0-a9c7a965dd11\Winre.wim,{48c89c20-9cd3-11de-89e0-a9c7a965dd11}
systemroot              \windows
winpe                   Yes

Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner              {48c89c1b-9cd3-11de-89e0-a9c7a965dd11}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  de-DE
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows-Speichertestprogramm
----------------------------
Bezeichner              {memdiag}
device                  partition=Y:
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  de-DE
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS-Einstellungen
-----------------
Bezeichner              {emssettings}
bootems                 Yes

Debuggereinstellungen
---------------------
Bezeichner              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM-Defekte
-----------
Bezeichner              {badmemory}

Globale Einstellungen
---------------------
Bezeichner              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Startladeprogramm-Einstellungen
-------------------------------
Bezeichner              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisoreinstellungen
-------------------
Bezeichner              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Einstellungen zur Ladeprogrammfortsetzung
-----------------------------------------
Bezeichner              {resumeloadersettings}
inherit                 {globalsettings}

Ger„teoptionen
--------------
Bezeichner              {48c89c1e-9cd3-11de-89e0-a9c7a965dd11}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\48c89c1d-9cd3-11de-89e0-a9c7a965dd11\boot.sdi

Ger„teoptionen
--------------
Bezeichner              {48c89c20-9cd3-11de-89e0-a9c7a965dd11}
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\48c89c1d-9cd3-11de-89e0-a9c7a965dd11\boot.sdi


==================== Memory info =========================== 

Percentage of memory in use: 26%
Total physical RAM: 3070.36 MB
Available physical RAM: 2252.46 MB
Total Virtual: 3068.51 MB
Available Virtual: 2242.62 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:286.27 GB) (Free:51.74 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (PQSERVICE) (Fixed) (Total:11.72 GB) (Free:1.93 GB) NTFS
Drive f: (WIN_7_HOMEPREMIUM) (CDROM) (Total:5.75 GB) (Free:0 GB) UDF
Drive g: (INTENSO) (Fixed) (Total:58.58 GB) (Free:58.57 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 447.1 GB) (Disk ID: 28F310EB)
Partition 1: (Not Active) - (Size=11.7 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=286.3 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 58.6 GB) (Disk ID: 7F59B6A4)
Partition 1: (Not Active) - (Size=58.6 GB) - (Type=0B)

LastRegBack: 2017-03-04 07:34

==================== End of FRST.txt ============================
         

Antwort

Themen zu Windows 7 schwarzer Bildschirm mit Mauszeiger, es geht nicht weiter
adobe, adobe flash player, bildschirm, ccsetup, defender, desktop, explorer, file, flash player, google, helper, home, monitor, pdf, realtek, registry, scan, schwarzer bildschirm, security, services.exe, software, svchost.exe, system, vista, windows, winlogon.exe, win_7



Ähnliche Themen: Windows 7 schwarzer Bildschirm mit Mauszeiger, es geht nicht weiter


  1. Windows 7, schwarzer Bildschirm mit Mauszeiger, abgesicherter Modus funktioniert
    Alles rund um Windows - 02.09.2015 (6)
  2. Windows 7: Boot nicht möglich; schwarzer Bildschirm mit Mauszeiger nach Windowslogo
    Log-Analyse und Auswertung - 11.11.2014 (17)
  3. Windows 8.1: schwarzer Bildschirm nach Start, Mauszeiger da, FRST lässt sich nicht ausführen
    Plagegeister aller Art und deren Bekämpfung - 27.08.2014 (1)
  4. Windows 8.1: schwarzer Bildschirm nach Start, Mauszeiger da
    Alles rund um Windows - 27.08.2014 (2)
  5. Windows 7 startet nicht mehr - Schwarzer Bildschirm mit Mauszeiger
    Log-Analyse und Auswertung - 19.08.2014 (25)
  6. Schwarzer Bildschirm + Mauszeiger statt Login-Screen
    Log-Analyse und Auswertung - 26.04.2014 (13)
  7. schwarzer Bildschirm mit Mauszeiger nach Start des Betriebssystems Windows7
    Log-Analyse und Auswertung - 17.04.2014 (7)
  8. [Windows 7] Nach Login bei Windows erscheint nur noch ein schwarzer Bildschirm mit Mauszeiger
    Plagegeister aller Art und deren Bekämpfung - 12.03.2014 (1)
  9. Windows 7 schwarzer Bildschirm + Mauszeiger
    Plagegeister aller Art und deren Bekämpfung - 18.01.2014 (4)
  10. Windows 8 schwarzer Bildschirm + Mauszeiger
    Alles rund um Windows - 05.01.2014 (1)
  11. Windows 7: Schwarzer Bildschirm und Mauszeiger beim Starten
    Log-Analyse und Auswertung - 29.12.2013 (5)
  12. Beim starten schwarzer Bildschirm und bewegbarer Mauszeiger (Windows 7)
    Plagegeister aller Art und deren Bekämpfung - 06.11.2013 (9)
  13. Windows 7 nach Start schwarzer Bildschirm + Mauszeiger
    Plagegeister aller Art und deren Bekämpfung - 23.09.2013 (15)
  14. Schwarzer Bildschirm nach hochfahren mit beweglichem Mauszeiger
    Plagegeister aller Art und deren Bekämpfung - 09.07.2013 (5)
  15. Windows 7 startet nicht mehr, schwarzer Bildschirm beim Booten mit weißem Mauszeiger
    Log-Analyse und Auswertung - 19.03.2013 (0)
  16. Laptop bootet nicht mehr (schwarzer Bildschirm, weißer Mauszeiger)
    Plagegeister aller Art und deren Bekämpfung - 25.02.2013 (15)
  17. schwarzer Bildschirm mit Mauszeiger... nix geht mehr
    Plagegeister aller Art und deren Bekämpfung - 14.05.2012 (7)

Zum Thema Windows 7 schwarzer Bildschirm mit Mauszeiger, es geht nicht weiter - Code: Alles auswählen Aufklappen ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017 Ran by SYSTEM on MININT-KBTNC9V (16-03-2017 21:04:03) Running from g:\ Platform: Windows 7 Home - Windows 7 schwarzer Bildschirm mit Mauszeiger, es geht nicht weiter...
Archiv
Du betrachtest: Windows 7 schwarzer Bildschirm mit Mauszeiger, es geht nicht weiter auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.