| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: torch toolbar entfernenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
06.01.2014, 21:20
| #1 |
| |  torch toolbar entfernen Hey, ihr habt sicher von dieser echt nervigen toolbar gehört. kennt ihr einen sicheren weg sie zu entfernen? ich hab versucht sie normal zu desinsterlieren aber es hat nicht geklappt, ein ordner mit der datei habe ich auch nicht gefunden und die vierenscanner/antispamware funktioniert leider auch nicht. danke für die Hilfe  DasPossum |
|
06.01.2014, 21:39
| #2 |
| /// TB-Ausbilder   | torch toolbar entfernen Hi,
__________________mach bitte einen FRST-Scan: Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
06.01.2014, 21:57
| #3 |
| | torch toolbar entfernen danke für die schnelle antwort. ich werde es morgen machen
__________________ bin jetzt leider auf arbeit. |
|
06.01.2014, 22:00
| #4 |
| /// TB-Ausbilder | torch toolbar entfernen Alles klar.
__________________ cheers, Leo |
|
07.01.2014, 20:25
| #5 |
| | torch toolbar entfernen hallo, hier ist der FRST.text FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-01-2014
Ran by Iris (ATTENTION: The logged in user is not administrator) on IRISSCHÖNFELD on 07-01-2014 20:14:07
Running from C:\Users\Iris\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Users\Iris\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
(Bandoo Media Inc.) C:\Users\Iris\AppData\Local\iLivid\iLivid.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11785832 2011-03-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2189416 2011-03-09] (Realtek Semiconductor)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1081424 2011-03-14] (Dritek System Inc.)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe_ID0ENQBO] - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe [378224 2008-08-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TrayServer] - C:\Program Files (x86)\MAGIX\Video_deluxe_17_Plus_Sonderedition\Trayserver.exe [90112 2008-08-07] (MAGIX AG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [ICQ] - C:\Users\Iris\AppData\Roaming\ICQ\Application\ICQ7.7\ICQ.exe [127040 2012-01-23] (ICQ, LLC.)
HKCU\...\Run: [EPSON PX700W Series] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIENE.EXE /FU "C:\Windows\TEMP\E_S2EDC.tmp" /EF "HKCU"
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3481408 2012-02-13] (DT Soft Ltd)
HKCU\...\Run: [Facebook Update] - C:\Users\Iris\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-07-24] (Facebook Inc.)
HKCU\...\Run: [AmazonMP3DownloaderHelper] - C:\Users\Iris\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKCU\...\Run: [iLivid] - C:\Users\Iris\AppData\Local\iLivid\iLivid.exe [6827008 2013-09-08] (Bandoo Media Inc.)
MountPoints2: {3598d0f7-7b40-11e1-a18f-b870f47efd47} - E:\start.exe /checksection
MountPoints2: {41841a22-6857-11e2-909d-b870f47efd47} - F:\HTC_Sync_Manager_PC.exe
MountPoints2: {a82a1ee7-c6f5-11e2-a71b-b870f47efd47} - F:\HTC_Sync_Manager_PC.exe
AppInit_DLLs: C:\Windows\System32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll [202600 2012-10-08] (NVIDIA Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=37a5e8ef-f1e8-a4ed-0d86-7fa78d6c5bd1&searchtype=ds&q={searchTerms}&installDate=09/11/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Ask.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=37a5e8ef-f1e8-a4ed-0d86-7fa78d6c5bd1&searchtype=ds&q={searchTerms}&installDate=09/11/2013
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=37a5e8ef-f1e8-a4ed-0d86-7fa78d6c5bd1&searchtype=ds&q={searchTerms}&installDate=09/11/2013
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=37a5e8ef-f1e8-a4ed-0d86-7fa78d6c5bd1&searchtype=ds&q={searchTerms}&installDate=09/11/2013
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=37a5e8ef-f1e8-a4ed-0d86-7fa78d6c5bd1&searchtype=ds&q={searchTerms}&installDate=09/11/2013
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=37a5e8ef-f1e8-a4ed-0d86-7fa78d6c5bd1&searchtype=ds&q={searchTerms}&installDate=09/11/2013
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=495&systemid=406&v=n10569-189&apn_uid=6273304532134451&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
BHO: Snap.DoEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ips\ipsbho.dll (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Chrome:
=======
CHR HomePage: hxxp://www.search.ask.com/?o=APN10645A&gct=hp&d=406-495&v=n10569-189&t=4
CHR RestoreOnStartup: "hxxp://www.search.ask.com/?o=APN10645A&gct=hp&d=406-495&v=n10569-189&t=4"
CHR DefaultSearchKeyword: msn.de
CHR DefaultSearchProvider: Bing
CHR DefaultSearchURL: hxxp://www.bing.com/search?setmkt=de-DE&q={searchTerms}
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U7) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.70.11) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (Google Docs) - C:\Users\Iris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Iris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Iris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Iris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Norton Identity Protection) - C:\Users\Iris\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.18.4_0
CHR Extension: (Google Wallet) - C:\Users\Iris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Gmail) - C:\Users\Iris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\Iris Schönfeld\AppData\Local\Wajam\Chrome\wajam.crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\Exts\Chrome.crx
==================== Services (Whitelisted) =================
S3 Adobe Version Cue CS4; C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [284016 2008-08-15] (Adobe Systems Incorporated)
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S4 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [257344 2011-02-15] (NTI Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-11-02] (Microsoft Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2144056 2013-12-11] (TuneUp Software)
==================== Drivers (Whitelisted) ====================
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20131218.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation)
S3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [29184 2005-10-06] (REINER SCT)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-03-31] (DT Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-22] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-22] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20140106.001\IDSvia64.sys [521944 2013-12-12] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20140107.001\ENG64.SYS [126040 2013-12-23] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20140107.001\EX64.SYS [2099288 2013-12-23] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [737952 2012-07-06] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [37536 2012-07-06] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMDS64.SYS [451192 2011-07-25] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [1129120 2012-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-03-28] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [190072 2012-04-18] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [405624 2012-04-18] (Symantec Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [11856 2012-02-09] (TuneUp Software)
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [33048 2006-11-30] (X10 Wireless Technology, Inc.)
========================== Drivers MD5 =======================
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\System32\Drivers\adfs.sys 2F0683FD2DF1D92E891CACA14B45A8C1
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 79059559E89D06E8B80CE2944BE20228
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\athrx.sys C8679A07267F030704168E45E27C3D43
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\system32\drivers\b57xdbd.sys A424CB46A145E5AABF15621550976DF2
C:\Windows\system32\drivers\b57xdmp.sys BE4E6FD5A898812B85D5817AD9754A9F
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20131218.001\BHDrvx64.sys F14F048B4D05FBCE536250EA74BF9FDC
C:\Windows\system32\drivers\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\bScsiMSa.sys 520408CFDB56DE8CDB44B2F11B9C5B5C
C:\Windows\System32\DRIVERS\bScsiSDa.sys 9F880F03F4A72215C8B77FD51322C297
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys 2C6FFCCA37B002AAB3C7C31A6D780A76
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cjusb.sys 61945342AED561A1849D87EC0998F8FE
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\System32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Dot4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Dot4Prt.sys E9F5969233C5D89F3C35E3A66A52A361
C:\Windows\System32\DRIVERS\dot4usb.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\dtsoftbus01.sys 46571ED73AE84469DCA53081D33CF3C8
C:\Windows\System32\drivers\dxgkrnl.sys 88612F1CE3BF42256913BF6E61C70D52
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 1B7AA375F711F66D5FF2B855F9EC987F
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 7230C8B80DDE1F0524C353240B78CC0E
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\drivers\iaStor.sys F7CE9BE72EDAC499B713ECA6DAE5D26F
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20140106.001\IDSvia64.sys D7CB14B41DA52DF2EC143768E02F0E97
C:\Windows\System32\DRIVERS\igdkmd64.sys 795C99DC4F574C97C03D0BB39CF099EE
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHD64.sys B60ACCD29F8FAFC4A6344CD2BD5CA3A5
C:\Windows\System32\DRIVERS\IntcDAud.sys FC727061C0F47C8059E88E05D5C8E381
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\k57nd60a.sys 0469BFF65BBDEE9E46D0C45EE32A08BD
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 8F489706472F7E9A06BAAA198703FA64
C:\Windows\System32\Drivers\ksecpkg.sys 868A2CAAB12EFC7A021682BCA0EEC54C
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mbam.sys 0BB97D43299910CBFBA59C461B99B910
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys A6518DCC42F7A6E999BB3BEA8FD87567
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20140107.001\ENG64.SYS 702E07EC32F96ACDB873E9A5465D4401
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20140107.001\EX64.SYS 302EA314A1AF0D7CEF0A3D0195F79561
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0
C:\Windows\system32\drivers\NTIDrvr.sys EE3BA1024594D5D09E314F206B94069E
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nvlddmkm.sys 5104BAC2DA2A5BDD86AC6B0708B00F06
C:\Windows\System32\DRIVERS\nvpciflt.sys 918841B2454F4F2BD94479692079490B
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\drivers\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sdbus.sys 111E0EBC0AD79CB0FA014B907B231CF0
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS 891793E00432FA055CF040605C260E49
C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS 1CB7BB3B0561FB5ECFE37F7731E8BF3E
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\NISx64\1309010.00E\SYMDS64.SYS 8B2430762099598DA40686F754632EFD
C:\Windows\System32\drivers\NISx64\1309010.00E\SYMEFA64.SYS 5CB7F2FD7E30A0F52F93574BFC3A8041
C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 894579207E39C465737E850A252CE4F2
C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS 5013A76CAAA1D7CF1C55214B490B4E35
C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS 3911BD0E68C010E5438A87706ABBE9AB
C:\Windows\System32\drivers\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\DRIVERS\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\system32\drivers\TsUsbGD.sys 9CC2CCAE8A84820EAECB886D477CBCB8
C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys DCC94C51D27C7EC0DADECA8F64C94FCF
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\TurboB.sys 48743B69EA47C020A792D8649F753F44
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\system32\drivers\UBHelper.sys A17D5E1A6DF4EAB0A480F2C490DE4C9D
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbaudio.sys B0435098C81D04CAFFF80DDB746CD3A2
C:\Windows\System32\DRIVERS\usbccgp.sys ACCEA6BC68D0C9A78EB97EE159028B4E
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys 311C1DD1088E55BEAE15954D17F50646
C:\Windows\System32\DRIVERS\usbhub.sys 280E90CBF4B2DDD169F0728CB44D726F
C:\Windows\system32\drivers\usbohci.sys 9406D801042FAF859CF81B2C886413DC
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys A83D0EC9AE4C31704442099D40BA2471
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\System32\Drivers\x10ufx2.sys 6533F30045B0A234783BD8B4069F0433
C:\Windows\System32\DRIVERS\xusb21.sys 2EE48CFCE7CA8E0DB4C44C7476C0943B
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-07 19:57 - 2014-01-07 19:57 - 00001106 _____ C:\Users\Iris\Desktop\TeamViewer 8.lnk
2014-01-07 13:24 - 2014-01-07 13:24 - 00036615 _____ C:\Users\Iris\Downloads\Addition.txt
2014-01-07 13:22 - 2014-01-07 20:14 - 00034754 _____ C:\Users\Iris\Downloads\FRST.txt
2014-01-07 13:21 - 2014-01-07 13:21 - 01931762 _____ (Farbar) C:\Users\Iris\Downloads\FRST64.exe
2014-01-07 13:21 - 2014-01-07 13:21 - 00000000 ____D C:\FRST
2014-01-06 20:57 - 2014-01-06 20:57 - 00002505 _____ C:\Users\Iris\Desktop\Norton Internet Security.lnk
2014-01-06 20:43 - 2014-01-06 20:43 - 00002470 _____ C:\Users\Iris\Desktop\PowerPoint 2013.lnk
2014-01-06 20:43 - 2014-01-06 20:43 - 00002197 _____ C:\Users\Iris\Desktop\TuneUp Utilities 2012.lnk
2014-01-06 20:43 - 2014-01-06 20:43 - 00001074 _____ C:\Users\Iris\Desktop\VLC media player.lnk
2014-01-06 20:43 - 2014-01-06 20:43 - 00000987 _____ C:\Users\Iris\Desktop\Origin.lnk
2014-01-06 20:42 - 2014-01-06 20:42 - 00001254 _____ C:\Users\Iris\Desktop\FIFA 14.lnk
2014-01-06 20:37 - 2014-01-06 20:37 - 00000096 _____ C:\Windows\78005099B7A98259.log
2014-01-06 20:35 - 2014-01-06 20:35 - 00001024 _____ C:\Users\Iris\Desktop\click&translate 3.lnk
2014-01-02 18:40 - 2014-01-03 01:12 - 00294735 _____ C:\Users\Iris\Desktop\vortrag seminar.pptx
2014-01-02 11:32 - 2014-01-02 11:32 - 00002495 _____ C:\Users\Iris\Desktop\Word 2013.lnk
2014-01-02 11:32 - 2014-01-02 11:32 - 00002381 _____ C:\Users\Iris\Desktop\Outlook 2013.lnk
2013-12-31 10:31 - 2013-12-31 10:31 - 00429725 _____ C:\Users\Iris\Downloads\Praxisanleiter.zip
2013-12-30 22:46 - 2013-12-30 22:46 - 00000000 ____D C:\Users\Iris\Documents\lingenio
2013-12-30 10:39 - 2013-12-30 10:39 - 00000000 ____D C:\Program Files (x86)\clicktransl3
2013-12-30 00:03 - 2013-12-30 00:03 - 00002255 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-30 00:02 - 2014-01-07 20:13 - 00001126 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-30 00:02 - 2014-01-07 19:42 - 00001122 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-30 00:01 - 2013-12-30 00:02 - 00000000 ____D C:\Users\Iris\AppData\Local\Deployment
2013-12-30 00:01 - 2013-12-30 00:01 - 00000000 ____D C:\Users\Iris\AppData\Local\Apps\2.0
2013-12-29 21:16 - 2013-12-29 22:19 - 00000166 ___SH C:\ProgramData\.zreglib
2013-12-29 21:16 - 2013-12-29 21:16 - 00000000 ____D C:\Users\Iris\Documents\AnyDVDHD
2013-12-29 21:13 - 2014-01-06 20:37 - 00000000 ____D C:\Program Files (x86)\SlySoft
2013-12-29 21:13 - 2013-12-29 21:13 - 00000000 ____D C:\ProgramData\SlySoft
2013-12-29 21:12 - 2014-01-06 20:36 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2013-12-26 16:10 - 2013-12-26 20:59 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-12-26 16:10 - 2013-12-26 16:10 - 00000000 _____ C:\autoexec.bat
2013-12-26 16:08 - 2013-12-26 20:58 - 00000000 ____D C:\Windows\CD09642E061D4844BA37ED1480916404.TMP
2013-12-26 16:06 - 2013-12-26 16:06 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Iris\Downloads\SpyHunter-Installer.exe
2013-12-26 15:31 - 2013-12-26 20:57 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-12-26 11:30 - 2013-12-26 11:30 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-26 11:30 - 2013-12-26 11:30 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-26 11:30 - 2013-12-26 11:30 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-26 11:30 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-25 18:47 - 2013-12-25 18:47 - 00598434 _____ C:\Users\Iris\Desktop\Weihnachten 2013.MVP
2013-12-25 12:06 - 2013-12-25 12:19 - 00000000 ____D C:\Users\Iris\Desktop\weihnachten 2013
2013-12-24 12:08 - 2013-12-24 12:08 - 00170279 _____ C:\Users\Iris\Downloads\dreamscene_win7_64 (3).zip
2013-12-24 12:08 - 2013-12-24 12:08 - 00170279 _____ C:\Users\Iris\Downloads\dreamscene_win7_64 (2).zip
2013-12-24 12:06 - 2013-12-24 12:08 - 00000000 ____D C:\Users\Iris\Documents\an
2013-12-24 12:04 - 2013-12-24 12:04 - 00170279 _____ C:\Users\Iris\Downloads\dreamscene_win7_64.zip
2013-12-24 12:04 - 2013-12-24 12:04 - 00170279 _____ C:\Users\Iris\Downloads\dreamscene_win7_64 (1).zip
2013-12-24 11:47 - 2013-12-31 10:14 - 00000000 ___RD C:\Users\Iris\Desktop\destkopf#
2013-12-17 12:52 - 2013-12-17 12:52 - 00011826 _____ C:\Users\Iris\Downloads\Auftrag - MAU-01022595.zip
2013-12-12 21:26 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-12 21:26 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-12 21:26 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-12 21:26 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-12 21:24 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 21:24 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 21:24 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 21:24 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-12 21:24 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-12 21:24 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-12 21:24 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 21:24 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 21:24 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-12 21:24 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-12 21:24 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-12 21:24 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 21:24 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-12 21:24 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-12 21:24 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-12 21:24 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-12 21:24 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-12 21:24 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 21:24 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-12 21:24 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-12 21:24 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-12 21:24 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 21:24 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 21:24 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-12 21:24 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-12 21:24 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 21:24 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 21:24 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-12 21:24 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-12 21:24 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-12 21:24 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-12 15:07 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-12 15:07 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-12 15:07 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-12 15:07 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-12 15:07 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-12 15:07 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-12 15:07 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-12 15:07 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-12 15:07 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-12 15:07 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-12 15:07 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-12 15:07 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-12 15:07 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-12 15:07 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-12 15:07 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-12 15:07 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-12 15:07 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-12 15:07 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-12 15:07 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-11 20:30 - 2013-12-11 20:30 - 02035048 _____ C:\Users\Iris\Downloads\Outlook (6).zip
2013-12-10 11:19 - 2013-12-10 11:19 - 00000000 ____D C:\Users\Iris\AppData\Local\{F316A81B-D975-414B-BBE4-F8D7BCA8DFA1}
2013-12-09 12:42 - 2013-12-09 12:43 - 00000000 ____D C:\Users\Iris\AppData\Local\{82D69D58-2BAC-4387-B09B-7E9321D8F3F6}
==================== One Month Modified Files and Folders =======
2014-01-07 20:14 - 2014-01-07 13:22 - 00034754 _____ C:\Users\Iris\Downloads\FRST.txt
2014-01-07 20:13 - 2013-12-30 00:02 - 00001126 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-07 19:58 - 2011-12-17 01:52 - 00000000 ____D C:\Users\Iris\AppData\Roaming\Skype
2014-01-07 19:57 - 2014-01-07 19:57 - 00001106 _____ C:\Users\Iris\Desktop\TeamViewer 8.lnk
2014-01-07 19:55 - 2012-03-31 12:12 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-07 19:49 - 2009-07-14 05:45 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-07 19:49 - 2009-07-14 05:45 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-07 19:46 - 2011-12-17 00:50 - 01906997 _____ C:\Windows\WindowsUpdate.log
2014-01-07 19:42 - 2013-12-30 00:02 - 00001122 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-07 19:42 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-07 19:42 - 2009-07-14 05:51 - 00149117 _____ C:\Windows\setupact.log
2014-01-07 19:34 - 2011-12-17 13:10 - 00000000 ____D C:\Program Files (x86)\Origin
2014-01-07 19:18 - 2013-12-03 13:55 - 00000000 ____D C:\Users\Iris\Documents\FIFA 14
2014-01-07 18:12 - 2013-07-24 10:43 - 00000924 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1637596445-2169188190-2784324865-1001UA.job
2014-01-07 13:24 - 2014-01-07 13:24 - 00036615 _____ C:\Users\Iris\Downloads\Addition.txt
2014-01-07 13:21 - 2014-01-07 13:21 - 01931762 _____ (Farbar) C:\Users\Iris\Downloads\FRST64.exe
2014-01-07 13:21 - 2014-01-07 13:21 - 00000000 ____D C:\FRST
2014-01-07 13:19 - 2012-03-02 19:23 - 00002474 _____ C:\Windows\wininit.ini
2014-01-07 13:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2014-01-06 20:57 - 2014-01-06 20:57 - 00002505 _____ C:\Users\Iris\Desktop\Norton Internet Security.lnk
2014-01-06 20:43 - 2014-01-06 20:43 - 00002470 _____ C:\Users\Iris\Desktop\PowerPoint 2013.lnk
2014-01-06 20:43 - 2014-01-06 20:43 - 00002197 _____ C:\Users\Iris\Desktop\TuneUp Utilities 2012.lnk
2014-01-06 20:43 - 2014-01-06 20:43 - 00001074 _____ C:\Users\Iris\Desktop\VLC media player.lnk
2014-01-06 20:43 - 2014-01-06 20:43 - 00000987 _____ C:\Users\Iris\Desktop\Origin.lnk
2014-01-06 20:42 - 2014-01-06 20:42 - 00001254 _____ C:\Users\Iris\Desktop\FIFA 14.lnk
2014-01-06 20:42 - 2011-04-06 11:30 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2014-01-06 20:37 - 2014-01-06 20:37 - 00000096 _____ C:\Windows\78005099B7A98259.log
2014-01-06 20:37 - 2013-12-29 21:13 - 00000000 ____D C:\Program Files (x86)\SlySoft
2014-01-06 20:36 - 2013-12-29 21:12 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2014-01-06 20:35 - 2014-01-06 20:35 - 00001024 _____ C:\Users\Iris\Desktop\click&translate 3.lnk
2014-01-06 20:23 - 2012-04-09 19:28 - 00000000 ____D C:\Users\Iris\AppData\Roaming\vlc
2014-01-06 19:06 - 2013-03-29 12:57 - 00000000 ____D C:\Users\Iris\Documents\Arbeit
2014-01-06 13:39 - 2013-11-10 17:22 - 00068096 ___SH C:\Users\Iris\Documents\Thumbs.db
2014-01-04 22:31 - 2012-04-25 19:44 - 00000000 ____D C:\Users\Iris\AppData\Roaming\dvdcss
2014-01-03 01:13 - 2012-08-02 22:19 - 00000000 ____D C:\Users\Iris\Documents\Office Arbeiten
2014-01-03 01:12 - 2014-01-02 18:40 - 00294735 _____ C:\Users\Iris\Desktop\vortrag seminar.pptx
2014-01-02 11:32 - 2014-01-02 11:32 - 00002495 _____ C:\Users\Iris\Desktop\Word 2013.lnk
2014-01-02 11:32 - 2014-01-02 11:32 - 00002381 _____ C:\Users\Iris\Desktop\Outlook 2013.lnk
2014-01-01 18:27 - 2011-12-17 09:42 - 00697098 _____ C:\Windows\system32\perfh007.dat
2014-01-01 18:27 - 2011-12-17 09:42 - 00148362 _____ C:\Windows\system32\perfc007.dat
2014-01-01 18:27 - 2009-07-14 06:13 - 01613412 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-01 11:48 - 2013-07-24 10:43 - 00000902 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1637596445-2169188190-2784324865-1001Core.job
2013-12-31 10:31 - 2013-12-31 10:31 - 00429725 _____ C:\Users\Iris\Downloads\Praxisanleiter.zip
2013-12-31 10:14 - 2013-12-24 11:47 - 00000000 ___RD C:\Users\Iris\Desktop\destkopf#
2013-12-30 22:46 - 2013-12-30 22:46 - 00000000 ____D C:\Users\Iris\Documents\lingenio
2013-12-30 10:39 - 2013-12-30 10:39 - 00000000 ____D C:\Program Files (x86)\clicktransl3
2013-12-30 10:37 - 2010-11-21 04:47 - 00181542 _____ C:\Windows\PFRO.log
2013-12-30 00:03 - 2013-12-30 00:03 - 00002255 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-30 00:03 - 2012-02-03 10:08 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-30 00:02 - 2013-12-30 00:01 - 00000000 ____D C:\Users\Iris\AppData\Local\Deployment
2013-12-30 00:01 - 2013-12-30 00:01 - 00000000 ____D C:\Users\Iris\AppData\Local\Apps\2.0
2013-12-29 22:19 - 2013-12-29 21:16 - 00000166 ___SH C:\ProgramData\.zreglib
2013-12-29 21:16 - 2013-12-29 21:16 - 00000000 ____D C:\Users\Iris\Documents\AnyDVDHD
2013-12-29 21:13 - 2013-12-29 21:13 - 00000000 ____D C:\ProgramData\SlySoft
2013-12-28 12:43 - 2011-12-17 01:44 - 00000000 ____D C:\Users\Iris Schönfeld
2013-12-26 21:02 - 2011-04-06 12:10 - 00000000 ____D C:\DOLBY PCEE4
2013-12-26 20:59 - 2013-12-26 16:10 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-12-26 20:58 - 2013-12-26 16:08 - 00000000 ____D C:\Windows\CD09642E061D4844BA37ED1480916404.TMP
2013-12-26 20:57 - 2013-12-26 15:31 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-12-26 16:29 - 2012-06-29 19:18 - 00000000 ____D C:\Users\Iris\AppData\Local\EgisTec
2013-12-26 16:10 - 2013-12-26 16:10 - 00000000 _____ C:\autoexec.bat
2013-12-26 16:06 - 2013-12-26 16:06 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Iris\Downloads\SpyHunter-Installer.exe
2013-12-26 15:38 - 2012-09-28 20:47 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-12-26 11:30 - 2013-12-26 11:30 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-26 11:30 - 2013-12-26 11:30 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-26 11:30 - 2013-12-26 11:30 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-25 18:47 - 2013-12-25 18:47 - 00598434 _____ C:\Users\Iris\Desktop\Weihnachten 2013.MVP
2013-12-25 12:19 - 2013-12-25 12:06 - 00000000 ____D C:\Users\Iris\Desktop\weihnachten 2013
2013-12-24 22:45 - 2011-12-17 13:11 - 00000000 ____D C:\Users\Iris\AppData\Roaming\Origin
2013-12-24 22:45 - 2011-12-17 13:10 - 00000000 ____D C:\ProgramData\Origin
2013-12-24 12:08 - 2013-12-24 12:08 - 00170279 _____ C:\Users\Iris\Downloads\dreamscene_win7_64 (3).zip
2013-12-24 12:08 - 2013-12-24 12:08 - 00170279 _____ C:\Users\Iris\Downloads\dreamscene_win7_64 (2).zip
2013-12-24 12:08 - 2013-12-24 12:06 - 00000000 ____D C:\Users\Iris\Documents\an
2013-12-24 12:04 - 2013-12-24 12:04 - 00170279 _____ C:\Users\Iris\Downloads\dreamscene_win7_64.zip
2013-12-24 12:04 - 2013-12-24 12:04 - 00170279 _____ C:\Users\Iris\Downloads\dreamscene_win7_64 (1).zip
2013-12-24 12:01 - 2011-12-17 01:49 - 00000000 ____D C:\Users\Iris\AppData\Local\Windows Live
2013-12-22 10:56 - 2012-08-02 19:42 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2012
2013-12-17 12:52 - 2013-12-17 12:52 - 00011826 _____ C:\Users\Iris\Downloads\Auftrag - MAU-01022595.zip
2013-12-15 16:29 - 2013-02-23 20:35 - 00000000 ____D C:\ProgramData\tmp
2013-12-14 19:23 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-13 22:18 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-13 15:31 - 2009-07-14 05:45 - 03173448 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-11 20:30 - 2013-12-11 20:30 - 02035048 _____ C:\Users\Iris\Downloads\Outlook (6).zip
2013-12-11 19:06 - 2012-08-02 20:03 - 00036664 _____ (TuneUp Software) C:\Windows\system32\uxtuneup.dll
2013-12-11 19:06 - 2012-08-02 20:03 - 00030008 _____ (TuneUp Software) C:\Windows\SysWOW64\uxtuneup.dll
2013-12-11 19:06 - 2012-08-02 19:44 - 00035640 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2013-12-11 19:06 - 2012-08-02 19:44 - 00026936 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2013-12-11 19:06 - 2012-08-02 19:44 - 00022328 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2013-12-11 15:20 - 2013-03-22 21:33 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-12-10 21:55 - 2012-03-31 12:12 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-10 21:55 - 2011-12-17 02:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-10 11:19 - 2013-12-10 11:19 - 00000000 ____D C:\Users\Iris\AppData\Local\{F316A81B-D975-414B-BBE4-F8D7BCA8DFA1}
2013-12-10 06:37 - 2013-03-18 19:28 - 00016384 ___SH C:\Users\Iris\Thumbs.db
2013-12-09 12:43 - 2013-12-09 12:42 - 00000000 ____D C:\Users\Iris\AppData\Local\{82D69D58-2BAC-4387-B09B-7E9321D8F3F6}
Some content of TEMP:
====================
C:\Users\Iris\AppData\Local\Temp\CmdLineExt02.dll
C:\Users\Iris\AppData\Local\Temp\installerdll151227.dll
C:\Users\Iris\AppData\Local\Temp\installerdll5341989.dll
C:\Users\Iris\AppData\Local\Temp\installerdll574458.dll
C:\Users\Iris\AppData\Local\Temp\installerdll582850.dll
C:\Users\Iris\AppData\Local\Temp\installerdll5865231.dll
C:\Users\Iris\AppData\Local\Temp\installerdll624003.dll
C:\Users\Iris\AppData\Local\Temp\installerdll685140.dll
C:\Users\Iris\AppData\Local\Temp\install_reader10_de_chra_aih.exe
C:\Users\Iris\AppData\Local\Temp\Setup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== BCD ================================
Der Speicher fr die Startkonfigurationsdaten konnte nicht ge”ffnet werden.
Zugriff verweigert
==================== End Of Log ============================
die datei von addition.textFRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-01-2014
Ran by Iris at 2014-01-07 20:15:07
Running from C:\Users\Iris\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Norton Internet Security (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
==================== Installed Programs ======================
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
Acer Backup Manager (x32 Version: 3.0.0.85 - NTI Corporation)
Acer Crystal Eye Webcam (x32 Version: 1.0.1510 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1510 - CyberLink Corp.) Hidden
Acer eRecovery Management (x32 Version: 5.00.3002 - Acer Incorporated)
Acer Registration (x32 Version: 1.03.3004 - Acer Incorporated)
Acer ScreenSaver (x32 Version: 1.1.1130.2010 - Acer Incorporated)
Acer Updater (x32 Version: 1.02.3005 - Acer Incorporated)
Acrobat.com (x32 Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.3.0.3670 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.3.0.3670 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS4 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe CMaps CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Recommended Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Extra Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color Video Profiles CS CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 4 Production Premium (x32 Version: 4.0 - Adobe Systems Incorporated)
Adobe Creative Suite 4 Production Premium (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CS4 American English Speech Analysis Models (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS4 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (x32 Version: 1.2.2 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.2 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Dynamiclink Support (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash CS4 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Flash CS4 Extension - Flash Lite STI others (x32 Version: 3.0 - Adobe Systems Incorporated) Hidden
Adobe Flash CS4 STI-other (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Fonts All (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Fonts All x64 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 (x32 Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Additional Exporter (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Dolby (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Output Module (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (64 Bit) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 Support (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CS4 (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CS4 Functional Content (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Reader 9.1 MUI (x32 Version: 9.1.0 - Adobe Systems Incorporated)
Adobe Search for Help (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Service Manager Extension (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Setup (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Soundbooth CS4 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Type Support CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Type Support x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS4 (x32 Version: 6.0.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS4 Server (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe Widget Browser (x32 Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.348 - Adobe Systems Incorporated.) Hidden
Adobe WinSoft Linguistics Plugin (x32 Version: 1.1 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetCMYK (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetRGB (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Advanced Archive Password Recovery (x32 Version: 4.54.48.1338 - Elcomsoft Co. Ltd.)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Amazon MP3-Downloader 1.0.18 (HKCU Version: 1.0.18 - Amazon Services LLC)
ANNO 1503 (x32 Version: - )
Backup Manager V3 (x32 Version: 3.0.0.85 - NTI Corporation) Hidden
Bing Bar (x32 Version: 7.0.610.0 - Microsoft Corporation)
Broadcom Card Reader Driver Installer (Version: 14.6.1.2 - Broadcom Corporation)
Broadcom Gigabit NetLink Controller (Version: 14.6.1.2 - Broadcom Corporation)
clear.fi Client (x32 Version: 1.00.3008 - Acer Incorporated)
click & translate 3 (x32 Version: 11.0 - Lingenio GmbH)
Command & Conquer 3 (x32 Version: 1.00.0000 - Ihr Firmenname)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (x32 Version: 4.45.3.0297 - DT Soft Ltd)
EA.com Matchup (x32 Version: - )
EA.com Update (x32 Version: - )
Epson Event Manager (x32 Version: 2.01.00 - SEIKO EPSON Corporation)
EPSON PX700W Series Printer Uninstall (Version: - SEIKO EPSON Corporation)
EPSON Scan (x32 Version: - )
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287 - Skype Limited)
FIFA 12 (x32 Version: 1.0.0.0 - Electronic Arts)
FIFA 14 (x32 Version: 1.0.0.4 - Electronic Arts)
Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.31.0 - MAGIX AG)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
ICQ7.7 (HKCU Version: 7.7 - ICQ)
Identity Card (x32 Version: 1.00.3006 - Acer Incorporated)
Intel(R) Control Center (x32 Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2342 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 10.0.0.1046 - Intel Corporation)
Java 7 Update 25 (x32 Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Launch Manager (x32 Version: 5.1.4 - Acer Inc.)
Lernerfolg Grundschule Deutsch 1-4 (x32 Version: - )
Lernerfolg Grundschule Mathematik 1-4 (x32 Version: - )
MAGIX Screenshare (Version: 4.3.6.1987 - MAGIX AG) Hidden
MAGIX Screenshare (x32 Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6 - MAGIX AG)
MAGIX Video deluxe 17 Plus Sonderedition (Version: 10.0.12.2 - MAGIX AG) Hidden
MAGIX Video deluxe 17 Plus Sonderedition (x32 Version: 10.0.12.2 - MAGIX AG)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 Home Premium - de-de (Version: 15.0.4551.1011 - Microsoft Corporation)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (Version: 1.20.146.0 - Microsoft)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
Norton Internet Security (x32 Version: 19.9.1.14 - Symantec Corporation)
Norton Online Backup (x32 Version: 2.1.17869 - Symantec Corporation)
NVIDIA Grafiktreiber 306.97 (Version: 306.97 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.85.551 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.10.8 (Version: 1.10.8 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Systemsteuerung 306.97 (Version: 306.97 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (Version: 1.10.8 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1011 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1011 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1011 - Microsoft Corporation) Hidden
Opera 12.16 (HKCU Version: 12.16.1860 - Opera Software ASA)
Origin (x32 Version: 8.5.0.4550 - Electronic Arts, Inc.)
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (Version: 5.0 - Adobe Systems Incorporated) Hidden
Pixel Bender Toolkit (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Pixum Fotobuch (x32 Version: 5.0.1 - CEWE COLOR AG u Co. OHG)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QuickTime (x32 Version: 7.55.90.70 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6329 - Realtek Semiconductor Corp.)
Skype Click to Call (x32 Version: 6.1.10441 - Skype Technologies S.A.)
Skype™ 6.3 (x32 Version: 6.3.107 - Skype Technologies S.A.)
Sony USB Driver (x32 Version: - )
SopCast 3.4.8 (x32 Version: 3.4.8 - SopCast - Free P2P internet TV | live football, NBA, cricket)
Star Trek Legacy (x32 Version: 1.00.0000 - Ihr Firmenname)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
TeamViewer 8 (x32 Version: 8.0.22298 - TeamViewer)
Tipptrainer (x32 Version: 0.1 - S.A.D.)
Torch (HKCU Version: 29.0.0.5165 - Torch Media, Inc) <==== ATTENTION
TuneUp Utilities 2012 (x32 Version: 12.0.3600.193 - TuneUp Software)
TuneUp Utilities 2012 (x32 Version: 12.0.3600.193 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3600.193 - TuneUp Software) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (Version: 2.0.82.0 - Intel)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
VLC media player 2.0.1 (x32 Version: 2.0.1 - VideoLAN)
Welcome Center (x32 Version: 1.02.3102 - Acer Incorporated)
Windows Live Argazki Galeria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.11 (64-bit) (Version: 4.11.0 - win.rar GmbH)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Restore Points =========================
Could not list Restore Points. Check WMI.
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1637596445-2169188190-2784324865-1001Core.job => C:\Users\Iris\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1637596445-2169188190-2784324865-1001UA.job => C:\Users\Iris\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => ?
==================== Loaded Modules (whitelisted) =============
2011-04-06 12:14 - 2011-03-26 01:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:2430E4FC
AlternateDataStreams: C:\ProgramData\Temp:798A3728
AlternateDataStreams: C:\ProgramData\Temp:C46995DA
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/07/2014 07:42:46 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/07/2014 00:55:02 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/07/2014 00:46:08 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/07/2014 00:09:24 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/06/2014 08:41:16 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary ElbyCDFL.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (01/06/2014 08:41:16 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary AnyDVD.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (01/06/2014 07:50:42 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1". Fehler in Manifest- oder Richtliniendatei "Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"2" in Zeile Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Definition: Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (01/06/2014 07:50:37 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1". Fehler in Manifest- oder Richtliniendatei "Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"2" in Zeile Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Definition: Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (01/06/2014 01:00:10 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/06/2014 11:22:33 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (01/07/2014 07:59:56 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "IRIS-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{1DC69F74-D275-435D-887D-B7920C6DEC04}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (01/07/2014 07:47:55 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "IRIS-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{1DC69F74-D275-435D-887D-B7920C6DEC04}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (01/07/2014 07:42:56 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x800700b7
Error: (01/07/2014 07:42:56 PM) (Source: WMPNetworkSvc) (User: )
Description: 00x800700b7hxxp://+:10243/WMPNSSv4/2811996591/
Error: (01/07/2014 07:42:56 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x800700b7
Error: (01/07/2014 07:42:56 PM) (Source: WMPNetworkSvc) (User: )
Description: 00x800700b7hxxp://+:10243/WMPNSSv4/2811996591/
Error: (01/07/2014 07:34:05 PM) (Source: DCOM) (User: )
Description: {FE9617F6-E606-42AA-BECC-0E9CDA246D63}
Error: (01/07/2014 07:23:58 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "IRIS-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{1DC69F74-D275-435D-887D-B7920C6DEC04}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (01/07/2014 06:47:56 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "IRIS-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{1DC69F74-D275-435D-887D-B7920C6DEC04}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (01/07/2014 06:15:42 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "IRIS-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{1DC69F74-D275-435D-887D-B7920C6DEC04}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Microsoft Office Sessions:
=========================
Error: (01/07/2014 07:42:46 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/07/2014 00:55:02 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/07/2014 00:46:08 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/07/2014 00:09:24 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/06/2014 08:41:16 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary ElbyCDFL.
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (01/06/2014 08:41:16 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary AnyDVD.
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (01/06/2014 07:50:42 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"c:\program files (x86)\NTI\acer backup manager\Migrate\OutlookMsgNet64.exec:\program files (x86)\NTI\acer backup manager\Migrate\Microsoft.VC90.MFC\Microsoft.VC90.MFC.MANIFEST11
Error: (01/06/2014 07:50:37 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"c:\program files (x86)\NTI\acer backup manager\OutlookMsgNet64.exec:\program files (x86)\NTI\acer backup manager\Microsoft.VC90.MFC\Microsoft.VC90.MFC.MANIFEST11
Error: (01/06/2014 01:00:10 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/06/2014 11:22:33 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2012-03-31 13:31:16.616
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\xusb21.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-03-31 13:31:16.600
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\xusb21.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-03-31 13:21:03.605
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\xusb21.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-03-31 13:21:03.542
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\xusb21.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-03-31 12:57:26.246
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\xusb21.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-03-31 12:57:26.184
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\xusb21.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-03-31 12:54:22.590
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\xusb21.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-03-31 12:54:22.575
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\xusb21.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-03-31 12:53:34.469
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\xusb21.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-03-31 12:53:34.469
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\xusb21.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 47%
Total physical RAM: 3947.86 MB
Available physical RAM: 2058.15 MB
Total Pagefile: 7893.9 MB
Available Pagefile: 5816.64 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:450.66 GB) (Free:300.25 GB) NTFS
Drive d: (BREAK_UP_MAN) (CDROM) (Total:5.04 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
==================== End Of Log ============================
wie muss ich jetzt weiter vorgehen? |
|
07.01.2014, 20:31
| #6 |
| /// TB-Ausbilder | torch toolbar entfernen Hallo, unsere Tools müssen mit Adminrechten laufen. Wiederhole bitte diesen Scan und starte FRST dieses Mal mit Rechtsklick -> als Administrator ausführen. Starte FRST mit Rechtsklick -> als Administrator ausführen.
__________________ --> torch toolbar entfernen |
|
08.01.2014, 14:18
| #7 |
| | torch toolbar entfernen hier noch mal mit administrationsrechte FRST.text FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-01-2014
Ran by Iris Schönfeld (administrator) on IRISSCHÖNFELD on 08-01-2014 14:12:51
Running from C:\Users\Iris\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Users\Iris\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
(Bandoo Media Inc.) C:\Users\Iris\AppData\Local\iLivid\iLivid.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Desktop.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11785832 2011-03-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2189416 2011-03-09] (Realtek Semiconductor)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1081424 2011-03-14] (Dritek System Inc.)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe_ID0ENQBO] - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe [378224 2008-08-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TrayServer] - C:\Program Files (x86)\MAGIX\Video_deluxe_17_Plus_Sonderedition\Trayserver.exe [90112 2008-08-07] (MAGIX AG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\Default\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\Default User\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
AppInit_DLLs: C:\Windows\System32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll [202600 2012-10-08] (NVIDIA Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=37a5e8ef-f1e8-a4ed-0d86-7fa78d6c5bd1&searchtype=ds&q={searchTerms}&installDate=09/11/2013
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=37a5e8ef-f1e8-a4ed-0d86-7fa78d6c5bd1&searchtype=ds&q={searchTerms}&installDate=09/11/2013
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=37a5e8ef-f1e8-a4ed-0d86-7fa78d6c5bd1&searchtype=ds&q={searchTerms}&installDate=09/11/2013
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=37a5e8ef-f1e8-a4ed-0d86-7fa78d6c5bd1&searchtype=ds&q={searchTerms}&installDate=09/11/2013
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&AF=110004&babsrc=SP_ss&mntrId=d28bfd49000000000000889ffa4d32e5
BHO: Snap.DoEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ips\ipsbho.dll (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Extension: No Name - C:\Users\Iris Schönfeld\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions
FF Extension: HDvid Codec 3 - C:\Users\Iris Schönfeld\AppData\Roaming\Mozilla\Firefox\profiles\extensions\hdvc3@hdvidcodec.com.xpi
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFF
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\
==================== Services (Whitelisted) =================
S3 Adobe Version Cue CS4; C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [284016 2008-08-15] (Adobe Systems Incorporated)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
S4 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [257344 2011-02-15] (NTI Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-11-02] (Microsoft Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2144056 2013-12-11] (TuneUp Software)
==================== Drivers (Whitelisted) ====================
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20131218.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation)
S3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [29184 2005-10-06] (REINER SCT)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-03-31] (DT Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-22] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-22] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20140106.001\IDSvia64.sys [521944 2013-12-12] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20140107.001\ENG64.SYS [126040 2013-12-23] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20140107.001\EX64.SYS [2099288 2013-12-23] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [737952 2012-07-06] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [37536 2012-07-06] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMDS64.SYS [451192 2011-07-25] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [1129120 2012-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-03-28] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [190072 2012-04-18] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [405624 2012-04-18] (Symantec Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [11856 2012-02-09] (TuneUp Software)
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [33048 2006-11-30] (X10 Wireless Technology, Inc.)
========================== Drivers MD5 =======================
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\System32\Drivers\adfs.sys 2F0683FD2DF1D92E891CACA14B45A8C1
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 79059559E89D06E8B80CE2944BE20228
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\athrx.sys C8679A07267F030704168E45E27C3D43
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\system32\drivers\b57xdbd.sys A424CB46A145E5AABF15621550976DF2
C:\Windows\system32\drivers\b57xdmp.sys BE4E6FD5A898812B85D5817AD9754A9F
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20131218.001\BHDrvx64.sys F14F048B4D05FBCE536250EA74BF9FDC
C:\Windows\system32\drivers\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\bScsiMSa.sys 520408CFDB56DE8CDB44B2F11B9C5B5C
C:\Windows\System32\DRIVERS\bScsiSDa.sys 9F880F03F4A72215C8B77FD51322C297
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys 2C6FFCCA37B002AAB3C7C31A6D780A76
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cjusb.sys 61945342AED561A1849D87EC0998F8FE
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\System32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Dot4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Dot4Prt.sys E9F5969233C5D89F3C35E3A66A52A361
C:\Windows\System32\DRIVERS\dot4usb.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\dtsoftbus01.sys 46571ED73AE84469DCA53081D33CF3C8
C:\Windows\System32\drivers\dxgkrnl.sys 88612F1CE3BF42256913BF6E61C70D52
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 1B7AA375F711F66D5FF2B855F9EC987F
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 7230C8B80DDE1F0524C353240B78CC0E
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\drivers\iaStor.sys F7CE9BE72EDAC499B713ECA6DAE5D26F
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20140106.001\IDSvia64.sys D7CB14B41DA52DF2EC143768E02F0E97
C:\Windows\System32\DRIVERS\igdkmd64.sys 795C99DC4F574C97C03D0BB39CF099EE
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHD64.sys B60ACCD29F8FAFC4A6344CD2BD5CA3A5
C:\Windows\System32\DRIVERS\IntcDAud.sys FC727061C0F47C8059E88E05D5C8E381
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\k57nd60a.sys 0469BFF65BBDEE9E46D0C45EE32A08BD
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 8F489706472F7E9A06BAAA198703FA64
C:\Windows\System32\Drivers\ksecpkg.sys 868A2CAAB12EFC7A021682BCA0EEC54C
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mbam.sys 0BB97D43299910CBFBA59C461B99B910
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys A6518DCC42F7A6E999BB3BEA8FD87567
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20140107.001\ENG64.SYS 702E07EC32F96ACDB873E9A5465D4401
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20140107.001\EX64.SYS 302EA314A1AF0D7CEF0A3D0195F79561
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0
C:\Windows\system32\drivers\NTIDrvr.sys EE3BA1024594D5D09E314F206B94069E
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nvlddmkm.sys 5104BAC2DA2A5BDD86AC6B0708B00F06
C:\Windows\System32\DRIVERS\nvpciflt.sys 918841B2454F4F2BD94479692079490B
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\drivers\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sdbus.sys 111E0EBC0AD79CB0FA014B907B231CF0
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS 891793E00432FA055CF040605C260E49
C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS 1CB7BB3B0561FB5ECFE37F7731E8BF3E
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\NISx64\1309010.00E\SYMDS64.SYS 8B2430762099598DA40686F754632EFD
C:\Windows\System32\drivers\NISx64\1309010.00E\SYMEFA64.SYS 5CB7F2FD7E30A0F52F93574BFC3A8041
C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 894579207E39C465737E850A252CE4F2
C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS 5013A76CAAA1D7CF1C55214B490B4E35
C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS 3911BD0E68C010E5438A87706ABBE9AB
C:\Windows\System32\drivers\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\DRIVERS\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\system32\drivers\TsUsbGD.sys 9CC2CCAE8A84820EAECB886D477CBCB8
C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys DCC94C51D27C7EC0DADECA8F64C94FCF
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\TurboB.sys 48743B69EA47C020A792D8649F753F44
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\system32\drivers\UBHelper.sys A17D5E1A6DF4EAB0A480F2C490DE4C9D
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbaudio.sys B0435098C81D04CAFFF80DDB746CD3A2
C:\Windows\System32\DRIVERS\usbccgp.sys ACCEA6BC68D0C9A78EB97EE159028B4E
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys 311C1DD1088E55BEAE15954D17F50646
C:\Windows\System32\DRIVERS\usbhub.sys 280E90CBF4B2DDD169F0728CB44D726F
C:\Windows\system32\drivers\usbohci.sys 9406D801042FAF859CF81B2C886413DC
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys A83D0EC9AE4C31704442099D40BA2471
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\System32\Drivers\x10ufx2.sys 6533F30045B0A234783BD8B4069F0433
C:\Windows\System32\DRIVERS\xusb21.sys 2EE48CFCE7CA8E0DB4C44C7476C0943B
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-08 14:10 - 2014-01-08 14:10 - 00062041 _____ C:\Users\Iris Schönfeld\Documents\FRST.txt
2014-01-08 14:10 - 2014-01-08 14:10 - 00038038 _____ C:\Users\Iris Schönfeld\Documents\Addition.txt
2014-01-08 14:07 - 2014-01-08 14:07 - 00000000 ____D C:\Users\Iris\Downloads\FRST-OlderVersion
2014-01-07 19:57 - 2014-01-07 19:57 - 00001106 _____ C:\Users\Iris\Desktop\TeamViewer 8.lnk
2014-01-07 13:24 - 2014-01-08 14:09 - 00038038 _____ C:\Users\Iris\Downloads\Addition.txt
2014-01-07 13:22 - 2014-01-08 14:13 - 00033922 _____ C:\Users\Iris\Downloads\FRST.txt
2014-01-07 13:21 - 2014-01-08 14:07 - 01932624 _____ (Farbar) C:\Users\Iris\Downloads\FRST64.exe
2014-01-07 13:21 - 2014-01-08 14:07 - 00000000 ____D C:\FRST
2014-01-06 20:57 - 2014-01-06 20:57 - 00002505 _____ C:\Users\Iris\Desktop\Norton Internet Security.lnk
2014-01-06 20:43 - 2014-01-06 20:43 - 00002470 _____ C:\Users\Iris\Desktop\PowerPoint 2013.lnk
2014-01-06 20:43 - 2014-01-06 20:43 - 00002197 _____ C:\Users\Iris\Desktop\TuneUp Utilities 2012.lnk
2014-01-06 20:43 - 2014-01-06 20:43 - 00001074 _____ C:\Users\Iris\Desktop\VLC media player.lnk
2014-01-06 20:43 - 2014-01-06 20:43 - 00000987 _____ C:\Users\Iris\Desktop\Origin.lnk
2014-01-06 20:42 - 2014-01-06 20:42 - 00001254 _____ C:\Users\Iris\Desktop\FIFA 14.lnk
2014-01-06 20:37 - 2014-01-06 20:37 - 00000096 _____ C:\Windows\78005099B7A98259.log
2014-01-06 20:35 - 2014-01-06 20:35 - 00001024 _____ C:\Users\Iris\Desktop\click&translate 3.lnk
2014-01-02 18:40 - 2014-01-03 01:12 - 00294735 _____ C:\Users\Iris\Desktop\vortrag seminar.pptx
2014-01-02 11:32 - 2014-01-02 11:32 - 00002495 _____ C:\Users\Iris\Desktop\Word 2013.lnk
2014-01-02 11:32 - 2014-01-02 11:32 - 00002381 _____ C:\Users\Iris\Desktop\Outlook 2013.lnk
2013-12-31 10:31 - 2013-12-31 10:31 - 00429725 _____ C:\Users\Iris\Downloads\Praxisanleiter.zip
2013-12-30 22:46 - 2013-12-30 22:46 - 00000000 ____D C:\Users\Iris\Documents\lingenio
2013-12-30 10:39 - 2013-12-30 10:39 - 00000000 ____D C:\Program Files (x86)\clicktransl3
2013-12-30 00:03 - 2013-12-30 00:03 - 00002255 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-30 00:02 - 2014-01-08 14:13 - 00001126 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-30 00:02 - 2014-01-08 13:51 - 00001122 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-30 00:02 - 2013-12-30 00:08 - 00004122 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-30 00:01 - 2013-12-30 00:02 - 00000000 ____D C:\Users\Iris\AppData\Local\Deployment
2013-12-30 00:01 - 2013-12-30 00:01 - 00000000 ____D C:\Users\Iris\AppData\Local\Apps\2.0
2013-12-29 21:16 - 2013-12-29 22:19 - 00000166 ___SH C:\ProgramData\.zreglib
2013-12-29 21:16 - 2013-12-29 21:16 - 00000000 ____D C:\Users\Iris\Documents\AnyDVDHD
2013-12-29 21:13 - 2014-01-06 20:37 - 00000000 ____D C:\Program Files (x86)\SlySoft
2013-12-29 21:13 - 2013-12-29 21:13 - 00000000 ____D C:\ProgramData\SlySoft
2013-12-29 21:12 - 2014-01-06 20:36 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2013-12-26 16:10 - 2013-12-26 20:59 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-12-26 16:10 - 2013-12-26 16:10 - 00000000 _____ C:\autoexec.bat
2013-12-26 16:08 - 2013-12-26 20:58 - 00000000 ____D C:\Windows\CD09642E061D4844BA37ED1480916404.TMP
2013-12-26 16:06 - 2013-12-26 16:06 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Iris\Downloads\SpyHunter-Installer.exe
2013-12-26 15:31 - 2013-12-26 20:57 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-12-26 15:30 - 2013-12-26 15:30 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Iris Schönfeld\Downloads\revosetup95.exe
2013-12-26 15:27 - 2013-12-26 15:27 - 00003150 _____ C:\Windows\System32\Tasks\{F46EB451-3F46-404B-893D-08ED7D4FD5FD}
2013-12-26 11:31 - 2013-12-26 11:31 - 00000000 ____D C:\Users\Iris Schönfeld\AppData\Roaming\Malwarebytes
2013-12-26 11:30 - 2013-12-26 11:30 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-26 11:30 - 2013-12-26 11:30 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-26 11:30 - 2013-12-26 11:30 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-26 11:30 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-25 18:47 - 2013-12-25 18:47 - 00598434 _____ C:\Users\Iris\Desktop\Weihnachten 2013.MVP
2013-12-25 12:06 - 2013-12-25 12:19 - 00000000 ____D C:\Users\Iris\Desktop\weihnachten 2013
2013-12-24 12:08 - 2013-12-24 12:08 - 00170279 _____ C:\Users\Iris\Downloads\dreamscene_win7_64 (3).zip
2013-12-24 12:08 - 2013-12-24 12:08 - 00170279 _____ C:\Users\Iris\Downloads\dreamscene_win7_64 (2).zip
2013-12-24 12:06 - 2013-12-24 12:08 - 00000000 ____D C:\Users\Iris\Documents\an
2013-12-24 12:04 - 2013-12-24 12:04 - 00170279 _____ C:\Users\Iris\Downloads\dreamscene_win7_64.zip
2013-12-24 12:04 - 2013-12-24 12:04 - 00170279 _____ C:\Users\Iris\Downloads\dreamscene_win7_64 (1).zip
2013-12-24 11:47 - 2013-12-31 10:14 - 00000000 ___RD C:\Users\Iris\Desktop\destkopf#
2013-12-22 10:52 - 2013-12-22 10:52 - 00000000 ____D C:\Users\Iris Schönfeld\AppData\Local\iLivid
2013-12-17 12:52 - 2013-12-17 12:52 - 00011826 _____ C:\Users\Iris\Downloads\Auftrag - MAU-01022595.zip
2013-12-12 21:26 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-12 21:26 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-12 21:26 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-12 21:26 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-12 21:24 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 21:24 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 21:24 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 21:24 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-12 21:24 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-12 21:24 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-12 21:24 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 21:24 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 21:24 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-12 21:24 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-12 21:24 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-12 21:24 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 21:24 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-12 21:24 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-12 21:24 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-12 21:24 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-12 21:24 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-12 21:24 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 21:24 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-12 21:24 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-12 21:24 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-12 21:24 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 21:24 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 21:24 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-12 21:24 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-12 21:24 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 21:24 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 21:24 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-12 21:24 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-12 21:24 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-12 21:24 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-12 15:07 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-12 15:07 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-12 15:07 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-12 15:07 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-12 15:07 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-12 15:07 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-12 15:07 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-12 15:07 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-12 15:07 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-12 15:07 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-12 15:07 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-12 15:07 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-12 15:07 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-12 15:07 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-12 15:07 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-12 15:07 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-12 15:07 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-12 15:07 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-12 15:07 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-11 20:30 - 2013-12-11 20:30 - 02035048 _____ C:\Users\Iris\Downloads\Outlook (6).zip
2013-12-10 11:19 - 2013-12-10 11:19 - 00000000 ____D C:\Users\Iris\AppData\Local\{F316A81B-D975-414B-BBE4-F8D7BCA8DFA1}
2013-12-09 12:42 - 2013-12-09 12:43 - 00000000 ____D C:\Users\Iris\AppData\Local\{82D69D58-2BAC-4387-B09B-7E9321D8F3F6}
==================== One Month Modified Files and Folders =======
2014-01-08 14:13 - 2014-01-07 13:22 - 00033922 _____ C:\Users\Iris\Downloads\FRST.txt
2014-01-08 14:13 - 2013-12-30 00:02 - 00001126 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-08 14:10 - 2014-01-08 14:10 - 00062041 _____ C:\Users\Iris Schönfeld\Documents\FRST.txt
2014-01-08 14:10 - 2014-01-08 14:10 - 00038038 _____ C:\Users\Iris Schönfeld\Documents\Addition.txt
2014-01-08 14:09 - 2014-01-07 13:24 - 00038038 _____ C:\Users\Iris\Downloads\Addition.txt
2014-01-08 14:07 - 2014-01-08 14:07 - 00000000 ____D C:\Users\Iris\Downloads\FRST-OlderVersion
2014-01-08 14:07 - 2014-01-07 13:21 - 01932624 _____ (Farbar) C:\Users\Iris\Downloads\FRST64.exe
2014-01-08 14:07 - 2014-01-07 13:21 - 00000000 ____D C:\FRST
2014-01-08 14:03 - 2011-12-17 01:52 - 00000000 ____D C:\Users\Iris\AppData\Roaming\Skype
2014-01-08 14:01 - 2011-12-17 00:50 - 01926287 _____ C:\Windows\WindowsUpdate.log
2014-01-08 13:58 - 2009-07-14 05:45 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-08 13:58 - 2009-07-14 05:45 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-08 13:55 - 2012-03-31 12:12 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-08 13:51 - 2013-12-30 00:02 - 00001122 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-08 13:50 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-08 13:50 - 2009-07-14 05:51 - 00149397 _____ C:\Windows\setupact.log
2014-01-08 10:35 - 2013-07-12 20:59 - 00005152 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for IrisSchönfeld-Iris IrisSchönfeld
2014-01-07 20:16 - 2013-03-29 12:57 - 00000000 ____D C:\Users\Iris\Documents\Arbeit
2014-01-07 19:57 - 2014-01-07 19:57 - 00001106 _____ C:\Users\Iris\Desktop\TeamViewer 8.lnk
2014-01-07 19:34 - 2011-12-17 13:10 - 00000000 ____D C:\Program Files (x86)\Origin
2014-01-07 19:18 - 2013-12-03 13:55 - 00000000 ____D C:\Users\Iris\Documents\FIFA 14
2014-01-07 18:12 - 2013-07-24 10:43 - 00000924 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1637596445-2169188190-2784324865-1001UA.job
2014-01-07 13:19 - 2012-03-02 19:23 - 00002474 _____ C:\Windows\wininit.ini
2014-01-07 13:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2014-01-06 20:57 - 2014-01-06 20:57 - 00002505 _____ C:\Users\Iris\Desktop\Norton Internet Security.lnk
2014-01-06 20:43 - 2014-01-06 20:43 - 00002470 _____ C:\Users\Iris\Desktop\PowerPoint 2013.lnk
2014-01-06 20:43 - 2014-01-06 20:43 - 00002197 _____ C:\Users\Iris\Desktop\TuneUp Utilities 2012.lnk
2014-01-06 20:43 - 2014-01-06 20:43 - 00001074 _____ C:\Users\Iris\Desktop\VLC media player.lnk
2014-01-06 20:43 - 2014-01-06 20:43 - 00000987 _____ C:\Users\Iris\Desktop\Origin.lnk
2014-01-06 20:42 - 2014-01-06 20:42 - 00001254 _____ C:\Users\Iris\Desktop\FIFA 14.lnk
2014-01-06 20:42 - 2011-04-06 11:30 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2014-01-06 20:37 - 2014-01-06 20:37 - 00000096 _____ C:\Windows\78005099B7A98259.log
2014-01-06 20:37 - 2013-12-29 21:13 - 00000000 ____D C:\Program Files (x86)\SlySoft
2014-01-06 20:36 - 2013-12-29 21:12 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2014-01-06 20:35 - 2014-01-06 20:35 - 00001024 _____ C:\Users\Iris\Desktop\click&translate 3.lnk
2014-01-06 20:23 - 2012-04-09 19:28 - 00000000 ____D C:\Users\Iris\AppData\Roaming\vlc
2014-01-06 13:39 - 2013-11-10 17:22 - 00068096 ___SH C:\Users\Iris\Documents\Thumbs.db
2014-01-04 22:31 - 2012-04-25 19:44 - 00000000 ____D C:\Users\Iris\AppData\Roaming\dvdcss
2014-01-03 01:13 - 2012-08-02 22:19 - 00000000 ____D C:\Users\Iris\Documents\Office Arbeiten
2014-01-03 01:12 - 2014-01-02 18:40 - 00294735 _____ C:\Users\Iris\Desktop\vortrag seminar.pptx
2014-01-02 11:32 - 2014-01-02 11:32 - 00002495 _____ C:\Users\Iris\Desktop\Word 2013.lnk
2014-01-02 11:32 - 2014-01-02 11:32 - 00002381 _____ C:\Users\Iris\Desktop\Outlook 2013.lnk
2014-01-01 18:27 - 2011-12-17 09:42 - 00697098 _____ C:\Windows\system32\perfh007.dat
2014-01-01 18:27 - 2011-12-17 09:42 - 00148362 _____ C:\Windows\system32\perfc007.dat
2014-01-01 18:27 - 2009-07-14 06:13 - 01613412 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-01 11:48 - 2013-07-24 10:43 - 00000902 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1637596445-2169188190-2784324865-1001Core.job
2013-12-31 10:31 - 2013-12-31 10:31 - 00429725 _____ C:\Users\Iris\Downloads\Praxisanleiter.zip
2013-12-31 10:14 - 2013-12-24 11:47 - 00000000 ___RD C:\Users\Iris\Desktop\destkopf#
2013-12-30 22:46 - 2013-12-30 22:46 - 00000000 ____D C:\Users\Iris\Documents\lingenio
2013-12-30 10:39 - 2013-12-30 10:39 - 00000000 ____D C:\Program Files (x86)\clicktransl3
2013-12-30 10:37 - 2010-11-21 04:47 - 00181542 _____ C:\Windows\PFRO.log
2013-12-30 00:08 - 2013-12-30 00:02 - 00004122 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-30 00:08 - 2012-08-18 23:22 - 00003870 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-30 00:03 - 2013-12-30 00:03 - 00002255 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-30 00:03 - 2012-02-03 10:08 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-30 00:02 - 2013-12-30 00:01 - 00000000 ____D C:\Users\Iris\AppData\Local\Deployment
2013-12-30 00:01 - 2013-12-30 00:01 - 00000000 ____D C:\Users\Iris\AppData\Local\Apps\2.0
2013-12-29 22:19 - 2013-12-29 21:16 - 00000166 ___SH C:\ProgramData\.zreglib
2013-12-29 21:16 - 2013-12-29 21:16 - 00000000 ____D C:\Users\Iris\Documents\AnyDVDHD
2013-12-29 21:13 - 2013-12-29 21:13 - 00000000 ____D C:\ProgramData\SlySoft
2013-12-28 12:43 - 2011-12-17 01:44 - 00000000 ____D C:\Users\Iris Schönfeld
2013-12-26 21:50 - 2012-01-01 01:19 - 00000000 ____D C:\Windows\System32\Tasks\Games
2013-12-26 21:02 - 2011-04-06 12:10 - 00000000 ____D C:\DOLBY PCEE4
2013-12-26 20:59 - 2013-12-26 16:10 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-12-26 20:58 - 2013-12-26 16:08 - 00000000 ____D C:\Windows\CD09642E061D4844BA37ED1480916404.TMP
2013-12-26 20:57 - 2013-12-26 15:31 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-12-26 16:29 - 2012-06-29 19:18 - 00000000 ____D C:\Users\Iris\AppData\Local\EgisTec
2013-12-26 16:24 - 2012-02-03 10:09 - 00000000 ____D C:\Users\Iris Schönfeld\AppData\Local\Google
2013-12-26 16:10 - 2013-12-26 16:10 - 00000000 _____ C:\autoexec.bat
2013-12-26 16:06 - 2013-12-26 16:06 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Iris\Downloads\SpyHunter-Installer.exe
2013-12-26 15:38 - 2012-09-28 20:47 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-12-26 15:30 - 2013-12-26 15:30 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Iris Schönfeld\Downloads\revosetup95.exe
2013-12-26 15:27 - 2013-12-26 15:27 - 00003150 _____ C:\Windows\System32\Tasks\{F46EB451-3F46-404B-893D-08ED7D4FD5FD}
2013-12-26 15:25 - 2011-12-17 01:44 - 00000000 ___RD C:\Users\Iris Schönfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-26 15:25 - 2011-12-17 01:44 - 00000000 ___RD C:\Users\Iris Schönfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-26 15:23 - 2011-12-17 01:44 - 00001429 _____ C:\Users\Iris Schönfeld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-26 11:31 - 2013-12-26 11:31 - 00000000 ____D C:\Users\Iris Schönfeld\AppData\Roaming\Malwarebytes
2013-12-26 11:30 - 2013-12-26 11:30 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-26 11:30 - 2013-12-26 11:30 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-26 11:30 - 2013-12-26 11:30 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-25 18:47 - 2013-12-25 18:47 - 00598434 _____ C:\Users\Iris\Desktop\Weihnachten 2013.MVP
2013-12-25 12:19 - 2013-12-25 12:06 - 00000000 ____D C:\Users\Iris\Desktop\weihnachten 2013
2013-12-24 22:45 - 2011-12-17 13:11 - 00000000 ____D C:\Users\Iris\AppData\Roaming\Origin
2013-12-24 22:45 - 2011-12-17 13:10 - 00000000 ____D C:\ProgramData\Origin
2013-12-24 12:08 - 2013-12-24 12:08 - 00170279 _____ C:\Users\Iris\Downloads\dreamscene_win7_64 (3).zip
2013-12-24 12:08 - 2013-12-24 12:08 - 00170279 _____ C:\Users\Iris\Downloads\dreamscene_win7_64 (2).zip
2013-12-24 12:08 - 2013-12-24 12:06 - 00000000 ____D C:\Users\Iris\Documents\an
2013-12-24 12:04 - 2013-12-24 12:04 - 00170279 _____ C:\Users\Iris\Downloads\dreamscene_win7_64.zip
2013-12-24 12:04 - 2013-12-24 12:04 - 00170279 _____ C:\Users\Iris\Downloads\dreamscene_win7_64 (1).zip
2013-12-24 12:01 - 2011-12-17 01:49 - 00000000 ____D C:\Users\Iris\AppData\Local\Windows Live
2013-12-22 10:56 - 2012-08-02 19:42 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2012
2013-12-22 10:52 - 2013-12-22 10:52 - 00000000 ____D C:\Users\Iris Schönfeld\AppData\Local\iLivid
2013-12-17 12:52 - 2013-12-17 12:52 - 00011826 _____ C:\Users\Iris\Downloads\Auftrag - MAU-01022595.zip
2013-12-15 16:29 - 2013-02-23 20:35 - 00000000 ____D C:\ProgramData\tmp
2013-12-14 19:23 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-13 22:18 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-13 15:31 - 2009-07-14 05:45 - 03173448 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-11 20:30 - 2013-12-11 20:30 - 02035048 _____ C:\Users\Iris\Downloads\Outlook (6).zip
2013-12-11 19:06 - 2012-08-02 20:03 - 00036664 _____ (TuneUp Software) C:\Windows\system32\uxtuneup.dll
2013-12-11 19:06 - 2012-08-02 20:03 - 00030008 _____ (TuneUp Software) C:\Windows\SysWOW64\uxtuneup.dll
2013-12-11 19:06 - 2012-08-02 19:44 - 00035640 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2013-12-11 19:06 - 2012-08-02 19:44 - 00026936 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2013-12-11 19:06 - 2012-08-02 19:44 - 00022328 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2013-12-11 15:20 - 2013-03-22 21:33 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-12-10 21:55 - 2012-03-31 12:12 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-10 21:55 - 2012-03-31 12:12 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-10 21:55 - 2011-12-17 02:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-10 11:19 - 2013-12-10 11:19 - 00000000 ____D C:\Users\Iris\AppData\Local\{F316A81B-D975-414B-BBE4-F8D7BCA8DFA1}
2013-12-10 06:37 - 2013-03-18 19:28 - 00016384 ___SH C:\Users\Iris\Thumbs.db
2013-12-09 12:43 - 2013-12-09 12:42 - 00000000 ____D C:\Users\Iris\AppData\Local\{82D69D58-2BAC-4387-B09B-7E9321D8F3F6}
Some content of TEMP:
====================
C:\Users\Iris\AppData\Local\Temp\CmdLineExt02.dll
C:\Users\Iris\AppData\Local\Temp\installerdll151227.dll
C:\Users\Iris\AppData\Local\Temp\installerdll5341989.dll
C:\Users\Iris\AppData\Local\Temp\installerdll574458.dll
C:\Users\Iris\AppData\Local\Temp\installerdll582850.dll
C:\Users\Iris\AppData\Local\Temp\installerdll5865231.dll
C:\Users\Iris\AppData\Local\Temp\installerdll624003.dll
C:\Users\Iris\AppData\Local\Temp\installerdll685140.dll
C:\Users\Iris\AppData\Local\Temp\install_reader10_de_chra_aih.exe
C:\Users\Iris\AppData\Local\Temp\Setup.exe
C:\Users\Iris Schönfeld\AppData\Local\Temp\BackupSetup.exe
C:\Users\Iris Schönfeld\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe
C:\Users\Iris Schönfeld\AppData\Local\Temp\FP_PL_MSI_INSTALLER.exe
C:\Users\Iris Schönfeld\AppData\Local\Temp\geek_x64.exe
C:\Users\Iris Schönfeld\AppData\Local\Temp\htmlayout.dll
C:\Users\Iris Schönfeld\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Iris Schönfeld\AppData\Local\Temp\Setup.exe
C:\Users\Iris Schönfeld\AppData\Local\Temp\SHSetup.exe
C:\Users\Iris Schönfeld\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Iris Schönfeld\AppData\Local\Temp\vcredist_x64.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== BCD ================================
Windows-Start-Manager
---------------------
Bezeichner {bootmgr}
device partition=\Device\HarddiskVolume2
description Windows Boot Manager
locale de-DE
inherit {globalsettings}
default {current}
resumeobject {223dbb5e-2889-11e1-bead-a41a5e89cd0b}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Windows-Startladeprogramm
-------------------------
Bezeichner {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale de-DE
inherit {bootloadersettings}
recoverysequence {223dbb60-2889-11e1-bead-a41a5e89cd0b}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {223dbb5e-2889-11e1-bead-a41a5e89cd0b}
nx OptIn
Windows-Startladeprogramm
-------------------------
Bezeichner {223dbb60-2889-11e1-bead-a41a5e89cd0b}
device ramdisk=[C:]\Recovery\223dbb60-2889-11e1-bead-a41a5e89cd0b\Winre.wim,{223dbb61-2889-11e1-bead-a41a5e89cd0b}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\223dbb60-2889-11e1-bead-a41a5e89cd0b\Winre.wim,{223dbb61-2889-11e1-bead-a41a5e89cd0b}
systemroot \windows
nx OptIn
winpe Yes
Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner {223dbb5e-2889-11e1-bead-a41a5e89cd0b}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale de-DE
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No
Windows-Speichertestprogramm
----------------------------
Bezeichner {memdiag}
device partition=\Device\HarddiskVolume2
path \boot\memtest.exe
description Windows Memory Diagnostic
locale de-DE
inherit {globalsettings}
badmemoryaccess Yes
EMS-Einstellungen
-----------------
Bezeichner {emssettings}
bootems Yes
Debuggereinstellungen
---------------------
Bezeichner {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
RAM-Defekte
-----------
Bezeichner {badmemory}
Globale Einstellungen
---------------------
Bezeichner {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Startladeprogramm-Einstellungen
-------------------------------
Bezeichner {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Hypervisoreinstellungen
-------------------
Bezeichner {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Einstellungen zur Ladeprogrammfortsetzung
-----------------------------------------
Bezeichner {resumeloadersettings}
inherit {globalsettings}
Ger„teoptionen
--------------
Bezeichner {223dbb61-2889-11e1-bead-a41a5e89cd0b}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\223dbb60-2889-11e1-bead-a41a5e89cd0b\boot.sdi
LastRegBack: 2014-01-01 00:38
==================== End Of Log ============================
Addition.textFRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-01-2014
Ran by Iris Schönfeld at 2014-01-08 14:13:31
Running from C:\Users\Iris\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Norton Internet Security (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
==================== Installed Programs ======================
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
Acer Backup Manager (x32 Version: 3.0.0.85 - NTI Corporation)
Acer Crystal Eye Webcam (x32 Version: 1.0.1510 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1510 - CyberLink Corp.) Hidden
Acer eRecovery Management (x32 Version: 5.00.3002 - Acer Incorporated)
Acer Registration (x32 Version: 1.03.3004 - Acer Incorporated)
Acer ScreenSaver (x32 Version: 1.1.1130.2010 - Acer Incorporated)
Acer Updater (x32 Version: 1.02.3005 - Acer Incorporated)
Acrobat.com (x32 Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.3.0.3670 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.3.0.3670 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS4 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe CMaps CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Recommended Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Extra Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color Video Profiles CS CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 4 Production Premium (x32 Version: 4.0 - Adobe Systems Incorporated)
Adobe Creative Suite 4 Production Premium (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CS4 American English Speech Analysis Models (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS4 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (x32 Version: 1.2.2 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.2 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Dynamiclink Support (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash CS4 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Flash CS4 Extension - Flash Lite STI others (x32 Version: 3.0 - Adobe Systems Incorporated) Hidden
Adobe Flash CS4 STI-other (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Fonts All (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Fonts All x64 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 (x32 Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Additional Exporter (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Dolby (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Output Module (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (64 Bit) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 Support (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CS4 (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CS4 Functional Content (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Reader 9.1 MUI (x32 Version: 9.1.0 - Adobe Systems Incorporated)
Adobe Search for Help (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Service Manager Extension (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Setup (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Soundbooth CS4 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Type Support CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Type Support x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS4 (x32 Version: 6.0.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS4 Server (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe Widget Browser (x32 Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.348 - Adobe Systems Incorporated.) Hidden
Adobe WinSoft Linguistics Plugin (x32 Version: 1.1 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetCMYK (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetRGB (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Advanced Archive Password Recovery (x32 Version: 4.54.48.1338 - Elcomsoft Co. Ltd.)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
ANNO 1503 (x32 Version: - )
Backup Manager V3 (x32 Version: 3.0.0.85 - NTI Corporation) Hidden
Bing Bar (x32 Version: 7.0.610.0 - Microsoft Corporation)
Broadcom Card Reader Driver Installer (Version: 14.6.1.2 - Broadcom Corporation)
Broadcom Gigabit NetLink Controller (Version: 14.6.1.2 - Broadcom Corporation)
clear.fi Client (x32 Version: 1.00.3008 - Acer Incorporated)
click & translate 3 (x32 Version: 11.0 - Lingenio GmbH)
Command & Conquer 3 (x32 Version: 1.00.0000 - Ihr Firmenname)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (x32 Version: 4.45.3.0297 - DT Soft Ltd)
EA.com Matchup (x32 Version: - )
EA.com Update (x32 Version: - )
Epson Event Manager (x32 Version: 2.01.00 - SEIKO EPSON Corporation)
EPSON PX700W Series Printer Uninstall (Version: - SEIKO EPSON Corporation)
EPSON Scan (x32 Version: - )
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287 - Skype Limited)
FIFA 12 (x32 Version: 1.0.0.0 - Electronic Arts)
FIFA 14 (x32 Version: 1.0.0.4 - Electronic Arts)
Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.31.0 - MAGIX AG)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Identity Card (x32 Version: 1.00.3006 - Acer Incorporated)
Intel(R) Control Center (x32 Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2342 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 10.0.0.1046 - Intel Corporation)
Java 7 Update 25 (x32 Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Launch Manager (x32 Version: 5.1.4 - Acer Inc.)
Lernerfolg Grundschule Deutsch 1-4 (x32 Version: - )
Lernerfolg Grundschule Mathematik 1-4 (x32 Version: - )
MAGIX Screenshare (Version: 4.3.6.1987 - MAGIX AG) Hidden
MAGIX Screenshare (x32 Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6 - MAGIX AG)
MAGIX Video deluxe 17 Plus Sonderedition (Version: 10.0.12.2 - MAGIX AG) Hidden
MAGIX Video deluxe 17 Plus Sonderedition (x32 Version: 10.0.12.2 - MAGIX AG)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 Home Premium - de-de (Version: 15.0.4551.1011 - Microsoft Corporation)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (Version: 1.20.146.0 - Microsoft)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
Norton Internet Security (x32 Version: 19.9.1.14 - Symantec Corporation)
Norton Online Backup (x32 Version: 2.1.17869 - Symantec Corporation)
NVIDIA Grafiktreiber 306.97 (Version: 306.97 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.85.551 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.10.8 (Version: 1.10.8 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Systemsteuerung 306.97 (Version: 306.97 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (Version: 1.10.8 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1011 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1011 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1011 - Microsoft Corporation) Hidden
Origin (x32 Version: 8.5.0.4550 - Electronic Arts, Inc.)
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (Version: 5.0 - Adobe Systems Incorporated) Hidden
Pixel Bender Toolkit (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Pixum Fotobuch (x32 Version: 5.0.1 - CEWE COLOR AG u Co. OHG)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QuickTime (x32 Version: 7.55.90.70 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6329 - Realtek Semiconductor Corp.)
Skype Click to Call (x32 Version: 6.1.10441 - Skype Technologies S.A.)
Skype™ 6.3 (x32 Version: 6.3.107 - Skype Technologies S.A.)
Sony USB Driver (x32 Version: - )
SopCast 3.4.8 (x32 Version: 3.4.8 - SopCast - Free P2P internet TV | live football, NBA, cricket)
Star Trek Legacy (x32 Version: 1.00.0000 - Ihr Firmenname)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
TeamViewer 8 (x32 Version: 8.0.22298 - TeamViewer)
Tipptrainer (x32 Version: 0.1 - S.A.D.)
TuneUp Utilities 2012 (x32 Version: 12.0.3600.193 - TuneUp Software)
TuneUp Utilities 2012 (x32 Version: 12.0.3600.193 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3600.193 - TuneUp Software) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (Version: 2.0.82.0 - Intel)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
VLC media player 2.0.1 (x32 Version: 2.0.1 - VideoLAN)
Welcome Center (x32 Version: 1.02.3102 - Acer Incorporated)
Windows Live Argazki Galeria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.11 (64-bit) (Version: 4.11.0 - win.rar GmbH)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Restore Points =========================
31-12-2013 23:51:11 Geplanter Prüfpunkt
06-01-2014 19:40:57 Entfernt Renesas Electronics USB 3.0 Host Controller Driver
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0467E1FD-C192-4F0D-AA08-30D492DFE7DA} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2013-12-11] (Microsoft Corporation)
Task: {264AD2D7-B0FC-4E49-8A70-C8EB1FA10B39} - System32\Tasks\{24A96431-05F4-429A-9677-9CF73ECB0A66} => C:\Program Files (x86)\EA SPORTS\NHL 2002\nhl2002.exe
Task: {2BA56C73-E2E9-4F8E-A909-19FD3B6F7FED} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-30] (Google Inc.)
Task: {2EAEF805-9963-4812-9BBF-3AD9F74273E4} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1637596445-2169188190-2784324865-1001
Task: {2EB2C65D-F823-4938-B321-081CB07114EE} - System32\Tasks\{F2DF4D62-9611-4989-965A-F600B10FD1CF} => Iexplore.exe Downloading
Task: {3D797F1D-F452-4BA3-8325-808B9131842A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1637596445-2169188190-2784324865-1001UA => C:\Users\Iris\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-24] (Facebook Inc.)
Task: {484C0055-513E-4D31-A216-34FBAD6BA903} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation)
Task: {72D20246-3B59-41C6-A244-68CBE4736A0D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1637596445-2169188190-2784324865-1001Core => C:\Users\Iris\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-24] (Facebook Inc.)
Task: {AE61051F-0934-48EF-94F2-4FDA2E6B1724} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {B27A7A0B-1046-440A-A7DF-BB11B8836CD2} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-11-02] (Microsoft Corporation)
Task: {C1287847-901B-4D25-9A71-2D354FFC6779} - System32\Tasks\Microsoft Office 15 Sync Maintenance for IrisSchönfeld-Iris IrisSchönfeld => C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE [2013-12-11] (Microsoft Corporation)
Task: {C88D48B8-F02A-4168-937F-BC8554735E80} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-30] (Google Inc.)
Task: {D7EB15BA-89A2-4F61-894A-644FA8B81126} - System32\Tasks\{096AA653-A5F7-48F8-9475-18128CF272AB} => Iexplore.exe Skype auf Ihren Computer herunterladen ? Mac, Windows, Linux*?*Skype
Task: {E3B2F99C-530D-49AA-8086-A65DD3DC6586} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\symerr.exe [2012-02-04] (Symantec Corporation)
Task: {F741006F-B273-463D-B194-DC8B6CCBD127} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\symerr.exe [2012-02-04] (Symantec Corporation)
Task: {FD0DF8B0-9FC6-4220-B513-10640796BA90} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\wscstub.exe [2013-02-02] (Symantec Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1637596445-2169188190-2784324865-1001Core.job => C:\Users\Iris\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1637596445-2169188190-2784324865-1001UA.job => C:\Users\Iris\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2011-12-25 18:31 - 2012-02-17 19:55 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2011-04-06 12:14 - 2011-03-26 01:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-02-15 19:37 - 2011-02-15 19:37 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-02-15 19:36 - 2011-02-15 19:36 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-02-15 19:37 - 2011-02-15 19:37 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2013-11-10 15:33 - 2013-11-10 15:33 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\cd9a4b4dbc1a4b564ebed696e18cadb6\IsdiInterop.ni.dll
2011-04-06 11:30 - 2010-09-14 02:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:2430E4FC
AlternateDataStreams: C:\ProgramData\Temp:798A3728
AlternateDataStreams: C:\ProgramData\Temp:C46995DA
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/08/2014 01:51:25 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/08/2014 01:49:10 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/08/2014 01:11:38 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/08/2014 01:08:16 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/08/2014 10:34:05 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/07/2014 07:42:46 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/07/2014 00:55:02 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/07/2014 00:46:08 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/07/2014 00:09:24 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/06/2014 08:41:16 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary ElbyCDFL.
System Error:
Das System kann die angegebene Datei nicht finden.
.
System errors:
=============
Error: (01/08/2014 01:51:26 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x800700b7
Error: (01/08/2014 01:51:26 PM) (Source: WMPNetworkSvc) (User: )
Description: 00x800700b7hxxp://+:10243/WMPNSSv4/2811996591/
Error: (01/08/2014 01:51:26 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x800700b7
Error: (01/08/2014 01:51:26 PM) (Source: WMPNetworkSvc) (User: )
Description: 00x800700b7hxxp://+:10243/WMPNSSv4/2811996591/
Error: (01/08/2014 01:11:39 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x800700b7
Error: (01/08/2014 01:11:39 PM) (Source: WMPNetworkSvc) (User: )
Description: 00x800700b7hxxp://+:10243/WMPNSSv4/2811996591/
Error: (01/08/2014 01:11:39 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x800700b7
Error: (01/08/2014 01:11:39 PM) (Source: WMPNetworkSvc) (User: )
Description: 00x800700b7hxxp://+:10243/WMPNSSv4/2811996591/
Error: (01/08/2014 01:10:23 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%109
Error: (01/08/2014 10:34:19 AM) (Source: WMPNetworkSvc) (User: )
Description: 0x800700b7
Microsoft Office Sessions:
=========================
Error: (01/08/2014 01:51:25 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/08/2014 01:49:10 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/08/2014 01:11:38 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/08/2014 01:08:16 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/08/2014 10:34:05 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/07/2014 07:42:46 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/07/2014 00:55:02 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/07/2014 00:46:08 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/07/2014 00:09:24 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/06/2014 08:41:16 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary ElbyCDFL.
System Error:
Das System kann die angegebene Datei nicht finden.
CodeIntegrity Errors:
===================================
Date: 2012-03-31 13:31:16.616
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\xusb21.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-03-31 13:31:16.600
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\xusb21.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-03-31 13:21:03.605
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\xusb21.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-03-31 13:21:03.542
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\xusb21.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-03-31 12:57:26.246
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\xusb21.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-03-31 12:57:26.184
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\xusb21.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-03-31 12:54:22.590
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\xusb21.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-03-31 12:54:22.575
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\xusb21.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-03-31 12:53:34.469
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\xusb21.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-03-31 12:53:34.469
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\xusb21.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 49%
Total physical RAM: 3947.86 MB
Available physical RAM: 1998.45 MB
Total Pagefile: 7893.9 MB
Available Pagefile: 5875.29 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:450.66 GB) (Free:300.16 GB) NTFS
Drive d: (BREAK_UP_MAN) (CDROM) (Total:5.04 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: CF822FE7)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
08.01.2014, 14:25
| #8 |
| /// TB-Ausbilder | torch toolbar entfernen Ok. Schritt 1
Schritt 2 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 3 Starte noch einmal FRST.
Bitte poste in deiner nächsten Antwort:
__________________ cheers, Leo |
|
08.01.2014, 21:34
| #9 |
| | torch toolbar entfernen Die Logdatein kann ich jetzt leider nicht mehr schicken, da sich der pc runtergefahren hat. als ich C:\AdwCleaner\AdwCleaner[Sx].txt eingeben hab unter suchen. leider habe ich nur über teamviewer zugriff auf den pc, da er weiter entfernt ist. ich schicke dir die log datein morgen. ich habe das programm jetzt aus der systemsteuerung entfernen können. ich habe aber immer noch das problem, das sich im browser ask.com öffnet egal was ich als startseite festlege. es ist in opera, crome, safari und internet explorer so  |
|
09.01.2014, 14:39
| #10 |
| /// TB-Ausbilder | torch toolbar entfernen Ok, sobald die Logs da sind, können wir weitermachen.
__________________ cheers, Leo |
|
| Themen zu torch toolbar entfernen |
| datei, entferne, entfernen, funktionier, funktioniert, gefunde, geklappt, hilfe, nervige, ordner, scan, sichere, sicheren, toolbar, toolbar entfernen, versuch, versucht |
Linear-Darstellung
