Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   PC friert ein, ist extrem langsam und meldet Script Fehler (https://www.trojaner-board.de/171504-pc-friert-extrem-langsam-meldet-script-fehler.html)

Orcrist 24.09.2015 18:52

PC friert ein, ist extrem langsam und meldet Script Fehler
 
Hallo in die Runde,

ich habe schon etwas länger PC Probleme, die sich u.a. wie folgt äußern:

Beim Herunterfahren des PCs taucht die Meldung auf, dass ein Hintergrundprogramm noch läuft (obwohl ich alles geschlossen habe). Desweiteren bekomme ich fast täglich die Meldung, dass ein Skript eventuell beschädigt ist (wenn ich im Internet bin). Das merkwürdigste ist allerdings, dass ab und an auf einmal eine große Hand (wie der Mauszeiger, nur viel größer) erscheint, die von alleine in die Bildschirmmitte drückt und damit sofort alles stilllegt. Danach geht gar nichts mehr (PC ist wie eingefroren) und ich kann nur noch leider den Affengriff machen.
Der PC ist auch extrem langsam. Ich denke, ich habe mir da irgendo etwas eingefangen! :killpc:

P.S. Komischerweise konnte ich mit dem Firefox nicht ins Trojaner Forum um den Beitrag zu erstellen, die Seite hat sich von alleine ständig aktualisiert. :wtf: Ich benutze sonst immer diesen Browser...

Hier meine bisherigen Unternehmungen:

Defogger

Code:

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 15:27 on 24/09/2015 (blondi)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-


FRST

Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:23-09-2015
durchgeführt von blondi (Administrator) auf BLONDI-HP (24-09-2015 15:28:56)
Gestartet von C:\Users\grüner Drache\Desktop
Geladene Profile: blondi & grüner Drache (Verfügbare Profile: smartie & blondi & grüner Drache)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\XSManager\WTGService.exe
(4G Systems GmbH & Co. KG) C:\Windows\service4g.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(4G Systems GmbH & Co. KG) C:\Windows\starter4g.exe
(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
() C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(WebToGo Mobiles Internet GmbH) C:\Program Files (x86)\XSManager\XSManager.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6463592 2012-02-13] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2885904 2012-02-24] (Synaptics Incorporated)
HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [44880 2011-12-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [636032 2012-02-14] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [684024 2012-02-19] (PDF Complete Inc)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [starter4g] => C:\Windows\starter4g.exe [160992 2010-07-08] (4G Systems GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ApnUpdater] => C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1646216 2013-04-01] (Ask)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-09-03] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-07-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort11reminder] => C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] ()
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [185896 2013-10-28] (Geek Software GmbH)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66936 2015-08-13] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\...\MountPoints2: {1281b708-8d14-11e3-917a-446d5773e023} - F:\AutoRun.exe
HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\...\MountPoints2: {1281b715-8d14-11e3-917a-446d5773e023} - F:\AutoRun.exe
HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\...\MountPoints2: {521d1f89-483f-11e2-9d26-806e6f6e6963} - E:\start.exe
HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\...\MountPoints2: {7b9bf4a8-ba49-11e3-960c-446d5773e023} - F:\AutoRun.exe
HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\...\MountPoints2: {8a0c0fbe-e64c-11e3-86e8-001e101f82a0} - F:\AutoRun.exe
HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\...\MountPoints2: {bafdebac-87df-11e2-ba1e-446d5773e023} - F:\autorun.exe
HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\...\MountPoints2: {c414602a-8b35-11e3-934e-446d5773e023} - F:\AutoRun.exe
HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\...\MountPoints2: {c4146040-8b35-11e3-934e-446d5773e023} - F:\AutoRun.exe
HKU\S-1-5-21-2255287641-1463189941-1607643083-1003\...\MountPoints2: {bafdebac-87df-11e2-ba1e-446d5773e023} - F:\autorun.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{3DFDFF89-4FB7-4ED7-BF0B-DE814EDAD0A6}: [DhcpNameServer] 192.168.72.2
Tcpip\..\Interfaces\{4666D7E6-F55F-4C00-856C-64AA99F49F12}: [NameServer] 193.189.244.225 193.189.244.206
Tcpip\..\Interfaces\{47872D93-BB86-4F35-AA1A-522A803CA999}: [NameServer] 193.189.244.206 193.189.244.225
Tcpip\..\Interfaces\{62B4EE08-8E25-474A-B601-379A7909E61B}: [NameServer] 193.189.244.225 193.189.244.206
Tcpip\..\Interfaces\{887BCB3A-6FF2-48E8-B97D-79DAE3BF43E2}: [NameServer] 139.7.30.126 139.7.30.125
Tcpip\..\Interfaces\{92BAAD06-FC8D-4246-B4B0-585E0DC29370}: [NameServer] 193.189.244.225 193.189.244.206
Tcpip\..\Interfaces\{F9745FD9-3B56-45E8-83DB-B78B4A29FA0F}: [NameServer] 193.189.244.225 193.189.244.206

Internet Explorer:
==================
HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE
HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/10
HKU\S-1-5-21-2255287641-1463189941-1607643083-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM/10
HKU\S-1-5-21-2255287641-1463189941-1607643083-1003\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPCOM/10
HKU\S-1-5-21-2255287641-1463189941-1607643083-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/10
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-4/4?satitle={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-4/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-2255287641-1463189941-1607643083-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2255287641-1463189941-1607643083-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2255287641-1463189941-1607643083-1002 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKU\S-1-5-21-2255287641-1463189941-1607643083-1002 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKU\S-1-5-21-2255287641-1463189941-1607643083-1002 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-2255287641-1463189941-1607643083-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-4/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-2255287641-1463189941-1607643083-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2255287641-1463189941-1607643083-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2255287641-1463189941-1607643083-1003 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKU\S-1-5-21-2255287641-1463189941-1607643083-1003 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKU\S-1-5-21-2255287641-1463189941-1607643083-1003 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-2255287641-1463189941-1607643083-1003 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-4/4?satitle={searchTerms}
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-13] (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-13] (Advanced Micro Devices)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKU\S-1-5-21-2255287641-1463189941-1607643083-1002 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)

FireFox:
========
FF ProfilePath: C:\Users\blondi\AppData\Roaming\Mozilla\Firefox\Profiles\78ic5878.default
FF SearchEngineOrder.1: Ask.com
FF Homepage: hxxp://www.michaelroads.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2011-11-07] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2011-09-28] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\blondi\AppData\Roaming\Mozilla\Firefox\Profiles\78ic5878.default\Extensions\2020Player_IKEA@2020Technologies.com [2015-02-24]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\blondi\AppData\Roaming\Mozilla\Firefox\Profiles\78ic5878.default\Extensions\toolbar@ask.com [2013-04-17]
FF Extension: Adblock Plus - C:\Users\blondi\AppData\Roaming\Mozilla\Firefox\Profiles\78ic5878.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-04-28]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-02-14] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-09-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-09-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-09-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-09-03] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [228104 2015-08-13] (Avira Operations GmbH & Co. KG)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [246112 2014-02-01] ()
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1134584 2012-02-19] (PDF Complete Inc)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [329168 2010-04-12] ()
R2 XS Stick Service; C:\Windows\service4g.exe [145120 2010-07-08] (4G Systems GmbH & Co. KG)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [55936 2012-01-03] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162528 2015-09-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-09-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-05] (Avira Operations GmbH & Co. KG)
R3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [117888 2013-03-08] (Mobile Connector)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-24] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [259688 2011-10-27] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver.sys [21264 2012-02-24] (Synaptics Incorporated)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-24 15:28 - 2015-09-24 15:29 - 00022229 _____ C:\Users\grüner Drache\Desktop\FRST.txt
2015-09-24 15:28 - 2015-09-24 15:28 - 02192384 _____ (Farbar) C:\Users\grüner Drache\Desktop\FRST64.exe
2015-09-24 15:27 - 2015-09-24 15:27 - 00000474 _____ C:\Users\grüner Drache\Desktop\defogger_disable.log
2015-09-24 15:27 - 2015-09-24 15:27 - 00000000 _____ C:\Users\blondi\defogger_reenable
2015-09-24 15:26 - 2015-09-24 15:26 - 00050477 _____ C:\Users\grüner Drache\Desktop\Defogger.exe
2015-09-24 15:24 - 2015-09-24 15:25 - 00000000 ____D C:\Users\grüner Drache\AppData\Roaming\Mozilla
2015-09-24 15:24 - 2015-09-24 15:24 - 00000000 ____D C:\Users\grüner Drache\AppData\Local\updater4g
2015-09-24 15:24 - 2015-09-24 15:24 - 00000000 ____D C:\Users\grüner Drache\AppData\Local\Mozilla
2015-09-24 15:09 - 2015-09-24 15:09 - 00000000 ____D C:\Users\grüner Drache\AppData\Roaming\Avira
2015-09-24 15:09 - 2015-09-24 15:09 - 00000000 ____D C:\Users\grüner Drache\AppData\Roaming\ATI
2015-09-24 15:09 - 2015-09-24 15:09 - 00000000 ____D C:\Users\grüner Drache\AppData\Local\ATI
2015-09-24 15:09 - 2015-09-24 15:09 - 00000000 ____D C:\Users\grüner Drache\AppData\Local\AMD
2015-09-24 15:04 - 2015-09-24 15:24 - 00000000 ____D C:\Users\grüner Drache\AppData\Roaming\XSManager
2015-09-24 15:04 - 2015-09-24 15:04 - 00064496 _____ C:\Users\grüner Drache\AppData\Local\GDIPFONTCACHEV1.DAT
2015-09-24 15:04 - 2015-09-24 15:04 - 00003966 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{66D18C92-6560-4250-8252-B6CE52EADD07}
2015-09-24 15:04 - 2015-09-24 15:04 - 00001425 _____ C:\Users\grüner Drache\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-09-24 15:04 - 2015-09-24 15:04 - 00000000 ____D C:\Users\grüner Drache\AppData\Roaming\Synaptics
2015-09-24 15:04 - 2015-09-24 15:04 - 00000000 ____D C:\Users\grüner Drache\AppData\Roaming\Macromedia
2015-09-24 15:04 - 2015-09-24 15:04 - 00000000 ____D C:\Users\grüner Drache\AppData\Roaming\Adobe
2015-09-24 15:04 - 2015-09-24 15:04 - 00000000 ____D C:\Users\grüner Drache\AppData\Local\Scansoft
2015-09-24 15:04 - 2015-09-24 15:04 - 00000000 ____D C:\Users\grüner Drache\AppData\Local\PDFC
2015-09-24 15:03 - 2015-09-24 15:03 - 00000020 ___SH C:\Users\grüner Drache\ntuser.ini
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 _SHDL C:\Users\grüner Drache\Vorlagen
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 _SHDL C:\Users\grüner Drache\Startmenü
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 _SHDL C:\Users\grüner Drache\Netzwerkumgebung
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 _SHDL C:\Users\grüner Drache\Lokale Einstellungen
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 _SHDL C:\Users\grüner Drache\Eigene Dateien
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 _SHDL C:\Users\grüner Drache\Druckumgebung
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 _SHDL C:\Users\grüner Drache\Documents\Eigene Musik
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 _SHDL C:\Users\grüner Drache\Documents\Eigene Bilder
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 _SHDL C:\Users\grüner Drache\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 _SHDL C:\Users\grüner Drache\AppData\Local\Verlauf
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 _SHDL C:\Users\grüner Drache\AppData\Local\Anwendungsdaten
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 _SHDL C:\Users\grüner Drache\Anwendungsdaten
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 ____D C:\Users\grüner Drache\AppData\Local\VirtualStore
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 ____D C:\Users\grüner Drache
2015-09-24 15:03 - 2012-04-05 18:59 - 00002431 _____ C:\Users\grüner Drache\Desktop\eBay.lnk
2015-09-24 15:03 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\grüner Drache\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-24 15:03 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\grüner Drache\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-24 14:50 - 2015-09-24 14:50 - 00000000 ____D C:\Users\smartie\AppData\Roaming\Avira
2015-09-24 14:50 - 2015-09-24 14:50 - 00000000 ____D C:\Users\smartie\AppData\Roaming\ATI
2015-09-24 14:50 - 2015-09-24 14:50 - 00000000 ____D C:\Users\smartie\AppData\Local\ATI
2015-09-24 14:50 - 2015-09-24 14:50 - 00000000 ____D C:\Users\smartie\AppData\Local\AMD
2015-09-24 14:46 - 2015-09-24 14:46 - 00000000 ____D C:\Users\smartie\AppData\Roaming\Macromedia
2015-09-24 14:45 - 2015-09-24 14:46 - 00000000 ____D C:\Users\smartie\AppData\Roaming\XSManager
2015-09-24 14:45 - 2015-09-24 14:45 - 00064496 _____ C:\Users\smartie\AppData\Local\GDIPFONTCACHEV1.DAT
2015-09-24 14:20 - 2015-09-24 15:29 - 00000000 ____D C:\FRST
2015-09-24 12:26 - 2015-09-24 12:26 - 00007334 _____ C:\Users\blondi\Documents\OpenDocument Text (neu).odt
2015-09-09 11:37 - 2015-07-15 05:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-09-09 11:37 - 2015-07-15 04:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-09-09 11:36 - 2015-08-18 03:42 - 00393304 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-09 11:36 - 2015-08-18 03:14 - 00344168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-09 11:36 - 2015-08-15 08:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-09 11:36 - 2015-08-15 08:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-09-09 11:36 - 2015-08-15 08:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-09-09 11:36 - 2015-08-15 08:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-09-09 11:36 - 2015-08-15 08:17 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-09 11:36 - 2015-08-15 08:17 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-09 11:36 - 2015-08-15 08:17 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-09 11:36 - 2015-08-15 08:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-09 11:36 - 2015-08-15 08:09 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-09-09 11:36 - 2015-08-15 08:06 - 19856896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-09 11:36 - 2015-08-15 08:06 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-09 11:36 - 2015-08-15 08:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-09 11:36 - 2015-08-15 08:04 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-09-09 11:36 - 2015-08-15 08:04 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-09 11:36 - 2015-08-15 08:04 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-09-09 11:36 - 2015-08-15 08:00 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-09 11:36 - 2015-08-15 07:57 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-09 11:36 - 2015-08-15 07:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-09-09 11:36 - 2015-08-15 07:53 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-09 11:36 - 2015-08-15 07:46 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 11:36 - 2015-08-15 07:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-09 11:36 - 2015-08-15 07:40 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-09 11:36 - 2015-08-15 07:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-09-09 11:36 - 2015-08-15 07:39 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-09-09 11:36 - 2015-08-15 07:39 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-09 11:36 - 2015-08-15 07:39 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-09-09 11:36 - 2015-08-15 07:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-09-09 11:36 - 2015-08-15 07:35 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-09 11:36 - 2015-08-15 07:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-09-09 11:36 - 2015-08-15 07:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-09-09 11:36 - 2015-08-15 07:30 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-09-09 11:36 - 2015-08-15 07:29 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-09 11:36 - 2015-08-15 07:29 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-09-09 11:36 - 2015-08-15 07:29 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-09-09 11:36 - 2015-08-15 07:24 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-09 11:36 - 2015-08-15 07:23 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-09 11:36 - 2015-08-15 07:22 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-09 11:36 - 2015-08-15 07:22 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-09-09 11:36 - 2015-08-15 07:21 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-09-09 11:36 - 2015-08-15 07:16 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-09 11:36 - 2015-08-15 07:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-09-09 11:36 - 2015-08-15 07:14 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-09-09 11:36 - 2015-08-15 07:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-09-09 11:36 - 2015-08-15 07:11 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-09-09 11:36 - 2015-08-15 07:10 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-09 11:36 - 2015-08-15 07:07 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-09 11:36 - 2015-08-15 07:04 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-09 11:36 - 2015-08-15 07:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-09 11:36 - 2015-08-15 07:01 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-09 11:36 - 2015-08-15 07:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-09-09 11:36 - 2015-08-15 06:55 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-09 11:36 - 2015-08-15 06:43 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-09 11:36 - 2015-08-15 06:43 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-09 11:36 - 2015-08-15 06:39 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-09 11:36 - 2015-08-15 06:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-09 11:35 - 2015-08-15 08:48 - 25190400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-09 11:35 - 2015-08-15 08:17 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-09-09 11:35 - 2015-08-15 07:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-09-09 11:32 - 2015-08-05 19:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-09 11:32 - 2015-08-05 19:56 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-09 11:32 - 2015-08-05 19:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-09 11:32 - 2015-07-09 19:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-09-09 11:32 - 2015-07-09 19:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-09-09 11:32 - 2015-07-09 19:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-09-09 11:32 - 2015-07-09 19:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-09-09 11:27 - 2015-07-23 02:06 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-09-09 11:27 - 2015-07-23 02:06 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-09-09 11:27 - 2015-07-23 02:06 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-09-09 11:27 - 2015-07-23 02:03 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-09-09 11:27 - 2015-07-23 02:03 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-09-09 11:27 - 2015-07-23 02:03 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-09-09 11:27 - 2015-07-23 02:03 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-09-09 11:27 - 2015-07-23 02:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-09-09 11:27 - 2015-07-23 02:02 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-09-09 11:27 - 2015-07-23 02:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-09-09 11:27 - 2015-07-23 02:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-09-09 11:27 - 2015-07-23 02:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-09-09 11:27 - 2015-07-23 02:01 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-09-09 11:27 - 2015-07-23 01:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-09-09 11:27 - 2015-07-23 01:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:51 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-09-09 11:27 - 2015-07-22 19:57 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-09-09 11:27 - 2015-07-22 19:57 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-09-09 11:27 - 2015-07-22 19:54 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-09-09 11:27 - 2015-07-22 19:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-09-09 11:27 - 2015-07-22 19:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-09-09 11:27 - 2015-07-22 19:53 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-09-09 11:27 - 2015-07-22 19:53 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-09-09 11:27 - 2015-07-22 19:53 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-09-09 11:27 - 2015-07-22 19:53 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-09-09 11:27 - 2015-07-22 19:53 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-09-09 11:27 - 2015-07-22 19:53 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-09-09 11:27 - 2015-07-22 19:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-09-09 11:27 - 2015-07-22 19:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-09-09 11:27 - 2015-07-22 19:53 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-09-09 11:27 - 2015-07-22 19:53 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-09-09 11:27 - 2015-07-22 19:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-09-09 11:27 - 2015-07-22 19:52 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-09-09 11:27 - 2015-07-22 19:52 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-09-09 11:27 - 2015-07-22 19:52 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-09-09 11:27 - 2015-07-22 19:52 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-09-09 11:27 - 2015-07-22 19:52 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-09-09 11:27 - 2015-07-22 19:52 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-09-09 11:27 - 2015-07-22 19:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-09-09 11:27 - 2015-07-22 19:47 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-09-09 11:27 - 2015-07-22 19:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 18:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-09 11:27 - 2015-07-22 18:45 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-09-09 11:27 - 2015-07-22 18:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-09-09 11:27 - 2015-07-22 18:44 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-09-09 11:27 - 2015-07-22 18:34 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-09-09 11:27 - 2015-07-22 18:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-09-09 11:27 - 2015-07-22 18:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 18:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-09 11:26 - 2015-06-25 12:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-09 11:26 - 2015-06-25 12:01 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-09 11:26 - 2015-06-25 12:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-09-09 11:26 - 2015-06-25 11:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-09 11:24 - 2015-08-27 20:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-09 11:24 - 2015-08-27 20:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-09 11:24 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-09-09 11:24 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-09-09 11:24 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-09 11:24 - 2015-08-27 19:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-09 11:24 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-09-09 11:24 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-09-09 11:24 - 2015-08-04 20:03 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-09-09 11:24 - 2015-08-04 20:00 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-09-09 11:24 - 2015-08-04 19:56 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-09-09 11:24 - 2015-08-04 19:56 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-09 11:24 - 2015-08-04 19:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-09 11:24 - 2015-08-04 19:55 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-09-09 11:24 - 2015-08-04 19:55 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-09-09 11:24 - 2015-08-04 19:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-09 11:24 - 2015-08-04 18:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-09-09 11:23 - 2015-09-02 05:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-09-09 11:23 - 2015-09-02 05:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-09 11:23 - 2015-09-02 05:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-09-09 11:23 - 2015-09-02 05:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-09-09 11:23 - 2015-09-02 04:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-09-09 11:23 - 2015-09-02 04:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-09 11:23 - 2015-09-02 04:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-09-09 11:23 - 2015-09-02 04:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-09-09 11:23 - 2015-09-02 03:51 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-09 11:23 - 2015-09-02 03:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-09 11:23 - 2015-09-02 03:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-09 11:23 - 2015-08-26 20:07 - 03165696 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-09 11:23 - 2015-08-26 20:07 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-09 11:23 - 2015-08-26 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-09 11:22 - 2015-08-26 20:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-09 11:22 - 2015-08-26 20:07 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-09 11:22 - 2015-08-26 20:07 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-09 11:22 - 2015-08-26 20:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-09-09 11:22 - 2015-08-26 20:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-09-09 11:22 - 2015-08-26 20:06 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-09 11:22 - 2015-08-26 20:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-09-09 11:22 - 2015-08-26 20:06 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-09 11:22 - 2015-08-26 20:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-09-09 11:22 - 2015-08-26 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-09 11:22 - 2015-08-26 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-09 11:22 - 2015-08-26 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-09-09 11:22 - 2015-08-26 19:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-07 15:34 - 2015-09-10 11:21 - 00001138 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2015-09-03 11:12 - 2015-09-10 13:35 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-03 11:12 - 2015-09-10 11:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-08-27 19:57 - 2015-08-29 12:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-24 15:27 - 2013-02-14 14:43 - 00000000 ____D C:\Users\blondi
2015-09-24 15:27 - 2013-02-14 14:38 - 01334733 _____ C:\Windows\WindowsUpdate.log
2015-09-24 15:27 - 2009-07-14 06:45 - 00031472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-24 15:27 - 2009-07-14 06:45 - 00031472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-24 15:18 - 2014-10-09 16:02 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-24 14:46 - 2012-04-05 18:35 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-24 14:10 - 2013-02-14 14:57 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{1B4F8AB6-FC85-4C3D-B15D-4580FA0E1EEB}
2015-09-24 12:47 - 2014-11-08 13:59 - 00015160 _____ C:\Users\blondi\Documents\pc mätzchen.odt
2015-09-24 12:32 - 2012-04-05 18:50 - 00000000 ____D C:\ProgramData\PDFC
2015-09-24 12:29 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-24 12:29 - 2009-07-14 06:51 - 00165619 _____ C:\Windows\setupact.log
2015-09-24 12:14 - 2013-09-13 23:37 - 00000000 ____D C:\Users\blondi\Documents\business
2015-09-19 12:32 - 2013-12-02 15:08 - 00000000 ____D C:\Users\blondi\Documents\denken
2015-09-19 12:29 - 2014-10-15 12:25 - 00000000 ____D C:\Users\blondi\Documents\ausdrucken
2015-09-19 12:28 - 2013-09-13 12:09 - 00000000 ____D C:\Users\blondi\Documents\Finanzen
2015-09-19 11:40 - 2014-10-09 16:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-18 17:35 - 2013-04-18 11:55 - 00000000 ____D C:\Users\blondi\AppData\Local\CrashDumps
2015-09-18 17:32 - 2014-10-09 16:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-09-18 17:32 - 2013-04-13 20:18 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-09-18 15:16 - 2013-03-08 16:30 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2015-09-18 13:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-09-11 18:24 - 2015-08-04 12:08 - 00000336 _____ C:\Windows\Tasks\HPCeeScheduleForblondi.job
2015-09-11 16:06 - 2015-08-14 15:55 - 00003192 _____ C:\Windows\System32\Tasks\HPCeeScheduleForblondi
2015-09-09 17:10 - 2009-07-14 06:45 - 00295360 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-09 17:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-09 16:57 - 2013-07-14 00:41 - 00000000 ____D C:\Windows\system32\MRT
2015-09-03 11:13 - 2013-04-17 15:23 - 00000000 ____D C:\ProgramData\Avira
2015-09-03 11:13 - 2013-04-17 15:23 - 00000000 ____D C:\Program Files (x86)\Avira
2015-09-03 11:04 - 2013-04-17 15:23 - 00162528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-09-03 11:04 - 2013-04-17 15:23 - 00141416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-08-29 12:49 - 2013-03-08 13:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-29 12:49 - 2010-11-21 05:47 - 00953526 _____ C:\Windows\PFRO.log
2015-08-26 18:37 - 2013-05-01 09:36 - 134753440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Einige Dateien in TEMP:
====================
C:\Users\blondi\AppData\Local\Temp\avgnt.exe
C:\Users\blondi\AppData\Local\Temp\sp58915.exe
C:\Users\blondi\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\blondi\AppData\Local\Temp\_is3AD5.exe
C:\Users\blondi\AppData\Local\Temp\_is9D5.exe
C:\Users\grüner Drache\AppData\Local\Temp\avgnt.exe
C:\Users\smartie\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-09-22 12:06

==================== Ende von FRST.txt ============================

Addition

Code:

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:23-09-2015
durchgeführt von blondi (2015-09-24 15:30:50)
Gestartet von C:\Users\grüner Drache\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-02-14 12:43:38)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2255287641-1463189941-1607643083-500 - Administrator - Disabled)
blondi (S-1-5-21-2255287641-1463189941-1607643083-1002 - Administrator - Enabled) => C:\Users\blondi
Gast (S-1-5-21-2255287641-1463189941-1607643083-501 - Limited - Disabled)
grüner Drache (S-1-5-21-2255287641-1463189941-1607643083-1003 - Limited - Enabled) => C:\Users\grüner Drache
smartie (S-1-5-21-2255287641-1463189941-1607643083-1001 - Administrator - Enabled) => C:\Users\smartie

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.3.633 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{F56D7C41-9105-8F4B-C791-06BA190CA281}) (Version: 3.0.868.0 - Advanced Micro Devices, Inc.)
Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.24.0 - Ask.com) <==== ACHTUNG
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.420 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{315dd168-0794-4cf1-8355-f195cde642fc}) (Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG) Hidden
Avira SearchFree Toolbar plus Web Protection Updater (HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.5.42066 - Ask.com) <==== ACHTUNG
Avira SearchFree Toolbar plus Web Protection Updater (HKU\S-1-5-21-2255287641-1463189941-1607643083-1003\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.5.42066 - Ask.com) <==== ACHTUNG
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Brother MFL-Pro Suite DCP-195C (HKLM-x32\...\{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
Cake Mania (x32 Version: 2.2.0.98 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.3.5010 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 14.3.20130522 - Landesfinanzdirektion Thüringen)
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{4F34A145-8CF3-400C-B5DB-2B1BF604304D}) (Version: 5.1.4 - Hewlett-Packard)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fishdom (TM) 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Documentation (HKLM-x32\...\{DB183033-C2DD-4A37-B43C-943DD4B28C77}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Launch Box (HKLM\...\{5A847522-375C-4D05-BD3D-88C450CC047F}) (Version: 1.1.5 - Hewlett-Packard Company)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{7E799992-5DA0-4A1A-9443-B1836B063FEC}) (Version: 1.4.8 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP Security Assistant (HKLM\...\{D3AA8FD3-5FFA-4CFC-BA8E-99BFC6A41943}) (Version: 3.0.2 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15430.4033 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{DCD01638-C22B-4AA1-ACCE-1C7150B02076}) (Version: 4.5.6.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Island Farm (HKLM-x32\...\Island Farm_is1) (Version:  - rondomedia)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest II (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Mahjongg Artifacts (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 21.005.15.00.705 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 40.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
OpenOffice 4.0.0 (HKLM-x32\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}) (Version: 1.00.0000 - Nuance Communications, Inc.)
PDF Complete Corporate Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.87 - PDF Complete, Inc)
PDF24 Creator 6.0.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.51.116.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6577 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.29005 - Realtek Semiconductor Corp.)
ScanSoft PaperPort 11 (HKLM-x32\...\{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}) (Version: 11.2.0000 - Nuance Communications, Inc.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.1.0 - Synaptics Incorporated)
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.5.36 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinZip 16.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240CD}) (Version: 16.0.9715 - WinZip Computing, S.L. )
XSManager (HKLM-x32\...\XSManager) (Version: 3.0 - XSManager)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

31-08-2015 15:55:11 Windows Update
04-09-2015 10:35:24 Windows Update
07-09-2015 15:44:45 Windows Update
09-09-2015 16:29:13 Windows Update
18-09-2015 13:52:14 Geplanter Prüfpunkt

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {20284A59-8D74-4338-87B5-FE72198C176A} - System32\Tasks\HPCeeScheduleForblondi => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {388CA88C-6FF5-4CA9-82DF-86DB380AC45B} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {47A34367-5B97-4962-8CE2-30829953B54C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {86A0B680-1173-4173-97F2-6AF97F20478E} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-02-10] (CyberLink)
Task: {896ED704-C96E-4E24-8629-44724B5F5EE9} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2013-04-01] () <==== ACHTUNG
Task: {A5371D2B-63BC-4BDB-AFB1-B7EFE6C0A294} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {BA209339-ED07-4EF5-A902-1E9CF1604BD2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-13] (Adobe Systems Incorporated)
Task: {CA53CB8D-F9B5-44F3-89B1-069A7F48A2DF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {EFC1A6B0-34A4-4A8F-8DFF-026D2A63E10C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\HPCeeScheduleForblondi.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2012-02-14 23:16 - 2012-02-14 23:16 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2011-03-14 17:27 - 2011-03-14 17:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2014-02-01 13:54 - 2014-02-01 13:53 - 00246112 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
2013-03-08 13:45 - 2010-04-12 19:03 - 00329168 ____N () C:\Program Files (x86)\XSManager\WTGService.exe
2013-09-07 18:44 - 2012-09-25 11:26 - 01163264 ____N () C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
2011-12-19 23:34 - 2011-12-19 23:34 - 00108880 _____ () C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
2012-02-14 23:16 - 2012-02-14 23:16 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2012-02-14 23:13 - 2012-02-14 23:13 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-11-09 09:55 - 2011-11-09 09:55 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2014-02-01 13:54 - 2014-02-01 13:53 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll
2014-02-01 13:54 - 2014-02-01 13:53 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll
2014-02-01 13:54 - 2014-02-01 13:53 - 02415104 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll
2014-02-01 13:54 - 2014-02-01 13:53 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll
2014-02-01 13:54 - 2014-02-01 13:53 - 00384512 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll
2014-02-01 13:54 - 2014-02-01 13:53 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll
2013-09-07 18:44 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2013-03-08 13:45 - 2010-04-12 18:59 - 00376832 ____N () C:\Program Files (x86)\XSManager\WtgCore.dll
2013-03-08 13:45 - 2010-04-12 18:59 - 00139264 ____N () C:\Program Files (x86)\XSManager\WtgBluetooth.dll
2013-03-08 13:45 - 2010-04-12 18:59 - 00065536 ____N () C:\Program Files (x86)\XSManager\WtgDialup.dll
2013-03-08 13:45 - 2010-04-12 18:59 - 00204800 ____N () C:\Program Files (x86)\XSManager\WtgUtil.dll
2013-03-08 13:45 - 2010-04-12 18:59 - 00086016 ____N () C:\Program Files (x86)\XSManager\WtgPorts.dll
2013-03-08 13:45 - 2010-04-12 18:59 - 00110592 ____N () C:\Program Files (x86)\XSManager\WtgDatabase.dll
2013-03-08 13:45 - 2010-06-22 19:48 - 00143360 ____N () C:\Program Files (x86)\XSManager\WtgDetection.dll
2013-03-08 13:45 - 2010-04-12 18:59 - 00045056 ____N () C:\Program Files (x86)\XSManager\WtgDriverInstall.dll
2013-03-08 13:45 - 2010-04-12 18:59 - 00024576 ____N () C:\Program Files (x86)\XSManager\WTGDebugs.dll
2013-03-08 13:45 - 2010-04-28 18:00 - 00835240 ____N () C:\Program Files (x86)\XSManager\4GSystems_OneClickAssistantGer.dll
2013-03-08 13:45 - 2009-12-08 12:22 - 00593920 ____N () C:\Program Files (x86)\XSManager\WTGXMLUtil.dll
2013-03-08 13:45 - 2010-04-28 18:00 - 00183976 ____N () C:\Program Files (x86)\XSManager\WTGSMSPCClient.Dll
2013-03-08 13:45 - 2010-04-28 18:00 - 00020136 ____N () C:\Program Files (x86)\XSManager\4GSystems_WTGSMSPCClientGer.dll
2013-03-08 13:45 - 2010-04-12 19:00 - 00024576 ____N () C:\Program Files (x86)\XSManager\WTGDriverInstallX.Dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\blondi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2255287641-1463189941-1607643083-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\grüner Drache\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 139.7.30.126 - 139.7.30.125
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{905F4104-15A7-4D87-8F4D-C0904D16C99C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{0AC8EB70-7811-48D3-8992-A57FD7F81FDA}] => (Allow) LPort=2869
FirewallRules: [{2B8B1129-6C37-4955-855E-690A3FFC1B04}] => (Allow) LPort=1900
FirewallRules: [{4219B779-A847-483E-885B-7A80D8EDA4F1}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{64AAA5E2-83B2-486F-A959-15E40BF50A00}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{4BF0D83C-D422-4657-8476-82FEE476FC3D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EB1E8427-3A0A-4D85-90DA-5F30AD654BFA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{60FE8B5F-B015-4094-B3E4-344917A75BF3}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{9E81D521-6130-4770-AAD9-AF174EDDC0AF}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/24/2015 12:30:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/24/2015 12:07:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/23/2015 02:01:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/23/2015 01:23:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/22/2015 10:12:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/21/2015 03:24:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/21/2015 11:55:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/21/2015 09:16:40 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/20/2015 10:19:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/20/2015 12:59:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


Systemfehler:
=============
Error: (09/24/2015 12:29:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Mobile Partner. OUC" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (09/24/2015 12:29:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Mobile Partner. OUC erreicht.

Error: (09/24/2015 12:06:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Mobile Partner. OUC" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (09/24/2015 12:06:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Mobile Partner. OUC erreicht.

Error: (09/23/2015 02:00:56 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst HPWMISVC erreicht.

Error: (09/23/2015 01:59:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Mobile Partner. OUC" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (09/23/2015 01:59:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Mobile Partner. OUC erreicht.

Error: (09/23/2015 01:23:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Mobile Partner. OUC" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (09/23/2015 01:23:08 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Mobile Partner. OUC erreicht.

Error: (09/22/2015 10:12:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Mobile Partner. OUC" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053


==================== Speicherinformationen ===========================

Prozessor: AMD E1-1200 APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 71%
Installierter physikalischer RAM: 1641.37 MB
Verfügbarer physikalischer RAM: 468.17 MB
Summe virtueller Speicher: 3282.73 MB
Verfügbarer virtueller Speicher: 911.4 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:277.83 GB) (Free:207.84 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive d: (Recovery) (Fixed) (Total:19.97 GB) (Free:2.14 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 6E474F7D)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=277.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=20 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== Ende von Addition.txt ============================

GMER

Code:

GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-09-24 16:23:04
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000065 TOSHIBA_ rev.GS00 298,09GB
Running: Gmer-19357.exe; Driver: C:\Users\blondi\AppData\Local\Temp\pxdcypog.sys


---- User code sections - GMER 2.1 ----

.text    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe[1640] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                      0000000075351401 2 bytes JMP 768eb20b C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe[1640] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                        0000000075351419 2 bytes JMP 768eb336 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe[1640] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                      0000000075351431 2 bytes JMP 76968f39 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe[1640] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                      000000007535144a 2 bytes CALL 768c4885 C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                  * 9
.text    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe[1640] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                          00000000753514dd 2 bytes JMP 76968832 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe[1640] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                  00000000753514f5 2 bytes JMP 76968a08 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe[1640] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                          000000007535150d 2 bytes JMP 76968728 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe[1640] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                  0000000075351525 2 bytes JMP 76968af2 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe[1640] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                        000000007535153d 2 bytes JMP 768dfc98 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe[1640] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                              0000000075351555 2 bytes JMP 768e68df C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe[1640] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                      000000007535156d 2 bytes JMP 76968ff1 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe[1640] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                        0000000075351585 2 bytes JMP 76968b52 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe[1640] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                            000000007535159d 2 bytes JMP 769686ec C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe[1640] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                        00000000753515b5 2 bytes JMP 768dfd31 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe[1640] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                      00000000753515cd 2 bytes JMP 768eb2cc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe[1640] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                  00000000753516b2 2 bytes JMP 76968eb4 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe[1640] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                  00000000753516bd 2 bytes JMP 76968681 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[4624] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                              0000000075351401 2 bytes JMP 768eb20b C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[4624] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                0000000075351419 2 bytes JMP 768eb336 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[4624] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                              0000000075351431 2 bytes JMP 76968f39 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[4624] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                              000000007535144a 2 bytes CALL 768c4885 C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                  * 9
.text    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[4624] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                00000000753514dd 2 bytes JMP 76968832 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[4624] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                          00000000753514f5 2 bytes JMP 76968a08 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[4624] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                000000007535150d 2 bytes JMP 76968728 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[4624] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                          0000000075351525 2 bytes JMP 76968af2 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[4624] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                000000007535153d 2 bytes JMP 768dfc98 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[4624] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                    0000000075351555 2 bytes JMP 768e68df C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[4624] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                              000000007535156d 2 bytes JMP 76968ff1 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[4624] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                0000000075351585 2 bytes JMP 76968b52 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[4624] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                  000000007535159d 2 bytes JMP 769686ec C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[4624] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                00000000753515b5 2 bytes JMP 768dfd31 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[4624] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                              00000000753515cd 2 bytes JMP 768eb2cc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[4624] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                          00000000753516b2 2 bytes JMP 76968eb4 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[4624] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                          00000000753516bd 2 bytes JMP 76968681 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Ask.com\Updater\Updater.exe[5236] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                    0000000075351401 2 bytes JMP 768eb20b C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Ask.com\Updater\Updater.exe[5236] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                      0000000075351419 2 bytes JMP 768eb336 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Ask.com\Updater\Updater.exe[5236] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                    0000000075351431 2 bytes JMP 76968f39 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Ask.com\Updater\Updater.exe[5236] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                    000000007535144a 2 bytes CALL 768c4885 C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                  * 9
.text    C:\Program Files (x86)\Ask.com\Updater\Updater.exe[5236] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                        00000000753514dd 2 bytes JMP 76968832 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Ask.com\Updater\Updater.exe[5236] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                00000000753514f5 2 bytes JMP 76968a08 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Ask.com\Updater\Updater.exe[5236] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                        000000007535150d 2 bytes JMP 76968728 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Ask.com\Updater\Updater.exe[5236] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                0000000075351525 2 bytes JMP 76968af2 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Ask.com\Updater\Updater.exe[5236] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                      000000007535153d 2 bytes JMP 768dfc98 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Ask.com\Updater\Updater.exe[5236] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                            0000000075351555 2 bytes JMP 768e68df C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Ask.com\Updater\Updater.exe[5236] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                    000000007535156d 2 bytes JMP 76968ff1 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Ask.com\Updater\Updater.exe[5236] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                      0000000075351585 2 bytes JMP 76968b52 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Ask.com\Updater\Updater.exe[5236] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                          000000007535159d 2 bytes JMP 769686ec C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Ask.com\Updater\Updater.exe[5236] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                      00000000753515b5 2 bytes JMP 768dfd31 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Ask.com\Updater\Updater.exe[5236] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                    00000000753515cd 2 bytes JMP 768eb2cc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Ask.com\Updater\Updater.exe[5236] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                00000000753516b2 2 bytes JMP 76968eb4 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Ask.com\Updater\Updater.exe[5236] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                00000000753516bd 2 bytes JMP 76968681 C:\Windows\syswow64\kernel32.dll
---- Processes - GMER 2.1 ----

Library  C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll (*** suspicious ***) @ C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe [2064](2014-02-01 11:54:47)        000000006fbc0000
Library  C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll (*** suspicious ***) @ C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe [2064](2014-02-01 11:54:47)  000000006e940000
Library  C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll (*** suspicious ***) @ C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe [2064](2014-02-01 11:54:47)        000000006a1c0000
Library  C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll (*** suspicious ***) @ C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe [2064](2014-02-01 11:54:48)      000000006ff00000
Library  C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll (*** suspicious ***) @ C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe [2064](2014-02-01 11:54:49)  000000006efc0000
Library  C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll (*** suspicious ***) @ C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe [2064](2014-02-01 11:54:48)          000000006ed40000

---- EOF - GMER 2.1 ----

Vielen Dank schonmal für eure Hilfe!

Grüße vom Orcrist

schrauber 24.09.2015 19:06

hi,

Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    Ask Toolbar

    Avira SearchFree Toolbar plus Web Protection Updater (HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.5.42066 - Ask.com) <==== ACHTUNG

    Avira SearchFree Toolbar plus Web Protection Updater (HKU\S-1-5-21-2255287641-1463189941-1607643083-1003\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.5.42066 - Ask.com) <==== ACHTUNG


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 





Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Orcrist 27.09.2015 10:03

Hi schrauber,

danke, dass du dich meinem Problem annimmst!
Ich habe es leider nicht früher geschafft zu antworten.
Beim Revo uninstaller konnte ich 2 der von dir aufgeführten Programme nicht entfernen, da sie in der Liste gar nicht auftauchten. (Die ASK Toolbar und eins der Avira Search Toolbar)

Malwarebytes Anti Rootkit log:

Code:

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2015.09.25.04
  rootkit: v2015.09.22.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18015
blondi :: BLONDI-HP [administrator]

25.09.2015 20:38:34
mbar-log-2015-09-25 (20-38-34).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 446455
Time elapsed: 51 minute(s), 35 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

TDSSKiller log:

Code:

10:24:02.0091 0x1770  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
10:24:09.0470 0x1770  ============================================================
10:24:09.0470 0x1770  Current date / time: 2015/09/27 10:24:09.0470
10:24:09.0470 0x1770  SystemInfo:
10:24:09.0470 0x1770 
10:24:09.0470 0x1770  OS Version: 6.1.7601 ServicePack: 1.0
10:24:09.0470 0x1770  Product type: Workstation
10:24:09.0470 0x1770  ComputerName: BLONDI-HP
10:24:09.0486 0x1770  UserName: blondi
10:24:09.0486 0x1770  Windows directory: C:\Windows
10:24:09.0486 0x1770  System windows directory: C:\Windows
10:24:09.0486 0x1770  Running under WOW64
10:24:09.0486 0x1770  Processor architecture: Intel x64
10:24:09.0486 0x1770  Number of processors: 2
10:24:09.0486 0x1770  Page size: 0x1000
10:24:09.0486 0x1770  Boot type: Normal boot
10:24:09.0486 0x1770  ============================================================
10:24:12.0668 0x1770  KLMD registered as C:\Windows\system32\drivers\14901097.sys
10:24:14.0868 0x1770  System UUID: {09D38C9A-8D29-2B3A-3AE3-36E4A2A316B5}
10:24:17.0504 0x1770  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:24:17.0551 0x1770  ============================================================
10:24:17.0551 0x1770  \Device\Harddisk0\DR0:
10:24:17.0566 0x1770  MBR partitions:
10:24:17.0566 0x1770  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
10:24:17.0566 0x1770  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x22BA7800
10:24:17.0566 0x1770  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x22C0B800, BlocksNum 0x27EF000
10:24:17.0566 0x1770  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33800
10:24:17.0566 0x1770  ============================================================
10:24:17.0582 0x1770  C: <-> \Device\Harddisk0\DR0\Partition2
10:24:17.0691 0x1770  D: <-> \Device\Harddisk0\DR0\Partition3
10:24:17.0691 0x1770  ============================================================
10:24:17.0691 0x1770  Initialize success
10:24:17.0691 0x1770  ============================================================
10:25:17.0798 0x0f84  ============================================================
10:25:17.0798 0x0f84  Scan started
10:25:17.0798 0x0f84  Mode: Manual; SigCheck; TDLFS;
10:25:17.0798 0x0f84  ============================================================
10:25:17.0798 0x0f84  KSN ping started
10:25:20.0965 0x0f84  KSN ping finished: true
10:25:24.0210 0x0f84  ================ Scan system memory ========================
10:25:24.0210 0x0f84  System memory - ok
10:25:24.0210 0x0f84  ================ Scan services =============================
10:25:26.0035 0x0f84  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
10:25:27.0033 0x0f84  1394ohci - ok
10:25:27.0907 0x0f84  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
10:25:27.0985 0x0f84  ACPI - ok
10:25:28.0110 0x0f84  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi        C:\Windows\system32\drivers\acpipmi.sys
10:25:28.0406 0x0f84  AcpiPmi - ok
10:25:28.0796 0x0f84  [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:25:28.0921 0x0f84  AdobeARMservice - ok
10:25:30.0044 0x0f84  [ C6D147C12C424373B016C0AB0A6C61EB, 043D44F3C942CFC3558E782938C26849BF648A58A7AA62C4A526E37DE4136C27 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:25:30.0185 0x0f84  AdobeFlashPlayerUpdateSvc - ok
10:25:30.0341 0x0f84  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx        C:\Windows\system32\drivers\adp94xx.sys
10:25:30.0419 0x0f84  adp94xx - ok
10:25:30.0668 0x0f84  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci        C:\Windows\system32\drivers\adpahci.sys
10:25:30.0731 0x0f84  adpahci - ok
10:25:30.0887 0x0f84  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320        C:\Windows\system32\drivers\adpu320.sys
10:25:30.0918 0x0f84  adpu320 - ok
10:25:30.0996 0x0f84  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
10:25:31.0308 0x0f84  AeLookupSvc - ok
10:25:32.0540 0x0f84  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters    C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
10:25:32.0993 0x0f84  AERTFilters - ok
10:25:33.0414 0x0f84  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD            C:\Windows\system32\drivers\afd.sys
10:25:33.0539 0x0f84  AFD - ok
10:25:33.0710 0x0f84  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
10:25:33.0773 0x0f84  agp440 - ok
10:25:33.0866 0x0f84  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG            C:\Windows\System32\alg.exe
10:25:34.0131 0x0f84  ALG - ok
10:25:34.0272 0x0f84  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:25:34.0319 0x0f84  aliide - ok
10:25:34.0459 0x0f84  [ 962227630779043B5C1D4CD157ABB912, AAEB8F7C0D987206CE0C6293F7468880FF79876AE497DDA0785C13BDB4B91998 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:25:34.0880 0x0f84  AMD External Events Utility - ok
10:25:35.0395 0x0f84  AMD FUEL Service - ok
10:25:35.0723 0x0f84  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
10:25:35.0832 0x0f84  amdide - ok
10:25:35.0972 0x0f84  [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64        C:\Windows\system32\drivers\amdiox64.sys
10:25:36.0191 0x0f84  amdiox64 - ok
10:25:36.0393 0x0f84  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8          C:\Windows\system32\drivers\amdk8.sys
10:25:36.0565 0x0f84  AmdK8 - ok
10:25:37.0953 0x0f84  [ 56D6631761EC37745F0DF16BCDC4CAF4, CA144875715959227B324B0EA92344198FEE07FCC74F4B6A577FF09F525C4DC7 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
10:25:38.0999 0x0f84  amdkmdag - ok
10:25:39.0108 0x0f84  [ 2D9005EA0BFD25C740E53C8DD3C069E0, 5FF02EE7EFCAB12D4FFDF20E77D9E1713D45D001FB231D866F4BAEBA848B4274 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
10:25:39.0217 0x0f84  amdkmdap - ok
10:25:39.0311 0x0f84  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
10:25:39.0404 0x0f84  AmdPPM - ok
10:25:39.0560 0x0f84  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata        C:\Windows\system32\drivers\amdsata.sys
10:25:39.0623 0x0f84  amdsata - ok
10:25:39.0779 0x0f84  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
10:25:39.0872 0x0f84  amdsbs - ok
10:25:39.0966 0x0f84  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata        C:\Windows\system32\drivers\amdxata.sys
10:25:39.0997 0x0f84  amdxata - ok
10:25:40.0059 0x0f84  [ A1434F35B7B171CB697D74D33F7D029F, 97688D8C388066D02036DEF388AD7D8BE55DB268185CECE88128195D87422496 ] amd_sata        C:\Windows\system32\drivers\amd_sata.sys
10:25:40.0122 0x0f84  amd_sata - ok
10:25:40.0184 0x0f84  [ E9B5A82FA268BB2D1B012030D5F4E096, 9EBE4DD2B86EE62D5E47ED85FC6271FE66A5A564227C7C8B7A576FD54A2CFACB ] amd_xata        C:\Windows\system32\drivers\amd_xata.sys
10:25:40.0262 0x0f84  amd_xata - ok
10:25:40.0730 0x0f84  [ 9FE1AC875A7AD7B7FF28FEC8B754968D, EEE04D4073E49332C85028B62E8A035EAA2284526A3F3820133492C8F8CBA3D5 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
10:25:40.0949 0x0f84  AntiVirMailService - ok
10:25:41.0105 0x0f84  [ E20B4F23EB153635D67944F63454EC84, FEE76A74767CDB33415C64F08AE1FF248F505AF22C1F1BA1EBB5CC6A75E3926F ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
10:25:41.0245 0x0f84  AntiVirSchedulerService - ok
10:25:41.0448 0x0f84  [ E20B4F23EB153635D67944F63454EC84, FEE76A74767CDB33415C64F08AE1FF248F505AF22C1F1BA1EBB5CC6A75E3926F ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
10:25:41.0541 0x0f84  AntiVirService - ok
10:25:41.0807 0x0f84  [ D9A8EE3F4A1E604B9315B34A5AA4569E, 287BA8FA1949646E03D39F36F50C016251358A8A454EE19D249E76A723F1455E ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
10:25:41.0978 0x0f84  AntiVirWebService - ok
10:25:42.0087 0x0f84  [ 0E2BA6DC63E9CF3BF275856735A3E3BE, D71A0CDF83CA21105D6617ADB9D2E9D2679BC7C00FEC870C5A854EA196D72F5A ] AODDriver4.1    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
10:25:42.0150 0x0f84  AODDriver4.1 - ok
10:25:42.0368 0x0f84  [ A0711D119BA4B48A1470C768D301013E, 536366F809125D2C2171597C8C2CB3271BE5C6B373152112E0D970749776E00A ] AppID          C:\Windows\system32\drivers\appid.sys
10:25:42.0540 0x0f84  AppID - ok
10:25:42.0602 0x0f84  [ 173C90AF5B243B4DD86F95CA154CB58A, 349F566DADC96B31FDC34C4F26545FB880844DBF84E5821AA0D0CAA91FB837E1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
10:25:42.0774 0x0f84  AppIDSvc - ok
10:25:42.0867 0x0f84  [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo        C:\Windows\System32\appinfo.dll
10:25:42.0992 0x0f84  Appinfo - ok
10:25:43.0164 0x0f84  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc            C:\Windows\system32\drivers\arc.sys
10:25:43.0211 0x0f84  arc - ok
10:25:43.0304 0x0f84  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
10:25:43.0335 0x0f84  arcsas - ok
10:25:43.0710 0x0f84  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:25:43.0897 0x0f84  aspnet_state - ok
10:25:43.0913 0x0f84  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:25:44.0552 0x0f84  AsyncMac - ok
10:25:44.0615 0x0f84  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi          C:\Windows\system32\drivers\atapi.sys
10:25:44.0646 0x0f84  atapi - ok
10:25:44.0880 0x0f84  [ 881AF14AD2F1207672873B65ACA6C92F, F91FECE09F1555DFADF8BF1FFE09FE7FD7D87A0BF94439B2FAA070FC7C0CB8EC ] athr            C:\Windows\system32\DRIVERS\athrx.sys
10:25:45.0379 0x0f84  athr - ok
10:25:45.0473 0x0f84  [ 2B3B05C0A7768BF033217EB8F33F9C35, F7B13158440CAE46EC93F29BA47A960194A5A2AD71B5BF628AF4661CEE096402 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
10:25:45.0504 0x0f84  AtiHDAudioService - ok
10:25:45.0597 0x0f84  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:25:45.0816 0x0f84  AudioEndpointBuilder - ok
10:25:45.0894 0x0f84  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
10:25:45.0956 0x0f84  AudioSrv - ok
10:25:46.0065 0x0f84  [ 24843902369DC82B4691F816F08F2938, 330E22C6007B10FE9C232BBCA2F388ADA17DEDBAA11BEC2A70377A4466DFB6FA ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
10:25:46.0190 0x0f84  avgntflt - ok
10:25:46.0393 0x0f84  [ 043E5F34C3878C844568658B79B3E55C, D13D8FC5205562E02F252C0EE1AB2236C9212445D6EC3715041EBDF993CB467F ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
10:25:46.0455 0x0f84  avipbb - ok
10:25:46.0799 0x0f84  [ 24680B56D862F1DE30C13FC64B80F568, 4B30EB73369691B915F5615E1BF6C95B070E184BC42BCC505C94410014A04EB3 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
10:25:46.0861 0x0f84  Avira.ServiceHost - ok
10:25:46.0955 0x0f84  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
10:25:47.0017 0x0f84  avkmgr - ok
10:25:47.0189 0x0f84  [ 13253E5E3B6BDF945B63B336A8C9489B, 671C716E43F89D4BDDAA2BE045CDEBBB569C85BC2BA334E1F550187B79A7740D ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
10:25:47.0251 0x0f84  avnetflt - ok
10:25:47.0345 0x0f84  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
10:25:47.0672 0x0f84  AxInstSV - ok
10:25:47.0859 0x0f84  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv        C:\Windows\system32\drivers\bxvbda.sys
10:25:48.0078 0x0f84  b06bdrv - ok
10:25:48.0218 0x0f84  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
10:25:48.0421 0x0f84  b57nd60a - ok
10:25:48.0655 0x0f84  [ 9E84A931DBEE0292E38ED672F6293A99, 2945EAF0AC091709E0C5508B45EC343EDE507AC2B08A2D7D64F286D38424CBC4 ] BCM43XX        C:\Windows\system32\DRIVERS\bcmwl664.sys
10:25:48.0920 0x0f84  BCM43XX - ok
10:25:48.0998 0x0f84  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
10:25:49.0170 0x0f84  BDESVC - ok
10:25:49.0232 0x0f84  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:25:49.0388 0x0f84  Beep - ok
10:25:49.0529 0x0f84  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE            C:\Windows\System32\bfe.dll
10:25:49.0809 0x0f84  BFE - ok
10:25:49.0981 0x0f84  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
10:25:51.0167 0x0f84  BITS - ok
10:25:51.0260 0x0f84  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
10:25:51.0307 0x0f84  blbdrive - ok
10:25:51.0385 0x0f84  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:25:51.0557 0x0f84  bowser - ok
10:25:51.0619 0x0f84  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
10:25:51.0666 0x0f84  BrFiltLo - ok
10:25:51.0713 0x0f84  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
10:25:51.0806 0x0f84  BrFiltUp - ok
10:25:51.0869 0x0f84  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser        C:\Windows\System32\browser.dll
10:25:52.0025 0x0f84  Browser - ok
10:25:52.0134 0x0f84  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid        C:\Windows\System32\Drivers\Brserid.sys
10:25:52.0227 0x0f84  Brserid - ok
10:25:52.0274 0x0f84  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
10:25:52.0337 0x0f84  BrSerWdm - ok
10:25:52.0415 0x0f84  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
10:25:52.0477 0x0f84  BrUsbMdm - ok
10:25:52.0524 0x0f84  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
10:25:52.0571 0x0f84  BrUsbSer - ok
10:25:52.0602 0x0f84  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
10:25:52.0680 0x0f84  BTHMODEM - ok
10:25:52.0742 0x0f84  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv        C:\Windows\system32\bthserv.dll
10:25:52.0883 0x0f84  bthserv - ok
10:25:52.0929 0x0f84  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:25:53.0039 0x0f84  cdfs - ok
10:25:53.0101 0x0f84  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom          C:\Windows\system32\DRIVERS\cdrom.sys
10:25:53.0163 0x0f84  cdrom - ok
10:25:53.0226 0x0f84  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc    C:\Windows\System32\certprop.dll
10:25:53.0335 0x0f84  CertPropSvc - ok
10:25:53.0444 0x0f84  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
10:25:53.0553 0x0f84  circlass - ok
10:25:53.0631 0x0f84  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
10:25:53.0678 0x0f84  CLFS - ok
10:25:53.0787 0x0f84  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:25:53.0819 0x0f84  clr_optimization_v2.0.50727_32 - ok
10:25:53.0865 0x0f84  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:25:53.0912 0x0f84  clr_optimization_v2.0.50727_64 - ok
10:25:54.0037 0x0f84  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:25:54.0318 0x0f84  clr_optimization_v4.0.30319_32 - ok
10:25:54.0380 0x0f84  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:25:54.0723 0x0f84  clr_optimization_v4.0.30319_64 - ok
10:25:54.0833 0x0f84  [ 50F92C943F18B070F166D019DFAB3D9A, A997EAFFC1598B1D0A9E1A4475F25418CA8AA6B703B53A71B1AF028E247C9950 ] clwvd          C:\Windows\system32\DRIVERS\clwvd.sys
10:25:54.0864 0x0f84  clwvd - ok
10:25:54.0911 0x0f84  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
10:25:54.0989 0x0f84  CmBatt - ok
10:25:55.0035 0x0f84  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:25:55.0067 0x0f84  cmdide - ok
10:25:55.0145 0x0f84  [ 2B3B8CBEA1BA1BCE5700607FBDB31034, 39F12CE67E1789C96326297B9431830C83CBF5CA5B6B7D7BCC0666776980FBE2 ] cmnsusbser      C:\Windows\system32\DRIVERS\cmnsusbser.sys
10:25:55.0285 0x0f84  cmnsusbser - ok
10:25:55.0441 0x0f84  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG            C:\Windows\system32\Drivers\cng.sys
10:25:55.0535 0x0f84  CNG - ok
10:25:55.0659 0x0f84  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
10:25:55.0691 0x0f84  Compbatt - ok
10:25:55.0784 0x0f84  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
10:25:55.0847 0x0f84  CompositeBus - ok
10:25:55.0893 0x0f84  COMSysApp - ok
10:25:55.0940 0x0f84  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk        C:\Windows\system32\drivers\crcdisk.sys
10:25:55.0987 0x0f84  crcdisk - ok
10:25:56.0081 0x0f84  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:25:56.0252 0x0f84  CryptSvc - ok
10:25:56.0361 0x0f84  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:25:56.0486 0x0f84  DcomLaunch - ok
10:25:56.0595 0x0f84  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc      C:\Windows\System32\defragsvc.dll
10:25:56.0814 0x0f84  defragsvc - ok
10:25:56.0861 0x0f84  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:25:57.0032 0x0f84  DfsC - ok
10:25:57.0126 0x0f84  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
10:25:57.0313 0x0f84  Dhcp - ok
10:25:57.0625 0x0f84  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack      C:\Windows\system32\diagtrack.dll
10:25:57.0843 0x0f84  DiagTrack - ok
10:25:57.0890 0x0f84  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
10:25:57.0968 0x0f84  discache - ok
10:25:58.0046 0x0f84  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
10:25:58.0077 0x0f84  Disk - ok
10:25:58.0140 0x0f84  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:25:58.0233 0x0f84  Dnscache - ok
10:25:58.0327 0x0f84  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc        C:\Windows\System32\dot3svc.dll
10:25:58.0436 0x0f84  dot3svc - ok
10:25:58.0530 0x0f84  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS            C:\Windows\system32\dps.dll
10:25:58.0639 0x0f84  DPS - ok
10:25:58.0748 0x0f84  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
10:25:58.0826 0x0f84  drmkaud - ok
10:25:58.0951 0x0f84  [ F59E2FE2687A5C30598F9099F318EB73, 80A0B1CC758BD3C4AEAB8E5804120D8A145F918B527F41DEF02A0E4EBE170F37 ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
10:25:59.0091 0x0f84  DXGKrnl - ok
10:25:59.0201 0x0f84  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost        C:\Windows\System32\eapsvc.dll
10:25:59.0325 0x0f84  EapHost - ok
10:25:59.0622 0x0f84  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv          C:\Windows\system32\drivers\evbda.sys
10:26:00.0105 0x0f84  ebdrv - ok
10:26:00.0168 0x0f84  [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] EFS            C:\Windows\System32\lsass.exe
10:26:00.0246 0x0f84  EFS - ok
10:26:00.0589 0x0f84  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
10:26:00.0745 0x0f84  ehRecvr - ok
10:26:00.0807 0x0f84  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched        C:\Windows\ehome\ehsched.exe
10:26:00.0839 0x0f84  ehSched - ok
10:26:01.0104 0x0f84  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor        C:\Windows\system32\drivers\elxstor.sys
10:26:01.0213 0x0f84  elxstor - ok
10:26:01.0244 0x0f84  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
10:26:01.0307 0x0f84  ErrDev - ok
10:26:01.0494 0x0f84  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem    C:\Windows\system32\es.dll
10:26:01.0619 0x0f84  EventSystem - ok
10:26:01.0775 0x0f84  [ 334C907536E815E56CD13108A6D5FB9D, 0CEA0A330607B44A4CF0F0D5C92E91C7E2157404410F651CC4F8BA14A74523AE ] ewusbmbb        C:\Windows\system32\DRIVERS\ewusbwwan.sys
10:26:01.0899 0x0f84  ewusbmbb - ok
10:26:02.0009 0x0f84  [ 86F7951BBCEE4A86E79A97306BD14318, 84B52A0392DA53ED71A2C4D483DD93DDF552BF8AC764C7BD47BE0EB58C7C8219 ] ew_hwusbdev    C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
10:26:02.0211 0x0f84  ew_hwusbdev - ok
10:26:02.0258 0x0f84  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat          C:\Windows\system32\drivers\exfat.sys
10:26:02.0617 0x0f84  exfat - ok
10:26:02.0898 0x0f84  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat        C:\Windows\system32\drivers\fastfat.sys
10:26:03.0116 0x0f84  fastfat - ok
10:26:03.0288 0x0f84  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax            C:\Windows\system32\fxssvc.exe
10:26:03.0491 0x0f84  Fax - ok
10:26:03.0537 0x0f84  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc            C:\Windows\system32\drivers\fdc.sys
10:26:03.0647 0x0f84  fdc - ok
10:26:03.0725 0x0f84  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost        C:\Windows\system32\fdPHost.dll
10:26:03.0896 0x0f84  fdPHost - ok
10:26:03.0943 0x0f84  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:26:04.0083 0x0f84  FDResPub - ok
10:26:04.0161 0x0f84  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:26:04.0255 0x0f84  FileInfo - ok
10:26:04.0302 0x0f84  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
10:26:04.0458 0x0f84  Filetrace - ok
10:26:04.0505 0x0f84  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
10:26:04.0551 0x0f84  flpydisk - ok
10:26:04.0598 0x0f84  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:26:04.0661 0x0f84  FltMgr - ok
10:26:04.0817 0x0f84  [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache      C:\Windows\system32\FntCache.dll
10:26:05.0066 0x0f84  FontCache - ok
10:26:05.0160 0x0f84  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:26:05.0191 0x0f84  FontCache3.0.0.0 - ok
10:26:05.0238 0x0f84  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
10:26:05.0285 0x0f84  FsDepends - ok
10:26:05.0316 0x0f84  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:26:05.0378 0x0f84  Fs_Rec - ok
10:26:05.0503 0x0f84  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
10:26:05.0565 0x0f84  fvevol - ok
10:26:05.0690 0x0f84  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
10:26:05.0721 0x0f84  gagp30kx - ok
10:26:05.0893 0x0f84  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
10:26:05.0940 0x0f84  GamesAppService - ok
10:26:06.0080 0x0f84  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc          C:\Windows\System32\gpsvc.dll
10:26:06.0221 0x0f84  gpsvc - ok
10:26:06.0299 0x0f84  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
10:26:06.0408 0x0f84  hcw85cir - ok
10:26:06.0548 0x0f84  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:26:06.0611 0x0f84  HdAudAddService - ok
10:26:06.0689 0x0f84  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
10:26:06.0782 0x0f84  HDAudBus - ok
10:26:06.0829 0x0f84  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt        C:\Windows\system32\drivers\HidBatt.sys
10:26:06.0876 0x0f84  HidBatt - ok
10:26:06.0923 0x0f84  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
10:26:06.0985 0x0f84  HidBth - ok
10:26:07.0079 0x0f84  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr          C:\Windows\system32\drivers\hidir.sys
10:26:07.0157 0x0f84  HidIr - ok
10:26:07.0235 0x0f84  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv        C:\Windows\system32\hidserv.dll
10:26:07.0328 0x0f84  hidserv - ok
10:26:07.0469 0x0f84  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
10:26:07.0562 0x0f84  HidUsb - ok
10:26:07.0609 0x0f84  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:26:07.0718 0x0f84  hkmsvc - ok
10:26:07.0796 0x0f84  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:26:07.0874 0x0f84  HomeGroupListener - ok
10:26:07.0952 0x0f84  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:26:08.0046 0x0f84  HomeGroupProvider - ok
10:26:08.0217 0x0f84  [ 77E81E788CC63E65272A7D247F441505, EA57947495A6FD5B6FCC06AD396AEEEEE44AA5EB924B1A4D71C81B1265120F7B ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
10:26:08.0264 0x0f84  HP Support Assistant Service - ok
10:26:08.0483 0x0f84  [ 9B7EDD3FE7C211C36E921D34D18A3A0A, 03A450F85A042F9668D1560FA2B8B89783568C87CDB1A8685CDA2AC9FE3761C3 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
10:26:08.0592 0x0f84  hpqwmiex - ok
10:26:08.0685 0x0f84  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
10:26:08.0732 0x0f84  HpSAMD - ok
10:26:08.0935 0x0f84  [ 2BEC76BDCD1BC080210325E7B5094834, 9CD9DF5C974C20F38423B07063A4F44E533B3B4EF39E01AC701C04BFC5F3EC53 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
10:26:08.0951 0x0f84  HPWMISVC - ok
10:26:09.0060 0x0f84  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:26:09.0372 0x0f84  HTTP - ok
10:26:09.0465 0x0f84  [ 1642C62F1FD5E1FF44608283994A7BB8, 4646AA0EF74A2AEE6C17D12206FCFE1E84D6FA712AD95A171F16D11BC9D3F11A ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
10:26:09.0606 0x0f84  huawei_enumerator - ok
10:26:09.0653 0x0f84  [ 4B80AF36EE9F31361C1DCB2EE563719A, 6729ABDFBADA03DF0EBC71B4A898951B797B9640E718D42B9669A0396F1BE730 ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
10:26:09.0933 0x0f84  hwdatacard - ok
10:26:10.0511 0x0f84  [ E90DA42B87D684DEBFB73B38A718A006, BB18C63C1982F5CB99C9B65D2B801E8C1909AD7CD0171326DC0015D6B781B451 ] HWDeviceService64.exe C:\ProgramData\DatacardService\HWDeviceService64.exe
10:26:10.0589 0x0f84  HWDeviceService64.exe - ok
10:26:10.0682 0x0f84  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
10:26:10.0745 0x0f84  hwpolicy - ok
10:26:10.0869 0x0f84  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
10:26:10.0932 0x0f84  i8042prt - ok
10:26:11.0072 0x0f84  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
10:26:11.0166 0x0f84  iaStorV - ok
10:26:11.0337 0x0f84  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc          C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:26:11.0540 0x0f84  idsvc - ok
10:26:11.0665 0x0f84  IEEtwCollectorService - ok
10:26:11.0774 0x0f84  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp          C:\Windows\system32\drivers\iirsp.sys
10:26:11.0868 0x0f84  iirsp - ok
10:26:11.0993 0x0f84  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
10:26:12.0149 0x0f84  IKEEXT - ok
10:26:12.0710 0x0f84  [ 112A84BD9A31C59826AC2979D451F0DA, 9E4CE51FEC5099F5771869048AB69AD7827F17EB1DD1311EA4654341BB3482E4 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:26:13.0209 0x0f84  IntcAzAudAddService - ok
10:26:13.0428 0x0f84  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
10:26:13.0568 0x0f84  intelide - ok
10:26:13.0677 0x0f84  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
10:26:13.0802 0x0f84  intelppm - ok
10:26:13.0865 0x0f84  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
10:26:13.0989 0x0f84  IPBusEnum - ok
10:26:14.0052 0x0f84  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:26:14.0239 0x0f84  IpFilterDriver - ok
10:26:14.0645 0x0f84  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:26:15.0816 0x0f84  iphlpsvc - ok
10:26:16.0518 0x0f84  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV        C:\Windows\system32\drivers\IPMIDrv.sys
10:26:18.0015 0x0f84  IPMIDRV - ok
10:26:19.0138 0x0f84  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
10:26:20.0480 0x0f84  IPNAT - ok
10:26:20.0917 0x0f84  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:26:21.0728 0x0f84  IRENUM - ok
10:26:21.0931 0x0f84  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:26:22.0009 0x0f84  isapnp - ok
10:26:22.0165 0x0f84  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
10:26:22.0227 0x0f84  iScsiPrt - ok
10:26:22.0414 0x0f84  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
10:26:22.0492 0x0f84  kbdclass - ok
10:26:22.0570 0x0f84  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
10:26:22.0617 0x0f84  kbdhid - ok
10:26:22.0804 0x0f84  [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] KeyIso          C:\Windows\system32\lsass.exe
10:26:22.0882 0x0f84  KeyIso - ok
10:26:22.0960 0x0f84  [ A405647429DE231CD954D93F792CFBA2, EDE6095A20FE10EB26B3018457A44807A120508E6C514F2EAC12F5BA1F74841E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:26:23.0101 0x0f84  KSecDD - ok
10:26:23.0194 0x0f84  [ E4DC0909B5EACB5BF50F6252095BCFF2, 18779648B7FD9D3DFFD8F314E2197962DF98884CC9F025BC5D884984C1C0759D ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
10:26:23.0366 0x0f84  KSecPkg - ok
10:26:23.0428 0x0f84  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
10:26:23.0616 0x0f84  ksthunk - ok
10:26:23.0787 0x0f84  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm          C:\Windows\system32\msdtckrm.dll
10:26:23.0912 0x0f84  KtmRm - ok
10:26:24.0021 0x0f84  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
10:26:24.0130 0x0f84  LanmanServer - ok
10:26:24.0224 0x0f84  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:26:24.0364 0x0f84  LanmanWorkstation - ok
10:26:24.0458 0x0f84  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:26:24.0567 0x0f84  lltdio - ok
10:26:24.0630 0x0f84  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc        C:\Windows\System32\lltdsvc.dll
10:26:24.0786 0x0f84  lltdsvc - ok
10:26:24.0832 0x0f84  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts        C:\Windows\System32\lmhsvc.dll
10:26:24.0942 0x0f84  lmhosts - ok
10:26:25.0035 0x0f84  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
10:26:25.0066 0x0f84  LSI_FC - ok
10:26:25.0129 0x0f84  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS        C:\Windows\system32\drivers\lsi_sas.sys
10:26:25.0176 0x0f84  LSI_SAS - ok
10:26:25.0269 0x0f84  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
10:26:25.0300 0x0f84  LSI_SAS2 - ok
10:26:25.0441 0x0f84  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
10:26:25.0488 0x0f84  LSI_SCSI - ok
10:26:25.0519 0x0f84  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv          C:\Windows\system32\drivers\luafv.sys
10:26:25.0628 0x0f84  luafv - ok
10:26:25.0753 0x0f84  [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector  C:\Windows\system32\drivers\mbam.sys
10:26:25.0784 0x0f84  MBAMProtector - ok
10:26:26.0143 0x0f84  [ 301E3FDFCF33640BB8763BA444BC5093, 362B069BB9A313A06B376CE27E6F7F8D569F6CA39A8ABC96D9DF231EE462C604 ] MBAMScheduler  C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
10:26:26.0314 0x0f84  MBAMScheduler - ok
10:26:26.0486 0x0f84  [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
10:26:26.0595 0x0f84  MBAMService - ok
10:26:26.0689 0x0f84  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy  C:\Windows\system32\drivers\MBAMSwissArmy.sys
10:26:26.0736 0x0f84  MBAMSwissArmy - ok
10:26:26.0860 0x0f84  [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
10:26:26.0892 0x0f84  MBAMWebAccessControl - ok
10:26:26.0954 0x0f84  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
10:26:27.0094 0x0f84  Mcx2Svc - ok
10:26:27.0141 0x0f84  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas        C:\Windows\system32\drivers\megasas.sys
10:26:27.0172 0x0f84  megasas - ok
10:26:27.0297 0x0f84  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
10:26:27.0328 0x0f84  MegaSR - ok
10:26:27.0422 0x0f84  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS          C:\Windows\system32\mmcss.dll
10:26:27.0531 0x0f84  MMCSS - ok
10:26:27.0750 0x0f84  [ 1CE0621B591913C12BECAA5B50E88BB2, 115068C57570140C9389BD923A4E68236ACEBB4F733DA09D05AEEDAD7317AB46 ] Mobile Partner. RunOuc C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe
10:26:27.0781 0x0f84  Mobile Partner. RunOuc - ok
10:26:27.0828 0x0f84  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem          C:\Windows\system32\drivers\modem.sys
10:26:27.0921 0x0f84  Modem - ok
10:26:28.0015 0x0f84  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
10:26:28.0249 0x0f84  monitor - ok
10:26:28.0358 0x0f84  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
10:26:28.0405 0x0f84  mouclass - ok
10:26:28.0498 0x0f84  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\drivers\mouhid.sys
10:26:28.0576 0x0f84  mouhid - ok
10:26:28.0670 0x0f84  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
10:26:28.0717 0x0f84  mountmgr - ok
10:26:28.0935 0x0f84  [ CC11EEB7AF4617D65DF0E9A21FC1ABD0, A683A5FB26E1B9FB4EEB40A9C7186F8433E3FB0A45848DF6102EF07B4DC75AC8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:26:28.0966 0x0f84  MozillaMaintenance - ok
10:26:29.0029 0x0f84  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:26:29.0076 0x0f84  mpio - ok
10:26:29.0122 0x0f84  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:26:29.0200 0x0f84  mpsdrv - ok
10:26:29.0310 0x0f84  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:26:29.0481 0x0f84  MpsSvc - ok
10:26:29.0544 0x0f84  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:26:29.0715 0x0f84  MRxDAV - ok
10:26:29.0778 0x0f84  [ 43E1F4B0EFDC244D2A83995CCD7846F7, B8FB3CB6C736E20399AF3164197B14E977DDEC8FD164564501A328A8A3A30267 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:26:29.0980 0x0f84  mrxsmb - ok
10:26:30.0090 0x0f84  [ 62CEA59FF56B66154E08BD51D87392C2, 5DC63583E417659139FACD2365C2F8F3C9867E331F7374BD4F6C6E2386B5F746 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:26:30.0214 0x0f84  mrxsmb10 - ok
10:26:30.0277 0x0f84  [ 7D65B5E9573A26C204AA547457DBF544, CE88A733D031DEDBA6ADADB7D9911B3D151A2DDB566A65E0C9E1F07B1A4364AF ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:26:30.0386 0x0f84  mrxsmb20 - ok
10:26:30.0433 0x0f84  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
10:26:30.0448 0x0f84  msahci - ok
10:26:30.0511 0x0f84  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
10:26:30.0558 0x0f84  msdsm - ok
10:26:30.0589 0x0f84  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC          C:\Windows\System32\msdtc.exe
10:26:30.0698 0x0f84  MSDTC - ok
10:26:30.0760 0x0f84  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:26:30.0948 0x0f84  Msfs - ok
10:26:30.0994 0x0f84  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
10:26:31.0104 0x0f84  mshidkmdf - ok
10:26:31.0182 0x0f84  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:26:31.0228 0x0f84  msisadrv - ok
10:26:31.0291 0x0f84  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
10:26:31.0400 0x0f84  MSiSCSI - ok
10:26:31.0416 0x0f84  msiserver - ok
10:26:31.0509 0x0f84  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
10:26:31.0650 0x0f84  MSKSSRV - ok
10:26:31.0696 0x0f84  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:26:31.0806 0x0f84  MSPCLOCK - ok
10:26:31.0899 0x0f84  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
10:26:32.0040 0x0f84  MSPQM - ok
10:26:32.0133 0x0f84  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
10:26:32.0196 0x0f84  MsRPC - ok
10:26:32.0305 0x0f84  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
10:26:32.0336 0x0f84  mssmbios - ok
10:26:32.0398 0x0f84  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
10:26:32.0492 0x0f84  MSTEE - ok
10:26:32.0554 0x0f84  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
10:26:32.0695 0x0f84  MTConfig - ok
10:26:32.0757 0x0f84  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup            C:\Windows\system32\Drivers\mup.sys
10:26:32.0804 0x0f84  Mup - ok
10:26:32.0945 0x0f84  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
10:26:33.0086 0x0f84  napagent - ok
10:26:33.0304 0x0f84  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
10:26:33.0398 0x0f84  NativeWifiP - ok
10:26:33.0616 0x0f84  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:26:33.0757 0x0f84  NDIS - ok
10:26:33.0835 0x0f84  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
10:26:33.0928 0x0f84  NdisCap - ok
10:26:34.0006 0x0f84  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:26:34.0115 0x0f84  NdisTapi - ok
10:26:34.0178 0x0f84  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
10:26:34.0303 0x0f84  Ndisuio - ok
10:26:34.0381 0x0f84  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
10:26:34.0505 0x0f84  NdisWan - ok
10:26:34.0552 0x0f84  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
10:26:34.0646 0x0f84  NDProxy - ok
10:26:34.0724 0x0f84  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
10:26:34.0864 0x0f84  NetBIOS - ok
10:26:35.0036 0x0f84  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
10:26:35.0176 0x0f84  NetBT - ok
10:26:35.0223 0x0f84  [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] Netlogon        C:\Windows\system32\lsass.exe
10:26:35.0254 0x0f84  Netlogon - ok
10:26:35.0348 0x0f84  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
10:26:35.0473 0x0f84  Netman - ok
10:26:35.0582 0x0f84  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:26:35.0909 0x0f84  NetMsmqActivator - ok
10:26:35.0956 0x0f84  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:26:36.0003 0x0f84  NetPipeActivator - ok
10:26:36.0081 0x0f84  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
10:26:36.0221 0x0f84  netprofm - ok
10:26:36.0253 0x0f84  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:26:36.0315 0x0f84  NetTcpActivator - ok
10:26:36.0362 0x0f84  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:26:36.0393 0x0f84  NetTcpPortSharing - ok
10:26:36.0518 0x0f84  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960        C:\Windows\system32\drivers\nfrd960.sys
10:26:36.0549 0x0f84  nfrd960 - ok
10:26:36.0643 0x0f84  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:26:36.0767 0x0f84  NlaSvc - ok
10:26:36.0845 0x0f84  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:26:36.0955 0x0f84  Npfs - ok
10:26:37.0017 0x0f84  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi            C:\Windows\system32\nsisvc.dll
10:26:37.0111 0x0f84  nsi - ok
10:26:37.0157 0x0f84  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:26:37.0267 0x0f84  nsiproxy - ok
10:26:37.0703 0x0f84  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:26:38.0234 0x0f84  Ntfs - ok
10:26:38.0343 0x0f84  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
10:26:38.0483 0x0f84  Null - ok
10:26:38.0608 0x0f84  [ A85B4F2EF3A7304A5399EF0526423040, E45854691BA6AE36E53C2922CC93FF13DC2D84CBE7FE13A2F0B1CE1C16D1D158 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
10:26:38.0795 0x0f84  NVENETFD - ok
10:26:38.0905 0x0f84  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:26:38.0967 0x0f84  nvraid - ok
10:26:39.0107 0x0f84  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:26:39.0201 0x0f84  nvstor - ok
10:26:39.0357 0x0f84  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:26:39.0435 0x0f84  nv_agp - ok
10:26:39.0482 0x0f84  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
10:26:39.0544 0x0f84  ohci1394 - ok
10:26:39.0872 0x0f84  [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose            C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:26:39.0919 0x0f84  ose - ok
10:26:40.0090 0x0f84  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
10:26:40.0262 0x0f84  p2pimsvc - ok
10:26:40.0324 0x0f84  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
10:26:40.0418 0x0f84  p2psvc - ok
10:26:40.0465 0x0f84  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport        C:\Windows\system32\drivers\parport.sys
10:26:40.0558 0x0f84  Parport - ok
10:26:40.0605 0x0f84  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr        C:\Windows\system32\drivers\partmgr.sys
10:26:40.0636 0x0f84  partmgr - ok
10:26:40.0683 0x0f84  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:26:40.0839 0x0f84  PcaSvc - ok
10:26:40.0901 0x0f84  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci            C:\Windows\system32\drivers\pci.sys
10:26:40.0948 0x0f84  pci - ok
10:26:41.0026 0x0f84  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
10:26:41.0057 0x0f84  pciide - ok
10:26:41.0120 0x0f84  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
10:26:41.0167 0x0f84  pcmcia - ok
10:26:41.0198 0x0f84  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw            C:\Windows\system32\drivers\pcw.sys
10:26:41.0229 0x0f84  pcw - ok
10:26:41.0276 0x0f84  pdfcDispatcher - ok
10:26:41.0385 0x0f84  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:26:41.0541 0x0f84  PEAUTH - ok
10:26:42.0337 0x0f84  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
10:26:42.0399 0x0f84  PerfHost - ok
10:26:42.0586 0x0f84  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla            C:\Windows\system32\pla.dll
10:26:42.0805 0x0f84  pla - ok
10:26:42.0867 0x0f84  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:26:43.0085 0x0f84  PlugPlay - ok
10:26:43.0117 0x0f84  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
10:26:43.0210 0x0f84  PNRPAutoReg - ok
10:26:43.0288 0x0f84  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
10:26:43.0335 0x0f84  PNRPsvc - ok
10:26:43.0429 0x0f84  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
10:26:43.0585 0x0f84  PolicyAgent - ok
10:26:43.0678 0x0f84  [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power          C:\Windows\system32\umpo.dll
10:26:43.0850 0x0f84  Power - ok
10:26:43.0943 0x0f84  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:26:44.0068 0x0f84  PptpMiniport - ok
10:26:44.0131 0x0f84  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor      C:\Windows\system32\drivers\processr.sys
10:26:44.0193 0x0f84  Processor - ok
10:26:44.0271 0x0f84  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc        C:\Windows\system32\profsvc.dll
10:26:44.0443 0x0f84  ProfSvc - ok
10:26:44.0458 0x0f84  [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] ProtectedStorage C:\Windows\system32\lsass.exe
10:26:44.0552 0x0f84  ProtectedStorage - ok
10:26:44.0599 0x0f84  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
10:26:44.0723 0x0f84  Psched - ok
10:26:44.0879 0x0f84  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
10:26:45.0051 0x0f84  ql2300 - ok
10:26:45.0207 0x0f84  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
10:26:45.0301 0x0f84  ql40xx - ok
10:26:45.0379 0x0f84  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE          C:\Windows\system32\qwave.dll
10:26:45.0550 0x0f84  QWAVE - ok
10:26:45.0613 0x0f84  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:26:45.0722 0x0f84  QWAVEdrv - ok
10:26:45.0784 0x0f84  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:26:45.0909 0x0f84  RasAcd - ok
10:26:46.0003 0x0f84  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
10:26:46.0143 0x0f84  RasAgileVpn - ok
10:26:46.0299 0x0f84  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto        C:\Windows\System32\rasauto.dll
10:26:46.0486 0x0f84  RasAuto - ok
10:26:46.0673 0x0f84  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
10:26:46.0845 0x0f84  Rasl2tp - ok
10:26:46.0985 0x0f84  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
10:26:47.0219 0x0f84  RasMan - ok
10:26:47.0266 0x0f84  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:26:47.0422 0x0f84  RasPppoe - ok
10:26:47.0469 0x0f84  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
10:26:47.0609 0x0f84  RasSstp - ok
10:26:47.0672 0x0f84  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
10:26:47.0797 0x0f84  rdbss - ok
10:26:47.0843 0x0f84  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
10:26:47.0937 0x0f84  rdpbus - ok
10:26:47.0984 0x0f84  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:26:48.0124 0x0f84  RDPCDD - ok
10:26:48.0187 0x0f84  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:26:48.0296 0x0f84  RDPENCDD - ok
10:26:48.0483 0x0f84  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
10:26:48.0998 0x0f84  RDPREFMP - ok
10:26:49.0466 0x0f84  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
10:26:50.0542 0x0f84  RDPWD - ok
10:26:51.0041 0x0f84  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
10:26:51.0104 0x0f84  rdyboost - ok
10:26:51.0213 0x0f84  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:26:51.0385 0x0f84  RemoteAccess - ok
10:26:51.0556 0x0f84  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:26:51.0759 0x0f84  RemoteRegistry - ok
10:26:51.0884 0x0f84  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
10:26:52.0040 0x0f84  RpcEptMapper - ok
10:26:52.0165 0x0f84  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
10:26:52.0258 0x0f84  RpcLocator - ok
10:26:52.0383 0x0f84  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs          C:\Windows\system32\rpcss.dll
10:26:52.0539 0x0f84  RpcSs - ok
10:26:52.0711 0x0f84  [ 7F324DFFCA5318EEF040DBE351D038D8, 114234D816894C1018181173395C8D0E80982D66818A9AA38803D761FA4E8D90 ] RSP2STOR        C:\Windows\system32\DRIVERS\RtsP2Stor.sys
10:26:52.0820 0x0f84  RSP2STOR - ok
10:26:52.0945 0x0f84  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:26:53.0085 0x0f84  rspndr - ok
10:26:53.0288 0x0f84  [ EB8EA1C4C5E076D9EA61FB59960C5830, 3D3631E71584E89847BAC79EB22416175E92D0234662A4E3AF21D5E04ABB8D40 ] RTL8167        C:\Windows\system32\DRIVERS\Rt64win7.sys
10:26:53.0381 0x0f84  RTL8167 - ok
10:26:53.0428 0x0f84  [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] SamSs          C:\Windows\system32\lsass.exe
10:26:53.0475 0x0f84  SamSs - ok
10:26:53.0553 0x0f84  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:26:53.0584 0x0f84  sbp2port - ok
10:26:53.0709 0x0f84  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:26:53.0959 0x0f84  SCardSvr - ok
10:26:54.0052 0x0f84  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
10:26:54.0161 0x0f84  scfilter - ok
10:26:54.0349 0x0f84  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
10:26:54.0817 0x0f84  Schedule - ok
10:26:54.0910 0x0f84  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc    C:\Windows\System32\certprop.dll
10:26:55.0019 0x0f84  SCPolicySvc - ok
10:26:55.0113 0x0f84  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus          C:\Windows\system32\DRIVERS\sdbus.sys
10:26:55.0175 0x0f84  sdbus - ok
10:26:55.0285 0x0f84  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:26:55.0456 0x0f84  SDRSVC - ok
10:26:55.0503 0x0f84  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:26:55.0721 0x0f84  secdrv - ok
10:26:55.0877 0x0f84  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
10:26:55.0987 0x0f84  seclogon - ok
10:26:56.0096 0x0f84  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
10:26:56.0205 0x0f84  SENS - ok
10:26:56.0314 0x0f84  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
10:26:56.0423 0x0f84  SensrSvc - ok
10:26:56.0579 0x0f84  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum        C:\Windows\system32\drivers\serenum.sys
10:26:56.0642 0x0f84  Serenum - ok
10:26:56.0720 0x0f84  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
10:26:56.0767 0x0f84  Serial - ok
10:26:56.0923 0x0f84  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
10:26:56.0985 0x0f84  sermouse - ok
10:26:57.0125 0x0f84  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
10:26:57.0235 0x0f84  SessionEnv - ok
10:26:57.0297 0x0f84  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
10:26:57.0406 0x0f84  sffdisk - ok
10:26:57.0500 0x0f84  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:26:57.0547 0x0f84  sffp_mmc - ok
10:26:57.0578 0x0f84  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
10:26:57.0640 0x0f84  sffp_sd - ok
10:26:57.0796 0x0f84  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy        C:\Windows\system32\drivers\sfloppy.sys
10:26:57.0859 0x0f84  sfloppy - ok
10:26:57.0937 0x0f84  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:26:58.0046 0x0f84  SharedAccess - ok
10:26:58.0139 0x0f84  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:26:58.0280 0x0f84  ShellHWDetection - ok
10:26:58.0342 0x0f84  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
10:26:58.0389 0x0f84  SiSRaid2 - ok
10:26:58.0467 0x0f84  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
10:26:58.0514 0x0f84  SiSRaid4 - ok
10:26:58.0561 0x0f84  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
10:26:58.0654 0x0f84  Smb - ok
10:26:58.0717 0x0f84  [ AA17A14DA3B572C886D8064C72E9CC50, B0283DE568FDDEF96280FB403C31A804A935CFA099E7694BC00D700F4565E7FB ] SmbDrv          C:\Windows\system32\drivers\Smb_driver.sys
10:26:58.0764 0x0f84  SmbDrv - ok
10:26:58.0857 0x0f84  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:26:58.0935 0x0f84  SNMPTRAP - ok
10:26:59.0044 0x0f84  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr          C:\Windows\system32\drivers\spldr.sys
10:26:59.0076 0x0f84  spldr - ok
10:26:59.0200 0x0f84  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler        C:\Windows\System32\spoolsv.exe
10:26:59.0372 0x0f84  Spooler - ok
10:26:59.0746 0x0f84  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
10:27:00.0090 0x0f84  sppsvc - ok
10:27:00.0136 0x0f84  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify    C:\Windows\system32\sppuinotify.dll
10:27:00.0246 0x0f84  sppuinotify - ok
10:27:00.0370 0x0f84  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv            C:\Windows\system32\DRIVERS\srv.sys
10:27:00.0526 0x0f84  srv - ok
10:27:00.0589 0x0f84  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:27:00.0682 0x0f84  srv2 - ok
10:27:00.0776 0x0f84  [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA      C:\Windows\system32\DRIVERS\VSTAZL6.SYS
10:27:00.0901 0x0f84  SrvHsfHDA - ok
10:27:01.0057 0x0f84  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92      C:\Windows\system32\DRIVERS\VSTDPV6.SYS
10:27:01.0213 0x0f84  SrvHsfV92 - ok
10:27:01.0369 0x0f84  [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac    C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
10:27:01.0603 0x0f84  SrvHsfWinac - ok
10:27:01.0634 0x0f84  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:27:01.0712 0x0f84  srvnet - ok
10:27:01.0774 0x0f84  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
10:27:01.0915 0x0f84  SSDPSRV - ok
10:27:01.0962 0x0f84  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc        C:\Windows\system32\sstpsvc.dll
10:27:02.0055 0x0f84  SstpSvc - ok
10:27:02.0164 0x0f84  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
10:27:02.0196 0x0f84  stexstor - ok
10:27:02.0289 0x0f84  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
10:27:02.0726 0x0f84  stisvc - ok
10:27:02.0944 0x0f84  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
10:27:03.0022 0x0f84  swenum - ok
10:27:03.0178 0x0f84  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv          C:\Windows\System32\swprv.dll
10:27:03.0319 0x0f84  swprv - ok
10:27:03.0522 0x0f84  [ 321EA1320771419C0956DE50F270C3E5, A69B0DE540E9433E81245A50BC021FC1AF95E2D1EEE26B6A3C027FBC025A0F5E ] SynTP          C:\Windows\system32\drivers\SynTP.sys
10:27:03.0568 0x0f84  SynTP - ok
10:27:03.0802 0x0f84  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain        C:\Windows\system32\sysmain.dll
10:27:04.0052 0x0f84  SysMain - ok
10:27:04.0083 0x0f84  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:27:04.0161 0x0f84  TabletInputService - ok
10:27:04.0240 0x0f84  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv        C:\Windows\System32\tapisrv.dll
10:27:04.0349 0x0f84  TapiSrv - ok
10:27:04.0381 0x0f84  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS            C:\Windows\System32\tbssvc.dll
10:27:04.0490 0x0f84  TBS - ok
10:27:04.0693 0x0f84  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
10:27:04.0911 0x0f84  Tcpip - ok
10:27:05.0098 0x0f84  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
10:27:05.0270 0x0f84  TCPIP6 - ok
10:27:05.0332 0x0f84  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:27:05.0410 0x0f84  tcpipreg - ok
10:27:05.0457 0x0f84  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:27:05.0519 0x0f84  TDPIPE - ok
10:27:05.0597 0x0f84  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
10:27:05.0675 0x0f84  TDTCP - ok
10:27:05.0722 0x0f84  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
10:27:05.0800 0x0f84  tdx - ok
10:27:05.0894 0x0f84  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
10:27:05.0956 0x0f84  TermDD - ok
10:27:06.0097 0x0f84  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService    C:\Windows\System32\termsrv.dll
10:27:06.0299 0x0f84  TermService - ok
10:27:06.0362 0x0f84  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
10:27:06.0409 0x0f84  Themes - ok
10:27:06.0440 0x0f84  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER    C:\Windows\system32\mmcss.dll
10:27:06.0596 0x0f84  THREADORDER - ok
10:27:06.0674 0x0f84  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
10:27:06.0799 0x0f84  TrkWks - ok
10:27:06.0939 0x0f84  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:27:07.0142 0x0f84  TrustedInstaller - ok
10:27:07.0251 0x0f84  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:27:07.0407 0x0f84  tssecsrv - ok
10:27:07.0469 0x0f84  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
10:27:07.0563 0x0f84  TsUsbFlt - ok
10:27:07.0703 0x0f84  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD        C:\Windows\system32\drivers\TsUsbGD.sys
10:27:07.0891 0x0f84  TsUsbGD - ok
10:27:08.0218 0x0f84  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:27:08.0327 0x0f84  tunnel - ok
10:27:08.0390 0x0f84  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
10:27:08.0421 0x0f84  uagp35 - ok
10:27:08.0515 0x0f84  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:27:08.0639 0x0f84  udfs - ok
10:27:08.0733 0x0f84  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect      C:\Windows\system32\UI0Detect.exe
10:27:08.0811 0x0f84  UI0Detect - ok
10:27:08.0905 0x0f84  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:27:08.0951 0x0f84  uliagpkx - ok
10:27:09.0014 0x0f84  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus          C:\Windows\system32\DRIVERS\umbus.sys
10:27:09.0061 0x0f84  umbus - ok
10:27:09.0154 0x0f84  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
10:27:09.0232 0x0f84  UmPass - ok
10:27:09.0357 0x0f84  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
10:27:09.0497 0x0f84  upnphost - ok
10:27:09.0575 0x0f84  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
10:27:09.0638 0x0f84  usbccgp - ok
10:27:09.0763 0x0f84  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
10:27:09.0981 0x0f84  usbcir - ok
10:27:10.0059 0x0f84  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci        C:\Windows\system32\DRIVERS\usbehci.sys
10:27:10.0106 0x0f84  usbehci - ok
10:27:10.0199 0x0f84  [ 33A58C5630200E17B51C8D73DD64181B, 75707B7E5CE686119CA430944477C9A6DBD5AA4211FDDECFF0986EACA65975B3 ] usbfilter      C:\Windows\system32\DRIVERS\usbfilter.sys
10:27:10.0246 0x0f84  usbfilter - ok
10:27:10.0324 0x0f84  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:27:10.0433 0x0f84  usbhub - ok
10:27:10.0496 0x0f84  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci        C:\Windows\system32\DRIVERS\usbohci.sys
10:27:10.0543 0x0f84  usbohci - ok
10:27:10.0621 0x0f84  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
10:27:10.0683 0x0f84  usbprint - ok
10:27:10.0730 0x0f84  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan        C:\Windows\system32\DRIVERS\usbscan.sys
10:27:10.0839 0x0f84  usbscan - ok
10:27:10.0901 0x0f84  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:27:11.0011 0x0f84  USBSTOR - ok
10:27:11.0089 0x0f84  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci        C:\Windows\system32\drivers\usbuhci.sys
10:27:11.0229 0x0f84  usbuhci - ok
10:27:11.0323 0x0f84  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
10:27:11.0401 0x0f84  usbvideo - ok
10:27:11.0479 0x0f84  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms          C:\Windows\System32\uxsms.dll
10:27:11.0603 0x0f84  UxSms - ok
10:27:11.0635 0x0f84  [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] VaultSvc        C:\Windows\system32\lsass.exe
10:27:11.0713 0x0f84  VaultSvc - ok
10:27:11.0806 0x0f84  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
10:27:11.0853 0x0f84  vdrvroot - ok
10:27:11.0993 0x0f84  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds            C:\Windows\System32\vds.exe
10:27:12.0134 0x0f84  vds - ok
10:27:12.0243 0x0f84  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
10:27:12.0368 0x0f84  vga - ok
10:27:12.0399 0x0f84  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave        C:\Windows\System32\drivers\vga.sys
10:27:12.0508 0x0f84  VgaSave - ok
10:27:12.0586 0x0f84  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp          C:\Windows\system32\drivers\vhdmp.sys
10:27:12.0633 0x0f84  vhdmp - ok
10:27:12.0758 0x0f84  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
10:27:12.0851 0x0f84  viaide - ok
10:27:12.0945 0x0f84  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:27:13.0039 0x0f84  volmgr - ok
10:27:13.0085 0x0f84  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
10:27:13.0179 0x0f84  volmgrx - ok
10:27:13.0273 0x0f84  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap        C:\Windows\system32\drivers\volsnap.sys
10:27:13.0569 0x0f84  volsnap - ok
10:27:13.0756 0x0f84  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid        C:\Windows\system32\drivers\vsmraid.sys
10:27:13.0834 0x0f84  vsmraid - ok
10:27:14.0162 0x0f84  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS            C:\Windows\system32\vssvc.exe
10:27:14.0411 0x0f84  VSS - ok
10:27:14.0458 0x0f84  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
10:27:14.0521 0x0f84  vwifibus - ok
10:27:14.0599 0x0f84  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
10:27:14.0723 0x0f84  vwififlt - ok
10:27:14.0801 0x0f84  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time        C:\Windows\system32\w32time.dll
10:27:14.0942 0x0f84  W32Time - ok
10:27:14.0989 0x0f84  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
10:27:15.0051 0x0f84  WacomPen - ok
10:27:15.0223 0x0f84  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
10:27:15.0410 0x0f84  WANARP - ok
10:27:15.0503 0x0f84  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:27:15.0613 0x0f84  Wanarpv6 - ok
10:27:15.0971 0x0f84  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc    C:\Windows\system32\Wat\WatAdminSvc.exe
10:27:16.0159 0x0f84  WatAdminSvc - ok
10:27:16.0408 0x0f84  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
10:27:16.0673 0x0f84  wbengine - ok
10:27:16.0751 0x0f84  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
10:27:16.0829 0x0f84  WbioSrvc - ok
10:27:16.0939 0x0f84  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc        C:\Windows\System32\wcncsvc.dll
10:27:17.0079 0x0f84  wcncsvc - ok
10:27:17.0157 0x0f84  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:27:17.0235 0x0f84  WcsPlugInService - ok
10:27:17.0282 0x0f84  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
10:27:17.0313 0x0f84  Wd - ok
10:27:17.0516 0x0f84  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:27:17.0641 0x0f84  Wdf01000 - ok
10:27:17.0734 0x0f84  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:27:17.0812 0x0f84  WdiServiceHost - ok
10:27:17.0859 0x0f84  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost  C:\Windows\system32\wdi.dll
10:27:17.0890 0x0f84  WdiSystemHost - ok
10:27:17.0968 0x0f84  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient      C:\Windows\System32\webclnt.dll
10:27:18.0062 0x0f84  WebClient - ok
10:27:18.0155 0x0f84  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:27:18.0249 0x0f84  Wecsvc - ok
10:27:18.0358 0x0f84  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
10:27:18.0577 0x0f84  wercplsupport - ok
10:27:18.0670 0x0f84  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:27:18.0842 0x0f84  WerSvc - ok
10:27:18.0935 0x0f84  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
10:27:19.0138 0x0f84  WfpLwf - ok
10:27:19.0169 0x0f84  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
10:27:19.0201 0x0f84  WIMMount - ok
10:27:19.0263 0x0f84  WinDefend - ok
10:27:19.0403 0x0f84  WinHttpAutoProxySvc - ok
10:27:19.0731 0x0f84  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
10:27:19.0887 0x0f84  Winmgmt - ok
10:27:20.0137 0x0f84  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM          C:\Windows\system32\WsmSvc.dll
10:27:20.0464 0x0f84  WinRM - ok
10:27:20.0745 0x0f84  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
10:27:20.0870 0x0f84  WinUsb - ok
10:27:20.0995 0x0f84  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc        C:\Windows\System32\wlansvc.dll
10:27:21.0213 0x0f84  Wlansvc - ok
10:27:21.0478 0x0f84  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:27:21.0556 0x0f84  wlcrasvc - ok
10:27:21.0884 0x0f84  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc        C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:27:22.0165 0x0f84  wlidsvc - ok
10:27:22.0289 0x0f84  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi        C:\Windows\system32\drivers\wmiacpi.sys
10:27:22.0367 0x0f84  WmiAcpi - ok
10:27:22.0445 0x0f84  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:27:22.0523 0x0f84  wmiApSrv - ok
10:27:22.0586 0x0f84  WMPNetworkSvc - ok
10:27:22.0664 0x0f84  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:27:22.0835 0x0f84  WPCSvc - ok
10:27:22.0929 0x0f84  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:27:23.0132 0x0f84  WPDBusEnum - ok
10:27:23.0225 0x0f84  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
10:27:23.0366 0x0f84  ws2ifsl - ok
10:27:23.0397 0x0f84  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
10:27:23.0506 0x0f84  wscsvc - ok
10:27:23.0537 0x0f84  WSearch - ok
10:27:23.0927 0x0f84  [ 624809FE31F0EBBA33FD4C98E016DD83, 2ACCF7FB506A875666B8BEA7EC096A6536A7A05CC96206B2BD65E9C6B6984744 ] WTGService      C:\Program Files (x86)\XSManager\WTGService.exe
10:27:24.0037 0x0f84  WTGService - ok
10:27:24.0567 0x0f84  [ 39D604E190DFE2E483B637D6796ABAFF, 52DCCEA0DB59F00C615D94CC2B70FC1C335E553E8FC79AAC8C8C7D9EE1F6111D ] wuauserv        C:\Windows\system32\wuaueng.dll
10:27:24.0973 0x0f84  wuauserv - ok
10:27:25.0113 0x0f84  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:27:25.0175 0x0f84  WudfPf - ok
10:27:25.0347 0x0f84  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\drivers\WUDFRd.sys
10:27:25.0487 0x0f84  WUDFRd - ok
10:27:25.0565 0x0f84  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
10:27:25.0690 0x0f84  wudfsvc - ok
10:27:25.0768 0x0f84  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc        C:\Windows\System32\wwansvc.dll
10:27:25.0862 0x0f84  WwanSvc - ok
10:27:25.0940 0x0f84  [ 72C17898CFA71513E50BD40CDD18A943, 9FB3EC22C738C7D3AC1F82EFB3DF0F727FEE13F8E1240DB09EDEF3EE59A58F68 ] XS Stick Service C:\Windows\service4g.exe
10:27:26.0018 0x0f84  XS Stick Service - ok
10:27:26.0158 0x0f84  ================ Scan global ===============================
10:27:26.0252 0x0f84  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
10:27:26.0314 0x0f84  [ 8927015C999D55D9B4AC66000EE5343D, 2AC4896880BAD44192822063A31785F4A716D992201B3E6A590A2D75D9729A4A ] C:\Windows\system32\winsrv.dll
10:27:26.0361 0x0f84  [ 8927015C999D55D9B4AC66000EE5343D, 2AC4896880BAD44192822063A31785F4A716D992201B3E6A590A2D75D9729A4A ] C:\Windows\system32\winsrv.dll
10:27:26.0392 0x0f84  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:27:26.0470 0x0f84  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
10:27:26.0486 0x0f84  [ Global ] - ok
10:27:26.0486 0x0f84  ================ Scan MBR ==================================
10:27:26.0501 0x0f84  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:27:27.0968 0x0f84  \Device\Harddisk0\DR0 - ok
10:27:27.0983 0x0f84  ================ Scan VBR ==================================
10:27:27.0999 0x0f84  [ 0136BC0A596B8C13AE038D5A3D211C4D ] \Device\Harddisk0\DR0\Partition1
10:27:28.0030 0x0f84  \Device\Harddisk0\DR0\Partition1 - ok
10:27:28.0061 0x0f84  [ 7A257379D13EB305E586A72EA6555D92 ] \Device\Harddisk0\DR0\Partition2
10:27:28.0077 0x0f84  \Device\Harddisk0\DR0\Partition2 - ok
10:27:28.0108 0x0f84  [ B3DF0F9A2AE8A8A58045938458F5367C ] \Device\Harddisk0\DR0\Partition3
10:27:28.0155 0x0f84  \Device\Harddisk0\DR0\Partition3 - ok
10:27:28.0202 0x0f84  [ 45C9D87763A11FD523C15E1CB09B1AD4 ] \Device\Harddisk0\DR0\Partition4
10:27:28.0217 0x0f84  \Device\Harddisk0\DR0\Partition4 - ok
10:27:28.0217 0x0f84  ================ Scan generic autorun ======================
10:27:29.0060 0x0f84  [ 3A3D3A872326186802532EED53D2E616, 7D6CDC6C1D64C07BDE31BB928C3BE5A92F7E6E687A5FCA5FC89F95EB5701F665 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
10:27:29.0965 0x0f84  RTHDVCPL - ok
10:27:29.0996 0x0f84  SynTPEnh - ok
10:27:30.0635 0x0f84  [ C50911A387912D1397E777E24EFD36EB, 53583D2B225833BAA2D8869FE7A078B0E292D501E06D648FCD1EAF3BC1B9C5A5 ] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
10:27:30.0713 0x0f84  SetDefault - ok
10:27:30.0994 0x0f84  [ D557A8DC77BE32A8C773F0A257663CA4, 632681987DE22862CD0EFB0A7B499DD21C94B70F64B315077DF5781C5343D83B ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
10:27:31.0166 0x0f84  StartCCC - ok
10:27:31.0353 0x0f84  [ 8192B2E274607D1D530F5C191698C544, E20D5803AFC7BF69906284CEA869F6C773A4E0D20067599F5E11D5EE248109F7 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
10:27:31.0478 0x0f84  HP Quick Launch - ok
10:27:31.0681 0x0f84  [ B7E776CDE3047E96F9547A6E4D4F4259, 29F1581602D610F942C42C7B6181C2BBE9A93BFDB9D359553AA2461C5C58B2C0 ] C:\Program Files (x86)\PDF Complete\pdfsty.exe
10:27:31.0837 0x0f84  PDF Complete - ok
10:27:32.0008 0x0f84  [ 8A3B69683E63808719D24E1C68C21CC7, C27B2F3996B55619B45BDB332B0F3262A68CE7EEC78730C6D96B752D086C8B1D ] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
10:27:32.0102 0x0f84  HPOSD - ok
10:27:32.0180 0x0f84  [ 7E650FCF6BACA90DDC59ABDF2A264B09, 8168BD9486CBF8BD659B227F88D21FC50BF878B4B808B4E550028EE144E0DD25 ] C:\Windows\starter4g.exe
10:27:32.0211 0x0f84  starter4g - ok
10:27:33.0506 0x0f84  [ 27F8A7A78773427E5D931628F89D6839, 61A312590322109BEA9EA70345E6FB40435D9BACE2B9CFF3ADF68C7B3D6FA163 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
10:27:33.0646 0x0f84  avgnt - ok
10:27:33.0849 0x0f84  [ 846965AE55A2662B1576C0F392DD1D6E, 0ADE383991FDC5A49DD15A27CB52CF75ABF518F0335E92003C0FF75DB417BBDC ] C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe
10:27:33.0896 0x0f84  SSBkgdUpdate - ok
10:27:34.0208 0x0f84  [ 27249F2A900032F3C2DFAB8DE8F16399, 88F85055FC6A6C3872A9A3697F92E26EEB51655F5D53F49EE22768829839808A ] C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
10:27:34.0333 0x0f84  PaperPort PTD - ok
10:27:34.0395 0x0f84  [ BE72C212B14FC8F872A70C6C311D0529, 9C6A8060FD4505925894D8FD08EFCDE16BEEAAC70264519135B261C026333CAA ] C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe
10:27:34.0426 0x0f84  IndexSearch - ok
10:27:34.0551 0x0f84  [ A4A66195EB0ECD574A32AAA92DC0A7BD, 4E30D565917158316A541BB29D73BF5F3A01DAB1240363276DE0C5D59B2BFFFE ] C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe
10:27:34.0582 0x0f84  PPort11reminder - ok
10:27:35.0175 0x0f84  [ 57C635C41750117D206C90DA9C599777, D5291ED79FC08217758FB526FC8CCC9D374B65B49446104D271C36B0C1298446 ] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
10:27:35.0347 0x0f84  BrMfcWnd - detected UnsignedFile.Multi.Generic ( 1 )
10:27:36.0501 0x0f84  Detect skipped due to KSN trusted
10:27:36.0501 0x0f84  BrMfcWnd - ok
10:27:36.0579 0x0f84  [ 4DE3EF07E0854547309C6B40235A9D44, F73D8E6D98583865D1C8DB728058D83C72A3908E21E04EF313FCB829C040A1EC ] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe
10:27:36.0626 0x0f84  ControlCenter3 - detected UnsignedFile.Multi.Generic ( 1 )
10:27:37.0359 0x0f84  Detect skipped due to KSN trusted
10:27:37.0359 0x0f84  ControlCenter3 - ok
10:27:37.0515 0x0f84  [ 7613D16AF3AE9DC337B071F994D6C53D, F8DC0B0D779FB196171402130F4EEAB4B03CE69CB4D29E7C137391B4F31BFF59 ] C:\Program Files (x86)\PDF24\pdf24.exe
10:27:37.0546 0x0f84  PDFPrint - ok
10:27:37.0780 0x0f84  [ F5060B034D37EA26D325A4319806E202, D43ACE85421DB29A6B6E8080D838152AB3858F83C2B373731945460E217C7D9F ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
10:27:37.0827 0x0f84  Avira SystrayStartTrigger - ok
10:27:38.0030 0x0f84  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:27:38.0248 0x0f84  Sidebar - ok
10:27:38.0357 0x0f84  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:27:38.0435 0x0f84  mctadmin - ok
10:27:38.0701 0x0f84  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:27:38.0825 0x0f84  Sidebar - ok
10:27:38.0872 0x0f84  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:27:38.0935 0x0f84  mctadmin - ok
10:27:38.0935 0x0f84  Waiting for KSN requests completion. In queue: 6
10:27:40.0417 0x0f84  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.12.420 ), 0x41010 ( enabled : outofdate )
10:27:40.0822 0x0f84  Win FW state via NFP2: enabled ( trusted )
10:27:41.0540 0x0f84  ============================================================
10:27:41.0540 0x0f84  Scan finished
10:27:41.0540 0x0f84  ============================================================
10:27:41.0555 0x16dc  Detected object count: 0
10:27:41.0555 0x16dc  Actual detected object count: 0
10:35:54.0916 0x13f0  Deinitialize success



Viele Grüße vom Orcrist

schrauber 27.09.2015 15:57

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

Orcrist 30.09.2015 15:25

Hi schrauber :),

hier die Logs:

MBAM:
Code:

Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 30.09.2015
Suchlaufzeit: 13:17
Protokolldatei: mbam.txt
Administrator: Nein

Version: 2.1.8.1057
Malware-Datenbank: v2015.09.30.03
Rootkit-Datenbank: v2015.09.22.01
Lizenz: Kostenlose Version
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: grüner Drache

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 301473
Abgelaufene Zeit: 29 Min., 5 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

Beim ADW Cleaner habe ich 3 Dateien gefunden. Da ich mir nicht sicher bin, welche du brauchst, poste ich alle.

C1
Code:

# AdwCleaner v5.009 - Bericht erstellt am 30/09/2015 um 15:49:31
# Aktualisiert am 27/09/2015 von Xplode
# Datenbank : 2015-09-27.1 [Lokal]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : blondi - BLONDI-HP
# Gestartet von : C:\Users\grüner Drache\Desktop\AdwCleaner_5.009.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\ProgramData\DatacardService
[-] Ordner Gelöscht : C:\Users\blondi\AppData\Local\Temp\AskSearch
[-] Ordner Gelöscht : C:\Users\blondi\AppData\Local\Temp\OCS
[-] Ordner Gelöscht : C:\Users\blondi\AppData\LocalLow\AskToolbar
[-] Ordner Gelöscht : C:\Users\blondi\AppData\Roaming\Mozilla\Firefox\Profiles\78ic5878.default\Extensions\toolbar@ask.com
[-] Ordner Gelöscht : C:\Users\smartie\AppData\LocalLow\AskToolbar

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\Users\blondi\Desktop\eBay.lnk
[-] Datei Gelöscht : C:\Users\grüner Drache\Desktop\eBay.lnk
[-] Datei Gelöscht : C:\Users\smartie\Desktop\eBay.lnk

***** [ Verknüpfungen ] *****


***** [ Geplante Tasks ] *****

[-] Task Gelöscht : Adobe Flash Player Updater

***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
[-] Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
[-] Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
[-] Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\AskToolbar
[-] Schlüssel Gelöscht : HKCU\Software\APN
[-] Schlüssel Gelöscht : HKCU\Software\Ask.com
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\APN
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Ask.com
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\OCS
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\Software\AppDataLow\Software\AskToolbar
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\Software\Microsoft\Internet Explorer\Main [Start Page]
[!] Schlüssel Nicht Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[!] Schlüssel Nicht Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[-] Schlüssel Gelöscht : HKU\S-1-5-21-2255287641-1463189941-1607643083-1003\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}

***** [ Internetbrowser ] *****

[-] [C:\Users\blondi\AppData\Roaming\Mozilla\Firefox\Profiles\78ic5878.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
[-] [C:\Users\blondi\AppData\Roaming\Mozilla\Firefox\Profiles\78ic5878.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.order.1", "Ask.com");
[-] [C:\Users\blondi\AppData\Roaming\Mozilla\Firefox\Profiles\78ic5878.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.asktb.ff-original-keyword-url", "");
[-] [C:\Users\grüner Drache\AppData\Roaming\Mozilla\Firefox\Profiles\h0g094uq.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.order.1", "Ask.com");
[-] [C:\Users\grüner Drache\AppData\Roaming\Mozilla\Firefox\Profiles\h0g094uq.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.selectedEngine", "Ask.com");
[-] [C:\Users\grüner Drache\AppData\Roaming\Mozilla\Firefox\Profiles\h0g094uq.default\prefs.js] [Preference] Gelöscht : user_pref("browser.startup.homepage", "hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE");

*************************

:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - \AdwCleaner\AdwCleaner[C1].txt - [5021 Bytes] ##########

S1
Code:

# AdwCleaner v5.009 - Bericht erstellt am 30/09/2015 um 15:41:09
# Aktualisiert am 27/09/2015 von Xplode
# Datenbank : 2015-09-27.1 [Lokal]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : blondi - BLONDI-HP
# Gestartet von : C:\Users\grüner Drache\Desktop\AdwCleaner_5.009.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

Ordner Gefunden : C:\ProgramData\DatacardService
Ordner Gefunden : C:\Users\blondi\AppData\Local\Temp\AskSearch
Ordner Gefunden : C:\Users\blondi\AppData\Local\Temp\OCS
Ordner Gefunden : C:\Users\blondi\AppData\LocalLow\AskToolbar
Ordner Gefunden : C:\Users\blondi\AppData\Roaming\Mozilla\Firefox\Profiles\78ic5878.default\Extensions\toolbar@ask.com
Ordner Gefunden : C:\Users\smartie\AppData\LocalLow\AskToolbar

***** [ Dateien ] *****

Datei Gefunden : C:\Users\blondi\Desktop\eBay.lnk
Datei Gefunden : C:\Users\grüner Drache\Desktop\eBay.lnk
Datei Gefunden : C:\Users\smartie\Desktop\eBay.lnk

***** [ Verknüpfungen ] *****


***** [ Geplante Tasks ] *****

Task Gefunden : Adobe Flash Player Updater

***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Schlüssel Gefunden : HKU\.DEFAULT\Software\AskToolbar
Schlüssel Gefunden : HKCU\Software\APN
Schlüssel Gefunden : HKCU\Software\Ask.com
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gefunden : [x64] HKCU\Software\APN
Schlüssel Gefunden : [x64] HKCU\Software\Ask.com
Schlüssel Gefunden : [x64] HKCU\Software\OCS
Schlüssel Gefunden : HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\Software\AppDataLow\Software\AskToolbar
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE
Daten Gefunden : HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Schlüssel Gefunden : HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Schlüssel Gefunden : HKU\S-1-5-21-2255287641-1463189941-1607643083-1003\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}

***** [ Internetbrowser ] *****

[C:\Users\blondi\AppData\Roaming\Mozilla\Firefox\Profiles\78ic5878.default\prefs.js] [Preference] Gefunden : user_pref("browser.search.defaultengine", "Ask.com");
[C:\Users\blondi\AppData\Roaming\Mozilla\Firefox\Profiles\78ic5878.default\prefs.js] [Preference] Gefunden : user_pref("browser.search.order.1", "Ask.com");
[C:\Users\blondi\AppData\Roaming\Mozilla\Firefox\Profiles\78ic5878.default\prefs.js] [Preference] Gefunden : user_pref("extensions.asktb.ff-original-keyword-url", "");
[C:\Users\grüner Drache\AppData\Roaming\Mozilla\Firefox\Profiles\h0g094uq.default\prefs.js] [Preference] Gefunden : user_pref("browser.search.order.1", "Ask.com");
[C:\Users\grüner Drache\AppData\Roaming\Mozilla\Firefox\Profiles\h0g094uq.default\prefs.js] [Preference] Gefunden : user_pref("browser.search.selectedEngine", "Ask.com");
[C:\Users\grüner Drache\AppData\Roaming\Mozilla\Firefox\Profiles\h0g094uq.default\prefs.js] [Preference] Gefunden : user_pref("browser.startup.homepage", "hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE");

########## EOF - \AdwCleaner\AdwCleaner[S1].txt - [4791 Bytes] ##########

S2
Code:

# AdwCleaner v5.009 - Bericht erstellt am 30/09/2015 um 15:47:21
# Aktualisiert am 27/09/2015 von Xplode
# Datenbank : 2015-09-27.1 [Lokal]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : blondi - BLONDI-HP
# Gestartet von : C:\Users\grüner Drache\Desktop\AdwCleaner_5.009.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

Ordner Gefunden : C:\ProgramData\DatacardService
Ordner Gefunden : C:\Users\blondi\AppData\Local\Temp\AskSearch
Ordner Gefunden : C:\Users\blondi\AppData\Local\Temp\OCS
Ordner Gefunden : C:\Users\blondi\AppData\LocalLow\AskToolbar
Ordner Gefunden : C:\Users\blondi\AppData\Roaming\Mozilla\Firefox\Profiles\78ic5878.default\Extensions\toolbar@ask.com
Ordner Gefunden : C:\Users\smartie\AppData\LocalLow\AskToolbar

***** [ Dateien ] *****

Datei Gefunden : C:\Users\blondi\Desktop\eBay.lnk
Datei Gefunden : C:\Users\grüner Drache\Desktop\eBay.lnk
Datei Gefunden : C:\Users\smartie\Desktop\eBay.lnk

***** [ Verknüpfungen ] *****


***** [ Geplante Tasks ] *****

Task Gefunden : Adobe Flash Player Updater

***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Schlüssel Gefunden : HKU\.DEFAULT\Software\AskToolbar
Schlüssel Gefunden : HKCU\Software\APN
Schlüssel Gefunden : HKCU\Software\Ask.com
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gefunden : [x64] HKCU\Software\APN
Schlüssel Gefunden : [x64] HKCU\Software\Ask.com
Schlüssel Gefunden : [x64] HKCU\Software\OCS
Schlüssel Gefunden : HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\Software\AppDataLow\Software\AskToolbar
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE
Daten Gefunden : HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Schlüssel Gefunden : HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Schlüssel Gefunden : HKU\S-1-5-21-2255287641-1463189941-1607643083-1003\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}

***** [ Internetbrowser ] *****

[C:\Users\blondi\AppData\Roaming\Mozilla\Firefox\Profiles\78ic5878.default\prefs.js] [Preference] Gefunden : user_pref("browser.search.defaultengine", "Ask.com");
[C:\Users\blondi\AppData\Roaming\Mozilla\Firefox\Profiles\78ic5878.default\prefs.js] [Preference] Gefunden : user_pref("browser.search.order.1", "Ask.com");
[C:\Users\blondi\AppData\Roaming\Mozilla\Firefox\Profiles\78ic5878.default\prefs.js] [Preference] Gefunden : user_pref("extensions.asktb.ff-original-keyword-url", "");
[C:\Users\grüner Drache\AppData\Roaming\Mozilla\Firefox\Profiles\h0g094uq.default\prefs.js] [Preference] Gefunden : user_pref("browser.search.order.1", "Ask.com");
[C:\Users\grüner Drache\AppData\Roaming\Mozilla\Firefox\Profiles\h0g094uq.default\prefs.js] [Preference] Gefunden : user_pref("browser.search.selectedEngine", "Ask.com");
[C:\Users\grüner Drache\AppData\Roaming\Mozilla\Firefox\Profiles\h0g094uq.default\prefs.js] [Preference] Gefunden : user_pref("browser.startup.homepage", "hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE");

########## EOF - \AdwCleaner\AdwCleaner[S2].txt - [4791 Bytes] ##########

JRT
Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 7 Home Premium x64
Ran by blondi on 30.09.2015 at 15:59:31,18
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}



~~~ Files

Successfully deleted: [File] C:\Windows\SysWOW64\sho711B.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoA7A8.tmp



~~~ Folders

Successfully deleted: [Folder] C:\Users\blondi\Appdata\Local\update~1



~~~ FireFox

Successfully deleted the following from C:\Users\blondi\AppData\Roaming\mozilla\firefox\profiles\78ic5878.default\prefs.js

user_pref(extensions.xpiState, {\app-profile\:{\2020Player_IKEA@2020Technologies.com\:{\d\:\C:\\\\Users\\\\blondi\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Prof
Emptied folder: C:\Users\blondi\AppData\Roaming\mozilla\firefox\profiles\78ic5878.default\minidumps [170 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30.09.2015 at 16:07:39,30
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST
Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:23-09-2015
durchgeführt von blondi (Administrator) auf BLONDI-HP (30-09-2015 16:11:40)
Gestartet von C:\Users\grüner Drache\Desktop
Geladene Profile: blondi & grüner Drache (Verfügbare Profile: smartie & blondi & grüner Drache)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\XSManager\WTGService.exe
(WebToGo Mobiles Internet GmbH) C:\Program Files (x86)\XSManager\XSManager.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6463592 2012-02-13] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2885904 2012-02-24] (Synaptics Incorporated)
HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [44880 2011-12-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [636032 2012-02-14] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [684024 2012-02-19] (PDF Complete Inc)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [starter4g] => C:\Windows\starter4g.exe [160992 2010-07-08] (4G Systems GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-09-03] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-07-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort11reminder] => C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] ()
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [185896 2013-10-28] (Geek Software GmbH)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66936 2015-08-13] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\...\RunOnce: [Report] => \AdwCleaner\AdwCleaner[C1].txt [5142 2015-09-30] ()
HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\...\MountPoints2: {1281b708-8d14-11e3-917a-446d5773e023} - F:\AutoRun.exe
HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\...\MountPoints2: {1281b715-8d14-11e3-917a-446d5773e023} - F:\AutoRun.exe
HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\...\MountPoints2: {521d1f89-483f-11e2-9d26-806e6f6e6963} - E:\start.exe
HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\...\MountPoints2: {7b9bf4a8-ba49-11e3-960c-446d5773e023} - F:\AutoRun.exe
HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\...\MountPoints2: {8a0c0fbe-e64c-11e3-86e8-001e101f82a0} - F:\AutoRun.exe
HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\...\MountPoints2: {bafdebac-87df-11e2-ba1e-446d5773e023} - F:\autorun.exe
HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\...\MountPoints2: {c414602a-8b35-11e3-934e-446d5773e023} - F:\AutoRun.exe
HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\...\MountPoints2: {c4146040-8b35-11e3-934e-446d5773e023} - F:\AutoRun.exe
HKU\S-1-5-21-2255287641-1463189941-1607643083-1003\...\MountPoints2: F - F:\autorun.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{3DFDFF89-4FB7-4ED7-BF0B-DE814EDAD0A6}: [DhcpNameServer] 192.168.72.2
Tcpip\..\Interfaces\{4666D7E6-F55F-4C00-856C-64AA99F49F12}: [NameServer] 193.189.244.225 193.189.244.206
Tcpip\..\Interfaces\{47872D93-BB86-4F35-AA1A-522A803CA999}: [NameServer] 193.189.244.206 193.189.244.225
Tcpip\..\Interfaces\{62B4EE08-8E25-474A-B601-379A7909E61B}: [NameServer] 193.189.244.225 193.189.244.206
Tcpip\..\Interfaces\{887BCB3A-6FF2-48E8-B97D-79DAE3BF43E2}: [NameServer] 139.7.30.126 139.7.30.125
Tcpip\..\Interfaces\{92BAAD06-FC8D-4246-B4B0-585E0DC29370}: [NameServer] 193.189.244.225 193.189.244.206
Tcpip\..\Interfaces\{F9745FD9-3B56-45E8-83DB-B78B4A29FA0F}: [NameServer] 193.189.244.225 193.189.244.206

Internet Explorer:
==================
HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/10
HKU\S-1-5-21-2255287641-1463189941-1607643083-1003\Software\Microsoft\Internet Explorer\Main,Start Page = Trojaner-Board - Viren und Trojaner entfernen - kostenlos
HKU\S-1-5-21-2255287641-1463189941-1607643083-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/10
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-4/4?satitle={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-4/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-2255287641-1463189941-1607643083-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2255287641-1463189941-1607643083-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2255287641-1463189941-1607643083-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-4/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-2255287641-1463189941-1607643083-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2255287641-1463189941-1607643083-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2255287641-1463189941-1607643083-1003 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKU\S-1-5-21-2255287641-1463189941-1607643083-1003 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-2255287641-1463189941-1607643083-1003 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-4/4?satitle={searchTerms}
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-13] (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-13] (Advanced Micro Devices)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKU\S-1-5-21-2255287641-1463189941-1607643083-1002 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)

FireFox:
========
FF ProfilePath: C:\Users\blondi\AppData\Roaming\Mozilla\Firefox\Profiles\78ic5878.default
FF Homepage: hxxp://www.michaelroads.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-27] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-27] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2011-11-07] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2011-09-28] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\blondi\AppData\Roaming\Mozilla\Firefox\Profiles\78ic5878.default\Extensions\2020Player_IKEA@2020Technologies.com [2015-02-24]
FF Extension: Adblock Plus - C:\Users\blondi\AppData\Roaming\Mozilla\Firefox\Profiles\78ic5878.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-04-28]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-02-14] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-09-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-09-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-09-03] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-09-03] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [228104 2015-08-13] (Avira Operations GmbH & Co. KG)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [246112 2014-02-01] ()
S2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1134584 2012-02-19] (PDF Complete Inc)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [329168 2010-04-12] ()
S2 XS Stick Service; C:\Windows\service4g.exe [145120 2010-07-08] (4G Systems GmbH & Co. KG)
S2 HWDeviceService64.exe; "C:\ProgramData\DatacardService\HWDeviceService64.exe" -/service [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [55936 2012-01-03] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162528 2015-09-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-09-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-05] (Avira Operations GmbH & Co. KG)
R3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [117888 2013-03-08] (Mobile Connector)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [259688 2011-10-27] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver.sys [21264 2012-02-24] (Synaptics Incorporated)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-30 16:11 - 2015-09-30 16:12 - 00017542 _____ C:\Users\grüner Drache\Desktop\FRST.txt
2015-09-30 16:07 - 2015-09-30 16:07 - 00001539 _____ C:\Users\blondi\Desktop\JRT.txt
2015-09-30 15:59 - 2015-09-29 20:15 - 01801288 _____ (Malwarebytes) C:\Users\blondi\Desktop\JRT.exe
2015-09-30 15:57 - 2015-09-30 15:57 - 01798976 _____ (Malwarebytes) C:\Users\grüner Drache\Desktop\JRT.exe
2015-09-30 15:40 - 2015-09-30 15:49 - 00000000 ____D C:\AdwCleaner
2015-09-30 13:50 - 2015-09-30 13:50 - 01670656 _____ C:\Users\grüner Drache\Desktop\AdwCleaner_5.009.exe
2015-09-30 13:49 - 2015-09-30 13:49 - 00001212 _____ C:\Users\grüner Drache\Desktop\mbam.txt
2015-09-27 10:27 - 2015-09-27 10:27 - 00000000 ____D C:\Users\grüner Drache\AppData\Local\GWX
2015-09-25 21:33 - 2015-09-25 21:34 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\grüner Drache\Desktop\tdsskiller.exe
2015-09-25 20:37 - 2015-09-25 21:33 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-09-25 20:35 - 2015-09-25 21:32 - 00000000 ____D C:\Users\blondi\Desktop\mbar
2015-09-25 20:34 - 2015-09-25 20:34 - 16563352 _____ (Malwarebytes Corp.) C:\Users\grüner Drache\Desktop\mbar-1.09.3.1001.exe
2015-09-25 20:23 - 2015-09-25 20:23 - 00001268 _____ C:\Users\blondi\Desktop\Revo Uninstaller.lnk
2015-09-25 20:23 - 2015-09-25 20:23 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-09-25 20:21 - 2015-09-25 20:21 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\grüner Drache\Desktop\revosetup95.exe
2015-09-24 19:37 - 2015-09-24 19:37 - 00000000 ____D C:\Users\grüner Drache\AppData\Roaming\OpenOffice
2015-09-24 16:42 - 2015-09-24 16:42 - 00000000 ____D C:\Users\grüner Drache\AppData\Local\Macromedia
2015-09-24 16:21 - 2015-09-24 16:21 - 00014607 _____ C:\Users\blondi\Documents\gmer.txt
2015-09-24 16:21 - 2015-09-24 16:21 - 00014607 _____ C:\Users\blondi\Documents\gmer.log
2015-09-24 16:19 - 2015-09-24 16:19 - 00014607 _____ C:\Users\blondi\Desktop\gmer.txt
2015-09-24 15:47 - 2015-09-24 15:49 - 00380416 _____ C:\Users\grüner Drache\Desktop\6tib1656.exe
2015-09-24 15:47 - 2015-09-24 15:49 - 00380416 _____ C:\Users\grüner Drache\Desktop\2ji0nhh7.exe
2015-09-24 15:46 - 2015-09-24 15:46 - 00380416 _____ C:\Users\grüner Drache\Desktop\Gmer-19357.exe
2015-09-24 15:28 - 2015-09-24 15:28 - 02192384 _____ (Farbar) C:\Users\grüner Drache\Desktop\FRST64.exe
2015-09-24 15:27 - 2015-09-24 15:27 - 00000474 _____ C:\Users\grüner Drache\Desktop\defogger_disable.log
2015-09-24 15:27 - 2015-09-24 15:27 - 00000000 _____ C:\Users\blondi\defogger_reenable
2015-09-24 15:26 - 2015-09-24 15:26 - 00050477 _____ C:\Users\grüner Drache\Desktop\Defogger.exe
2015-09-24 15:24 - 2015-09-24 15:31 - 00000000 ____D C:\Users\grüner Drache\AppData\Local\Mozilla
2015-09-24 15:24 - 2015-09-24 15:25 - 00000000 ____D C:\Users\grüner Drache\AppData\Roaming\Mozilla
2015-09-24 15:24 - 2015-09-24 15:24 - 00000000 ____D C:\Users\grüner Drache\AppData\Local\updater4g
2015-09-24 15:09 - 2015-09-24 15:09 - 00000000 ____D C:\Users\grüner Drache\AppData\Roaming\Avira
2015-09-24 15:09 - 2015-09-24 15:09 - 00000000 ____D C:\Users\grüner Drache\AppData\Roaming\ATI
2015-09-24 15:09 - 2015-09-24 15:09 - 00000000 ____D C:\Users\grüner Drache\AppData\Local\ATI
2015-09-24 15:09 - 2015-09-24 15:09 - 00000000 ____D C:\Users\grüner Drache\AppData\Local\AMD
2015-09-24 15:04 - 2015-09-24 15:55 - 00000000 ____D C:\Users\grüner Drache\AppData\Roaming\XSManager
2015-09-24 15:04 - 2015-09-24 15:04 - 00064496 _____ C:\Users\grüner Drache\AppData\Local\GDIPFONTCACHEV1.DAT
2015-09-24 15:04 - 2015-09-24 15:04 - 00001425 _____ C:\Users\grüner Drache\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-09-24 15:04 - 2015-09-24 15:04 - 00000000 ____D C:\Users\grüner Drache\AppData\Roaming\Synaptics
2015-09-24 15:04 - 2015-09-24 15:04 - 00000000 ____D C:\Users\grüner Drache\AppData\Roaming\Macromedia
2015-09-24 15:04 - 2015-09-24 15:04 - 00000000 ____D C:\Users\grüner Drache\AppData\Roaming\Adobe
2015-09-24 15:04 - 2015-09-24 15:04 - 00000000 ____D C:\Users\grüner Drache\AppData\Local\Scansoft
2015-09-24 15:04 - 2015-09-24 15:04 - 00000000 ____D C:\Users\grüner Drache\AppData\Local\PDFC
2015-09-24 15:03 - 2015-09-24 15:03 - 00000020 ___SH C:\Users\grüner Drache\ntuser.ini
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 _SHDL C:\Users\grüner Drache\Vorlagen
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 _SHDL C:\Users\grüner Drache\Startmenü
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 _SHDL C:\Users\grüner Drache\Netzwerkumgebung
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 _SHDL C:\Users\grüner Drache\Lokale Einstellungen
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 _SHDL C:\Users\grüner Drache\Eigene Dateien
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 _SHDL C:\Users\grüner Drache\Druckumgebung
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 _SHDL C:\Users\grüner Drache\Documents\Eigene Musik
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 _SHDL C:\Users\grüner Drache\Documents\Eigene Bilder
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 _SHDL C:\Users\grüner Drache\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 _SHDL C:\Users\grüner Drache\AppData\Local\Verlauf
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 _SHDL C:\Users\grüner Drache\AppData\Local\Anwendungsdaten
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 _SHDL C:\Users\grüner Drache\Anwendungsdaten
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 ____D C:\Users\grüner Drache\AppData\Local\VirtualStore
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 ____D C:\Users\grüner Drache
2015-09-24 15:03 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\grüner Drache\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-24 15:03 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\grüner Drache\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-24 14:50 - 2015-09-24 14:50 - 00000000 ____D C:\Users\smartie\AppData\Roaming\Avira
2015-09-24 14:50 - 2015-09-24 14:50 - 00000000 ____D C:\Users\smartie\AppData\Roaming\ATI
2015-09-24 14:50 - 2015-09-24 14:50 - 00000000 ____D C:\Users\smartie\AppData\Local\ATI
2015-09-24 14:50 - 2015-09-24 14:50 - 00000000 ____D C:\Users\smartie\AppData\Local\AMD
2015-09-24 14:46 - 2015-09-24 14:46 - 00000000 ____D C:\Users\smartie\AppData\Roaming\Macromedia
2015-09-24 14:45 - 2015-09-24 14:46 - 00000000 ____D C:\Users\smartie\AppData\Roaming\XSManager
2015-09-24 14:45 - 2015-09-24 14:45 - 00064496 _____ C:\Users\smartie\AppData\Local\GDIPFONTCACHEV1.DAT
2015-09-24 14:20 - 2015-09-30 16:11 - 00000000 ____D C:\FRST
2015-09-24 12:26 - 2015-09-24 12:26 - 00007334 _____ C:\Users\blondi\Documents\OpenDocument Text (neu).odt
2015-09-09 11:37 - 2015-07-15 05:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-09-09 11:37 - 2015-07-15 04:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-09-09 11:36 - 2015-08-18 03:42 - 00393304 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-09 11:36 - 2015-08-18 03:14 - 00344168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-09 11:36 - 2015-08-15 08:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-09 11:36 - 2015-08-15 08:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-09-09 11:36 - 2015-08-15 08:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-09-09 11:36 - 2015-08-15 08:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-09-09 11:36 - 2015-08-15 08:17 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-09 11:36 - 2015-08-15 08:17 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-09 11:36 - 2015-08-15 08:17 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-09 11:36 - 2015-08-15 08:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-09 11:36 - 2015-08-15 08:09 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-09-09 11:36 - 2015-08-15 08:06 - 19856896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-09 11:36 - 2015-08-15 08:06 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-09 11:36 - 2015-08-15 08:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-09 11:36 - 2015-08-15 08:04 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-09-09 11:36 - 2015-08-15 08:04 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-09 11:36 - 2015-08-15 08:04 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-09-09 11:36 - 2015-08-15 08:00 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-09 11:36 - 2015-08-15 07:57 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-09 11:36 - 2015-08-15 07:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-09-09 11:36 - 2015-08-15 07:53 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-09 11:36 - 2015-08-15 07:46 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 11:36 - 2015-08-15 07:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-09 11:36 - 2015-08-15 07:40 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-09 11:36 - 2015-08-15 07:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-09-09 11:36 - 2015-08-15 07:39 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-09-09 11:36 - 2015-08-15 07:39 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-09 11:36 - 2015-08-15 07:39 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-09-09 11:36 - 2015-08-15 07:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-09-09 11:36 - 2015-08-15 07:35 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-09 11:36 - 2015-08-15 07:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-09-09 11:36 - 2015-08-15 07:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-09-09 11:36 - 2015-08-15 07:30 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-09-09 11:36 - 2015-08-15 07:29 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-09 11:36 - 2015-08-15 07:29 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-09-09 11:36 - 2015-08-15 07:29 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-09-09 11:36 - 2015-08-15 07:24 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-09 11:36 - 2015-08-15 07:23 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-09 11:36 - 2015-08-15 07:22 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-09 11:36 - 2015-08-15 07:22 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-09-09 11:36 - 2015-08-15 07:21 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-09-09 11:36 - 2015-08-15 07:16 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-09 11:36 - 2015-08-15 07:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-09-09 11:36 - 2015-08-15 07:14 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-09-09 11:36 - 2015-08-15 07:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-09-09 11:36 - 2015-08-15 07:11 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-09-09 11:36 - 2015-08-15 07:10 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-09 11:36 - 2015-08-15 07:07 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-09 11:36 - 2015-08-15 07:04 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-09 11:36 - 2015-08-15 07:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-09 11:36 - 2015-08-15 07:01 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-09 11:36 - 2015-08-15 07:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-09-09 11:36 - 2015-08-15 06:55 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-09 11:36 - 2015-08-15 06:43 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-09 11:36 - 2015-08-15 06:43 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-09 11:36 - 2015-08-15 06:39 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-09 11:36 - 2015-08-15 06:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-09 11:35 - 2015-08-15 08:48 - 25190400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-09 11:35 - 2015-08-15 08:17 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-09-09 11:35 - 2015-08-15 07:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-09-09 11:32 - 2015-08-05 19:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-09 11:32 - 2015-08-05 19:56 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-09 11:32 - 2015-08-05 19:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-09 11:32 - 2015-07-09 19:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-09-09 11:32 - 2015-07-09 19:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-09-09 11:32 - 2015-07-09 19:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-09-09 11:32 - 2015-07-09 19:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-09-09 11:27 - 2015-07-23 02:06 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-09-09 11:27 - 2015-07-23 02:06 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-09-09 11:27 - 2015-07-23 02:06 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-09-09 11:27 - 2015-07-23 02:03 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-09-09 11:27 - 2015-07-23 02:03 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-09-09 11:27 - 2015-07-23 02:03 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-09-09 11:27 - 2015-07-23 02:03 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-09-09 11:27 - 2015-07-23 02:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-09-09 11:27 - 2015-07-23 02:02 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-09-09 11:27 - 2015-07-23 02:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-09-09 11:27 - 2015-07-23 02:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-09-09 11:27 - 2015-07-23 02:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-09-09 11:27 - 2015-07-23 02:01 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-09-09 11:27 - 2015-07-23 01:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-09-09 11:27 - 2015-07-23 01:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:51 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-09-09 11:27 - 2015-07-22 19:57 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-09-09 11:27 - 2015-07-22 19:57 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-09-09 11:27 - 2015-07-22 19:54 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-09-09 11:27 - 2015-07-22 19:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-09-09 11:27 - 2015-07-22 19:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-09-09 11:27 - 2015-07-22 19:53 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-09-09 11:27 - 2015-07-22 19:53 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-09-09 11:27 - 2015-07-22 19:53 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-09-09 11:27 - 2015-07-22 19:53 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-09-09 11:27 - 2015-07-22 19:53 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-09-09 11:27 - 2015-07-22 19:53 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-09-09 11:27 - 2015-07-22 19:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-09-09 11:27 - 2015-07-22 19:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-09-09 11:27 - 2015-07-22 19:53 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-09-09 11:27 - 2015-07-22 19:53 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-09-09 11:27 - 2015-07-22 19:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-09-09 11:27 - 2015-07-22 19:52 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-09-09 11:27 - 2015-07-22 19:52 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-09-09 11:27 - 2015-07-22 19:52 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-09-09 11:27 - 2015-07-22 19:52 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-09-09 11:27 - 2015-07-22 19:52 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-09-09 11:27 - 2015-07-22 19:52 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-09-09 11:27 - 2015-07-22 19:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-09-09 11:27 - 2015-07-22 19:47 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-09-09 11:27 - 2015-07-22 19:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 18:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-09 11:27 - 2015-07-22 18:45 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-09-09 11:27 - 2015-07-22 18:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-09-09 11:27 - 2015-07-22 18:44 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-09-09 11:27 - 2015-07-22 18:34 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-09-09 11:27 - 2015-07-22 18:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-09-09 11:27 - 2015-07-22 18:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 18:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-09 11:26 - 2015-06-25 12:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-09 11:26 - 2015-06-25 12:01 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-09 11:26 - 2015-06-25 12:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-09-09 11:26 - 2015-06-25 11:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-09 11:24 - 2015-08-27 20:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-09 11:24 - 2015-08-27 20:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-09 11:24 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-09-09 11:24 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-09-09 11:24 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-09 11:24 - 2015-08-27 19:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-09 11:24 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-09-09 11:24 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-09-09 11:24 - 2015-08-04 20:03 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-09-09 11:24 - 2015-08-04 20:00 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-09-09 11:24 - 2015-08-04 19:56 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-09-09 11:24 - 2015-08-04 19:56 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-09 11:24 - 2015-08-04 19:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-09 11:24 - 2015-08-04 19:55 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-09-09 11:24 - 2015-08-04 19:55 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-09-09 11:24 - 2015-08-04 19:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-09 11:24 - 2015-08-04 18:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-09-09 11:23 - 2015-09-02 05:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-09-09 11:23 - 2015-09-02 05:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-09 11:23 - 2015-09-02 05:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-09-09 11:23 - 2015-09-02 05:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-09-09 11:23 - 2015-09-02 04:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-09-09 11:23 - 2015-09-02 04:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-09 11:23 - 2015-09-02 04:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-09-09 11:23 - 2015-09-02 04:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-09-09 11:23 - 2015-09-02 03:51 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-09 11:23 - 2015-09-02 03:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-09 11:23 - 2015-09-02 03:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-09 11:23 - 2015-08-26 20:07 - 03165696 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-09 11:23 - 2015-08-26 20:07 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-09 11:23 - 2015-08-26 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-09 11:22 - 2015-08-26 20:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-09 11:22 - 2015-08-26 20:07 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-09 11:22 - 2015-08-26 20:07 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-09 11:22 - 2015-08-26 20:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-09-09 11:22 - 2015-08-26 20:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-09-09 11:22 - 2015-08-26 20:06 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-09 11:22 - 2015-08-26 20:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-09-09 11:22 - 2015-08-26 20:06 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-09 11:22 - 2015-08-26 20:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-09-09 11:22 - 2015-08-26 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-09 11:22 - 2015-08-26 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-09 11:22 - 2015-08-26 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-09-09 11:22 - 2015-08-26 19:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-07 15:34 - 2015-09-10 11:21 - 00001138 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2015-09-03 11:12 - 2015-09-10 13:35 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-03 11:12 - 2015-09-10 11:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-30 16:00 - 2009-07-14 06:45 - 00031472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-30 16:00 - 2009-07-14 06:45 - 00031472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-30 15:59 - 2013-02-14 14:38 - 01456105 _____ C:\Windows\WindowsUpdate.log
2015-09-30 15:53 - 2012-04-05 18:50 - 00000000 ____D C:\ProgramData\PDFC
2015-09-30 15:51 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-30 15:51 - 2009-07-14 06:51 - 00166011 _____ C:\Windows\setupact.log
2015-09-30 13:16 - 2014-10-09 16:02 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-27 10:47 - 2012-04-05 18:35 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-27 10:47 - 2012-04-05 18:35 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-25 20:35 - 2014-10-09 16:01 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-09-24 15:27 - 2013-02-14 14:43 - 00000000 ____D C:\Users\blondi
2015-09-24 14:10 - 2013-02-14 14:57 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{1B4F8AB6-FC85-4C3D-B15D-4580FA0E1EEB}
2015-09-24 12:47 - 2014-11-08 13:59 - 00015160 _____ C:\Users\blondi\Documents\pc mätzchen.odt
2015-09-24 12:14 - 2013-09-13 23:37 - 00000000 ____D C:\Users\blondi\Documents\business
2015-09-19 12:32 - 2013-12-02 15:08 - 00000000 ____D C:\Users\blondi\Documents\denken
2015-09-19 12:29 - 2014-10-15 12:25 - 00000000 ____D C:\Users\blondi\Documents\ausdrucken
2015-09-19 12:28 - 2013-09-13 12:09 - 00000000 ____D C:\Users\blondi\Documents\Finanzen
2015-09-19 11:40 - 2014-10-09 16:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-18 17:35 - 2013-04-18 11:55 - 00000000 ____D C:\Users\blondi\AppData\Local\CrashDumps
2015-09-18 17:32 - 2014-10-09 16:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-09-18 17:32 - 2013-04-13 20:18 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-09-18 15:16 - 2013-03-08 16:30 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2015-09-18 13:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-09-11 18:24 - 2015-08-04 12:08 - 00000336 _____ C:\Windows\Tasks\HPCeeScheduleForblondi.job
2015-09-11 16:06 - 2015-08-14 15:55 - 00003192 _____ C:\Windows\System32\Tasks\HPCeeScheduleForblondi
2015-09-09 17:10 - 2009-07-14 06:45 - 00295360 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-09 17:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-09 16:57 - 2013-07-14 00:41 - 00000000 ____D C:\Windows\system32\MRT
2015-09-03 11:13 - 2013-04-17 15:23 - 00000000 ____D C:\ProgramData\Avira
2015-09-03 11:13 - 2013-04-17 15:23 - 00000000 ____D C:\Program Files (x86)\Avira
2015-09-03 11:04 - 2013-04-17 15:23 - 00162528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-09-03 11:04 - 2013-04-17 15:23 - 00141416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys

Einige Dateien in TEMP:
====================
C:\Users\blondi\AppData\Local\Temp\avgnt.exe
C:\Users\blondi\AppData\Local\Temp\sp58915.exe
C:\Users\blondi\AppData\Local\Temp\sqlite3.dll
C:\Users\blondi\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\blondi\AppData\Local\Temp\_is3AD5.exe
C:\Users\blondi\AppData\Local\Temp\_is9D5.exe
C:\Users\grüner Drache\AppData\Local\Temp\avgnt.exe
C:\Users\smartie\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-09-22 12:06

==================== Ende von FRST.txt ============================


Viele Grüße von Orcrist

schrauber 01.10.2015 16:28


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Orcrist 02.10.2015 22:48

ESET
Code:

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=43a32ccc3aa3c84d8fbd028d52521b7e
# end=init
# utc_time=2015-10-02 04:53:34
# local_time=2015-10-02 06:53:34 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=41221
Update Finalize
Updated modules version: 0
Old modules - leave modules
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=45315
Update Finalize
Updated modules version: 0
Old modules - delete modules
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=45315
Update Finalize
Updated modules version: 0
'Can not update to actual engine, exiting
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=45315
Update Finalize
Updated modules version: 0
Old modules - leave modules
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=45315
Update Finalize
Updated modules version: 0
Old modules - delete modules
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=45315
Update Finalize
Updated modules version: 0
'Can not update to actual engine, exiting
Update Init
Update Download
Update Finalize
Updated modules version: 26051
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=43a32ccc3aa3c84d8fbd028d52521b7e
# end=updated
# utc_time=2015-10-02 05:34:08
# local_time=2015-10-02 07:34:08 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=43a32ccc3aa3c84d8fbd028d52521b7e
# engine=26051
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-10-02 09:16:16
# local_time=2015-10-02 11:16:16 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 70330107 195450425 0 0
# scanned=211000
# found=2
# cleaned=0
# scan_time=13327
sh=36392EC141F6EF8653D3AE9BF90B70C361100035 ft=1 fh=f1005db5c7bd74b7 vn="Variante von Win32/Systweak.L evtl. unerwünschte Anwendung" ac=I fn="C:\SWSetup\WINZP16\winzip16.exe"
sh=AD1BD89D896AB1E2AC997FFEEC2037024DC9D3E8 ft=0 fh=0000000000000000 vn="Variante von Win32/Systweak.L evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\15eb4c.msi"

Security Check
Code:

Results of screen317's Security Check version 1.008 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
Avira Antivirus 
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 Adobe Flash Player 19.0.0.185 
 Adobe Reader XI 
 Mozilla Firefox (40.0.3)
````````Process Check: objlist.exe by Laurent```````` 
 Avira Antivir avgnt.exe
 Avira Antivir avguard.exe
 Malwarebytes Anti-Malware mbamscheduler.exe 
 Mobile Partner OnlineUpdate ouc.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````

FRST
Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:23-09-2015
durchgeführt von blondi (Administrator) auf BLONDI-HP (02-10-2015 23:37:31)
Gestartet von C:\Users\grüner Drache\Desktop
Geladene Profile: blondi & grüner Drache (Verfügbare Profile: smartie & blondi & grüner Drache)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\XSManager\WTGService.exe
(4G Systems GmbH & Co. KG) C:\Windows\service4g.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(4G Systems GmbH & Co. KG) C:\Windows\starter4g.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
() C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6463592 2012-02-13] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2885904 2012-02-24] (Synaptics Incorporated)
HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [44880 2011-12-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [636032 2012-02-14] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [684024 2012-02-19] (PDF Complete Inc)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [starter4g] => C:\Windows\starter4g.exe [160992 2010-07-08] (4G Systems GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-09-03] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-07-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort11reminder] => C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] ()
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [185896 2013-10-28] (Geek Software GmbH)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66936 2015-08-13] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\...\RunOnce: [Report] => \AdwCleaner\AdwCleaner[C1].txt [5142 2015-09-30] ()
HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\...\MountPoints2: {1281b708-8d14-11e3-917a-446d5773e023} - F:\AutoRun.exe
HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\...\MountPoints2: {1281b715-8d14-11e3-917a-446d5773e023} - F:\AutoRun.exe
HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\...\MountPoints2: {521d1f89-483f-11e2-9d26-806e6f6e6963} - E:\start.exe
HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\...\MountPoints2: {7b9bf4a8-ba49-11e3-960c-446d5773e023} - F:\AutoRun.exe
HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\...\MountPoints2: {8a0c0fbe-e64c-11e3-86e8-001e101f82a0} - F:\AutoRun.exe
HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\...\MountPoints2: {bafdebac-87df-11e2-ba1e-446d5773e023} - F:\autorun.exe
HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\...\MountPoints2: {c414602a-8b35-11e3-934e-446d5773e023} - F:\AutoRun.exe
HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\...\MountPoints2: {c4146040-8b35-11e3-934e-446d5773e023} - F:\AutoRun.exe
HKU\S-1-5-21-2255287641-1463189941-1607643083-1003\...\MountPoints2: F - F:\autorun.exe
HKU\S-1-5-21-2255287641-1463189941-1607643083-1003\...\MountPoints2: {7b9bf4a8-ba49-11e3-960c-446d5773e023} - F:\AutoRun.exe
HKU\S-1-5-21-2255287641-1463189941-1607643083-1003\...\MountPoints2: {c4146040-8b35-11e3-934e-446d5773e023} - F:\AutoRun.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{3DFDFF89-4FB7-4ED7-BF0B-DE814EDAD0A6}: [DhcpNameServer] 192.168.72.2
Tcpip\..\Interfaces\{4666D7E6-F55F-4C00-856C-64AA99F49F12}: [NameServer] 193.189.244.225 193.189.244.206
Tcpip\..\Interfaces\{47872D93-BB86-4F35-AA1A-522A803CA999}: [NameServer] 193.189.244.206 193.189.244.225
Tcpip\..\Interfaces\{62B4EE08-8E25-474A-B601-379A7909E61B}: [NameServer] 193.189.244.206 193.189.244.225
Tcpip\..\Interfaces\{92BAAD06-FC8D-4246-B4B0-585E0DC29370}: [NameServer] 193.189.244.206 193.189.244.225
Tcpip\..\Interfaces\{F9745FD9-3B56-45E8-83DB-B78B4A29FA0F}: [NameServer] 193.189.244.225 193.189.244.206

Internet Explorer:
==================
HKU\S-1-5-21-2255287641-1463189941-1607643083-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/10
HKU\S-1-5-21-2255287641-1463189941-1607643083-1003\Software\Microsoft\Internet Explorer\Main,Start Page = Trojaner-Board - Viren und Trojaner entfernen - kostenlos
HKU\S-1-5-21-2255287641-1463189941-1607643083-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/10
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-4/4?satitle={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-4/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-2255287641-1463189941-1607643083-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2255287641-1463189941-1607643083-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2255287641-1463189941-1607643083-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-4/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-2255287641-1463189941-1607643083-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2255287641-1463189941-1607643083-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2255287641-1463189941-1607643083-1003 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKU\S-1-5-21-2255287641-1463189941-1607643083-1003 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-2255287641-1463189941-1607643083-1003 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-4/4?satitle={searchTerms}
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-13] (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-13] (Advanced Micro Devices)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKU\S-1-5-21-2255287641-1463189941-1607643083-1002 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Keine Datei
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)

FireFox:
========
FF ProfilePath: C:\Users\blondi\AppData\Roaming\Mozilla\Firefox\Profiles\78ic5878.default
FF Homepage: hxxp://www.michaelroads.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-27] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-27] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2011-11-07] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2011-09-28] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\blondi\AppData\Roaming\Mozilla\Firefox\Profiles\78ic5878.default\Extensions\2020Player_IKEA@2020Technologies.com [2015-02-24]
FF Extension: Adblock Plus - C:\Users\blondi\AppData\Roaming\Mozilla\Firefox\Profiles\78ic5878.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-04-28]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-02-14] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-09-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-09-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-09-03] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-09-03] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [228104 2015-08-13] (Avira Operations GmbH & Co. KG)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [246112 2014-02-01] ()
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1134584 2012-02-19] (PDF Complete Inc)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [329168 2010-04-12] ()
R2 XS Stick Service; C:\Windows\service4g.exe [145120 2010-07-08] (4G Systems GmbH & Co. KG)
S2 HWDeviceService64.exe; "C:\ProgramData\DatacardService\HWDeviceService64.exe" -/service [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [55936 2012-01-03] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162528 2015-09-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-09-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-05] (Avira Operations GmbH & Co. KG)
R3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [117888 2013-03-08] (Mobile Connector)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [259688 2011-10-27] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver.sys [21264 2012-02-24] (Synaptics Incorporated)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-02 23:37 - 2015-10-02 23:38 - 00019788 _____ C:\Users\grüner Drache\Desktop\FRST.txt
2015-10-02 23:27 - 2015-10-02 23:27 - 00852704 _____ C:\Users\grüner Drache\Desktop\SecurityCheck.exe
2015-10-02 18:52 - 2015-10-02 18:52 - 00000000 ____D C:\Program Files (x86)\ESET
2015-10-02 18:42 - 2015-10-02 18:43 - 02870984 _____ (ESET) C:\Users\grüner Drache\Desktop\esetsmartinstaller_deu.exe
2015-10-02 18:33 - 2015-10-02 18:33 - 00000000 ____D C:\ProgramData\DatacardService
2015-09-30 16:07 - 2015-09-30 16:07 - 00001539 _____ C:\Users\blondi\Desktop\JRT.txt
2015-09-30 15:59 - 2015-09-29 20:15 - 01801288 _____ (Malwarebytes) C:\Users\blondi\Desktop\JRT.exe
2015-09-30 15:57 - 2015-09-30 15:57 - 01798976 _____ (Malwarebytes) C:\Users\grüner Drache\Desktop\JRT.exe
2015-09-30 15:40 - 2015-09-30 15:49 - 00000000 ____D C:\AdwCleaner
2015-09-30 13:50 - 2015-09-30 13:50 - 01670656 _____ C:\Users\grüner Drache\Desktop\AdwCleaner_5.009.exe
2015-09-30 13:49 - 2015-09-30 13:49 - 00001212 _____ C:\Users\grüner Drache\Desktop\mbam.txt
2015-09-27 10:27 - 2015-09-27 10:27 - 00000000 ____D C:\Users\grüner Drache\AppData\Local\GWX
2015-09-25 21:33 - 2015-09-25 21:34 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\grüner Drache\Desktop\tdsskiller.exe
2015-09-25 20:37 - 2015-09-25 21:33 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-09-25 20:35 - 2015-09-25 21:32 - 00000000 ____D C:\Users\blondi\Desktop\mbar
2015-09-25 20:34 - 2015-09-25 20:34 - 16563352 _____ (Malwarebytes Corp.) C:\Users\grüner Drache\Desktop\mbar-1.09.3.1001.exe
2015-09-25 20:23 - 2015-09-25 20:23 - 00001268 _____ C:\Users\blondi\Desktop\Revo Uninstaller.lnk
2015-09-25 20:23 - 2015-09-25 20:23 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-09-25 20:21 - 2015-09-25 20:21 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\grüner Drache\Desktop\revosetup95.exe
2015-09-24 19:37 - 2015-09-24 19:37 - 00000000 ____D C:\Users\grüner Drache\AppData\Roaming\OpenOffice
2015-09-24 16:42 - 2015-09-24 16:42 - 00000000 ____D C:\Users\grüner Drache\AppData\Local\Macromedia
2015-09-24 16:21 - 2015-09-24 16:21 - 00014607 _____ C:\Users\blondi\Documents\gmer.txt
2015-09-24 16:21 - 2015-09-24 16:21 - 00014607 _____ C:\Users\blondi\Documents\gmer.log
2015-09-24 16:19 - 2015-09-24 16:19 - 00014607 _____ C:\Users\blondi\Desktop\gmer.txt
2015-09-24 15:47 - 2015-09-24 15:49 - 00380416 _____ C:\Users\grüner Drache\Desktop\6tib1656.exe
2015-09-24 15:47 - 2015-09-24 15:49 - 00380416 _____ C:\Users\grüner Drache\Desktop\2ji0nhh7.exe
2015-09-24 15:46 - 2015-09-24 15:46 - 00380416 _____ C:\Users\grüner Drache\Desktop\Gmer-19357.exe
2015-09-24 15:28 - 2015-09-24 15:28 - 02192384 _____ (Farbar) C:\Users\grüner Drache\Desktop\FRST64.exe
2015-09-24 15:27 - 2015-09-24 15:27 - 00000474 _____ C:\Users\grüner Drache\Desktop\defogger_disable.log
2015-09-24 15:27 - 2015-09-24 15:27 - 00000000 _____ C:\Users\blondi\defogger_reenable
2015-09-24 15:26 - 2015-09-24 15:26 - 00050477 _____ C:\Users\grüner Drache\Desktop\Defogger.exe
2015-09-24 15:24 - 2015-09-24 15:31 - 00000000 ____D C:\Users\grüner Drache\AppData\Local\Mozilla
2015-09-24 15:24 - 2015-09-24 15:25 - 00000000 ____D C:\Users\grüner Drache\AppData\Roaming\Mozilla
2015-09-24 15:24 - 2015-09-24 15:24 - 00000000 ____D C:\Users\grüner Drache\AppData\Local\updater4g
2015-09-24 15:09 - 2015-09-24 15:09 - 00000000 ____D C:\Users\grüner Drache\AppData\Roaming\Avira
2015-09-24 15:09 - 2015-09-24 15:09 - 00000000 ____D C:\Users\grüner Drache\AppData\Roaming\ATI
2015-09-24 15:09 - 2015-09-24 15:09 - 00000000 ____D C:\Users\grüner Drache\AppData\Local\ATI
2015-09-24 15:09 - 2015-09-24 15:09 - 00000000 ____D C:\Users\grüner Drache\AppData\Local\AMD
2015-09-24 15:04 - 2015-09-24 15:55 - 00000000 ____D C:\Users\grüner Drache\AppData\Roaming\XSManager
2015-09-24 15:04 - 2015-09-24 15:04 - 00064496 _____ C:\Users\grüner Drache\AppData\Local\GDIPFONTCACHEV1.DAT
2015-09-24 15:04 - 2015-09-24 15:04 - 00001425 _____ C:\Users\grüner Drache\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-09-24 15:04 - 2015-09-24 15:04 - 00000000 ____D C:\Users\grüner Drache\AppData\Roaming\Synaptics
2015-09-24 15:04 - 2015-09-24 15:04 - 00000000 ____D C:\Users\grüner Drache\AppData\Roaming\Macromedia
2015-09-24 15:04 - 2015-09-24 15:04 - 00000000 ____D C:\Users\grüner Drache\AppData\Roaming\Adobe
2015-09-24 15:04 - 2015-09-24 15:04 - 00000000 ____D C:\Users\grüner Drache\AppData\Local\Scansoft
2015-09-24 15:04 - 2015-09-24 15:04 - 00000000 ____D C:\Users\grüner Drache\AppData\Local\PDFC
2015-09-24 15:03 - 2015-09-24 15:03 - 00000020 ___SH C:\Users\grüner Drache\ntuser.ini
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 _SHDL C:\Users\grüner Drache\Vorlagen
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 _SHDL C:\Users\grüner Drache\Startmenü
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 _SHDL C:\Users\grüner Drache\Netzwerkumgebung
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 _SHDL C:\Users\grüner Drache\Lokale Einstellungen
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 _SHDL C:\Users\grüner Drache\Eigene Dateien
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 _SHDL C:\Users\grüner Drache\Druckumgebung
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 _SHDL C:\Users\grüner Drache\Documents\Eigene Musik
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 _SHDL C:\Users\grüner Drache\Documents\Eigene Bilder
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 _SHDL C:\Users\grüner Drache\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 _SHDL C:\Users\grüner Drache\AppData\Local\Verlauf
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 _SHDL C:\Users\grüner Drache\AppData\Local\Anwendungsdaten
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 _SHDL C:\Users\grüner Drache\Anwendungsdaten
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 ____D C:\Users\grüner Drache\AppData\Local\VirtualStore
2015-09-24 15:03 - 2015-09-24 15:03 - 00000000 ____D C:\Users\grüner Drache
2015-09-24 15:03 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\grüner Drache\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-24 15:03 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\grüner Drache\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-24 14:50 - 2015-09-24 14:50 - 00000000 ____D C:\Users\smartie\AppData\Roaming\Avira
2015-09-24 14:50 - 2015-09-24 14:50 - 00000000 ____D C:\Users\smartie\AppData\Roaming\ATI
2015-09-24 14:50 - 2015-09-24 14:50 - 00000000 ____D C:\Users\smartie\AppData\Local\ATI
2015-09-24 14:50 - 2015-09-24 14:50 - 00000000 ____D C:\Users\smartie\AppData\Local\AMD
2015-09-24 14:46 - 2015-09-24 14:46 - 00000000 ____D C:\Users\smartie\AppData\Roaming\Macromedia
2015-09-24 14:45 - 2015-09-24 14:46 - 00000000 ____D C:\Users\smartie\AppData\Roaming\XSManager
2015-09-24 14:45 - 2015-09-24 14:45 - 00064496 _____ C:\Users\smartie\AppData\Local\GDIPFONTCACHEV1.DAT
2015-09-24 14:20 - 2015-10-02 23:37 - 00000000 ____D C:\FRST
2015-09-24 12:26 - 2015-09-24 12:26 - 00007334 _____ C:\Users\blondi\Documents\OpenDocument Text (neu).odt
2015-09-09 11:37 - 2015-07-15 05:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-09-09 11:37 - 2015-07-15 04:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-09-09 11:36 - 2015-08-18 03:42 - 00393304 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-09 11:36 - 2015-08-18 03:14 - 00344168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-09 11:36 - 2015-08-15 08:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-09 11:36 - 2015-08-15 08:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-09-09 11:36 - 2015-08-15 08:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-09-09 11:36 - 2015-08-15 08:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-09-09 11:36 - 2015-08-15 08:17 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-09 11:36 - 2015-08-15 08:17 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-09 11:36 - 2015-08-15 08:17 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-09 11:36 - 2015-08-15 08:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-09 11:36 - 2015-08-15 08:09 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-09-09 11:36 - 2015-08-15 08:06 - 19856896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-09 11:36 - 2015-08-15 08:06 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-09 11:36 - 2015-08-15 08:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-09 11:36 - 2015-08-15 08:04 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-09-09 11:36 - 2015-08-15 08:04 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-09 11:36 - 2015-08-15 08:04 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-09-09 11:36 - 2015-08-15 08:00 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-09 11:36 - 2015-08-15 07:57 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-09 11:36 - 2015-08-15 07:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-09-09 11:36 - 2015-08-15 07:53 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-09 11:36 - 2015-08-15 07:46 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 11:36 - 2015-08-15 07:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-09 11:36 - 2015-08-15 07:40 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-09 11:36 - 2015-08-15 07:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-09-09 11:36 - 2015-08-15 07:39 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-09-09 11:36 - 2015-08-15 07:39 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-09 11:36 - 2015-08-15 07:39 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-09-09 11:36 - 2015-08-15 07:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-09-09 11:36 - 2015-08-15 07:35 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-09 11:36 - 2015-08-15 07:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-09-09 11:36 - 2015-08-15 07:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-09-09 11:36 - 2015-08-15 07:30 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-09-09 11:36 - 2015-08-15 07:29 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-09 11:36 - 2015-08-15 07:29 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-09-09 11:36 - 2015-08-15 07:29 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-09-09 11:36 - 2015-08-15 07:24 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-09 11:36 - 2015-08-15 07:23 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-09 11:36 - 2015-08-15 07:22 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-09 11:36 - 2015-08-15 07:22 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-09-09 11:36 - 2015-08-15 07:21 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-09-09 11:36 - 2015-08-15 07:16 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-09 11:36 - 2015-08-15 07:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-09-09 11:36 - 2015-08-15 07:14 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-09-09 11:36 - 2015-08-15 07:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-09-09 11:36 - 2015-08-15 07:11 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-09-09 11:36 - 2015-08-15 07:10 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-09 11:36 - 2015-08-15 07:07 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-09 11:36 - 2015-08-15 07:04 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-09 11:36 - 2015-08-15 07:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-09 11:36 - 2015-08-15 07:01 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-09 11:36 - 2015-08-15 07:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-09-09 11:36 - 2015-08-15 06:55 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-09 11:36 - 2015-08-15 06:43 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-09 11:36 - 2015-08-15 06:43 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-09 11:36 - 2015-08-15 06:39 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-09 11:36 - 2015-08-15 06:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-09 11:35 - 2015-08-15 08:48 - 25190400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-09 11:35 - 2015-08-15 08:17 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-09-09 11:35 - 2015-08-15 07:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-09-09 11:32 - 2015-08-05 19:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-09 11:32 - 2015-08-05 19:56 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-09 11:32 - 2015-08-05 19:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-09 11:32 - 2015-07-09 19:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-09-09 11:32 - 2015-07-09 19:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-09-09 11:32 - 2015-07-09 19:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-09-09 11:32 - 2015-07-09 19:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-09-09 11:27 - 2015-07-23 02:06 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-09-09 11:27 - 2015-07-23 02:06 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-09-09 11:27 - 2015-07-23 02:06 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-09-09 11:27 - 2015-07-23 02:03 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-09-09 11:27 - 2015-07-23 02:03 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-09-09 11:27 - 2015-07-23 02:03 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-09-09 11:27 - 2015-07-23 02:03 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-09-09 11:27 - 2015-07-23 02:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-09-09 11:27 - 2015-07-23 02:02 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-09-09 11:27 - 2015-07-23 02:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-09-09 11:27 - 2015-07-23 02:02 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-09-09 11:27 - 2015-07-23 02:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-09-09 11:27 - 2015-07-23 02:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-09-09 11:27 - 2015-07-23 02:01 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-09-09 11:27 - 2015-07-23 01:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-09-09 11:27 - 2015-07-23 01:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-09 11:27 - 2015-07-23 01:51 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-09-09 11:27 - 2015-07-22 19:57 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-09-09 11:27 - 2015-07-22 19:57 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-09-09 11:27 - 2015-07-22 19:54 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-09-09 11:27 - 2015-07-22 19:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-09-09 11:27 - 2015-07-22 19:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-09-09 11:27 - 2015-07-22 19:53 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-09-09 11:27 - 2015-07-22 19:53 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-09-09 11:27 - 2015-07-22 19:53 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-09-09 11:27 - 2015-07-22 19:53 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-09-09 11:27 - 2015-07-22 19:53 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-09-09 11:27 - 2015-07-22 19:53 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-09-09 11:27 - 2015-07-22 19:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-09-09 11:27 - 2015-07-22 19:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-09-09 11:27 - 2015-07-22 19:53 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-09-09 11:27 - 2015-07-22 19:53 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-09-09 11:27 - 2015-07-22 19:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-09-09 11:27 - 2015-07-22 19:52 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-09-09 11:27 - 2015-07-22 19:52 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-09-09 11:27 - 2015-07-22 19:52 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-09-09 11:27 - 2015-07-22 19:52 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-09-09 11:27 - 2015-07-22 19:52 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-09-09 11:27 - 2015-07-22 19:52 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-09-09 11:27 - 2015-07-22 19:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-09-09 11:27 - 2015-07-22 19:47 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-09-09 11:27 - 2015-07-22 19:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 18:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-09 11:27 - 2015-07-22 18:45 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-09-09 11:27 - 2015-07-22 18:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-09-09 11:27 - 2015-07-22 18:44 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-09-09 11:27 - 2015-07-22 18:34 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-09-09 11:27 - 2015-07-22 18:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-09-09 11:27 - 2015-07-22 18:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 18:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 11:27 - 2015-07-22 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-09 11:26 - 2015-06-25 12:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-09 11:26 - 2015-06-25 12:01 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-09 11:26 - 2015-06-25 12:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-09-09 11:26 - 2015-06-25 11:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-09 11:24 - 2015-08-27 20:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-09 11:24 - 2015-08-27 20:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-09 11:24 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-09-09 11:24 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-09-09 11:24 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-09 11:24 - 2015-08-27 19:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-09 11:24 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-09-09 11:24 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-09-09 11:24 - 2015-08-04 20:03 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-09-09 11:24 - 2015-08-04 20:00 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-09-09 11:24 - 2015-08-04 19:56 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-09-09 11:24 - 2015-08-04 19:56 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-09 11:24 - 2015-08-04 19:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-09 11:24 - 2015-08-04 19:55 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-09-09 11:24 - 2015-08-04 19:55 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-09-09 11:24 - 2015-08-04 19:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-09 11:24 - 2015-08-04 18:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-09-09 11:23 - 2015-09-02 05:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-09-09 11:23 - 2015-09-02 05:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-09 11:23 - 2015-09-02 05:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-09-09 11:23 - 2015-09-02 05:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-09-09 11:23 - 2015-09-02 04:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-09-09 11:23 - 2015-09-02 04:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-09 11:23 - 2015-09-02 04:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-09-09 11:23 - 2015-09-02 04:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-09-09 11:23 - 2015-09-02 03:51 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-09 11:23 - 2015-09-02 03:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-09 11:23 - 2015-09-02 03:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-09 11:23 - 2015-08-26 20:07 - 03165696 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-09 11:23 - 2015-08-26 20:07 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-09 11:23 - 2015-08-26 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-09 11:22 - 2015-08-26 20:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-09 11:22 - 2015-08-26 20:07 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-09 11:22 - 2015-08-26 20:07 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-09 11:22 - 2015-08-26 20:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-09-09 11:22 - 2015-08-26 20:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-09-09 11:22 - 2015-08-26 20:06 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-09 11:22 - 2015-08-26 20:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-09-09 11:22 - 2015-08-26 20:06 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-09 11:22 - 2015-08-26 20:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-09-09 11:22 - 2015-08-26 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-09 11:22 - 2015-08-26 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-09 11:22 - 2015-08-26 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-09-09 11:22 - 2015-08-26 19:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-07 15:34 - 2015-09-10 11:21 - 00001138 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2015-09-03 11:12 - 2015-09-10 13:35 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-03 11:12 - 2015-09-10 11:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-02 23:33 - 2013-02-14 14:38 - 01494730 _____ C:\Windows\WindowsUpdate.log
2015-10-02 18:41 - 2009-07-14 06:45 - 00031472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-02 18:41 - 2009-07-14 06:45 - 00031472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-02 18:23 - 2012-04-05 18:50 - 00000000 ____D C:\ProgramData\PDFC
2015-10-02 18:22 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-02 18:22 - 2009-07-14 06:51 - 00166067 _____ C:\Windows\setupact.log
2015-09-30 13:16 - 2014-10-09 16:02 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-27 10:47 - 2012-04-05 18:35 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-27 10:47 - 2012-04-05 18:35 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-25 20:35 - 2014-10-09 16:01 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-09-24 15:27 - 2013-02-14 14:43 - 00000000 ____D C:\Users\blondi
2015-09-24 14:10 - 2013-02-14 14:57 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{1B4F8AB6-FC85-4C3D-B15D-4580FA0E1EEB}
2015-09-24 12:47 - 2014-11-08 13:59 - 00015160 _____ C:\Users\blondi\Documents\pc mätzchen.odt
2015-09-24 12:14 - 2013-09-13 23:37 - 00000000 ____D C:\Users\blondi\Documents\business
2015-09-19 12:32 - 2013-12-02 15:08 - 00000000 ____D C:\Users\blondi\Documents\denken
2015-09-19 12:29 - 2014-10-15 12:25 - 00000000 ____D C:\Users\blondi\Documents\ausdrucken
2015-09-19 12:28 - 2013-09-13 12:09 - 00000000 ____D C:\Users\blondi\Documents\Finanzen
2015-09-19 11:40 - 2014-10-09 16:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-18 17:35 - 2013-04-18 11:55 - 00000000 ____D C:\Users\blondi\AppData\Local\CrashDumps
2015-09-18 17:32 - 2014-10-09 16:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-09-18 17:32 - 2013-04-13 20:18 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-09-18 15:16 - 2013-03-08 16:30 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2015-09-18 13:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-09-11 18:24 - 2015-08-04 12:08 - 00000336 _____ C:\Windows\Tasks\HPCeeScheduleForblondi.job
2015-09-11 16:06 - 2015-08-14 15:55 - 00003192 _____ C:\Windows\System32\Tasks\HPCeeScheduleForblondi
2015-09-09 17:10 - 2009-07-14 06:45 - 00295360 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-09 17:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-09 16:57 - 2013-07-14 00:41 - 00000000 ____D C:\Windows\system32\MRT
2015-09-03 11:13 - 2013-04-17 15:23 - 00000000 ____D C:\ProgramData\Avira
2015-09-03 11:13 - 2013-04-17 15:23 - 00000000 ____D C:\Program Files (x86)\Avira
2015-09-03 11:04 - 2013-04-17 15:23 - 00162528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-09-03 11:04 - 2013-04-17 15:23 - 00141416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys

Einige Dateien in TEMP:
====================
C:\Users\blondi\AppData\Local\Temp\avgnt.exe
C:\Users\blondi\AppData\Local\Temp\sp58915.exe
C:\Users\blondi\AppData\Local\Temp\sqlite3.dll
C:\Users\blondi\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\blondi\AppData\Local\Temp\_is3AD5.exe
C:\Users\blondi\AppData\Local\Temp\_is9D5.exe
C:\Users\grüner Drache\AppData\Local\Temp\avgnt.exe
C:\Users\smartie\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-09-22 12:06

==================== Ende von FRST.txt ============================

Ich hoffe, dass die Probleme die ich hatte nicht mehr auftauchen! (Besonders wegen der mysteriösen Cursor-Hand, die mein System regelmäßig lahmgelegt hat. :eek:)

VG, Orcrist

schrauber 03.10.2015 17:10

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

C:\SWSetup\WINZP16\winzip16.exe

C:\Windows\Installer\15eb4c.msi
Emptytemp:


Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
http://deeprybka.trojaner-board.de/b.../combofix2.pngCombofix deinstallieren .
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w7.png + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte http://filepony.de/icon/tiny/delfix.pngDelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...:dankeschoen:und/oder das Forum mit einer kleinen Spende http://www.trojaner-board.de/extra/spende.png unterstützen. :applaus:

http://deeprybka.trojaner-board.de/b...ast/schild.pngAbsicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:
http://filepony.de/icon/emsisoft_anti_malware.png
Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
http://filepony.de/icon/noscript.png NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
http://filepony.de/icon/malwarebytes_anti_exploit.pngMalwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie http://filepony.de/images/microbanner.gif.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

schrauber 03.10.2015 17:10

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

C:\SWSetup\WINZP16\winzip16.exe

C:\Windows\Installer\15eb4c.msi
Emptytemp:


Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
http://deeprybka.trojaner-board.de/b.../combofix2.pngCombofix deinstallieren .
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w7.png + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte http://filepony.de/icon/tiny/delfix.pngDelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...:dankeschoen:und/oder das Forum mit einer kleinen Spende http://www.trojaner-board.de/extra/spende.png unterstützen. :applaus:

http://deeprybka.trojaner-board.de/b...ast/schild.pngAbsicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:
http://filepony.de/icon/emsisoft_anti_malware.png
Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
http://filepony.de/icon/noscript.png NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
http://filepony.de/icon/malwarebytes_anti_exploit.pngMalwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie http://filepony.de/images/microbanner.gif.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Orcrist 04.10.2015 11:16

Fixlog
Code:

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:03-10-2015
durchgeführt von blondi (2015-10-04 11:53:45) Run:1
Gestartet von C:\Users\grüner Drache\Desktop
Geladene Profile: blondi & grüner Drache (Verfügbare Profile: smartie & blondi & grüner Drache)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
C:\SWSetup\WINZP16\winzip16.exe

C:\Windows\Installer\15eb4c.msi
Emptytemp:
*****************

C:\SWSetup\WINZP16\winzip16.exe => erfolgreich verschoben
C:\Windows\Installer\15eb4c.msi => erfolgreich verschoben
EmptyTemp: => 2.2 GB temporäre Dateien entfernt.


Das System musste neu gestartet werden..

==== Ende von Fixlog 12:00:45 ====


Schrauber, ich bedanke mich sehr für deine Hilfe und hoffe, dass nun mein System wieder ohne Probleme läuft! Deine Tipps für mehr Sicherheit werde ich mir in Ruhe durchlesen und umsetzen!

Viele Grüße und einen schönen Sonntag, Orcrist :)

schrauber 04.10.2015 15:38

Gern Geschehen :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 11:36 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132