Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 7 Premium 64: Microsoft Fixit Fehlermeldung [Code 8004FE2C] als Hinweis auf Infizierung

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 16.03.2014, 09:57   #1
Max Frisch
 
Windows 7 Premium 64: Microsoft Fixit Fehlermeldung [Code 8004FE2C] als Hinweis auf Infizierung - Standard

Windows 7 Premium 64: Microsoft Fixit Fehlermeldung [Code 8004FE2C] als Hinweis auf Infizierung



Lieber Helferinnen, liebe Helfer,

ich wende mich an Euch mit der Bitte um Hilfe.

Ich benutze Windows Home 7 Premium in einer 64bit Version.
Bei dem Versuch Java Runtime auf den neusten Stand zu bringen, gab es ein Problem (welches ich inzwischen lösen konnte, indem ich JRE komplett deinstalliert und dann neu installiert habe). JAVA forderte mich auf das Fixit Programm von Microsoft auszuführen (MicrosoftFixit.ProgramInstallUninstall.RNP.Run). Dabei bekomme ich jedoch folgende Fehlermeldung:
We're sorry, but the program encountered an erro trying to contact the server. Please try again later. [Code 8004FE2C]
Eine kurze Google-Suche deutet in mehreren Fällen auf eine Infizierung des Systems mit Schadsoftware. Um diese Situation bei mir ausschließen zu können, wende ich mich an Euch.

Ich habe versucht, mich an die "Für alle Hilfesuchenden!"-Regeln zu halten, defogger, FRST und GMER installiert und ausgeführt, es folgt der jeweilige Inhalt der jeweiligen Textdateien .

Ich bin sehr froh über die Möglichkeit, die mir dieses Forum bietet, bin mir dabei völlig im Klaren, dass jegliche Hilfe alles andere als eine Selbstverständlichkeit ist und danke Euch deshalb schon im Voraus für Eure Mühe.

Viele Grüße

Max

defogger_disable.log
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 09:20 on 16/03/2014 (Alex)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         
FRST.txt
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Alex (administrator) on MOSES on 16-03-2014 09:20:46
Running from C:\Users\Alex\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Message Controller\AsMessageController.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Eee Manager\EeeManager.exe
(Creative Technology Ltd.) C:\Program Files (x86)\Creative\Creative Media Lite\CTZDetec.exe
(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Eee Manager\AsShellApplication.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Eee Manager\EMOSDControl\EMOSDControl.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Eee Manager\EMMessageParser.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11048040 2010-07-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2103912 2010-07-22] (Realtek Semiconductor)
HKLM-x32\...\Run: [SonicMasterTray] - C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe [984400 2010-07-10] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [OOBESetup] - C:\Program Files (x86)\asus\OOBERegBackup\OOBERegBackup.exe [334848 2009-11-12] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [AsShellApplication] - C:\Program Files (x86)\ASUS\Eee Manager\AsShellApplication.exe [232064 2009-12-23] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [FreePDF Assistant] - C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2013-03-14] (shbox.de)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [186408 2013-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\RunOnce: [NCInstallQueue] - rundll32 netman.dll,ProcessQueue [360448 2009-07-14] (Microsoft Corporation)
HKU\.DEFAULT\...\Policies\system: [LogonHoursAction] 2
HKU\.DEFAULT\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3158290526-3171002894-2857290960-1000\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKU\S-1-5-21-3158290526-3171002894-2857290960-1000\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)
HKU\S-1-5-21-3158290526-3171002894-2857290960-1000\...\Run: [CTZDetec.exe] - C:\Program Files (x86)\Creative\Creative Media Lite\CTZDetec.exe [368640 2008-04-24] (Creative Technology Ltd.)
HKU\S-1-5-21-3158290526-3171002894-2857290960-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-3158290526-3171002894-2857290960-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3158290526-3171002894-2857290960-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\login\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\login\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Alex\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
Startup: C:\Users\login\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\schtasks.lnk
ShortcutTarget: schtasks.lnk -> C:\Windows\System32\schtasks.exe (Microsoft Corporation)
GroupPolicyUsers\S-1-5-21-3158290526-3171002894-2857290960-1005\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-3158290526-3171002894-2857290960-1002\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-3158290526-3171002894-2857290960-1000\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://fm4.orf.at/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xCACA911FDE26CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=DCC000FF046C4137&affID=119557&tt=070813_wc1&tsp=4970
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=DE&ver=20&locale=de_DE&gct=kwd&qsrc=2869
BHO-x32: SaveByclick - {54DF9152-A1C9-25FF-CAFE-1F9FB5F3B5C1} - C:\ProgramData\SaveByclick\5102497f92a47.dll ()
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\520xr6pu.default
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", "");
FF Homepage: hxxp://fm4.orf.at/
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.10.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @checkpoint.com/FFApi - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.18 - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdrmv2.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwmsdrm.dll (Microsoft Corporation)
FF SearchPlugin: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\520xr6pu.default\searchplugins\safesearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: SaveByclick - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\520xr6pu.default\Extensions\5102497f928b4@5102497f928ef.com [2013-01-25]
FF Extension: German Dictionary - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\520xr6pu.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2012-10-15]
FF Extension: Zotero Word for Windows Integration - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\520xr6pu.default\Extensions\zoteroWinWordIntegration@zotero.org [2013-12-12]
FF Extension: Hide My Ass Proxy Extension - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\520xr6pu.default\Extensions\extension@hidemyass.com.xpi [2011-09-10]
FF Extension: Stealthy - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\520xr6pu.default\Extensions\stealthyextension@gmail.com.xpi [2011-09-10]
FF Extension: TrackMeNot - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\520xr6pu.default\Extensions\trackmenot@mrl.nyu.edu.xpi [2011-06-01]
FF Extension: Zotero - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\520xr6pu.default\Extensions\zotero@chnm.gmu.edu.xpi [2014-03-10]
FF Extension: NoScript - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\520xr6pu.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-08-01]
FF Extension: Adblock Plus - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\520xr6pu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-06-01]
FF Extension: BetterPrivacy - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\520xr6pu.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2011-07-01]
FF Extension: vshare Add-On - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\520xr6pu.default\Extensions\{dd05fd3d-18df-4ce4-ae53-e795339c5f01}.xpi [2011-09-13]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\IPSFF [2013-12-28]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\coFFPlgn\ []

Chrome: 
=======
CHR Extension: (SaveByclick) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\malimhenbijpbhhahdbcfjehicncoknh [2013-01-25]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\Exts\Chrome.crx [2014-01-31]

==================== Services (Whitelisted) =================

R2 CTDevice_Srv; C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe [61440 2007-04-02] (Creative Technology Ltd)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-20] (Symantec Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [34528 2013-06-03] (The OpenVPN Project)

==================== Drivers (Whitelisted) ====================

R3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 ASInsHelp; C:\Windows\SysWow64\drivers\AsInsHelp64.sys [11832 2008-01-04] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-04-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-06-11] (DT Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-01-24] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-12-27] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20140314.001\IDSvia64.sys [524504 2014-03-06] (Symantec Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20140315.009\ENG64.SYS [126040 2014-03-10] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20140315.009\EX64.SYS [2099288 2014-03-10] (Symantec Corporation)
R3 SRTSP; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-15] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-04] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-20] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-12-28] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-04] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-24] (Symantec Corporation)
R3 USTOR2K; C:\Windows\System32\DRIVERS\ustor2k.sys [52224 2010-02-22] (Genesys Logic)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U3 kxddypow; \??\C:\Users\Alex\AppData\Local\Temp\kxddypow.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-16 09:20 - 2014-03-16 09:20 - 00021188 _____ () C:\Users\Alex\Desktop\FRST.txt
2014-03-16 09:20 - 2014-03-16 09:20 - 00000470 _____ () C:\Users\Alex\Desktop\defogger_disable.log
2014-03-16 09:19 - 2014-03-16 08:42 - 02157056 _____ (Farbar) C:\Users\Alex\Desktop\FRST64.exe
2014-03-16 09:19 - 2014-03-16 08:42 - 00380416 _____ () C:\Users\Alex\Desktop\xpcnmm1p.exe
2014-03-16 09:19 - 2014-03-16 08:42 - 00050477 _____ () C:\Users\Alex\Desktop\Defogger.exe
2014-03-16 09:04 - 2014-03-16 09:20 - 00000000 ____D () C:\FRST
2014-03-16 09:04 - 2014-03-16 09:04 - 00000168 _____ () C:\Users\Alex\defogger_reenable
2014-03-16 08:30 - 2014-03-16 08:30 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-03-16 08:30 - 2014-03-16 08:30 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-03-16 08:30 - 2014-03-16 08:30 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-03-16 08:30 - 2014-03-16 08:30 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-03-13 20:49 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 20:49 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 20:49 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 20:49 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 20:49 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-13 20:49 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-13 20:49 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 20:49 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-13 20:49 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 20:49 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 20:49 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-13 20:49 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-13 20:49 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-13 20:49 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 20:49 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-13 20:49 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 20:49 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-13 20:49 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 20:49 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-13 20:49 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-13 20:49 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-13 20:49 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 20:49 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-13 20:49 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 20:49 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-13 20:49 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 20:49 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-13 20:49 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 20:49 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 20:49 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-13 20:49 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-13 20:49 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 20:49 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 20:49 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 20:49 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-13 20:49 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 20:49 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-13 20:49 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-13 20:49 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-13 20:49 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-13 20:49 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 20:49 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-13 20:49 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 20:49 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-13 20:49 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-13 20:49 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 20:49 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-13 20:49 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-06 08:47 - 2014-03-06 08:46 - 05426640 _____ () C:\Users\Alex\Desktop\Newold.tif
2014-02-28 09:18 - 2014-02-28 09:18 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-28 09:18 - 2014-02-28 09:18 - 00000000 ____D () C:\Users\Alex\AppData\Local\Skype
2014-02-22 21:16 - 2014-02-22 21:16 - 00173454 _____ () C:\Users\Andy\Desktop\handschuh ferse.bmp
2014-02-16 13:53 - 2014-02-16 13:53 - 00058516 _____ () C:\Users\Alex\Documents\ESt2013_Minius_Andreea.elfo
2014-02-16 13:18 - 2014-02-16 13:18 - 00056575 _____ () C:\Users\Alex\Documents\ESt2013_Koplenig_Alexander.elfo
2014-02-15 17:19 - 2014-02-15 17:19 - 00001237 _____ () C:\Users\Public\Desktop\ElsterFormular.lnk
2014-02-15 17:19 - 2014-02-15 17:19 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-02-15 17:18 - 2014-02-15 17:18 - 77047096 _____ (Landesfinanzdirektion Thüringen) C:\Users\Andy\Downloads\ElsterFormular-15.0.20140212p(1).exe
2014-02-15 17:17 - 2014-02-15 17:18 - 77047096 _____ (Landesfinanzdirektion Thüringen) C:\Users\Andy\Downloads\ElsterFormular-15.0.20140212p.exe
2014-02-15 16:29 - 2014-02-15 16:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-03-16 09:20 - 2014-03-16 09:20 - 00021188 _____ () C:\Users\Alex\Desktop\FRST.txt
2014-03-16 09:20 - 2014-03-16 09:20 - 00000470 _____ () C:\Users\Alex\Desktop\defogger_disable.log
2014-03-16 09:20 - 2014-03-16 09:04 - 00000000 ____D () C:\FRST
2014-03-16 09:14 - 2012-04-13 17:53 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-16 09:06 - 2013-01-16 19:27 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Skype
2014-03-16 09:04 - 2014-03-16 09:04 - 00000168 _____ () C:\Users\Alex\defogger_reenable
2014-03-16 09:04 - 2011-05-31 16:59 - 00000000 ____D () C:\Users\Alex
2014-03-16 08:53 - 2011-05-31 16:57 - 01099312 _____ () C:\Windows\WindowsUpdate.log
2014-03-16 08:43 - 2011-06-09 18:26 - 00000432 _____ () C:\Windows\BRWMARK.INI
2014-03-16 08:42 - 2014-03-16 09:19 - 02157056 _____ (Farbar) C:\Users\Alex\Desktop\FRST64.exe
2014-03-16 08:42 - 2014-03-16 09:19 - 00380416 _____ () C:\Users\Alex\Desktop\xpcnmm1p.exe
2014-03-16 08:42 - 2014-03-16 09:19 - 00050477 _____ () C:\Users\Alex\Desktop\Defogger.exe
2014-03-16 08:33 - 2011-08-14 14:17 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-16 08:33 - 2011-06-02 09:41 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-03-16 08:30 - 2014-03-16 08:30 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-03-16 08:30 - 2014-03-16 08:30 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-03-16 08:30 - 2014-03-16 08:30 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-03-16 08:30 - 2014-03-16 08:30 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-03-16 08:30 - 2013-10-17 12:59 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-16 08:20 - 2012-01-17 17:16 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Dropbox
2014-03-16 08:03 - 2009-07-14 05:45 - 00014592 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-16 08:03 - 2009-07-14 05:45 - 00014592 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-16 07:58 - 2012-01-23 10:30 - 00000000 ____D () C:\Users\Alex\AppData\Local\FreePDF_XP
2014-03-16 07:58 - 2011-08-14 14:17 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-16 07:56 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-16 07:56 - 2009-07-14 05:51 - 00177420 _____ () C:\Windows\setupact.log
2014-03-15 16:38 - 2009-08-29 02:51 - 00713958 _____ () C:\Windows\system32\perfh007.dat
2014-03-15 16:38 - 2009-08-29 02:51 - 00154074 _____ () C:\Windows\system32\perfc007.dat
2014-03-15 16:38 - 2009-07-14 06:13 - 01648656 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-15 16:33 - 2009-07-14 05:45 - 00425240 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-13 21:59 - 2012-10-23 10:51 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Skype
2014-03-13 20:43 - 2012-07-01 14:34 - 00000000 ____D () C:\Users\Andy\AppData\Local\FreePDF_XP
2014-03-12 19:14 - 2012-04-13 17:53 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 19:14 - 2012-04-13 17:53 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 19:14 - 2011-05-31 18:54 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-10 09:24 - 2012-03-10 10:16 - 00000000 ____D () C:\Users\Alex\AppData\Local\Deployment
2014-03-10 09:03 - 2013-12-07 08:54 - 00000000 ____D () C:\Users\Alex\Documents\Sammelband BZV
2014-03-10 09:03 - 2013-12-07 08:54 - 00000000 ____D () C:\Users\Alex\Documents\Datenanalyse-Einführung_2013
2014-03-10 09:02 - 2013-12-07 08:54 - 00000000 ____D () C:\Users\Alex\Documents\Burmesisch
2014-03-08 18:13 - 2012-02-17 09:26 - 00000000 ____D () C:\Users\Alex\AppData\Local\FE1A721D-403E-4008-A26F-F1182F15E75C.aplzod
2014-03-06 09:42 - 2013-07-31 08:22 - 00002046 ____H () C:\Users\Alex\Documents\Default.rdp
2014-03-06 08:46 - 2014-03-06 08:47 - 05426640 _____ () C:\Users\Alex\Desktop\Newold.tif
2014-03-02 15:15 - 2013-03-17 16:13 - 00000000 ____D () C:\Windows\rescache
2014-03-01 07:05 - 2014-03-13 20:49 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 06:17 - 2014-03-13 20:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 06:16 - 2014-03-13 20:49 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 05:58 - 2014-03-13 20:49 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 05:52 - 2014-03-13 20:49 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 05:51 - 2014-03-13 20:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 05:42 - 2014-03-13 20:49 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 05:40 - 2014-03-13 20:49 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 05:37 - 2014-03-13 20:49 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 05:33 - 2014-03-13 20:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 05:33 - 2014-03-13 20:49 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 05:32 - 2014-03-13 20:49 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 05:30 - 2014-03-13 20:49 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 05:23 - 2014-03-13 20:49 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 05:17 - 2014-03-13 20:49 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 05:11 - 2014-03-13 20:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 05:02 - 2014-03-13 20:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 04:54 - 2014-03-13 20:49 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 04:52 - 2014-03-13 20:49 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 04:51 - 2014-03-13 20:49 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-13 20:49 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 04:43 - 2014-03-13 20:49 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 04:43 - 2014-03-13 20:49 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 04:42 - 2014-03-13 20:49 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 04:40 - 2014-03-13 20:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 04:38 - 2014-03-13 20:49 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 04:37 - 2014-03-13 20:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-01 04:35 - 2014-03-13 20:49 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 04:18 - 2014-03-13 20:49 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 04:16 - 2014-03-13 20:49 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 04:14 - 2014-03-13 20:49 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-13 20:49 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 04:03 - 2014-03-13 20:49 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 04:00 - 2014-03-13 20:49 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 03:57 - 2014-03-13 20:49 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-13 20:49 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-13 20:49 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-13 20:49 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-13 20:49 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-13 20:49 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-28 09:18 - 2014-02-28 09:18 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-28 09:18 - 2014-02-28 09:18 - 00000000 ____D () C:\Users\Alex\AppData\Local\Skype
2014-02-28 09:18 - 2011-07-21 16:39 - 00000000 ____D () C:\ProgramData\Skype
2014-02-26 12:49 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-25 20:20 - 2011-09-09 11:41 - 01622000 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-25 19:26 - 2011-05-19 00:53 - 01293224 _____ () C:\Windows\PFRO.log
2014-02-22 21:16 - 2014-02-22 21:16 - 00173454 _____ () C:\Users\Andy\Desktop\handschuh ferse.bmp
2014-02-21 14:28 - 2011-08-14 14:17 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-21 14:28 - 2011-08-14 14:17 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-21 13:20 - 2014-01-09 13:06 - 00000000 ____D () C:\Users\Alex\AppData\Local\CrashDumps
2014-02-21 13:20 - 2013-01-27 09:13 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\vlc
2014-02-17 20:14 - 2013-08-15 13:57 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-17 20:12 - 2011-09-09 09:56 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-16 13:53 - 2014-02-16 13:53 - 00058516 _____ () C:\Users\Alex\Documents\ESt2013_Minius_Andreea.elfo
2014-02-16 13:18 - 2014-02-16 13:18 - 00056575 _____ () C:\Users\Alex\Documents\ESt2013_Koplenig_Alexander.elfo
2014-02-16 12:53 - 2012-02-12 12:24 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\elsterformular
2014-02-16 11:56 - 2012-12-26 19:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-15 17:20 - 2013-02-07 20:19 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\elsterformular
2014-02-15 17:19 - 2014-02-15 17:19 - 00001237 _____ () C:\Users\Public\Desktop\ElsterFormular.lnk
2014-02-15 17:19 - 2014-02-15 17:19 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-02-15 17:18 - 2014-02-15 17:18 - 77047096 _____ (Landesfinanzdirektion Thüringen) C:\Users\Andy\Downloads\ElsterFormular-15.0.20140212p(1).exe
2014-02-15 17:18 - 2014-02-15 17:17 - 77047096 _____ (Landesfinanzdirektion Thüringen) C:\Users\Andy\Downloads\ElsterFormular-15.0.20140212p.exe
2014-02-15 16:29 - 2014-02-15 16:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

Files to move or delete:
====================
C:\Users\Alex\AppData\Roaming\CamLayout.ini
C:\Users\Alex\AppData\Roaming\CamShapes.ini


Some content of TEMP:
====================
C:\Users\Alex\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Alex\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!


LastRegBack: 2014-03-02 15:08

==================== End Of Log ============================
         
Gmer.txt
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-03-16 09:38:57
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2 ST3750528AS rev.CC46 698.64GB
Running: xpcnmm1p.exe; Driver: C:\Users\Alex\AppData\Local\Temp\kxddypow.sys


---- User code sections - GMER 2.1 ----

.text    C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe[3560] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                          00000000766e1465 2 bytes [6E, 76]
.text    C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe[3560] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                         00000000766e14bb 2 bytes [6E, 76]
.text    ...                                                                                                                                                                                                                      * 2
.text    C:\Users\login\AppData\Roaming\Dropbox\bin\Dropbox.exe[3940] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69                                                                                                     00000000766e1465 2 bytes [6E, 76]
.text    C:\Users\login\AppData\Roaming\Dropbox\bin\Dropbox.exe[3940] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155                                                                                                    00000000766e14bb 2 bytes [6E, 76]
.text    ...                                                                                                                                                                                                                      * 2
.text    C:\Users\Alex\Desktop\xpcnmm1p.exe[4528] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess                                                                                                                                00000000778ffcb0 5 bytes JMP 000000010032091c
.text    C:\Users\Alex\Desktop\xpcnmm1p.exe[4528] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory                                                                                                                              00000000778ffe14 5 bytes JMP 0000000100320048
.text    C:\Users\Alex\Desktop\xpcnmm1p.exe[4528] C:\Windows\SysWOW64\ntdll.dll!NtOpenEvent                                                                                                                                       00000000778ffea8 5 bytes JMP 00000001003202ee
.text    C:\Users\Alex\Desktop\xpcnmm1p.exe[4528] C:\Windows\SysWOW64\ntdll.dll!NtCreateThread                                                                                                                                    0000000077900004 5 bytes JMP 00000001003204b2
.text    C:\Users\Alex\Desktop\xpcnmm1p.exe[4528] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory                                                                                                                            0000000077900038 5 bytes JMP 00000001003209fe
.text    C:\Users\Alex\Desktop\xpcnmm1p.exe[4528] C:\Windows\SysWOW64\ntdll.dll!NtResumeThread                                                                                                                                    0000000077900068 5 bytes JMP 0000000100320ae0
.text    C:\Users\Alex\Desktop\xpcnmm1p.exe[4528] C:\Windows\SysWOW64\ntdll.dll!NtTerminateThread                                                                                                                                 0000000077900084 5 bytes JMP 0000000100020050
.text    C:\Users\Alex\Desktop\xpcnmm1p.exe[4528] C:\Windows\SysWOW64\ntdll.dll!NtCreateMutant                                                                                                                                    000000007790079c 5 bytes JMP 000000010032012a
.text    C:\Users\Alex\Desktop\xpcnmm1p.exe[4528] C:\Windows\SysWOW64\ntdll.dll!NtCreateSymbolicLinkObject                                                                                                                        000000007790088c 5 bytes JMP 0000000100320758
.text    C:\Users\Alex\Desktop\xpcnmm1p.exe[4528] C:\Windows\SysWOW64\ntdll.dll!NtCreateThreadEx                                                                                                                                  00000000779008a4 5 bytes JMP 0000000100320676
.text    C:\Users\Alex\Desktop\xpcnmm1p.exe[4528] C:\Windows\SysWOW64\ntdll.dll!NtLoadDriver                                                                                                                                      0000000077900df4 5 bytes JMP 00000001003203d0
.text    C:\Users\Alex\Desktop\xpcnmm1p.exe[4528] C:\Windows\SysWOW64\ntdll.dll!NtSetContextThread                                                                                                                                0000000077901920 5 bytes JMP 0000000100320594
.text    C:\Users\Alex\Desktop\xpcnmm1p.exe[4528] C:\Windows\SysWOW64\ntdll.dll!NtSetSystemInformation                                                                                                                            0000000077901be4 5 bytes JMP 000000010032083a
.text    C:\Users\Alex\Desktop\xpcnmm1p.exe[4528] C:\Windows\SysWOW64\ntdll.dll!NtSuspendThread                                                                                                                                   0000000077901d70 5 bytes JMP 000000010032020c
.text    C:\Users\Alex\Desktop\xpcnmm1p.exe[4528] C:\Windows\SysWOW64\sechost.dll!SetServiceObjectSecurity + 206                                                                                                                  00000000757d524f 7 bytes JMP 0000000100320f52
.text    C:\Users\Alex\Desktop\xpcnmm1p.exe[4528] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfigA + 380                                                                                                                      00000000757d53d0 7 bytes JMP 0000000100330210
.text    C:\Users\Alex\Desktop\xpcnmm1p.exe[4528] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfig2W + 149                                                                                                                     00000000757d5677 1 byte JMP 0000000100330048
.text    C:\Users\Alex\Desktop\xpcnmm1p.exe[4528] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfig2W + 151                                                                                                                     00000000757d5679 5 bytes {JMP 0xffffffff8ab5a9d1}
.text    C:\Users\Alex\Desktop\xpcnmm1p.exe[4528] C:\Windows\SysWOW64\sechost.dll!CreateServiceA + 542                                                                                                                            00000000757d589a 7 bytes JMP 0000000100320ca6
.text    C:\Users\Alex\Desktop\xpcnmm1p.exe[4528] C:\Windows\SysWOW64\sechost.dll!CreateServiceW + 382                                                                                                                            00000000757d5a1d 7 bytes JMP 00000001003303d8
.text    C:\Users\Alex\Desktop\xpcnmm1p.exe[4528] C:\Windows\SysWOW64\sechost.dll!QueryServiceConfigW + 370                                                                                                                       00000000757d5c9b 7 bytes JMP 000000010033012c
.text    C:\Users\Alex\Desktop\xpcnmm1p.exe[4528] C:\Windows\SysWOW64\sechost.dll!ControlServiceExA + 231                                                                                                                         00000000757d5d87 7 bytes JMP 00000001003302f4
.text    C:\Users\Alex\Desktop\xpcnmm1p.exe[4528] C:\Windows\SysWOW64\sechost.dll!I_ScBroadcastServiceControlMessage + 123                                                                                                        00000000757d7240 7 bytes JMP 0000000100320e6e
.text    C:\Users\Alex\Desktop\xpcnmm1p.exe[4528] C:\Windows\syswow64\USER32.dll!RecordShutdownReason + 882                                                                                                                       0000000075731492 7 bytes JMP 00000001003304bc
---- Processes - GMER 2.1 ----

Library  C:\Users\login\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll (*** suspicious ***) @ C:\Windows\Explorer.EXE [2252] (Dropbox Shell Extension/Dropbox, Inc.)(2011-12-05 19:17:22)                                        0000000010000000
Library  C:\Users\login\AppData\Roaming\Dropbox\bin\MSVCR71.dll (*** suspicious ***) @ C:\Users\login\AppData\Roaming\Dropbox\bin\Dropbox.exe [3940] (Microsoft® C Runtime Library/Microsoft Corporation)(2007-07-18 21:33:54)    000000007c340000
Library  C:\Users\login\AppData\Roaming\Dropbox\bin\MSVCP71.dll (*** suspicious ***) @ C:\Users\login\AppData\Roaming\Dropbox\bin\Dropbox.exe [3940] (Microsoft® C++ Runtime Library/Microsoft Corporation)(2011-09-29 00:53:44)  000000007c3a0000

---- EOF - GMER 2.1 ----
         

Alt 16.03.2014, 11:07   #2
Larusso
/// Selecta Jahrusso
 
Windows 7 Premium 64: Microsoft Fixit Fehlermeldung [Code 8004FE2C] als Hinweis auf Infizierung - Standard

Windows 7 Premium 64: Microsoft Fixit Fehlermeldung [Code 8004FE2C] als Hinweis auf Infizierung





Bitte installiere/ deinstalliere keine Software während wir hier zusammen arbeiten.
Keine Scans durchführen, ausser die von mir geforderten.
Arbeite die Schritte bitte der Reihe nach ab. Sollte es bei einem Probleme geben, stoppe bitte und berichte mir so gut es geht über das Problem.


Ich glaube einfach, dass hier nur ein Service verbogen ist und ein bisschen Adware vorhanden.
Ich brauche dafür aber noch die Addtion.txt

Starte bitte FRST.
Setze einen Haken bei Addition.txt und drücke auf Scan.

FRST wird 2 Logfiles erstellen, ich brauche aber nur die Addition.txt


Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________

Alt 16.03.2014, 11:14   #3
Max Frisch
 
Windows 7 Premium 64: Microsoft Fixit Fehlermeldung [Code 8004FE2C] als Hinweis auf Infizierung - Standard

Windows 7 Premium 64: Microsoft Fixit Fehlermeldung [Code 8004FE2C] als Hinweis auf Infizierung



Lieber Larusso,

besten Dank für die rasche Antwort, hier die Addition.txt

Viele Grüße

Max

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Alex at 2014-03-16 11:12:29
Running from C:\Users\Alex\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton Internet Security (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}) (Version:  - Microsoft)
2007 Microsoft Office Suite Service Pack 1 (SP1) (x32 Version:  - Microsoft) Hidden
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
ActivePerl 5.16.3 Build 1603 (64-bit) (HKLM\...\{8C327061-E39D-4696-84A8-E84533ADDD7D}) (Version: 5.16.1603 - ActiveState)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.)
Amazon MP3-Downloader 1.0.9 (HKLM-x32\...\Amazon MP3-Downloader) (Version:  - )
Any Video Converter Ultimate 4.3.2 (HKLM-x32\...\Any Video Converter Ultimate_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Verifier (x64) (HKLM\...\{89026002-A893-42D9-9E20-6829B844735E}) (Version: 4.1.1078 - Microsoft Corporation)
Ashampoo Snap 3.50 (HKLM-x32\...\Ashampoo Snap 3_is1) (Version: 3.5.0 - ashampoo GmbH & Co. KG)
ASUS Easy Update (HKLM-x32\...\{9A9FEC4E-8696-43B4-8C19-5BE4D9038B55}) (Version: 2.00.18 - )
ASUS VIBE (HKLM-x32\...\ASUS VIBE) (Version: 1.0.188 - Ecareme, Inc.)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 2.0.46.1429 - eCareme Technologies, Inc.)
ASUSUpdate (HKLM-x32\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 7.18.03 - ASUSTeK Computer Inc.)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
AutoUpdate (HKLM-x32\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.0 - )
BeCyPDFMetaEdit (HKLM-x32\...\BeCyPDFMetaEdit) (Version: 2.37.0 - Benjamin Bentmann)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BurnAware Free 3.3.1 (HKLM-x32\...\BurnAware Free_is1) (Version:  - Burnaware Technologies)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.0.2838 - CDBurnerXP)
Convert AVI to MP4 1.3 (HKLM-x32\...\{9ECE13D2-C028-44CB-8A96-A65196E7BBE7}_is1) (Version:  - convertavitomp3.com)
ConvertXtoDVD 4.0.9.322 (HKLM-x32\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.0.9.322 - )
Cosmas II Client v3.11 (HKLM-x32\...\Cosmas II Client) (Version:  - )
Creative Media Lite (HKLM-x32\...\Creative Media Lite) (Version:  - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.40.2.0131 - DT Soft Ltd)
Debugging Tools for Windows (x64) (HKLM\...\{DBFC6AAE-DCCB-4C23-B01C-3EDDDC03298B}) (Version: 6.12.2.633 - Microsoft Corporation)
DivX (HKLM-x32\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 5.2.1 - DivXNetworks, Inc.)
ebi.BookReader3J (HKLM-x32\...\{F3D2DEDC-4732-4188-8A3A-1A3FFBD4D6C8}) (Version: 3.75.14 - eBOOK Initiative Japan Co., Ltd.)
Eee Docking (HKLM\...\{85EA6D4E-04CC-48b0-B526-EA9E2FEF56FA}) (Version: 3.9.3 - ASUSTek Computer Inc.)
Eee Manager (HKLM-x32\...\{795274EF-3EDA-4427-9D4C-446C9137BB6D}) (Version: 2.13.01 - ASUSTeK)
Eee Memo (HKLM-x32\...\{CF5451E4-DA6F-44AE-88D4-BCEC1508C17E}) (Version: 1.19.4 - ASUSTEK)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.0.20140212 - Landesfinanzdirektion Thüringen)
FileZilla Client 3.5.3 (HKLM-x32\...\FileZilla Client) (Version: 3.5.3 - FileZilla Project)
Free iPad Video Converter 3.7.2.1 (HKLM-x32\...\Free iPad Video Converter_is1) (Version:  - FreeAudioVideoSoftTech, Inc.)
Free M4a to MP3 Converter 7.0 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
Free Mp3 Wma Converter V 2.1 (HKLM-x32\...\Free Mp3 Wma Converter_is1) (Version: 2.1.0.0 - Koyote Soft)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
Game Park Console (HKLM-x32\...\{3B9B1FCD-AD30-4076-B027-8C01C8E84284}_is1) (Version: 6.2.1.1 - Oberon Media, Inc.)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 3.2.0.4 - Genesys Logic)
GIMP 2.6.12 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.12 - The GIMP Team)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
HandBrake 0.9.6 (HKLM-x32\...\HandBrake) (Version: 0.9.6 - )
iCloud (HKLM\...\{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}) (Version: 3.0.2.163 - Apple Inc.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.5.0 - LIGHTNING UK!)
ImTOO iPad Converter (HKLM-x32\...\ImTOO iPad Video Converter) (Version: 5.1.39.0305 - ImTOO)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
iTunes (HKLM\...\{A535111D-95C8-487F-869E-CE4C239972D2}) (Version: 11.1.1.11 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader (HKLM-x32\...\JDownloader) (Version:  - AppWork UG (haftungsbeschränkt))
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
K-Lite Codec Pack (64-bit) v4.6.0 (HKLM\...\KLiteCodecPack64_is1) (Version: 4.6.0 - )
K-Lite Codec Pack 5.2.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 5.2.0 - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Media Player Classic - Home Cinema v1.5.1.2903 x64 (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.5.1.2903 - MPC-HC Team)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Document Explorer 2008 (HKLM-x32\...\Microsoft Document Explorer 2008) (Version:  - Microsoft Corporation)
Microsoft Document Explorer 2008 (x32 Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6215.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (HKLM-x32\...\{90120000-00B2-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Search Enhancement Pack (x32 Version: 1.2.123.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU  (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU  (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Touch Pack for Windows 7 (HKLM-x32\...\{8FF90DB8-6DED-44A3-B182-244FEC09012F}) (Version: 1.0.40517.00 - Microsoft Corporation)
Microsoft Visual C++  Compilers 2010 Standard - enu - x64 (HKLM\...\{88387B3B-B110-392F-B919-1A15B48F21D4}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++  Compilers 2010 Standard - enu - x86 (HKLM-x32\...\{370187B9-6964-38D0-851F-6C4898B0C2B1}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ Compilers 2008 Standard Edition - enu - x64 (HKLM\...\{965DF723-5688-359E-84D2-417CAFE644B5}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ Compilers 2008 Standard Edition - enu - x86 (HKLM-x32\...\{44D9A2CB-0692-3180-B5E2-26F4E807D067}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Windows Performance Toolkit (HKLM\...\{E7F9E526-2324-437B-A609-E8C5309465CB}) (Version: 4.8.0 - Microsoft Corporation)
Microsoft Windows SDK .NET Framework Tools (30514) (Version: 7.1.30514 - Microsoft) Hidden
Microsoft Windows SDK for Visual Studio .NET 4.0 Framework Tools (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK for Windows 7 (7.1) (HKLM\...\SDKSetup_7.1.7600.0.30514) (Version: 7.1.7600.0.30514 - Microsoft Corporation)
Microsoft Windows SDK for Windows 7 (7.1) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK for Windows 7 Common Utilities (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK for Windows 7 Headers and Libraries (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK for Windows 7 Redistributable Components for Common Tools (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK for Windows 7 Samples (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK for Windows 7 Utilities for Win32 Development (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK Intellisense and Reference Assemblies (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK MSHelp (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK Net Fx Interop Headers And Libraries (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Miro Video Converter (HKLM-x32\...\Miro Video Converter) (Version: 0.8.0 - Participatory Culture Foundation)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MusicBridge (HKLM-x32\...\{549622DF-3674-459C-81F3-38124A45FA0E}) (Version: 2.0.1 - JimbobSoft)
muvee autoProducer 4.0 (HKLM-x32\...\{4013D7AC-AC71-4A81-AD57-5E6E46408492}) (Version: 4.01.000 - muvee Technologies)
muvee autoProducer Express (HKLM-x32\...\{738F7CB6-953D-4606-81A3-79C940674C05}) (Version: 1.00.000 - muvee Technologies)
muvee Reveal Runtime (HKLM-x32\...\{2BC34558-96D5-4CC2-AC67-F30DE28E7826}) (Version: 10.5.0.23245 - muvee Technologies Pte Ltd)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 20.4.0.40 - Symantec Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5888 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
OOBERegBackup (HKLM-x32\...\OOBERegBackup_is1) (Version:  - ASUSTeK Computer Inc.)
OpenVPN 2.3.2-I001  (HKLM\...\OpenVPN) (Version: 2.3.2-I001 - )
PDF Blender (HKLM-x32\...\PDF Blender) (Version:  - )
PDF24 Creator 6.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.6.2 - pdfforge)
Photomatix Pro version 4.0.2 (HKLM\...\PhotomatixPro4.0x64_is1) (Version: 4.0.2 - HDRsoft Sarl)
Pixum Fotobuch (HKLM-x32\...\Pixum Fotobuch) (Version: 5.1.3 - CEWE Stiftung u Co. KGaA)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version:  - Jan Fiala)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 1.5.1.0 - Ralink)
Rdio (HKCU\...\978ebae4705a27c4) (Version: 1.12.0.0 - Rdio)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6161 - Realtek Semiconductor Corp.)
Recovery Toolbox for PDF 1.2 (HKLM-x32\...\Recovery Toolbox for PDF_is1) (Version:  - Recovery Toolbox, Inc.)
Recuva (HKLM\...\Recuva) (Version: 1.41 - Piriform)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Safari (HKLM-x32\...\{FA4C2D53-205F-4245-9717-F3761154824D}) (Version: 5.34.57.2 - Apple Inc.)
SaveByClick (HKLM\...\{8F79EFE5-8D3D-4478-A693-C51F549ACD13}) (Version: 1.0 - SaveByClick) <==== ATTENTION
Shop'NCook Menu Version 4.0.14 (HKLM-x32\...\{7B2A623E-AF79-4C51-9843-62C0C5D45F74}_is1) (Version: 4.0.14 - Rufenacht Innovative)
simfy (HKLM-x32\...\Simfy) (Version: 1.6.2 - simfy GmbH)
simfy (x32 Version: 1.6.2 - simfy GmbH) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SonicMaster (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.00.0000 - Virage Logic, Corp.)
SopCast 3.3.2 (HKLM-x32\...\SopCast) (Version: 3.3.2 - www.sopcast.com)
Stata 12 (HKLM-x32\...\{5006A0E8-B9B0-48DF-981A-41D005B3E937}) (Version: 12.0 - StataCorp LP)
SUPER © v2012.build.54 (Nov 18, 2012) Version v2012.build.54 (HKLM-x32\...\{8F311E92-C29F-4DF9-8259-B739A1831669}_is1) (Version: v2012.build.54 - eRightSoft)
SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version:  - )
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TextMaker Viewer (HKLM-x32\...\TextMaker Viewer) (Version:  - SoftMaker Software GmbH)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Tune Sweeper (HKLM-x32\...\{DA4FD430-5084-4839-943B-CEDA5A64FFAB}) (Version: 1.037 - Wide Angle Software)
UltraEdit 16.10 (HKLM-x32\...\{6E157E09-AA2E-4090-8EC6-6B9F5FFFB287}) (Version: 16.10.35 - IDM Computer Solutions, Inc.)
VC 9.0 Runtime (x32 Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
Veetle TV 0.9.18 (HKLM-x32\...\Veetle TV) (Version: 0.9.18 - Veetle, Inc)
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
VobSub v2.23 (Remove Only) (HKLM-x32\...\VobSub) (Version:  - )
vShare.tv plugin 1.3 (HKLM-x32\...\vShare.tv plugin) (Version: 1.3 - vShare.tv, Inc.) <==== ATTENTION
VshareComplete (HKLM-x32\...\{ec4b6105-e039-42fb-8e18-c8aa393f0018}_is1) (Version:  - VshareComplete) <==== ATTENTION
WAV To MP3 V2 (HKLM-x32\...\WAV To MP3_is1) (Version:  - hxxp://www.WAVMP3.net)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Toolbar (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
Windows Media Encoder 9 Series (x32 Version: 9.00.2980 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows SDK IntellisenseNFX (x32 Version: 7.1.30514 - Microsoft) Hidden
WinRAR 4.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
XMedia Recode 3.0.9.0 (HKLM-x32\...\XMedia Recode) (Version: 3.0.9.0 - Sebastian Dörfler)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version:  - )
Zattoo4 4.0.5 (HKLM-x32\...\Zattoo4) (Version: 4.0.5 - Zattoo Inc.)
ZoneAlarm LTD Toolbar (HKLM\...\ZoneAlarm LTD Toolbar) (Version:  - Check Point Software Technologies)

==================== Restore Points  =========================

13-03-2014 21:30:35 Windows Update
16-03-2014 07:29:41 Installed Java 7 Update 51

==================== Hosts content: ==========================

2009-07-14 03:34 - 2012-12-26 12:00 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0C80EC88-FB07-4F44-9E15-D23DBC03D24E} - System32\Tasks\ASUS\AsMessageController => C:\Program Files (x86)\ASUS\Message Controller\AsMessageController.exe [2009-12-22] (ASUSTeK Computer Inc.)
Task: {0C9A75B5-C0F6-4AD8-8864-CE69A819CE94} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe [2013-06-03] (Symantec Corporation)
Task: {13D4716A-2DDE-45CE-BCBE-EC28F955463D} - System32\Tasks\ASUS\EeeManagerSuiteHelper => C:\Program Files (x86)\ASUS\Eee Manager\AsEMRunHelper.exe [2010-05-07] (ASUSTeK Computer Inc.)
Task: {523285FC-32C6-4419-A0B0-9160CB2833B7} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [2013-06-03] (Symantec Corporation)
Task: {5ADF3004-C5B2-448D-918B-C093DA2C026A} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [2013-06-03] (Symantec Corporation)
Task: {7849BD2E-7194-4203-A12B-B2FA32F659EA} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {A77851AD-89D3-42F4-BE99-1AF6A59EA303} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-14] (Google Inc.)
Task: {B1D6BFFD-B00A-4CB6-ADBE-88BC8D17620F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-14] (Google Inc.)
Task: {BD57FF74-8A88-4378-BD71-D2B076E1F7EE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {CB2A12D4-3618-4D95-96CE-5B7DF0160D69} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2009-12-29] (ASUSTeK Computer Inc.)
Task: {D4E3A64C-05BE-43B4-B443-15CFD389BC29} - System32\Tasks\{CD05356B-2034-4AE7-A2E5-0C9B679971D1} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-02-10] (Skype Technologies S.A.)
Task: {E7F761F2-E87C-4FF5-A461-7D36511E622A} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {F75887A8-7924-4CE1-AB77-C9DED2E90062} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-01-23 10:27 - 2010-06-17 21:56 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2010-03-16 02:48 - 2010-03-16 02:48 - 00148816 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\EcaremeDLL.dll
2010-08-02 19:20 - 2010-08-02 19:20 - 00030032 _____ () C:\Windows\assembly\GAC_MSIL\SqliteShared\1.0.3726.20828__0d0f4b69e50e559b\SqliteShared.dll
2010-08-02 19:20 - 2010-08-02 19:20 - 00931840 _____ () C:\Windows\assembly\GAC_64\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll
2011-06-01 06:20 - 2011-03-02 11:40 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2010-06-22 15:10 - 2010-06-22 15:10 - 00115200 _____ () C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ue64ctmn.dll
2011-09-27 07:23 - 2011-09-27 07:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 07:22 - 2011-09-27 07:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-01-08 14:41 - 2012-01-08 14:41 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2013-12-28 16:36 - 2012-05-30 07:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\wincfi39.dll
2010-08-02 19:03 - 2007-11-01 01:51 - 00061440 _____ () C:\Program Files (x86)\ASUS\Eee Manager\AsMultiLang.dll
2010-08-02 19:03 - 2008-10-29 04:52 - 00176128 _____ () C:\Program Files (x86)\ASUS\Eee Manager\ImageMgr.dll
2010-08-02 19:03 - 2007-11-01 01:51 - 00061440 _____ () C:\Program Files (x86)\ASUS\Eee Manager\EMOSDControl\MultiLang\AsMultiLang.dll
2010-08-02 19:03 - 2007-11-01 01:51 - 00061440 _____ () C:\Program Files (x86)\ASUS\Eee Manager\MessageParser\AsMultiLang.dll
2010-08-02 19:03 - 2009-09-16 02:17 - 00098304 _____ () C:\Program Files (x86)\ASUS\Message Controller\AsKeyboardHooker.dll
2010-08-02 19:03 - 2008-11-04 12:23 - 00077824 _____ () C:\Program Files (x86)\ASUS\Message Controller\AsRemoteControlHooker.dll
2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2014-02-15 16:29 - 2014-02-15 16:29 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-12-28 16:36 - 2012-05-30 07:51 - 00699280 ____R () C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\wincfi39.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:C64BF02A

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ASUS Easy Update => C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe
MSCONFIG\startupreg: ASUS WebStorage => C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Eee Docking => C:\Program Files\ASUS\Eee Docking\Eee Docking.exe autorun
MSCONFIG\startupreg: FreePDF Assistant => "C:\Program Files (x86)\FreePDF_XP\fpassist.exe"
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: UMonit => C:\Windows\SysWOW64\UMonit.exe
MSCONFIG\startupreg: YouCam Mirror Tray icon => "C:\Program Files (x86)\ASUS\Eee Cam\YouCamTray.exe" /s

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/12/2014 07:31:51 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10031

Error: (03/12/2014 07:31:51 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10031

Error: (03/12/2014 07:31:51 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/10/2014 07:00:57 AM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "G:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

Error: (03/02/2014 07:00:01 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "G:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

Error: (03/02/2014 03:11:08 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (03/02/2014 03:09:10 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="ia64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="ia64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (03/02/2014 03:08:59 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="ia64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="ia64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (03/02/2014 03:08:43 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="ia64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="ia64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (03/01/2014 09:53:52 AM) (Source: Application Hang) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 934

Startzeit: 01cf352b94be13d6

Endzeit: 50

Anwendungspfad: C:\Windows\Explorer.EXE

Berichts-ID: fab7b163-a11e-11e3-97cc-9659c2fe3c5d


System errors:
=============
Error: (03/16/2014 11:02:54 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (03/16/2014 11:02:54 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (03/16/2014 11:02:54 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (03/16/2014 11:02:54 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (03/16/2014 11:02:54 AM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (03/16/2014 11:02:54 AM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (03/16/2014 11:02:18 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (03/16/2014 11:02:18 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (03/16/2014 11:02:18 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (03/16/2014 11:02:18 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535


Microsoft Office Sessions:
=========================
Error: (10/27/2012 07:42:13 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 878 seconds with 840 seconds of active time.  This session ended with a crash.

Error: (08/19/2011 01:56:28 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 4970 seconds with 840 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2012-12-26 12:00:17.763
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-12-26 12:00:17.701
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-12-26 12:00:17.638
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-12-26 12:00:17.576
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-12-26 11:32:54.547
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-12-26 11:32:54.485
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-12-26 08:47:44.200
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-26 08:39:50.325
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-26 08:30:23.833
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-25 19:44:52.117
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 26%
Total physical RAM: 8119.05 MB
Available physical RAM: 5955.77 MB
Total Pagefile: 16236.28 MB
Available Pagefile: 14011.59 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (WIN7) (Fixed) (Total:80 GB) (Free:15.19 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:603.6 GB) (Free:146.16 GB) NTFS
Drive g: () (Removable) (Total:14.83 GB) (Free:11.57 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 1B97BFC8)
Partition 1: (Not Active) - (Size=15 GB) - (Type=1B)
Partition 2: (Active) - (Size=80 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=604 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=39 MB) - (Type=EF)

========================================================
Disk: 1 (Size: 15 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================
         
__________________

Alt 16.03.2014, 11:19   #4
Max Frisch
 
Windows 7 Premium 64: Microsoft Fixit Fehlermeldung [Code 8004FE2C] als Hinweis auf Infizierung - Standard

Windows 7 Premium 64: Microsoft Fixit Fehlermeldung [Code 8004FE2C] als Hinweis auf Infizierung



TDSSKiller.3.0.0.25_16.03.2014_11.16.01_log
Code:
ATTFilter
11:16:01.0724 0x0438  TDSS rootkit removing tool 3.0.0.25 Feb 27 2014 15:23:02
11:16:06.0882 0x0438  ============================================================
11:16:06.0882 0x0438  Current date / time: 2014/03/16 11:16:06.0882
11:16:06.0882 0x0438  SystemInfo:
11:16:06.0882 0x0438  
11:16:06.0882 0x0438  OS Version: 6.1.7601 ServicePack: 1.0
11:16:06.0882 0x0438  Product type: Workstation
11:16:06.0882 0x0438  ComputerName: MOSES
11:16:06.0882 0x0438  UserName: Alex
11:16:06.0882 0x0438  Windows directory: C:\Windows
11:16:06.0882 0x0438  System windows directory: C:\Windows
11:16:06.0882 0x0438  Running under WOW64
11:16:06.0882 0x0438  Processor architecture: Intel x64
11:16:06.0882 0x0438  Number of processors: 4
11:16:06.0882 0x0438  Page size: 0x1000
11:16:06.0882 0x0438  Boot type: Normal boot
11:16:06.0882 0x0438  ============================================================
11:16:09.0029 0x0438  KLMD registered as C:\Windows\system32\drivers\20923641.sys
11:16:09.0191 0x0438  System UUID: {0DC9C0B5-B45E-BED1-F2D8-AEC0B39B7FC6}
11:16:09.0650 0x0438  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:16:09.0657 0x0438  Drive \Device\Harddisk1\DR1 - Size: 0x3B5980000 (14.84 Gb), SectorSize: 0x200, Cylinders: 0x790, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:16:09.0660 0x0438  ============================================================
11:16:09.0660 0x0438  \Device\Harddisk0\DR0:
11:16:09.0661 0x0438  MBR partitions:
11:16:09.0661 0x0438  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0xA000000
11:16:09.0661 0x0438  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xBE00800, BlocksNum 0x4B731800
11:16:09.0661 0x0438  \Device\Harddisk1\DR1:
11:16:09.0661 0x0438  MBR partitions:
11:16:09.0661 0x0438  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x2000, BlocksNum 0x1DAAC00
11:16:09.0661 0x0438  ============================================================
11:16:09.0686 0x0438  C: <-> \Device\Harddisk0\DR0\Partition1
11:16:09.0732 0x0438  D: <-> \Device\Harddisk0\DR0\Partition2
11:16:09.0732 0x0438  ============================================================
11:16:09.0732 0x0438  Initialize success
11:16:09.0732 0x0438  ============================================================
11:16:38.0822 0x0f54  ============================================================
11:16:38.0822 0x0f54  Scan started
11:16:38.0822 0x0f54  Mode: Manual; SigCheck; TDLFS; 
11:16:38.0823 0x0f54  ============================================================
11:16:38.0823 0x0f54  KSN ping started
11:16:52.0519 0x0f54  KSN ping finished: true
11:16:53.0011 0x0f54  ================ Scan system memory ========================
11:16:53.0011 0x0f54  System memory - ok
11:16:53.0012 0x0f54  ================ Scan services =============================
11:16:53.0145 0x0f54  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:16:53.0215 0x0f54  1394ohci - ok
11:16:53.0242 0x0f54  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:16:53.0259 0x0f54  ACPI - ok
11:16:53.0286 0x0f54  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
11:16:53.0320 0x0f54  AcpiPmi - ok
11:16:53.0433 0x0f54  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:16:53.0457 0x0f54  AdobeARMservice - ok
11:16:53.0578 0x0f54  [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:16:53.0607 0x0f54  AdobeFlashPlayerUpdateSvc - ok
11:16:53.0668 0x0f54  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
11:16:53.0694 0x0f54  adp94xx - ok
11:16:53.0714 0x0f54  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
11:16:53.0731 0x0f54  adpahci - ok
11:16:53.0744 0x0f54  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
11:16:53.0757 0x0f54  adpu320 - ok
11:16:53.0785 0x0f54  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:16:53.0921 0x0f54  AeLookupSvc - ok
11:16:53.0969 0x0f54  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
11:16:54.0008 0x0f54  AFD - ok
11:16:54.0043 0x0f54  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
11:16:54.0054 0x0f54  agp440 - ok
11:16:54.0070 0x0f54  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
11:16:54.0100 0x0f54  ALG - ok
11:16:54.0121 0x0f54  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:16:54.0132 0x0f54  aliide - ok
11:16:54.0166 0x0f54  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
11:16:54.0178 0x0f54  amdide - ok
11:16:54.0188 0x0f54  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
11:16:54.0242 0x0f54  AmdK8 - ok
11:16:54.0260 0x0f54  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
11:16:54.0299 0x0f54  AmdPPM - ok
11:16:54.0338 0x0f54  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:16:54.0356 0x0f54  amdsata - ok
11:16:54.0376 0x0f54  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
11:16:54.0397 0x0f54  amdsbs - ok
11:16:54.0423 0x0f54  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:16:54.0435 0x0f54  amdxata - ok
11:16:54.0495 0x0f54  [ E71711D37C48AC40FD3E2866A5ABBA51, C85DB75741B17A0A84B045DC461B5A6C5EA2A34BCD661107D355CE8DF4A29E03 ] anvsnddrv       C:\Windows\system32\drivers\anvsnddrv.sys
11:16:54.0520 0x0f54  anvsnddrv - ok
11:16:54.0551 0x0f54  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
11:16:54.0614 0x0f54  AppID - ok
11:16:54.0629 0x0f54  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:16:54.0679 0x0f54  AppIDSvc - ok
11:16:54.0698 0x0f54  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
11:16:54.0736 0x0f54  Appinfo - ok
11:16:54.0813 0x0f54  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:16:54.0832 0x0f54  Apple Mobile Device - ok
11:16:54.0900 0x0f54  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
11:16:54.0947 0x0f54  arc - ok
11:16:54.0993 0x0f54  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
11:16:55.0018 0x0f54  arcsas - ok
11:16:55.0065 0x0f54  [ EDAA17CE771C696655B6585F7CAD2100, 31F4C6A367AE384E97516CB24F9FCCAA4AA12AEF410CB0D06665EB8C3BBDC3EF ] ASInsHelp       C:\Windows\SysWow64\drivers\AsInsHelp64.sys
11:16:55.0084 0x0f54  ASInsHelp - ok
11:16:55.0124 0x0f54  [ F6BDA026E4157DC4E321CA391E9D9BC6, D38774B8F812816DA43A0C52EEC566BBC44F57A6614BC84F1417C4227286B594 ] AsIO            C:\Windows\syswow64\drivers\AsIO.sys
11:16:55.0137 0x0f54  AsIO - ok
11:16:55.0220 0x0f54  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:16:55.0249 0x0f54  aspnet_state - ok
11:16:55.0269 0x0f54  [ 26D66E32E78D3059715B3A17BC679CD9, 5039CB81CE0829C5F3DED16A4005FEB10141C6C9B473CC319E81BAF6D1DA33E3 ] AsUpIO          C:\Windows\syswow64\drivers\AsUpIO.sys
11:16:55.0278 0x0f54  AsUpIO - ok
11:16:55.0296 0x0f54  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:16:55.0342 0x0f54  AsyncMac - ok
11:16:55.0374 0x0f54  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
11:16:55.0383 0x0f54  atapi - ok
11:16:55.0448 0x0f54  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:16:55.0511 0x0f54  AudioEndpointBuilder - ok
11:16:55.0530 0x0f54  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
11:16:55.0574 0x0f54  AudioSrv - ok
11:16:55.0606 0x0f54  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:16:55.0638 0x0f54  AxInstSV - ok
11:16:55.0669 0x0f54  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
11:16:55.0697 0x0f54  b06bdrv - ok
11:16:55.0730 0x0f54  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
11:16:55.0761 0x0f54  b57nd60a - ok
11:16:55.0788 0x0f54  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:16:55.0817 0x0f54  BDESVC - ok
11:16:55.0831 0x0f54  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:16:55.0882 0x0f54  Beep - ok
11:16:55.0953 0x0f54  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
11:16:55.0996 0x0f54  BFE - ok
11:16:56.0197 0x0f54  [ F14F048B4D05FBCE536250EA74BF9FDC, 63E25E916209B6AF7AAC98B665E0128842F1EFDDEF95D50095514A9FDDC522A9 ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20140214.001\BHDrvx64.sys
11:16:56.0235 0x0f54  BHDrvx64 - ok
11:16:56.0265 0x0f54  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
11:16:56.0320 0x0f54  BITS - ok
11:16:56.0348 0x0f54  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
11:16:56.0368 0x0f54  blbdrive - ok
11:16:56.0459 0x0f54  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:16:56.0482 0x0f54  Bonjour Service - ok
11:16:56.0518 0x0f54  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:16:56.0555 0x0f54  bowser - ok
11:16:56.0565 0x0f54  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:16:56.0613 0x0f54  BrFiltLo - ok
11:16:56.0624 0x0f54  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:16:56.0643 0x0f54  BrFiltUp - ok
11:16:56.0671 0x0f54  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
11:16:56.0715 0x0f54  BridgeMP - ok
11:16:56.0750 0x0f54  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
11:16:56.0763 0x0f54  Browser - ok
11:16:56.0783 0x0f54  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
11:16:56.0809 0x0f54  Brserid - ok
11:16:56.0825 0x0f54  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:16:56.0851 0x0f54  BrSerWdm - ok
11:16:56.0860 0x0f54  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:16:56.0886 0x0f54  BrUsbMdm - ok
11:16:56.0898 0x0f54  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:16:56.0909 0x0f54  BrUsbSer - ok
11:16:56.0924 0x0f54  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
11:16:56.0938 0x0f54  BTHMODEM - ok
11:16:56.0975 0x0f54  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
11:16:57.0026 0x0f54  bthserv - ok
11:16:57.0029 0x0f54  catchme - ok
11:16:57.0098 0x0f54  [ 56685951208AC81CF923B9B08BEDF3B7, F5FF438B9A54AD8D54E82DE60E1771C9685A95D5E590D69EB1E4E78D3B9B7769 ] ccSet_NIS       C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys
11:16:57.0121 0x0f54  ccSet_NIS - ok
11:16:57.0138 0x0f54  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:16:57.0173 0x0f54  cdfs - ok
11:16:57.0217 0x0f54  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
11:16:57.0254 0x0f54  cdrom - ok
11:16:57.0291 0x0f54  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
11:16:57.0340 0x0f54  CertPropSvc - ok
11:16:57.0356 0x0f54  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
11:16:57.0370 0x0f54  circlass - ok
11:16:57.0387 0x0f54  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
11:16:57.0404 0x0f54  CLFS - ok
11:16:57.0449 0x0f54  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:16:57.0472 0x0f54  clr_optimization_v2.0.50727_32 - ok
11:16:57.0505 0x0f54  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:16:57.0515 0x0f54  clr_optimization_v2.0.50727_64 - ok
11:16:57.0564 0x0f54  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:16:57.0577 0x0f54  clr_optimization_v4.0.30319_32 - ok
11:16:57.0594 0x0f54  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:16:57.0608 0x0f54  clr_optimization_v4.0.30319_64 - ok
11:16:57.0624 0x0f54  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
11:16:57.0647 0x0f54  CmBatt - ok
11:16:57.0667 0x0f54  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:16:57.0677 0x0f54  cmdide - ok
11:16:57.0713 0x0f54  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
11:16:57.0739 0x0f54  CNG - ok
11:16:57.0749 0x0f54  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
11:16:57.0759 0x0f54  Compbatt - ok
11:16:57.0782 0x0f54  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
11:16:57.0809 0x0f54  CompositeBus - ok
11:16:57.0813 0x0f54  COMSysApp - ok
11:16:57.0827 0x0f54  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
11:16:57.0837 0x0f54  crcdisk - ok
11:16:57.0884 0x0f54  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:16:57.0905 0x0f54  CryptSvc - ok
11:16:57.0998 0x0f54  [ A5BEA0E5C297F5F3835638A87E512FBA, D9C31AE8661CD8AC87E5F28AFE4126C62B5D4AEB96610C9A2F49CEB288AF673A ] CTDevice_Srv    C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe
11:16:58.0016 0x0f54  CTDevice_Srv - detected UnsignedFile.Multi.Generic ( 1 )
11:16:58.0079 0x0f54  CTDevice_Srv ( UnsignedFile.Multi.Generic ) - warning
11:17:00.0876 0x0f54  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:17:00.0948 0x0f54  DcomLaunch - ok
11:17:00.0968 0x0f54  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
11:17:01.0007 0x0f54  defragsvc - ok
11:17:01.0013 0x0f54  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:17:01.0059 0x0f54  DfsC - ok
11:17:01.0102 0x0f54  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:17:01.0140 0x0f54  Dhcp - ok
11:17:01.0163 0x0f54  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
11:17:01.0198 0x0f54  discache - ok
11:17:01.0226 0x0f54  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
11:17:01.0236 0x0f54  Disk - ok
11:17:01.0278 0x0f54  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:17:01.0307 0x0f54  Dnscache - ok
11:17:01.0334 0x0f54  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:17:01.0373 0x0f54  dot3svc - ok
11:17:01.0402 0x0f54  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
11:17:01.0436 0x0f54  DPS - ok
11:17:01.0462 0x0f54  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:17:01.0479 0x0f54  drmkaud - ok
11:17:01.0514 0x0f54  [ FB9BEF3401EE5ECC2603311B9C64F44A, 33F8B6C9593677A360F580554D4F95B9F580C4E28F8187FBB27D96AFBFA8C7C1 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
11:17:01.0527 0x0f54  dtsoftbus01 - ok
11:17:01.0570 0x0f54  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:17:01.0599 0x0f54  DXGKrnl - ok
11:17:01.0630 0x0f54  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
11:17:01.0682 0x0f54  EapHost - ok
11:17:01.0776 0x0f54  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
11:17:01.0912 0x0f54  ebdrv - ok
11:17:02.0008 0x0f54  [ 1B7AA375F711F66D5FF2B855F9EC987F, 151E3897A31F0E828D08EBBB9C10A60047B48534BB38349EF1C8D9245524CA58 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
11:17:02.0030 0x0f54  eeCtrl - ok
11:17:02.0064 0x0f54  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
11:17:02.0081 0x0f54  EFS - ok
11:17:02.0167 0x0f54  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
11:17:02.0221 0x0f54  ehRecvr - ok
11:17:02.0235 0x0f54  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
11:17:02.0254 0x0f54  ehSched - ok
11:17:02.0279 0x0f54  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
11:17:02.0303 0x0f54  elxstor - ok
11:17:02.0363 0x0f54  [ 7230C8B80DDE1F0524C353240B78CC0E, 15F73EBFB9152010E7736AFE518A47C209E17DDB347A40C4CDA0D9BBD26D1176 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
11:17:02.0389 0x0f54  EraserUtilRebootDrv - detected UnsignedFile.Multi.Generic ( 1 )
11:17:02.0389 0x0f54  EraserUtilRebootDrv ( UnsignedFile.Multi.Generic ) - warning
11:17:05.0182 0x0f54  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:17:05.0262 0x0f54  ErrDev - ok
11:17:05.0318 0x0f54  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
11:17:05.0367 0x0f54  EventSystem - ok
11:17:05.0383 0x0f54  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
11:17:05.0419 0x0f54  exfat - ok
11:17:05.0437 0x0f54  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:17:05.0485 0x0f54  fastfat - ok
11:17:05.0549 0x0f54  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
11:17:05.0596 0x0f54  Fax - ok
11:17:05.0617 0x0f54  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
11:17:05.0627 0x0f54  fdc - ok
11:17:05.0642 0x0f54  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
11:17:05.0691 0x0f54  fdPHost - ok
11:17:05.0713 0x0f54  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:17:05.0744 0x0f54  FDResPub - ok
11:17:05.0758 0x0f54  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:17:05.0768 0x0f54  FileInfo - ok
11:17:05.0783 0x0f54  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:17:05.0825 0x0f54  Filetrace - ok
11:17:05.0835 0x0f54  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
11:17:05.0855 0x0f54  flpydisk - ok
11:17:05.0876 0x0f54  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:17:05.0891 0x0f54  FltMgr - ok
11:17:05.0947 0x0f54  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
11:17:05.0998 0x0f54  FontCache - ok
11:17:06.0036 0x0f54  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:17:06.0057 0x0f54  FontCache3.0.0.0 - ok
11:17:06.0073 0x0f54  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:17:06.0086 0x0f54  FsDepends - ok
11:17:06.0117 0x0f54  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:17:06.0126 0x0f54  Fs_Rec - ok
11:17:06.0173 0x0f54  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:17:06.0190 0x0f54  fvevol - ok
11:17:06.0209 0x0f54  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
11:17:06.0220 0x0f54  gagp30kx - ok
11:17:06.0237 0x0f54  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:17:06.0245 0x0f54  GEARAspiWDM - ok
11:17:06.0287 0x0f54  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
11:17:06.0352 0x0f54  gpsvc - ok
11:17:06.0418 0x0f54  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:17:06.0441 0x0f54  gupdate - ok
11:17:06.0456 0x0f54  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:17:06.0467 0x0f54  gupdatem - ok
11:17:06.0482 0x0f54  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:17:06.0504 0x0f54  hcw85cir - ok
11:17:06.0544 0x0f54  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:17:06.0580 0x0f54  HdAudAddService - ok
11:17:06.0612 0x0f54  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
11:17:06.0638 0x0f54  HDAudBus - ok
11:17:06.0666 0x0f54  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
11:17:06.0676 0x0f54  HECIx64 - ok
11:17:06.0688 0x0f54  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
11:17:06.0712 0x0f54  HidBatt - ok
11:17:06.0725 0x0f54  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
11:17:06.0752 0x0f54  HidBth - ok
11:17:06.0766 0x0f54  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
11:17:06.0791 0x0f54  HidIr - ok
11:17:06.0810 0x0f54  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
11:17:06.0864 0x0f54  hidserv - ok
11:17:06.0893 0x0f54  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
11:17:06.0903 0x0f54  HidUsb - ok
11:17:06.0928 0x0f54  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:17:06.0969 0x0f54  hkmsvc - ok
11:17:07.0013 0x0f54  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:17:07.0037 0x0f54  HomeGroupListener - ok
11:17:07.0067 0x0f54  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:17:07.0096 0x0f54  HomeGroupProvider - ok
11:17:07.0115 0x0f54  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:17:07.0126 0x0f54  HpSAMD - ok
11:17:07.0175 0x0f54  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:17:07.0230 0x0f54  HTTP - ok
11:17:07.0250 0x0f54  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:17:07.0259 0x0f54  hwpolicy - ok
11:17:07.0298 0x0f54  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
11:17:07.0326 0x0f54  i8042prt - ok
11:17:07.0357 0x0f54  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:17:07.0386 0x0f54  iaStorV - ok
11:17:07.0444 0x0f54  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:17:07.0472 0x0f54  idsvc - ok
11:17:07.0566 0x0f54  [ DAAA22256BCA5E6EB74CD379F3092AAA, B2F8990EE059F201A9EA7C05B56A3FA7EE99EA148240F2997DF2B0DFB2FC9071 ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20140314.001\IDSvia64.sys
11:17:07.0599 0x0f54  IDSVia64 - ok
11:17:07.0619 0x0f54  IEEtwCollectorService - ok
11:17:07.0797 0x0f54  [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
11:17:08.0028 0x0f54  igfx - ok
11:17:08.0046 0x0f54  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
11:17:08.0056 0x0f54  iirsp - ok
11:17:08.0097 0x0f54  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
11:17:08.0138 0x0f54  IKEEXT - ok
11:17:08.0246 0x0f54  [ 8097BF5CD62144969C28F964D2F40114, 95C317D037CE99E1F73143B509D1D6343950A7FA2D7F9099112909628259D485 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:17:08.0302 0x0f54  IntcAzAudAddService - ok
11:17:08.0334 0x0f54  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
11:17:08.0343 0x0f54  intelide - ok
11:17:08.0363 0x0f54  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
11:17:08.0385 0x0f54  intelppm - ok
11:17:08.0411 0x0f54  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:17:08.0456 0x0f54  IPBusEnum - ok
11:17:08.0493 0x0f54  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:17:08.0533 0x0f54  IpFilterDriver - ok
11:17:08.0565 0x0f54  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:17:08.0587 0x0f54  iphlpsvc - ok
11:17:08.0617 0x0f54  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
11:17:08.0629 0x0f54  IPMIDRV - ok
11:17:08.0644 0x0f54  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:17:08.0678 0x0f54  IPNAT - ok
11:17:08.0760 0x0f54  [ 6660920D05A32DF2DC1260CEF0B6D172, 2C4361B59CD9F41519FDF14EC69F2E37E1B0635ACA476E4BEF2152C925E35F9F ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
11:17:08.0798 0x0f54  iPod Service - ok
11:17:08.0819 0x0f54  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:17:08.0856 0x0f54  IRENUM - ok
11:17:08.0872 0x0f54  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:17:08.0882 0x0f54  isapnp - ok
11:17:08.0904 0x0f54  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:17:08.0920 0x0f54  iScsiPrt - ok
11:17:08.0937 0x0f54  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
11:17:08.0947 0x0f54  kbdclass - ok
11:17:08.0959 0x0f54  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
11:17:08.0976 0x0f54  kbdhid - ok
11:17:08.0998 0x0f54  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
11:17:09.0008 0x0f54  KeyIso - ok
11:17:09.0045 0x0f54  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:17:09.0057 0x0f54  KSecDD - ok
11:17:09.0068 0x0f54  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:17:09.0080 0x0f54  KSecPkg - ok
11:17:09.0087 0x0f54  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
11:17:09.0130 0x0f54  ksthunk - ok
11:17:09.0159 0x0f54  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:17:09.0200 0x0f54  KtmRm - ok
11:17:09.0233 0x0f54  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
11:17:09.0297 0x0f54  LanmanServer - ok
11:17:09.0326 0x0f54  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:17:09.0359 0x0f54  LanmanWorkstation - ok
11:17:09.0397 0x0f54  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:17:09.0456 0x0f54  lltdio - ok
11:17:09.0480 0x0f54  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:17:09.0528 0x0f54  lltdsvc - ok
11:17:09.0544 0x0f54  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:17:09.0594 0x0f54  lmhosts - ok
11:17:09.0650 0x0f54  [ D0E7FF91B52FE9FD2F9522B91F27CB09, 6123B81EA394E81C2CD4D1BA0562E87CB0A1E18FD32B214A82E4E18300879CCD ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:17:09.0674 0x0f54  LMS - ok
11:17:09.0708 0x0f54  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
11:17:09.0729 0x0f54  LSI_FC - ok
11:17:09.0748 0x0f54  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
11:17:09.0769 0x0f54  LSI_SAS - ok
11:17:09.0784 0x0f54  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:17:09.0803 0x0f54  LSI_SAS2 - ok
11:17:09.0821 0x0f54  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:17:09.0833 0x0f54  LSI_SCSI - ok
11:17:09.0858 0x0f54  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
11:17:09.0900 0x0f54  luafv - ok
11:17:09.0920 0x0f54  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
11:17:09.0933 0x0f54  Mcx2Svc - ok
11:17:09.0945 0x0f54  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
11:17:09.0955 0x0f54  megasas - ok
11:17:09.0975 0x0f54  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
11:17:09.0991 0x0f54  MegaSR - ok
11:17:10.0043 0x0f54  [ 033B947AF4A997820E86FCB070B1F450, 2F54F9D1E8374187B2F206E7CF22A907C735C71F38445A94BDC84E83081D3A88 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
11:17:10.0064 0x0f54  Microsoft Office Groove Audit Service - ok
11:17:10.0079 0x0f54  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
11:17:10.0121 0x0f54  MMCSS - ok
11:17:10.0135 0x0f54  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
11:17:10.0177 0x0f54  Modem - ok
11:17:10.0199 0x0f54  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:17:10.0231 0x0f54  monitor - ok
11:17:10.0269 0x0f54  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
11:17:10.0292 0x0f54  mouclass - ok
11:17:10.0330 0x0f54  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:17:10.0420 0x0f54  mouhid - ok
11:17:10.0456 0x0f54  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:17:10.0479 0x0f54  mountmgr - ok
11:17:10.0566 0x0f54  [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:17:10.0592 0x0f54  MozillaMaintenance - ok
11:17:10.0607 0x0f54  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:17:10.0621 0x0f54  mpio - ok
11:17:10.0638 0x0f54  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:17:10.0671 0x0f54  mpsdrv - ok
11:17:10.0720 0x0f54  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:17:10.0780 0x0f54  MpsSvc - ok
11:17:10.0827 0x0f54  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:17:10.0846 0x0f54  MRxDAV - ok
11:17:10.0873 0x0f54  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:17:10.0898 0x0f54  mrxsmb - ok
11:17:10.0926 0x0f54  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:17:10.0960 0x0f54  mrxsmb10 - ok
11:17:10.0990 0x0f54  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:17:11.0017 0x0f54  mrxsmb20 - ok
11:17:11.0053 0x0f54  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:17:11.0066 0x0f54  msahci - ok
11:17:11.0110 0x0f54  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
11:17:11.0135 0x0f54  msdsm - ok
11:17:11.0154 0x0f54  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
11:17:11.0183 0x0f54  MSDTC - ok
11:17:11.0205 0x0f54  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:17:11.0246 0x0f54  Msfs - ok
11:17:11.0260 0x0f54  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:17:11.0305 0x0f54  mshidkmdf - ok
11:17:11.0313 0x0f54  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:17:11.0322 0x0f54  msisadrv - ok
11:17:11.0351 0x0f54  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:17:11.0394 0x0f54  MSiSCSI - ok
11:17:11.0398 0x0f54  msiserver - ok
11:17:11.0424 0x0f54  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:17:11.0479 0x0f54  MSKSSRV - ok
11:17:11.0491 0x0f54  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:17:11.0531 0x0f54  MSPCLOCK - ok
11:17:11.0543 0x0f54  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:17:11.0583 0x0f54  MSPQM - ok
11:17:11.0616 0x0f54  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:17:11.0634 0x0f54  MsRPC - ok
11:17:11.0647 0x0f54  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
11:17:11.0657 0x0f54  mssmbios - ok
11:17:11.0675 0x0f54  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:17:11.0707 0x0f54  MSTEE - ok
11:17:11.0722 0x0f54  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
11:17:11.0744 0x0f54  MTConfig - ok
11:17:11.0788 0x0f54  [ 19B006B181E3875FD254F7B67ACF1E7C, 1D68D19522E71F16B8B50F8CCFBC9D884CF2DAC40CC409BD5A40A4D4223ABC61 ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
11:17:11.0795 0x0f54  MTsensor - ok
11:17:11.0833 0x0f54  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
11:17:11.0843 0x0f54  Mup - ok
11:17:11.0882 0x0f54  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
11:17:11.0935 0x0f54  napagent - ok
11:17:11.0976 0x0f54  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:17:11.0999 0x0f54  NativeWifiP - ok
11:17:12.0066 0x0f54  [ 702E07EC32F96ACDB873E9A5465D4401, 2C6B1C8BA0BF4791AEA064062DCA3678AE4443DF19DB37D6CB55BA6297D8A238 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20140315.009\ENG64.SYS
11:17:12.0088 0x0f54  NAVENG - ok
11:17:12.0181 0x0f54  [ 302EA314A1AF0D7CEF0A3D0195F79561, 046DBC2D9D028F2D2E8BAE745CA2ADEF42741689BFF743A13B81EA4228DDCDC6 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20140315.009\EX64.SYS
11:17:12.0230 0x0f54  NAVEX15 - ok
11:17:12.0299 0x0f54  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:17:12.0333 0x0f54  NDIS - ok
11:17:12.0354 0x0f54  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:17:12.0397 0x0f54  NdisCap - ok
11:17:12.0407 0x0f54  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:17:12.0438 0x0f54  NdisTapi - ok
11:17:12.0467 0x0f54  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:17:12.0498 0x0f54  Ndisuio - ok
11:17:12.0531 0x0f54  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:17:12.0576 0x0f54  NdisWan - ok
11:17:12.0603 0x0f54  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:17:12.0635 0x0f54  NDProxy - ok
11:17:12.0664 0x0f54  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:17:12.0697 0x0f54  NetBIOS - ok
11:17:12.0731 0x0f54  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:17:12.0780 0x0f54  NetBT - ok
11:17:12.0802 0x0f54  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
11:17:12.0812 0x0f54  Netlogon - ok
11:17:12.0847 0x0f54  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
11:17:12.0903 0x0f54  Netman - ok
11:17:12.0927 0x0f54  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:17:12.0943 0x0f54  NetMsmqActivator - ok
11:17:12.0952 0x0f54  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:17:12.0967 0x0f54  NetPipeActivator - ok
11:17:12.0994 0x0f54  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
11:17:13.0046 0x0f54  netprofm - ok
11:17:13.0113 0x0f54  [ 7FF84A064E602F69B14BFC3769CCD2B9, CFD9392275D9A540C0AC473278F60C6C75D28F48D5BFBEA107D683838356F0F1 ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
11:17:13.0137 0x0f54  netr28x - ok
11:17:13.0143 0x0f54  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:17:13.0156 0x0f54  NetTcpActivator - ok
11:17:13.0161 0x0f54  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:17:13.0174 0x0f54  NetTcpPortSharing - ok
11:17:13.0187 0x0f54  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
11:17:13.0197 0x0f54  nfrd960 - ok
11:17:13.0337 0x0f54  [ 1BF9D6476061B31CD7FC2BF848529A56, 95B585543240E823D7850ADEEEA7A4738EF9E18A4B07D921F145F6EF466F0271 ] NIS             C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
11:17:13.0358 0x0f54  NIS - ok
11:17:13.0395 0x0f54  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:17:13.0420 0x0f54  NlaSvc - ok
11:17:13.0469 0x0f54  [ 9573223E205907247AE6D948E3453770, 35D32A415F74863D7408229508F134D53CA0FA7EDD8B0E5FEEFC9DE588D0607B ] nmwcdnsux64     C:\Windows\system32\drivers\nmwcdnsux64.sys
11:17:13.0500 0x0f54  nmwcdnsux64 - ok
11:17:13.0522 0x0f54  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:17:13.0554 0x0f54  Npfs - ok
11:17:13.0568 0x0f54  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
11:17:13.0613 0x0f54  nsi - ok
11:17:13.0626 0x0f54  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:17:13.0670 0x0f54  nsiproxy - ok
11:17:13.0746 0x0f54  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:17:13.0806 0x0f54  Ntfs - ok
11:17:13.0814 0x0f54  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
11:17:13.0852 0x0f54  Null - ok
11:17:13.0878 0x0f54  [ E20ABD5B229760158F753CA90B97E090, 9970A8ECFA13647B4F2032CB3C21C48458B5ED137254E3FB9C9B93E4A0EBD709 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
11:17:13.0888 0x0f54  NVHDA - ok
11:17:14.0247 0x0f54  [ F49E331AF681027CE8C79F67CB748D7D, E9368136A394FA19A82E97A73BE322D4119D7599E195A9851CA26F34283DDE27 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:17:14.0511 0x0f54  nvlddmkm - ok
11:17:14.0564 0x0f54  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:17:14.0586 0x0f54  nvraid - ok
11:17:14.0613 0x0f54  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:17:14.0629 0x0f54  nvstor - ok
11:17:14.0678 0x0f54  [ 5CD545815B4434B2A89DB4392D70A5A2, 4D6A6304553437ECA7AA7470A03A578F5EB62D4838B234DEC0790416E5708C89 ] nvsvc           C:\Windows\system32\nvvsvc.exe
11:17:14.0701 0x0f54  nvsvc - ok
11:17:14.0733 0x0f54  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:17:14.0752 0x0f54  nv_agp - ok
11:17:14.0814 0x0f54  [ E54AA592A65F317390EEE386A8821692, 7997F8C07802F6C49F06620B35C4C382ADD5419EA8BE02CD7AF0F2EF42A93E53 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:17:14.0842 0x0f54  odserv - ok
11:17:14.0858 0x0f54  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:17:14.0882 0x0f54  ohci1394 - ok
11:17:14.0964 0x0f54  [ 6510137694AD9F269A37BA5A560A3DFE, B8FF45F384826C4E78C7B3DFA9CD7B002E0DC5A6681DCA37ACEBB9B88626DA63 ] OpenVPNService  C:\Program Files\OpenVPN\bin\openvpnserv.exe
11:17:14.0982 0x0f54  OpenVPNService - ok
11:17:15.0023 0x0f54  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:17:15.0041 0x0f54  ose - ok
11:17:15.0072 0x0f54  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:17:15.0103 0x0f54  p2pimsvc - ok
11:17:15.0129 0x0f54  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
11:17:15.0162 0x0f54  p2psvc - ok
11:17:15.0189 0x0f54  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
11:17:15.0210 0x0f54  Parport - ok
11:17:15.0235 0x0f54  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:17:15.0246 0x0f54  partmgr - ok
11:17:15.0257 0x0f54  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:17:15.0288 0x0f54  PcaSvc - ok
11:17:15.0308 0x0f54  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
11:17:15.0321 0x0f54  pci - ok
11:17:15.0340 0x0f54  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
11:17:15.0350 0x0f54  pciide - ok
11:17:15.0370 0x0f54  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
11:17:15.0384 0x0f54  pcmcia - ok
11:17:15.0417 0x0f54  [ AF7CE12C4F3DC8CB2B07685C916BBCFE, 1AF47113778D411BF3CF82ACF428676908121B1F3252133A5F98E188ED1E9C6C ] pcouffin        C:\Windows\system32\Drivers\pcouffin.sys
11:17:15.0455 0x0f54  pcouffin - ok
11:17:15.0470 0x0f54  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:17:15.0489 0x0f54  pcw - ok
11:17:15.0515 0x0f54  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:17:15.0577 0x0f54  PEAUTH - ok
11:17:15.0639 0x0f54  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:17:15.0664 0x0f54  PerfHost - ok
11:17:15.0733 0x0f54  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
11:17:15.0838 0x0f54  pla - ok
11:17:15.0886 0x0f54  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:17:15.0925 0x0f54  PlugPlay - ok
11:17:15.0932 0x0f54  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:17:15.0954 0x0f54  PNRPAutoReg - ok
11:17:15.0980 0x0f54  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:17:15.0997 0x0f54  PNRPsvc - ok
11:17:16.0020 0x0f54  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:17:16.0067 0x0f54  PolicyAgent - ok
11:17:16.0091 0x0f54  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
11:17:16.0133 0x0f54  Power - ok
11:17:16.0162 0x0f54  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:17:16.0195 0x0f54  PptpMiniport - ok
11:17:16.0214 0x0f54  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
11:17:16.0225 0x0f54  Processor - ok
11:17:16.0259 0x0f54  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
11:17:16.0284 0x0f54  ProfSvc - ok
11:17:16.0307 0x0f54  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
11:17:16.0317 0x0f54  ProtectedStorage - ok
11:17:16.0357 0x0f54  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:17:16.0404 0x0f54  Psched - ok
11:17:16.0453 0x0f54  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
11:17:16.0511 0x0f54  ql2300 - ok
11:17:16.0535 0x0f54  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
11:17:16.0549 0x0f54  ql40xx - ok
11:17:16.0588 0x0f54  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
11:17:16.0609 0x0f54  QWAVE - ok
11:17:16.0622 0x0f54  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:17:16.0648 0x0f54  QWAVEdrv - ok
11:17:16.0661 0x0f54  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:17:16.0697 0x0f54  RasAcd - ok
11:17:16.0721 0x0f54  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:17:16.0765 0x0f54  RasAgileVpn - ok
11:17:16.0775 0x0f54  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
11:17:16.0821 0x0f54  RasAuto - ok
11:17:16.0850 0x0f54  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:17:16.0883 0x0f54  Rasl2tp - ok
11:17:16.0912 0x0f54  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
11:17:16.0957 0x0f54  RasMan - ok
11:17:16.0977 0x0f54  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:17:17.0010 0x0f54  RasPppoe - ok
11:17:17.0019 0x0f54  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:17:17.0062 0x0f54  RasSstp - ok
11:17:17.0091 0x0f54  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:17:17.0132 0x0f54  rdbss - ok
11:17:17.0143 0x0f54  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
11:17:17.0156 0x0f54  rdpbus - ok
11:17:17.0171 0x0f54  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:17:17.0201 0x0f54  RDPCDD - ok
11:17:17.0238 0x0f54  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:17:17.0272 0x0f54  RDPENCDD - ok
11:17:17.0290 0x0f54  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:17:17.0334 0x0f54  RDPREFMP - ok
11:17:17.0365 0x0f54  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:17:17.0381 0x0f54  RDPWD - ok
11:17:17.0411 0x0f54  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:17:17.0425 0x0f54  rdyboost - ok
11:17:17.0436 0x0f54  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:17:17.0476 0x0f54  RemoteAccess - ok
11:17:17.0489 0x0f54  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:17:17.0524 0x0f54  RemoteRegistry - ok
11:17:17.0549 0x0f54  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:17:17.0582 0x0f54  RpcEptMapper - ok
11:17:17.0608 0x0f54  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
11:17:17.0620 0x0f54  RpcLocator - ok
11:17:17.0656 0x0f54  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
11:17:17.0697 0x0f54  RpcSs - ok
11:17:17.0707 0x0f54  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:17:17.0740 0x0f54  rspndr - ok
11:17:17.0774 0x0f54  [ 4B42BC58294E83A6A92EC8B88C14C4A3, 80885CFF021F7BC85647224863A83D444EA7848CBB4F06DFDFADE58F47307D21 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
11:17:17.0788 0x0f54  RTL8167 - ok
11:17:17.0797 0x0f54  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
11:17:17.0807 0x0f54  SamSs - ok
11:17:17.0840 0x0f54  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:17:17.0851 0x0f54  sbp2port - ok
11:17:17.0864 0x0f54  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:17:17.0901 0x0f54  SCardSvr - ok
11:17:17.0926 0x0f54  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:17:17.0983 0x0f54  scfilter - ok
11:17:18.0034 0x0f54  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
11:17:18.0092 0x0f54  Schedule - ok
11:17:18.0129 0x0f54  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:17:18.0182 0x0f54  SCPolicySvc - ok
11:17:18.0202 0x0f54  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:17:18.0223 0x0f54  SDRSVC - ok
11:17:18.0289 0x0f54  [ D358E077A0A05D9B12DA22D137EE8464, 7B6493B199DEF411596B1A6F479F57838202B102C3324333B620E212E0AE9053 ] SeaPort         C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
11:17:18.0309 0x0f54  SeaPort - ok
11:17:18.0340 0x0f54  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:17:18.0412 0x0f54  secdrv - ok
11:17:18.0435 0x0f54  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
11:17:18.0500 0x0f54  seclogon - ok
11:17:18.0522 0x0f54  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
11:17:18.0572 0x0f54  SENS - ok
11:17:18.0585 0x0f54  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:17:18.0604 0x0f54  SensrSvc - ok
11:17:18.0618 0x0f54  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
11:17:18.0629 0x0f54  Serenum - ok
11:17:18.0650 0x0f54  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
11:17:18.0663 0x0f54  Serial - ok
11:17:18.0693 0x0f54  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
11:17:18.0704 0x0f54  sermouse - ok
11:17:18.0747 0x0f54  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
11:17:18.0780 0x0f54  SessionEnv - ok
11:17:18.0806 0x0f54  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
11:17:18.0828 0x0f54  sffdisk - ok
11:17:18.0846 0x0f54  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:17:18.0874 0x0f54  sffp_mmc - ok
11:17:18.0879 0x0f54  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
11:17:18.0901 0x0f54  sffp_sd - ok
11:17:18.0916 0x0f54  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
11:17:18.0926 0x0f54  sfloppy - ok
11:17:18.0954 0x0f54  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:17:18.0998 0x0f54  SharedAccess - ok
11:17:19.0040 0x0f54  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:17:19.0079 0x0f54  ShellHWDetection - ok
11:17:19.0092 0x0f54  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:17:19.0102 0x0f54  SiSRaid2 - ok
11:17:19.0114 0x0f54  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
11:17:19.0126 0x0f54  SiSRaid4 - ok
11:17:19.0158 0x0f54  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
11:17:19.0172 0x0f54  SkypeUpdate - ok
11:17:19.0195 0x0f54  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:17:19.0240 0x0f54  Smb - ok
11:17:19.0269 0x0f54  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:17:19.0283 0x0f54  SNMPTRAP - ok
11:17:19.0296 0x0f54  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:17:19.0305 0x0f54  spldr - ok
11:17:19.0347 0x0f54  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
11:17:19.0382 0x0f54  Spooler - ok
11:17:19.0497 0x0f54  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
11:17:19.0638 0x0f54  sppsvc - ok
11:17:19.0655 0x0f54  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
11:17:19.0697 0x0f54  sppuinotify - ok
11:17:19.0798 0x0f54  [ 2FD9346F9D76CB4192D37329CFA47A82, 4CD75B4006147D469116F3CBC10528928A592510DA8037D709CB198D89853CAB ] SRTSP           C:\Windows\system32\drivers\NISx64\1404000.028\SRTSP64.SYS
11:17:19.0822 0x0f54  SRTSP - ok
11:17:19.0854 0x0f54  [ 0E76CEF892C45734F7AED09FDDF35D4D, C25AF31E411AC3A090859C883132B9AE6A80C8D791168FF219BC0895E35A0359 ] SRTSPX          C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS
11:17:19.0862 0x0f54  SRTSPX - ok
11:17:19.0905 0x0f54  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:17:19.0941 0x0f54  srv - ok
11:17:19.0973 0x0f54  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:17:20.0006 0x0f54  srv2 - ok
11:17:20.0026 0x0f54  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:17:20.0046 0x0f54  srvnet - ok
11:17:20.0074 0x0f54  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:17:20.0115 0x0f54  SSDPSRV - ok
11:17:20.0123 0x0f54  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:17:20.0159 0x0f54  SstpSvc - ok
11:17:20.0174 0x0f54  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
11:17:20.0184 0x0f54  stexstor - ok
11:17:20.0240 0x0f54  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
11:17:20.0283 0x0f54  stisvc - ok
11:17:20.0310 0x0f54  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
11:17:20.0319 0x0f54  swenum - ok
11:17:20.0349 0x0f54  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
11:17:20.0407 0x0f54  swprv - ok
11:17:20.0451 0x0f54  [ 52DC0048D667757A8A2E4C87182890AC, 7B43DF6DADFDDBBC5402477FE832052ADB6A39B90111CDA89B5E01CE900F55C5 ] SymDS           C:\Windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS
11:17:20.0469 0x0f54  SymDS - ok
11:17:20.0579 0x0f54  [ 599872BAD7CFB45C7CE47CDED4B726D8, 5B15B1B22C3ACA1BC56CAFCAFFC2E974C75C77C0AB7355FBA91F2147C0911499 ] SymEFA          C:\Windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS
11:17:20.0623 0x0f54  SymEFA - ok
11:17:20.0655 0x0f54  [ F19E5E37ED8134B9E5F6287F2D3A75D7, 5804D6DF529213CCF7CD2C345483940554CAA5C6EA065A1B09AA54D114C612F8 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
11:17:20.0666 0x0f54  SymEvent - ok
11:17:20.0698 0x0f54  [ ADF37F1A715D6C56C8E065FD8569A9A4, 33E895CB326F62D4D22E345563B0641EB88D23B2104A07E8CEBE5ED150882767 ] SymIRON         C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS
11:17:20.0710 0x0f54  SymIRON - ok
11:17:20.0754 0x0f54  [ 9CDCA70485BD6B9D230365F67C31F132, 137995F1F0124E3A10AAA25551F811602BB5FE8361AE8CBA899C6B98486F4CF3 ] SymNetS         C:\Windows\system32\drivers\NISx64\1404000.028\SYMNETS.SYS
11:17:20.0769 0x0f54  SymNetS - ok
11:17:20.0858 0x0f54  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
11:17:20.0919 0x0f54  SysMain - ok
11:17:20.0940 0x0f54  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:17:20.0974 0x0f54  TabletInputService - ok
11:17:21.0016 0x0f54  [ D0B07EED9DDEC5C69521C689B7BF455F, A9F1C76FBF833E25A8470116A9BB7F7121A86138B31B54C098F1E22C11109044 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
11:17:21.0046 0x0f54  tap0901 - detected UnsignedFile.Multi.Generic ( 1 )
11:17:21.0046 0x0f54  tap0901 ( UnsignedFile.Multi.Generic ) - warning
11:17:23.0863 0x0f54  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:17:23.0925 0x0f54  TapiSrv - ok
11:17:23.0941 0x0f54  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
11:17:24.0019 0x0f54  TBS - ok
11:17:24.0097 0x0f54  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:17:24.0159 0x0f54  Tcpip - ok
11:17:24.0253 0x0f54  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:17:24.0299 0x0f54  TCPIP6 - ok
11:17:24.0331 0x0f54  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:17:24.0362 0x0f54  tcpipreg - ok
11:17:24.0409 0x0f54  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:17:24.0440 0x0f54  TDPIPE - ok
11:17:24.0455 0x0f54  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:17:24.0487 0x0f54  TDTCP - ok
11:17:24.0518 0x0f54  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:17:24.0580 0x0f54  tdx - ok
11:17:24.0596 0x0f54  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
11:17:24.0611 0x0f54  TermDD - ok
11:17:24.0643 0x0f54  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
11:17:24.0689 0x0f54  TermService - ok
11:17:24.0705 0x0f54  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
11:17:24.0721 0x0f54  Themes - ok
11:17:24.0752 0x0f54  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
11:17:24.0783 0x0f54  THREADORDER - ok
11:17:24.0799 0x0f54  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
11:17:24.0830 0x0f54  TrkWks - ok
11:17:24.0892 0x0f54  [ 370A6907DDF79532A39319492B1FA38A, 46AECC5160F04FC3FFE4D37B404CCBBD1C5DC1501C2CEEE8284FF544DBDF10F8 ] truecrypt       C:\Windows\system32\drivers\truecrypt.sys
11:17:24.0923 0x0f54  truecrypt - ok
11:17:24.0955 0x0f54  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:17:25.0001 0x0f54  TrustedInstaller - ok
11:17:25.0033 0x0f54  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:17:25.0048 0x0f54  tssecsrv - ok
11:17:25.0095 0x0f54  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:17:25.0126 0x0f54  TsUsbFlt - ok
11:17:25.0157 0x0f54  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:17:25.0204 0x0f54  tunnel - ok
11:17:25.0235 0x0f54  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
11:17:25.0282 0x0f54  uagp35 - ok
11:17:25.0391 0x0f54  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:17:25.0469 0x0f54  udfs - ok
11:17:25.0469 0x0f54  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:17:25.0485 0x0f54  UI0Detect - ok
11:17:25.0501 0x0f54  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:17:25.0516 0x0f54  uliagpkx - ok
11:17:25.0532 0x0f54  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
11:17:25.0563 0x0f54  umbus - ok
11:17:25.0579 0x0f54  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
11:17:25.0610 0x0f54  UmPass - ok
11:17:25.0735 0x0f54  [ A7377410BC0D28C5A72135A4BE1A1068, D051CD79B9CD66EA6345A6DB5FAA89EC7355B615A36775A4693EF818CA816E2F ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
11:17:25.0813 0x0f54  UNS - ok
11:17:25.0828 0x0f54  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
11:17:25.0891 0x0f54  upnphost - ok
11:17:25.0906 0x0f54  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
11:17:25.0937 0x0f54  USBAAPL64 - ok
11:17:25.0969 0x0f54  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
11:17:25.0984 0x0f54  usbccgp - ok
11:17:26.0031 0x0f54  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:17:26.0047 0x0f54  usbcir - ok
11:17:26.0078 0x0f54  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
11:17:26.0093 0x0f54  usbehci - ok
11:17:26.0125 0x0f54  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
11:17:26.0140 0x0f54  usbhub - ok
11:17:26.0156 0x0f54  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
11:17:26.0171 0x0f54  usbohci - ok
11:17:26.0203 0x0f54  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
11:17:26.0218 0x0f54  usbprint - ok
11:17:26.0234 0x0f54  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:17:26.0249 0x0f54  USBSTOR - ok
11:17:26.0265 0x0f54  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
11:17:26.0281 0x0f54  usbuhci - ok
11:17:26.0343 0x0f54  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
11:17:26.0374 0x0f54  usbvideo - ok
11:17:26.0390 0x0f54  [ 88CE07826F25B851E824ED2E57106323, 40F367539B50C4FEA783FE887FFE73D20F27DF66735F3D7AE195F0D0013BF243 ] USTOR2K         C:\Windows\system32\DRIVERS\ustor2k.sys
11:17:26.0437 0x0f54  USTOR2K - ok
11:17:26.0452 0x0f54  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
11:17:26.0499 0x0f54  UxSms - ok
11:17:26.0515 0x0f54  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
11:17:26.0530 0x0f54  VaultSvc - ok
11:17:26.0546 0x0f54  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:17:26.0546 0x0f54  vdrvroot - ok
11:17:26.0593 0x0f54  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
11:17:26.0639 0x0f54  vds - ok
11:17:26.0655 0x0f54  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:17:26.0671 0x0f54  vga - ok
11:17:26.0702 0x0f54  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:17:26.0749 0x0f54  VgaSave - ok
11:17:26.0780 0x0f54  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
11:17:26.0795 0x0f54  vhdmp - ok
11:17:26.0811 0x0f54  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:17:26.0827 0x0f54  viaide - ok
11:17:26.0842 0x0f54  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:17:26.0842 0x0f54  volmgr - ok
11:17:26.0905 0x0f54  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:17:26.0920 0x0f54  volmgrx - ok
11:17:26.0967 0x0f54  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:17:26.0983 0x0f54  volsnap - ok
11:17:26.0998 0x0f54  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
11:17:27.0014 0x0f54  vsmraid - ok
11:17:27.0061 0x0f54  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
11:17:27.0170 0x0f54  VSS - ok
11:17:27.0201 0x0f54  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
11:17:27.0217 0x0f54  vwifibus - ok
11:17:27.0248 0x0f54  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:17:27.0279 0x0f54  vwififlt - ok
11:17:27.0295 0x0f54  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
11:17:27.0326 0x0f54  vwifimp - ok
11:17:27.0357 0x0f54  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
11:17:27.0388 0x0f54  W32Time - ok
11:17:27.0404 0x0f54  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
11:17:27.0419 0x0f54  WacomPen - ok
11:17:27.0451 0x0f54  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:17:27.0482 0x0f54  WANARP - ok
11:17:27.0497 0x0f54  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:17:27.0529 0x0f54  Wanarpv6 - ok
11:17:27.0591 0x0f54  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
11:17:27.0653 0x0f54  wbengine - ok
11:17:27.0669 0x0f54  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:17:27.0700 0x0f54  WbioSrvc - ok
11:17:27.0731 0x0f54  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:17:27.0763 0x0f54  wcncsvc - ok
11:17:27.0778 0x0f54  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:17:27.0794 0x0f54  WcsPlugInService - ok
11:17:27.0809 0x0f54  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
11:17:27.0825 0x0f54  Wd - ok
11:17:27.0872 0x0f54  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:17:27.0903 0x0f54  Wdf01000 - ok
11:17:27.0934 0x0f54  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:17:27.0997 0x0f54  WdiServiceHost - ok
11:17:28.0012 0x0f54  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:17:28.0028 0x0f54  WdiSystemHost - ok
11:17:28.0075 0x0f54  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
11:17:28.0090 0x0f54  WebClient - ok
11:17:28.0106 0x0f54  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:17:28.0153 0x0f54  Wecsvc - ok
11:17:28.0168 0x0f54  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:17:28.0215 0x0f54  wercplsupport - ok
11:17:28.0246 0x0f54  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:17:28.0277 0x0f54  WerSvc - ok
11:17:28.0293 0x0f54  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:17:28.0324 0x0f54  WfpLwf - ok
11:17:28.0324 0x0f54  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:17:28.0340 0x0f54  WIMMount - ok
11:17:28.0355 0x0f54  WinDefend - ok
11:17:28.0355 0x0f54  WinHttpAutoProxySvc - ok
11:17:28.0402 0x0f54  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:17:28.0433 0x0f54  Winmgmt - ok
11:17:28.0527 0x0f54  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
11:17:28.0636 0x0f54  WinRM - ok
11:17:28.0667 0x0f54  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
11:17:28.0683 0x0f54  WinUsb - ok
11:17:28.0714 0x0f54  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
11:17:28.0761 0x0f54  Wlansvc - ok
11:17:28.0792 0x0f54  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
11:17:28.0792 0x0f54  WmiAcpi - ok
11:17:28.0808 0x0f54  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:17:28.0839 0x0f54  wmiApSrv - ok
11:17:28.0855 0x0f54  WMPNetworkSvc - ok
11:17:28.0870 0x0f54  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:17:28.0886 0x0f54  WPCSvc - ok
11:17:28.0917 0x0f54  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:17:28.0933 0x0f54  WPDBusEnum - ok
11:17:28.0948 0x0f54  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:17:28.0995 0x0f54  ws2ifsl - ok
11:17:29.0011 0x0f54  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
11:17:29.0026 0x0f54  wscsvc - ok
11:17:29.0042 0x0f54  WSearch - ok
11:17:29.0120 0x0f54  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:17:29.0198 0x0f54  wuauserv - ok
11:17:29.0229 0x0f54  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:17:29.0260 0x0f54  WudfPf - ok
11:17:29.0276 0x0f54  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:17:29.0291 0x0f54  WUDFRd - ok
11:17:29.0307 0x0f54  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:17:29.0323 0x0f54  wudfsvc - ok
11:17:29.0369 0x0f54  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:17:29.0385 0x0f54  WwanSvc - ok
11:17:29.0401 0x0f54  ================ Scan global ===============================
11:17:29.0432 0x0f54  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
11:17:29.0463 0x0f54  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
11:17:29.0494 0x0f54  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
11:17:29.0525 0x0f54  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
11:17:29.0572 0x0f54  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
11:17:29.0588 0x0f54  [ Global ] - ok
11:17:29.0588 0x0f54  ================ Scan MBR ==================================
11:17:29.0588 0x0f54  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:17:29.0900 0x0f54  \Device\Harddisk0\DR0 - ok
11:17:29.0900 0x0f54  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
11:17:30.0009 0x0f54  \Device\Harddisk1\DR1 - ok
11:17:30.0009 0x0f54  ================ Scan VBR ==================================
11:17:30.0025 0x0f54  [ 37DD530C19824EB97200D392133D6EA5 ] \Device\Harddisk0\DR0\Partition1
11:17:30.0025 0x0f54  \Device\Harddisk0\DR0\Partition1 - ok
11:17:30.0025 0x0f54  [ 86A1FE9FC69149908DB76DB53828E76D ] \Device\Harddisk0\DR0\Partition2
11:17:30.0025 0x0f54  \Device\Harddisk0\DR0\Partition2 - ok
11:17:30.0040 0x0f54  [ C480D5026D148D6906DCFD750EC48A2B ] \Device\Harddisk1\DR1\Partition1
11:17:30.0040 0x0f54  \Device\Harddisk1\DR1\Partition1 - ok
11:17:30.0056 0x0f54  AV detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe ( 20.4.0.0 ), 0x51000 ( enabled : updated )
11:17:30.0056 0x0f54  FW detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe ( 20.4.0.0 ), 0x51010 ( enabled )
11:17:32.0833 0x0f54  ============================================================
11:17:32.0833 0x0f54  Scan finished
11:17:32.0833 0x0f54  ============================================================
11:17:32.0833 0x1568  Detected object count: 3
11:17:32.0833 0x1568  Actual detected object count: 3
11:17:41.0959 0x1568  CTDevice_Srv ( UnsignedFile.Multi.Generic ) - skipped by user
11:17:41.0959 0x1568  CTDevice_Srv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:17:41.0959 0x1568  EraserUtilRebootDrv ( UnsignedFile.Multi.Generic ) - skipped by user
11:17:41.0959 0x1568  EraserUtilRebootDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:17:41.0959 0x1568  tap0901 ( UnsignedFile.Multi.Generic ) - skipped by user
11:17:41.0959 0x1568  tap0901 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:17:53.0705 0x1454  Deinitialize success
         
TDSSKiller.2.8.16.0_16.03.2014_11.15.48_log
Code:
ATTFilter
11:15:48.0570 4676  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:15:49.0928 4676  Perform update action was selected
11:15:49.0933 1976  Deinitialize success
         
TDSSKiller.2.8.16.0_16.03.2014_11.15.34_log
Code:
ATTFilter
11:15:34.0563 5376  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:15:37.0218 5376  Perform update action was selected
11:15:37.0220 5792  Deinitialize success
         

Alt 16.03.2014, 11:23   #5
Larusso
/// Selecta Jahrusso
 
Windows 7 Premium 64: Microsoft Fixit Fehlermeldung [Code 8004FE2C] als Hinweis auf Infizierung - Standard

Windows 7 Premium 64: Microsoft Fixit Fehlermeldung [Code 8004FE2C] als Hinweis auf Infizierung



Sieht eigentlich alles ganz OK aus.

Downloade dir bitte Farbar Service Scanner Farbar Service Scanner
  • Starte das Tool mit Doppelklick auf die FSS.exe
  • Gehe sicher, dass folgende Optionen angehakt sind.
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Klicke auf Scan.
  • Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.

Poste bitte den Inhalt hier.



__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 16.03.2014, 11:43   #6
Max Frisch
 
Windows 7 Premium 64: Microsoft Fixit Fehlermeldung [Code 8004FE2C] als Hinweis auf Infizierung - Standard

Windows 7 Premium 64: Microsoft Fixit Fehlermeldung [Code 8004FE2C] als Hinweis auf Infizierung



Lieber Daniel,

hier der FSS.txt

Danke

Max

Code:
ATTFilter
Farbar Service Scanner Version: 25-02-2014
Ran by Alex (administrator) on 16-03-2014 at 11:42:04
Running from "D:\Download"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Disabled Policy: 
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
         

Alt 16.03.2014, 21:17   #7
Larusso
/// Selecta Jahrusso
 
Windows 7 Premium 64: Microsoft Fixit Fehlermeldung [Code 8004FE2C] als Hinweis auf Infizierung - Standard

Windows 7 Premium 64: Microsoft Fixit Fehlermeldung [Code 8004FE2C] als Hinweis auf Infizierung



Also ich finde da nichts was mich jetzt irgendwie aufschreien lassen würde.

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 19.03.2014, 06:47   #8
Max Frisch
 
Windows 7 Premium 64: Microsoft Fixit Fehlermeldung [Code 8004FE2C] als Hinweis auf Infizierung - Standard

Windows 7 Premium 64: Microsoft Fixit Fehlermeldung [Code 8004FE2C] als Hinweis auf Infizierung



Lieber Daniel,

sorry für die leicht verpätete Rückmeldung. Hier die Logs, wie von Dir skizziert

Viele Grüße und wie immer Danke

Max

AdwCleaner
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v3.022 - Bericht erstellt am 18/03/2014 um 16:20:57
# Aktualisiert 13/03/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Alex - MOSES
# Gestartet von : C:\Users\Alex\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\ClickIT
Ordner Gelöscht : C:\ProgramData\SaveByclick
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SaveByclick
Ordner Gelöscht : C:\Windows\System32\ARFC
Ordner Gelöscht : C:\Users\Alex\AppData\LocalLow\SaveByclick
Ordner Gelöscht : C:\Users\Alex\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar
Ordner Gelöscht : C:\Users\Alex\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\Users\login\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar
Ordner Gelöscht : C:\Users\Andy\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar
Ordner Gelöscht : C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\vok34p3v.default\Extensions\{3697b17c-b572-4862-a5e6-7f922c0f3403}
Ordner Gelöscht : C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\520xr6pu.default\Extensions\5102497f928b4@5102497f928ef.com
Ordner Gelöscht : C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\520xr6pu.default\Extensions\de-DE@dictionaries.addons.mozilla.org
Ordner Gelöscht : C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\520xr6pu.default\Extensions\zoteroWinWordIntegration@zotero.org
Ordner Gelöscht : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\malimhenbijpbhhahdbcfjehicncoknh
Datei Gelöscht : C:\Windows\System32\dmwu.exe
Datei Gelöscht : C:\Windows\System32\ImhxxpComm.dll
Datei Gelöscht : C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\520xr6pu.default\searchplugins\safesearch.xml
Datei Gelöscht : C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\vok34p3v.default\searchplugins\safesearch.xml

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SaveByClick_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SaveByClick_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Schlüssel Gelöscht : HKCU\Software\f558dd9e23be846
Schlüssel Gelöscht : HKLM\SOFTWARE\f558dd9e23be846
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_gtk_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_gtk_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_ordrumbox_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_ordrumbox_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{54DF9152-A1C9-25FF-CAFE-1F9FB5F3B5C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{54DF9152-A1C9-25FF-CAFE-1F9FB5F3B5C1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{54DF9152-A1C9-25FF-CAFE-1F9FB5F3B5C1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54DF9152-A1C9-25FF-CAFE-1F9FB5F3B5C1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\StartSearch
Schlüssel Gelöscht : HKCU\Software\vShare.tv
Schlüssel Gelöscht : HKCU\Software\wnlt
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\SP Global
Schlüssel Gelöscht : HKLM\Software\SProtector
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\IB Updater
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\wnlt
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm LTD Toolbar

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16521


-\\ Mozilla Firefox v27.0.1 (de)

[ Datei : C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\520xr6pu.default\prefs.js ]

Zeile gelöscht : user_pref("aol_toolbar.default.homepage.check", false);
Zeile gelöscht : user_pref("aol_toolbar.default.search.check", false);
Zeile gelöscht : user_pref("extensions.5102497f92962.scode", "(function(){try{if('aol.com,mail.google.com,premiumreports.info,search.babylon.com,search.gboxapp.com'.indexOf(window.self.location.hostname)>-1) return;}c[...]
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ".*");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "1");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "1");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.enable", "false");
Zeile gelöscht : user_pref("vshare.install.date", "1356509323");
Zeile gelöscht : user_pref("vshare.install.finished", "1.0.0");
Zeile gelöscht : user_pref("vshare.install.fresh", "false");
Zeile gelöscht : user_pref("vshare.install.guid", "{efa92ce8-05a7-413d-a9c9-ea1bd7d221a4}");
Zeile gelöscht : user_pref("vshare.install.newtab", false);

[ Datei : C:\Users\login\AppData\Roaming\Mozilla\Firefox\Profiles\1d08t0uc.default\prefs.js ]


[ Datei : C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\vok34p3v.default\prefs.js ]

Zeile gelöscht : user_pref("aol_toolbar.default.homepage.check", false);
Zeile gelöscht : user_pref("aol_toolbar.default.search.check", false);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.enable", "");

-\\ Google Chrome v

[ Datei : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [11708 octets] - [18/03/2014 16:18:52]
AdwCleaner[S0].txt - [10484 octets] - [18/03/2014 16:20:57]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10545 octets] ##########
         
--- --- ---

[/CODE]


Malwarebytes Anti-Malware
Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.03.18.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16521
Alex :: MOSES [administrator]

18.03.2014 16:25:54
mbam-log-2014-03-18 (16-25-54).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 321608
Time elapsed: 7 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
         

ESET
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=1041212b5280424288932f33b73077b7
# engine=17495
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-03-18 03:50:47
# local_time=2014-03-18 04:50:47 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3591 16777213 100 91 2688131 157783231 0 0
# compatibility_mode=5893 16776574 66 85 21529858 146787697 0 0
# scanned=30827
# found=3
# cleaned=0
# scan_time=453
sh=A696C5A0D50145AFDE3D3A71F70B1C3006AC2199 ft=1 fh=da0003b6601dbc17 vn="a variant of Win32/Adware.MultiPlug.I application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\SaveByclick\5102497f92a47.dll.vir"
sh=C02CD9AD656667DAD9BEFC6135A48D61D096A109 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\malimhenbijpbhhahdbcfjehicncoknh\1\5102497f927fb1.64614085.js.vir"
sh=8449F3471E1793BFEC5DF8B56D1556D1948CE9F0 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\520xr6pu.default\Extensions\5102497f928b4@5102497f928ef.com\content\bg.js.vir"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=1041212b5280424288932f33b73077b7
# engine=17495
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-03-18 10:19:43
# local_time=2014-03-18 11:19:43 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3591 16777213 100 91 2707867 157806567 0 0
# compatibility_mode=5893 16776574 66 85 21553194 146811033 0 0
# scanned=582083
# found=3
# cleaned=0
# scan_time=23298
sh=A696C5A0D50145AFDE3D3A71F70B1C3006AC2199 ft=1 fh=da0003b6601dbc17 vn="a variant of Win32/Adware.MultiPlug.I application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\SaveByclick\5102497f92a47.dll.vir"
sh=C02CD9AD656667DAD9BEFC6135A48D61D096A109 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\malimhenbijpbhhahdbcfjehicncoknh\1\5102497f927fb1.64614085.js.vir"
sh=8449F3471E1793BFEC5DF8B56D1556D1948CE9F0 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\520xr6pu.default\Extensions\5102497f928b4@5102497f928ef.com\content\bg.js.vir"
         

Alt 19.03.2014, 15:55   #9
Larusso
/// Selecta Jahrusso
 
Windows 7 Premium 64: Microsoft Fixit Fehlermeldung [Code 8004FE2C] als Hinweis auf Infizierung - Standard

Windows 7 Premium 64: Microsoft Fixit Fehlermeldung [Code 8004FE2C] als Hinweis auf Infizierung



Kein Problem.

Lösche bitte dir vorhandene FRST.exe


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Gehe sicher, dass ein Haken bei additions.txt gesetzt ist und poste diese ebenfalls.
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 19.03.2014, 19:47   #10
Max Frisch
 
Windows 7 Premium 64: Microsoft Fixit Fehlermeldung [Code 8004FE2C] als Hinweis auf Infizierung - Standard

Windows 7 Premium 64: Microsoft Fixit Fehlermeldung [Code 8004FE2C] als Hinweis auf Infizierung



Hallo Dende,

hier die logs

Viele Grüße

Max


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Alex (administrator) on MOSES on 19-03-2014 19:44:27
Running from C:\Users\Alex\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Message Controller\AsMessageController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Eee Manager\EeeManager.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Eee Manager\EMOSDControl\EMOSDControl.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Eee Manager\EMMessageParser.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Creative Technology Ltd.) C:\Program Files (x86)\Creative\Creative Media Lite\CTZDetec.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Dropbox, Inc.) C:\Users\login\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Eee Manager\AsShellApplication.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
(Farbar) C:\Users\Alex\Desktop\FRST64(1).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11048040 2010-07-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2103912 2010-07-22] (Realtek Semiconductor)
HKLM-x32\...\Run: [SonicMasterTray] - C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe [984400 2010-07-10] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [OOBESetup] - C:\Program Files (x86)\asus\OOBERegBackup\OOBERegBackup.exe [334848 2009-11-12] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [AsShellApplication] - C:\Program Files (x86)\ASUS\Eee Manager\AsShellApplication.exe [232064 2009-12-23] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [FreePDF Assistant] - C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2013-03-14] (shbox.de)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [186408 2013-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\RunOnce: [NCInstallQueue] - rundll32 netman.dll,ProcessQueue [360448 2009-07-14] (Microsoft Corporation)
HKU\.DEFAULT\...\Policies\system: [LogonHoursAction] 2
HKU\.DEFAULT\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3158290526-3171002894-2857290960-1000\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKU\S-1-5-21-3158290526-3171002894-2857290960-1000\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)
HKU\S-1-5-21-3158290526-3171002894-2857290960-1000\...\Run: [CTZDetec.exe] - C:\Program Files (x86)\Creative\Creative Media Lite\CTZDetec.exe [368640 2008-04-24] (Creative Technology Ltd.)
HKU\S-1-5-21-3158290526-3171002894-2857290960-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-3158290526-3171002894-2857290960-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3158290526-3171002894-2857290960-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\login\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\login\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Alex\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
Startup: C:\Users\login\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\schtasks.lnk
ShortcutTarget: schtasks.lnk -> C:\Windows\System32\schtasks.exe (Microsoft Corporation)
GroupPolicyUsers\S-1-5-21-3158290526-3171002894-2857290960-1005\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-3158290526-3171002894-2857290960-1002\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-3158290526-3171002894-2857290960-1000\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://fm4.orf.at/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xCACA911FDE26CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\520xr6pu.default
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", "");
FF Homepage: hxxp://fm4.orf.at/
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.10.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.18 - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdrmv2.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwmsdrm.dll (Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Hide My Ass Proxy Extension - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\520xr6pu.default\Extensions\extension@hidemyass.com.xpi [2011-09-10]
FF Extension: Stealthy - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\520xr6pu.default\Extensions\stealthyextension@gmail.com.xpi [2011-09-10]
FF Extension: TrackMeNot - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\520xr6pu.default\Extensions\trackmenot@mrl.nyu.edu.xpi [2011-06-01]
FF Extension: Zotero - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\520xr6pu.default\Extensions\zotero@chnm.gmu.edu.xpi [2014-03-10]
FF Extension: NoScript - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\520xr6pu.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-08-01]
FF Extension: Adblock Plus - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\520xr6pu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-06-01]
FF Extension: BetterPrivacy - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\520xr6pu.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2011-07-01]
FF Extension: vshare Add-On - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\520xr6pu.default\Extensions\{dd05fd3d-18df-4ce4-ae53-e795339c5f01}.xpi [2011-09-13]
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\IPSFF [2013-12-28]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\coFFPlgn\ []

Chrome: 
=======
CHR Extension: (No Name) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\malimhenbijpbhhahdbcfjehicncoknh [2013-01-25]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\Exts\Chrome.crx [2014-01-31]

==================== Services (Whitelisted) =================

R2 CTDevice_Srv; C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe [61440 2007-04-02] (Creative Technology Ltd)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-20] (Symantec Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [34528 2013-06-03] (The OpenVPN Project)

==================== Drivers (Whitelisted) ====================

R3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 ASInsHelp; C:\Windows\SysWow64\drivers\AsInsHelp64.sys [11832 2008-01-04] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-04-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-06-11] (DT Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-01-24] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-12-27] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20140318.001\IDSvia64.sys [524504 2014-03-06] (Symantec Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20140318.017\ENG64.SYS [126040 2014-03-10] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20140318.017\EX64.SYS [2099288 2014-03-10] (Symantec Corporation)
R3 SRTSP; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-15] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-04] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-20] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-12-28] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-04] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-24] (Symantec Corporation)
R3 USTOR2K; C:\Windows\System32\DRIVERS\ustor2k.sys [52224 2010-02-22] (Genesys Logic)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-19 19:42 - 2014-03-19 19:42 - 02157056 _____ (Farbar) C:\Users\Alex\Desktop\FRST64(1).exe
2014-03-18 21:00 - 2014-03-18 21:00 - 00002152 _____ () C:\{300D60F4-B291-40E3-8DDA-8B0B58D3745E}
2014-03-18 18:21 - 2014-03-18 18:21 - 00002464 _____ () C:\{5533F8DF-5863-4322-9AC1-8F77969FF312}
2014-03-18 16:23 - 2014-03-18 16:23 - 00010666 _____ () C:\Users\Alex\Desktop\AdwCleaner[S0].txt
2014-03-18 16:18 - 2014-03-18 16:21 - 00000000 ____D () C:\AdwCleaner
2014-03-18 16:18 - 2014-03-18 16:17 - 02347384 _____ (ESET) C:\Users\Alex\Desktop\esetsmartinstaller_enu.exe
2014-03-18 16:18 - 2014-03-18 16:17 - 01950720 _____ () C:\Users\Alex\Desktop\adwcleaner.exe
2014-03-16 11:12 - 2014-03-16 11:12 - 00041364 _____ () C:\Users\Alex\Desktop\Addition.txt
2014-03-16 09:38 - 2014-03-16 09:38 - 00009174 _____ () C:\Users\Alex\Desktop\Gmer.txt
2014-03-16 09:20 - 2014-03-19 19:44 - 00020156 _____ () C:\Users\Alex\Desktop\FRST.txt
2014-03-16 09:20 - 2014-03-16 09:20 - 00000470 _____ () C:\Users\Alex\Desktop\defogger_disable.log
2014-03-16 09:19 - 2014-03-16 08:42 - 02157056 _____ (Farbar) C:\Users\Alex\Desktop\FRST64.exe
2014-03-16 09:19 - 2014-03-16 08:42 - 00380416 _____ () C:\Users\Alex\Desktop\xpcnmm1p.exe
2014-03-16 09:19 - 2014-03-16 08:42 - 00050477 _____ () C:\Users\Alex\Desktop\Defogger.exe
2014-03-16 09:04 - 2014-03-19 19:44 - 00000000 ____D () C:\FRST
2014-03-16 09:04 - 2014-03-16 09:04 - 00000168 _____ () C:\Users\Alex\defogger_reenable
2014-03-16 08:30 - 2014-03-16 08:30 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-03-16 08:30 - 2014-03-16 08:30 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-03-16 08:30 - 2014-03-16 08:30 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-03-16 08:30 - 2014-03-16 08:30 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-03-13 20:49 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 20:49 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 20:49 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 20:49 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 20:49 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-13 20:49 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-13 20:49 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 20:49 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-13 20:49 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 20:49 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 20:49 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-13 20:49 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-13 20:49 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-13 20:49 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 20:49 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-13 20:49 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 20:49 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-13 20:49 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 20:49 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-13 20:49 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-13 20:49 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-13 20:49 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 20:49 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-13 20:49 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 20:49 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-13 20:49 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 20:49 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-13 20:49 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 20:49 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 20:49 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-13 20:49 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-13 20:49 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 20:49 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 20:49 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 20:49 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-13 20:49 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 20:49 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-13 20:49 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-13 20:49 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-13 20:49 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-13 20:49 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 20:49 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-13 20:49 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 20:49 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-13 20:49 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-13 20:49 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 20:49 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-13 20:49 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-06 08:47 - 2014-03-06 08:46 - 05426640 _____ () C:\Users\Alex\Desktop\Newold.tif
2014-02-28 09:18 - 2014-02-28 09:18 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-28 09:18 - 2014-02-28 09:18 - 00000000 ____D () C:\Users\Alex\AppData\Local\Skype
2014-02-22 21:16 - 2014-02-22 21:16 - 00173454 _____ () C:\Users\Andy\Desktop\handschuh ferse.bmp

==================== One Month Modified Files and Folders =======

2014-03-19 19:44 - 2014-03-16 09:20 - 00020156 _____ () C:\Users\Alex\Desktop\FRST.txt
2014-03-19 19:44 - 2014-03-16 09:04 - 00000000 ____D () C:\FRST
2014-03-19 19:43 - 2011-05-31 16:57 - 01170443 _____ () C:\Windows\WindowsUpdate.log
2014-03-19 19:42 - 2014-03-19 19:42 - 02157056 _____ (Farbar) C:\Users\Alex\Desktop\FRST64(1).exe
2014-03-19 19:41 - 2013-01-16 19:27 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Skype
2014-03-19 19:40 - 2012-01-17 17:16 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Dropbox
2014-03-19 19:39 - 2012-01-23 10:30 - 00000000 ____D () C:\Users\Alex\AppData\Local\FreePDF_XP
2014-03-19 19:39 - 2011-08-14 14:17 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-19 19:39 - 2011-05-31 16:59 - 00000000 ____D () C:\Users\Alex
2014-03-19 19:39 - 2011-05-19 00:53 - 01294608 _____ () C:\Windows\PFRO.log
2014-03-19 19:39 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-19 19:39 - 2009-07-14 05:51 - 00177868 _____ () C:\Windows\setupact.log
2014-03-19 06:33 - 2011-08-14 14:17 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-19 06:14 - 2012-04-13 17:53 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-18 21:00 - 2014-03-18 21:00 - 00002152 _____ () C:\{300D60F4-B291-40E3-8DDA-8B0B58D3745E}
2014-03-18 18:21 - 2014-03-18 18:21 - 00002464 _____ () C:\{5533F8DF-5863-4322-9AC1-8F77969FF312}
2014-03-18 16:53 - 2009-08-29 02:51 - 00713958 _____ () C:\Windows\system32\perfh007.dat
2014-03-18 16:53 - 2009-08-29 02:51 - 00154074 _____ () C:\Windows\system32\perfc007.dat
2014-03-18 16:53 - 2009-07-14 06:13 - 01648656 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-18 16:29 - 2009-07-14 05:45 - 00014928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-18 16:29 - 2009-07-14 05:45 - 00014928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-18 16:23 - 2014-03-18 16:23 - 00010666 _____ () C:\Users\Alex\Desktop\AdwCleaner[S0].txt
2014-03-18 16:21 - 2014-03-18 16:18 - 00000000 ____D () C:\AdwCleaner
2014-03-18 16:20 - 2011-06-07 20:48 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\CheckPoint
2014-03-18 16:20 - 2011-06-06 03:33 - 00000000 ____D () C:\Users\login\AppData\Roaming\CheckPoint
2014-03-18 16:20 - 2011-05-31 18:44 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\CheckPoint
2014-03-18 16:17 - 2014-03-18 16:18 - 02347384 _____ (ESET) C:\Users\Alex\Desktop\esetsmartinstaller_enu.exe
2014-03-18 16:17 - 2014-03-18 16:18 - 01950720 _____ () C:\Users\Alex\Desktop\adwcleaner.exe
2014-03-16 19:01 - 2013-07-31 08:22 - 00002046 ____H () C:\Users\Alex\Documents\Default.rdp
2014-03-16 12:10 - 2012-02-17 09:26 - 00000000 ____D () C:\Users\Alex\AppData\Local\FE1A721D-403E-4008-A26F-F1182F15E75C.aplzod
2014-03-16 11:12 - 2014-03-16 11:12 - 00041364 _____ () C:\Users\Alex\Desktop\Addition.txt
2014-03-16 10:27 - 2011-06-02 09:41 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-03-16 09:38 - 2014-03-16 09:38 - 00009174 _____ () C:\Users\Alex\Desktop\Gmer.txt
2014-03-16 09:20 - 2014-03-16 09:20 - 00000470 _____ () C:\Users\Alex\Desktop\defogger_disable.log
2014-03-16 09:04 - 2014-03-16 09:04 - 00000168 _____ () C:\Users\Alex\defogger_reenable
2014-03-16 08:43 - 2011-06-09 18:26 - 00000432 _____ () C:\Windows\BRWMARK.INI
2014-03-16 08:42 - 2014-03-16 09:19 - 02157056 _____ (Farbar) C:\Users\Alex\Desktop\FRST64.exe
2014-03-16 08:42 - 2014-03-16 09:19 - 00380416 _____ () C:\Users\Alex\Desktop\xpcnmm1p.exe
2014-03-16 08:42 - 2014-03-16 09:19 - 00050477 _____ () C:\Users\Alex\Desktop\Defogger.exe
2014-03-16 08:30 - 2014-03-16 08:30 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-03-16 08:30 - 2014-03-16 08:30 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-03-16 08:30 - 2014-03-16 08:30 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-03-16 08:30 - 2014-03-16 08:30 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-03-16 08:30 - 2013-10-17 12:59 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-15 16:33 - 2009-07-14 05:45 - 00425240 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-13 21:59 - 2012-10-23 10:51 - 00000000 ____D () C:\Users\Andy\AppData\Roaming\Skype
2014-03-13 20:43 - 2012-07-01 14:34 - 00000000 ____D () C:\Users\Andy\AppData\Local\FreePDF_XP
2014-03-12 19:14 - 2012-04-13 17:53 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 19:14 - 2012-04-13 17:53 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 19:14 - 2011-05-31 18:54 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-10 09:24 - 2012-03-10 10:16 - 00000000 ____D () C:\Users\Alex\AppData\Local\Deployment
2014-03-10 09:03 - 2013-12-07 08:54 - 00000000 ____D () C:\Users\Alex\Documents\Sammelband BZV
2014-03-10 09:03 - 2013-12-07 08:54 - 00000000 ____D () C:\Users\Alex\Documents\Datenanalyse-Einführung_2013
2014-03-10 09:02 - 2013-12-07 08:54 - 00000000 ____D () C:\Users\Alex\Documents\Burmesisch
2014-03-06 08:46 - 2014-03-06 08:47 - 05426640 _____ () C:\Users\Alex\Desktop\Newold.tif
2014-03-02 15:15 - 2013-03-17 16:13 - 00000000 ____D () C:\Windows\rescache
2014-03-01 07:05 - 2014-03-13 20:49 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 06:17 - 2014-03-13 20:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 06:16 - 2014-03-13 20:49 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 05:58 - 2014-03-13 20:49 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 05:52 - 2014-03-13 20:49 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 05:51 - 2014-03-13 20:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 05:42 - 2014-03-13 20:49 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 05:40 - 2014-03-13 20:49 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 05:37 - 2014-03-13 20:49 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 05:33 - 2014-03-13 20:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 05:33 - 2014-03-13 20:49 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 05:32 - 2014-03-13 20:49 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 05:30 - 2014-03-13 20:49 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 05:23 - 2014-03-13 20:49 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 05:17 - 2014-03-13 20:49 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 05:11 - 2014-03-13 20:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 05:02 - 2014-03-13 20:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 04:54 - 2014-03-13 20:49 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 04:52 - 2014-03-13 20:49 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 04:51 - 2014-03-13 20:49 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-13 20:49 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 04:43 - 2014-03-13 20:49 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 04:43 - 2014-03-13 20:49 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 04:42 - 2014-03-13 20:49 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 04:40 - 2014-03-13 20:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 04:38 - 2014-03-13 20:49 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 04:37 - 2014-03-13 20:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-01 04:35 - 2014-03-13 20:49 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 04:18 - 2014-03-13 20:49 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 04:16 - 2014-03-13 20:49 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 04:14 - 2014-03-13 20:49 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-13 20:49 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 04:03 - 2014-03-13 20:49 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 04:00 - 2014-03-13 20:49 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 03:57 - 2014-03-13 20:49 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-13 20:49 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-13 20:49 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-13 20:49 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-13 20:49 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-13 20:49 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-28 09:18 - 2014-02-28 09:18 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-28 09:18 - 2014-02-28 09:18 - 00000000 ____D () C:\Users\Alex\AppData\Local\Skype
2014-02-28 09:18 - 2011-07-21 16:39 - 00000000 ____D () C:\ProgramData\Skype
2014-02-26 12:49 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-25 20:20 - 2011-09-09 11:41 - 01622000 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-22 21:16 - 2014-02-22 21:16 - 00173454 _____ () C:\Users\Andy\Desktop\handschuh ferse.bmp
2014-02-21 14:28 - 2011-08-14 14:17 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-21 14:28 - 2011-08-14 14:17 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-21 13:20 - 2014-01-09 13:06 - 00000000 ____D () C:\Users\Alex\AppData\Local\CrashDumps
2014-02-21 13:20 - 2013-01-27 09:13 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\vlc
2014-02-17 20:14 - 2013-08-15 13:57 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-17 20:12 - 2011-09-09 09:56 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Files to move or delete:
====================
C:\Users\Alex\AppData\Roaming\CamLayout.ini
C:\Users\Alex\AppData\Roaming\CamShapes.ini


Some content of TEMP:
====================
C:\Users\Alex\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Alex\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Alex\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!


LastRegBack: 2014-03-18 23:47

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Addition
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Alex at 2014-03-19 19:44:50
Running from C:\Users\Alex\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton Internet Security (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}) (Version:  - Microsoft)
2007 Microsoft Office Suite Service Pack 1 (SP1) (x32 Version:  - Microsoft) Hidden
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
ActivePerl 5.16.3 Build 1603 (64-bit) (HKLM\...\{8C327061-E39D-4696-84A8-E84533ADDD7D}) (Version: 5.16.1603 - ActiveState)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.)
Amazon MP3-Downloader 1.0.9 (HKLM-x32\...\Amazon MP3-Downloader) (Version:  - )
Any Video Converter Ultimate 4.3.2 (HKLM-x32\...\Any Video Converter Ultimate_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Verifier (x64) (HKLM\...\{89026002-A893-42D9-9E20-6829B844735E}) (Version: 4.1.1078 - Microsoft Corporation)
Ashampoo Snap 3.50 (HKLM-x32\...\Ashampoo Snap 3_is1) (Version: 3.5.0 - ashampoo GmbH & Co. KG)
ASUS Easy Update (HKLM-x32\...\{9A9FEC4E-8696-43B4-8C19-5BE4D9038B55}) (Version: 2.00.18 - )
ASUS VIBE (HKLM-x32\...\ASUS VIBE) (Version: 1.0.188 - Ecareme, Inc.)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 2.0.46.1429 - eCareme Technologies, Inc.)
ASUSUpdate (HKLM-x32\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 7.18.03 - ASUSTeK Computer Inc.)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
AutoUpdate (HKLM-x32\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.0 - )
BeCyPDFMetaEdit (HKLM-x32\...\BeCyPDFMetaEdit) (Version: 2.37.0 - Benjamin Bentmann)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BurnAware Free 3.3.1 (HKLM-x32\...\BurnAware Free_is1) (Version:  - Burnaware Technologies)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.0.2838 - CDBurnerXP)
Convert AVI to MP4 1.3 (HKLM-x32\...\{9ECE13D2-C028-44CB-8A96-A65196E7BBE7}_is1) (Version:  - convertavitomp3.com)
ConvertXtoDVD 4.0.9.322 (HKLM-x32\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.0.9.322 - )
Cosmas II Client v3.11 (HKLM-x32\...\Cosmas II Client) (Version:  - )
Creative Media Lite (HKLM-x32\...\Creative Media Lite) (Version:  - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.40.2.0131 - DT Soft Ltd)
Debugging Tools for Windows (x64) (HKLM\...\{DBFC6AAE-DCCB-4C23-B01C-3EDDDC03298B}) (Version: 6.12.2.633 - Microsoft Corporation)
DivX (HKLM-x32\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 5.2.1 - DivXNetworks, Inc.)
ebi.BookReader3J (HKLM-x32\...\{F3D2DEDC-4732-4188-8A3A-1A3FFBD4D6C8}) (Version: 3.75.14 - eBOOK Initiative Japan Co., Ltd.)
Eee Docking (HKLM\...\{85EA6D4E-04CC-48b0-B526-EA9E2FEF56FA}) (Version: 3.9.3 - ASUSTek Computer Inc.)
Eee Manager (HKLM-x32\...\{795274EF-3EDA-4427-9D4C-446C9137BB6D}) (Version: 2.13.01 - ASUSTeK)
Eee Memo (HKLM-x32\...\{CF5451E4-DA6F-44AE-88D4-BCEC1508C17E}) (Version: 1.19.4 - ASUSTEK)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.0.20140212 - Landesfinanzdirektion Thüringen)
FileZilla Client 3.5.3 (HKLM-x32\...\FileZilla Client) (Version: 3.5.3 - FileZilla Project)
Free iPad Video Converter 3.7.2.1 (HKLM-x32\...\Free iPad Video Converter_is1) (Version:  - FreeAudioVideoSoftTech, Inc.)
Free M4a to MP3 Converter 7.0 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
Free Mp3 Wma Converter V 2.1 (HKLM-x32\...\Free Mp3 Wma Converter_is1) (Version: 2.1.0.0 - Koyote Soft)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
Game Park Console (HKLM-x32\...\{3B9B1FCD-AD30-4076-B027-8C01C8E84284}_is1) (Version: 6.2.1.1 - Oberon Media, Inc.)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 3.2.0.4 - Genesys Logic)
GIMP 2.6.12 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.12 - The GIMP Team)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
HandBrake 0.9.6 (HKLM-x32\...\HandBrake) (Version: 0.9.6 - )
iCloud (HKLM\...\{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}) (Version: 3.0.2.163 - Apple Inc.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.5.0 - LIGHTNING UK!)
ImTOO iPad Converter (HKLM-x32\...\ImTOO iPad Video Converter) (Version: 5.1.39.0305 - ImTOO)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
iTunes (HKLM\...\{A535111D-95C8-487F-869E-CE4C239972D2}) (Version: 11.1.1.11 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader (HKLM-x32\...\JDownloader) (Version:  - AppWork UG (haftungsbeschränkt))
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
K-Lite Codec Pack (64-bit) v4.6.0 (HKLM\...\KLiteCodecPack64_is1) (Version: 4.6.0 - )
K-Lite Codec Pack 5.2.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 5.2.0 - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Media Player Classic - Home Cinema v1.5.1.2903 x64 (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.5.1.2903 - MPC-HC Team)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Document Explorer 2008 (HKLM-x32\...\Microsoft Document Explorer 2008) (Version:  - Microsoft Corporation)
Microsoft Document Explorer 2008 (x32 Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6215.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (HKLM-x32\...\{90120000-00B2-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Search Enhancement Pack (x32 Version: 1.2.123.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU  (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU  (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Touch Pack for Windows 7 (HKLM-x32\...\{8FF90DB8-6DED-44A3-B182-244FEC09012F}) (Version: 1.0.40517.00 - Microsoft Corporation)
Microsoft Visual C++  Compilers 2010 Standard - enu - x64 (HKLM\...\{88387B3B-B110-392F-B919-1A15B48F21D4}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++  Compilers 2010 Standard - enu - x86 (HKLM-x32\...\{370187B9-6964-38D0-851F-6C4898B0C2B1}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ Compilers 2008 Standard Edition - enu - x64 (HKLM\...\{965DF723-5688-359E-84D2-417CAFE644B5}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ Compilers 2008 Standard Edition - enu - x86 (HKLM-x32\...\{44D9A2CB-0692-3180-B5E2-26F4E807D067}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Windows Performance Toolkit (HKLM\...\{E7F9E526-2324-437B-A609-E8C5309465CB}) (Version: 4.8.0 - Microsoft Corporation)
Microsoft Windows SDK .NET Framework Tools (30514) (Version: 7.1.30514 - Microsoft) Hidden
Microsoft Windows SDK for Visual Studio .NET 4.0 Framework Tools (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK for Windows 7 (7.1) (HKLM\...\SDKSetup_7.1.7600.0.30514) (Version: 7.1.7600.0.30514 - Microsoft Corporation)
Microsoft Windows SDK for Windows 7 (7.1) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK for Windows 7 Common Utilities (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK for Windows 7 Headers and Libraries (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK for Windows 7 Redistributable Components for Common Tools (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK for Windows 7 Samples (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK for Windows 7 Utilities for Win32 Development (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK Intellisense and Reference Assemblies (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK MSHelp (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK Net Fx Interop Headers And Libraries (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Miro Video Converter (HKLM-x32\...\Miro Video Converter) (Version: 0.8.0 - Participatory Culture Foundation)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MusicBridge (HKLM-x32\...\{549622DF-3674-459C-81F3-38124A45FA0E}) (Version: 2.0.1 - JimbobSoft)
muvee autoProducer 4.0 (HKLM-x32\...\{4013D7AC-AC71-4A81-AD57-5E6E46408492}) (Version: 4.01.000 - muvee Technologies)
muvee autoProducer Express (HKLM-x32\...\{738F7CB6-953D-4606-81A3-79C940674C05}) (Version: 1.00.000 - muvee Technologies)
muvee Reveal Runtime (HKLM-x32\...\{2BC34558-96D5-4CC2-AC67-F30DE28E7826}) (Version: 10.5.0.23245 - muvee Technologies Pte Ltd)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 20.4.0.40 - Symantec Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5888 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
OOBERegBackup (HKLM-x32\...\OOBERegBackup_is1) (Version:  - ASUSTeK Computer Inc.)
OpenVPN 2.3.2-I001  (HKLM\...\OpenVPN) (Version: 2.3.2-I001 - )
PDF Blender (HKLM-x32\...\PDF Blender) (Version:  - )
PDF24 Creator 6.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.6.2 - pdfforge)
Photomatix Pro version 4.0.2 (HKLM\...\PhotomatixPro4.0x64_is1) (Version: 4.0.2 - HDRsoft Sarl)
Pixum Fotobuch (HKLM-x32\...\Pixum Fotobuch) (Version: 5.1.3 - CEWE Stiftung u Co. KGaA)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version:  - Jan Fiala)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 1.5.1.0 - Ralink)
Rdio (HKCU\...\978ebae4705a27c4) (Version: 1.12.0.0 - Rdio)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6161 - Realtek Semiconductor Corp.)
Recovery Toolbox for PDF 1.2 (HKLM-x32\...\Recovery Toolbox for PDF_is1) (Version:  - Recovery Toolbox, Inc.)
Recuva (HKLM\...\Recuva) (Version: 1.41 - Piriform)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Safari (HKLM-x32\...\{FA4C2D53-205F-4245-9717-F3761154824D}) (Version: 5.34.57.2 - Apple Inc.)
SaveByClick (HKLM\...\{8F79EFE5-8D3D-4478-A693-C51F549ACD13}) (Version: 1.0 - SaveByClick) <==== ATTENTION
Shop'NCook Menu Version 4.0.14 (HKLM-x32\...\{7B2A623E-AF79-4C51-9843-62C0C5D45F74}_is1) (Version: 4.0.14 - Rufenacht Innovative)
simfy (HKLM-x32\...\Simfy) (Version: 1.6.2 - simfy GmbH)
simfy (x32 Version: 1.6.2 - simfy GmbH) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SonicMaster (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.00.0000 - Virage Logic, Corp.)
SopCast 3.3.2 (HKLM-x32\...\SopCast) (Version: 3.3.2 - www.sopcast.com)
Stata 12 (HKLM-x32\...\{5006A0E8-B9B0-48DF-981A-41D005B3E937}) (Version: 12.0 - StataCorp LP)
SUPER © v2012.build.54 (Nov 18, 2012) Version v2012.build.54 (HKLM-x32\...\{8F311E92-C29F-4DF9-8259-B739A1831669}_is1) (Version: v2012.build.54 - eRightSoft)
SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version:  - )
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TextMaker Viewer (HKLM-x32\...\TextMaker Viewer) (Version:  - SoftMaker Software GmbH)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Tune Sweeper (HKLM-x32\...\{DA4FD430-5084-4839-943B-CEDA5A64FFAB}) (Version: 1.037 - Wide Angle Software)
UltraEdit 16.10 (HKLM-x32\...\{6E157E09-AA2E-4090-8EC6-6B9F5FFFB287}) (Version: 16.10.35 - IDM Computer Solutions, Inc.)
VC 9.0 Runtime (x32 Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
Veetle TV 0.9.18 (HKLM-x32\...\Veetle TV) (Version: 0.9.18 - Veetle, Inc)
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
VobSub v2.23 (Remove Only) (HKLM-x32\...\VobSub) (Version:  - )
vShare.tv plugin 1.3 (HKLM-x32\...\vShare.tv plugin) (Version: 1.3 - vShare.tv, Inc.) <==== ATTENTION
VshareComplete (HKLM-x32\...\{ec4b6105-e039-42fb-8e18-c8aa393f0018}_is1) (Version:  - VshareComplete) <==== ATTENTION
WAV To MP3 V2 (HKLM-x32\...\WAV To MP3_is1) (Version:  - hxxp://www.WAVMP3.net)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Toolbar (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
Windows Media Encoder 9 Series (x32 Version: 9.00.2980 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows SDK IntellisenseNFX (x32 Version: 7.1.30514 - Microsoft) Hidden
WinRAR 4.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
XMedia Recode 3.0.9.0 (HKLM-x32\...\XMedia Recode) (Version: 3.0.9.0 - Sebastian Dörfler)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version:  - )
Zattoo4 4.0.5 (HKLM-x32\...\Zattoo4) (Version: 4.0.5 - Zattoo Inc.)

==================== Restore Points  =========================

13-03-2014 21:30:35 Windows Update
16-03-2014 07:29:41 Installed Java 7 Update 51

==================== Hosts content: ==========================

2009-07-14 03:34 - 2012-12-26 12:00 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0C80EC88-FB07-4F44-9E15-D23DBC03D24E} - System32\Tasks\ASUS\AsMessageController => C:\Program Files (x86)\ASUS\Message Controller\AsMessageController.exe [2009-12-22] (ASUSTeK Computer Inc.)
Task: {0C9A75B5-C0F6-4AD8-8864-CE69A819CE94} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe [2013-06-03] (Symantec Corporation)
Task: {13D4716A-2DDE-45CE-BCBE-EC28F955463D} - System32\Tasks\ASUS\EeeManagerSuiteHelper => C:\Program Files (x86)\ASUS\Eee Manager\AsEMRunHelper.exe [2010-05-07] (ASUSTeK Computer Inc.)
Task: {523285FC-32C6-4419-A0B0-9160CB2833B7} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [2013-06-03] (Symantec Corporation)
Task: {5ADF3004-C5B2-448D-918B-C093DA2C026A} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [2013-06-03] (Symantec Corporation)
Task: {7849BD2E-7194-4203-A12B-B2FA32F659EA} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {A77851AD-89D3-42F4-BE99-1AF6A59EA303} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-14] (Google Inc.)
Task: {B1D6BFFD-B00A-4CB6-ADBE-88BC8D17620F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-14] (Google Inc.)
Task: {BD57FF74-8A88-4378-BD71-D2B076E1F7EE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {CB2A12D4-3618-4D95-96CE-5B7DF0160D69} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2009-12-29] (ASUSTeK Computer Inc.)
Task: {D4E3A64C-05BE-43B4-B443-15CFD389BC29} - System32\Tasks\{CD05356B-2034-4AE7-A2E5-0C9B679971D1} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-02-10] (Skype Technologies S.A.)
Task: {E7F761F2-E87C-4FF5-A461-7D36511E622A} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {F75887A8-7924-4CE1-AB77-C9DED2E90062} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-01-23 10:27 - 2010-06-17 21:56 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2010-03-16 02:48 - 2010-03-16 02:48 - 00148816 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\EcaremeDLL.dll
2010-08-02 19:20 - 2010-08-02 19:20 - 00030032 _____ () C:\Windows\assembly\GAC_MSIL\SqliteShared\1.0.3726.20828__0d0f4b69e50e559b\SqliteShared.dll
2010-08-02 19:20 - 2010-08-02 19:20 - 00931840 _____ () C:\Windows\assembly\GAC_64\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll
2011-06-01 06:20 - 2011-03-02 11:40 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2011-09-27 07:23 - 2011-09-27 07:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 07:22 - 2011-09-27 07:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-01-08 14:41 - 2012-01-08 14:41 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2013-12-28 16:36 - 2012-05-30 07:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\wincfi39.dll
2010-08-02 19:03 - 2009-09-16 02:17 - 00098304 _____ () C:\Program Files (x86)\ASUS\Message Controller\AsKeyboardHooker.dll
2010-08-02 19:03 - 2008-11-04 12:23 - 00077824 _____ () C:\Program Files (x86)\ASUS\Message Controller\AsRemoteControlHooker.dll
2010-08-02 19:03 - 2007-11-01 01:51 - 00061440 _____ () C:\Program Files (x86)\ASUS\Eee Manager\AsMultiLang.dll
2010-08-02 19:03 - 2008-10-29 04:52 - 00176128 _____ () C:\Program Files (x86)\ASUS\Eee Manager\ImageMgr.dll
2010-08-02 19:03 - 2007-11-01 01:51 - 00061440 _____ () C:\Program Files (x86)\ASUS\Eee Manager\EMOSDControl\MultiLang\AsMultiLang.dll
2010-08-02 19:03 - 2007-11-01 01:51 - 00061440 _____ () C:\Program Files (x86)\ASUS\Eee Manager\MessageParser\AsMultiLang.dll
2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2014-02-15 16:29 - 2014-02-15 16:29 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-12-28 16:36 - 2012-05-30 07:51 - 00699280 ____R () C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\wincfi39.dll
2007-08-28 22:14 - 2007-08-28 22:14 - 00759648 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:C64BF02A

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ASUS Easy Update => C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe
MSCONFIG\startupreg: ASUS WebStorage => C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Eee Docking => C:\Program Files\ASUS\Eee Docking\Eee Docking.exe autorun
MSCONFIG\startupreg: FreePDF Assistant => "C:\Program Files (x86)\FreePDF_XP\fpassist.exe"
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: UMonit => C:\Windows\SysWOW64\UMonit.exe
MSCONFIG\startupreg: YouCam Mirror Tray icon => "C:\Program Files (x86)\ASUS\Eee Cam\YouCamTray.exe" /s

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/19/2014 06:42:43 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/18/2014 11:49:19 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (03/18/2014 11:48:09 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="ia64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="ia64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (03/18/2014 11:48:02 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="ia64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="ia64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (03/18/2014 11:47:52 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="ia64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="ia64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (03/18/2014 05:33:33 PM) (Source: Application Hang) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: aa0

Startzeit: 01cf42bdd36edeb0

Endzeit: 100

Anwendungspfad: C:\Windows\Explorer.EXE

Berichts-ID: 09828b10-aebb-11e3-8985-dcf3b035855c

Error: (03/18/2014 04:51:12 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/18/2014 04:51:10 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/18/2014 04:51:10 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/18/2014 04:41:16 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (03/19/2014 07:40:02 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (03/19/2014 07:40:02 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (03/19/2014 07:40:02 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (03/19/2014 07:40:02 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (03/19/2014 07:40:02 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (03/19/2014 07:40:02 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (03/19/2014 07:39:53 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (03/19/2014 07:39:53 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (03/19/2014 07:39:53 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (03/19/2014 07:39:28 PM) (Source: Microsoft-Windows-GroupPolicy) (User: Moses)
Description: Fehler bei der Verarbeitung der Gruppenrichtlinie. Es wurde versucht, registrierungsbasierte Richtlinieneinstellungen für das Gruppenrichtlinienobjekt "LocalGPO" zu lesen. Die Gruppenrichtlinieneinstellungen dürfen nicht erzwungen werden, bis dieses Ereignis behoben ist. Weitere Informationen über den Dateinamen und -pfad, der den Fehler verursacht hat, können den Ereignisdetails entnommen werden.


Microsoft Office Sessions:
=========================
Error: (10/27/2012 07:42:13 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 878 seconds with 840 seconds of active time.  This session ended with a crash.

Error: (08/19/2011 01:56:28 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 4970 seconds with 840 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2012-12-26 12:00:17.763
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-12-26 12:00:17.701
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-12-26 12:00:17.638
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-12-26 12:00:17.576
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-12-26 11:32:54.547
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-12-26 11:32:54.485
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-12-26 08:47:44.200
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-26 08:39:50.325
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-26 08:30:23.833
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-25 19:44:52.117
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 32%
Total physical RAM: 8119.05 MB
Available physical RAM: 5454.24 MB
Total Pagefile: 16236.28 MB
Available Pagefile: 13605.84 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (WIN7) (Fixed) (Total:80 GB) (Free:13.04 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:603.6 GB) (Free:155.17 GB) NTFS
Drive g: () (Removable) (Total:14.83 GB) (Free:11.54 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 1B97BFC8)
Partition 1: (Not Active) - (Size=15 GB) - (Type=1B)
Partition 2: (Active) - (Size=80 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=604 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=39 MB) - (Type=EF)

========================================================
Disk: 1 (Size: 15 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================
         

Alt 19.03.2014, 20:41   #11
Larusso
/// Selecta Jahrusso
 
Windows 7 Premium 64: Microsoft Fixit Fehlermeldung [Code 8004FE2C] als Hinweis auf Infizierung - Standard

Windows 7 Premium 64: Microsoft Fixit Fehlermeldung [Code 8004FE2C] als Hinweis auf Infizierung



Hy

Deinstalliere bitte
SaveByClick
vShare.tv plugin 1.3
VshareComplete


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
GroupPolicyUsers\S-1-5-21-3158290526-3171002894-2857290960-1005\User: Group Policy restriction detected <======= ATTENTION 
GroupPolicyUsers\S-1-5-21-3158290526-3171002894-2857290960-1002\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-3158290526-3171002894-2857290960-1000\User: Group Policy restriction detected <======= ATTENTION
SearchScopes: HKLM - DefaultScope value is missing. 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =  
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File 
Toolbar: HKCU - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File 
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Noch Probleme ?
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 20.03.2014, 08:14   #12
Max Frisch
 
Windows 7 Premium 64: Microsoft Fixit Fehlermeldung [Code 8004FE2C] als Hinweis auf Infizierung - Standard

Windows 7 Premium 64: Microsoft Fixit Fehlermeldung [Code 8004FE2C] als Hinweis auf Infizierung



Guten Morgen,

besten dan, hier der Inhalt des Fixlog. Bei mir sind bisher keinerlei weiteren Probleme aufgetreten.

VG

Max

Fixlog
Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by Alex at 2014-03-20 08:09:34 Run:1
Running from C:\Users\Alex\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
GroupPolicyUsers\S-1-5-21-3158290526-3171002894-2857290960-1005\User: Group Policy restriction detected <======= ATTENTION 
GroupPolicyUsers\S-1-5-21-3158290526-3171002894-2857290960-1002\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-3158290526-3171002894-2857290960-1000\User: Group Policy restriction detected <======= ATTENTION
SearchScopes: HKLM - DefaultScope value is missing. 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =  
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File 
Toolbar: HKCU - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File 
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
         
*****************

C:\Windows\system32\GroupPolicyUsers\S-1-5-21-3158290526-3171002894-2857290960-1005\User => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-3158290526-3171002894-2857290960-1002\User => Moved successfully.
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-3158290526-3171002894-2857290960-1000\User => Moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Value deleted successfully.
HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} => Value deleted successfully.
HKCR\CLSID\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Value deleted successfully.
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Key not found.


The system needed a reboot. 

==== End of Fixlog ====
         

Alt 21.03.2014, 11:27   #13
Larusso
/// Selecta Jahrusso
 
Windows 7 Premium 64: Microsoft Fixit Fehlermeldung [Code 8004FE2C] als Hinweis auf Infizierung - Standard

Windows 7 Premium 64: Microsoft Fixit Fehlermeldung [Code 8004FE2C] als Hinweis auf Infizierung



Hört sich gut an.

Ich bin gerade nur mobil online und melde mich am Abend mit den letzten Instruktionen
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 23.03.2014, 08:46   #14
Larusso
/// Selecta Jahrusso
 
Windows 7 Premium 64: Microsoft Fixit Fehlermeldung [Code 8004FE2C] als Hinweis auf Infizierung - Standard

Windows 7 Premium 64: Microsoft Fixit Fehlermeldung [Code 8004FE2C] als Hinweis auf Infizierung



Sorry, mir kam doch so einiges dazwischen


Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.




Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Antwort

Themen zu Windows 7 Premium 64: Microsoft Fixit Fehlermeldung [Code 8004FE2C] als Hinweis auf Infizierung
.dll, administrator, adobe, bonjour, browser, combofix, explorer, fehlermeldung, fix it fixit 8004fe2c, flash player, focus, home, homepage, mozilla, ntdll.dll, problem, programm, proxy, realtek, registry, rootkit, rundll, security, svchost.exe, symantec, temp, windows, winlogon.exe




Ähnliche Themen: Windows 7 Premium 64: Microsoft Fixit Fehlermeldung [Code 8004FE2C] als Hinweis auf Infizierung


  1. Kein Updates Windows 7 u. Avira mehr möglich Hinweis!
    Plagegeister aller Art und deren Bekämpfung - 16.09.2015 (1)
  2. Hinweis zur Reparatur von Windows
    Log-Analyse und Auswertung - 26.10.2014 (18)
  3. Windows 8.1: Trojaner - Hinweis durch Online-Banking
    Log-Analyse und Auswertung - 05.06.2014 (6)
  4. Windows 7 64 bit: Windows Updates werden nicht installiert (Fehler: Code 80246008)
    Log-Analyse und Auswertung - 08.01.2014 (1)
  5. Vista Home Premium SP2: Fehlermeldung bei Aufruf von allen exe-Dateien: "xxx.exe - Ungültiges Bild"
    Log-Analyse und Auswertung - 13.11.2013 (9)
  6. Weißer Bildschirm nach Windows-Start (Windows 7 Premium Home)
    Plagegeister aller Art und deren Bekämpfung - 28.08.2013 (13)
  7. Weißer Bildschirm beim Start von Windows 7 mit Bundespolizei Hinweis
    Plagegeister aller Art und deren Bekämpfung - 03.04.2013 (18)
  8. Microsoft-Update schlägt fehl (Secunia Fehlermeldung)
    Alles rund um Windows - 02.04.2013 (2)
  9. Windows7 Home Premium Update Fehler. Error Code: 80070643 und 80071A91; Mic.Answers vermutet Befall
    Log-Analyse und Auswertung - 05.04.2012 (20)
  10. Windows 7 blockiert beim Starten mit Hinweis "Achtung Windows wurde gesperrt"
    Plagegeister aller Art und deren Bekämpfung - 30.12.2011 (9)
  11. Microsoft veröffentlicht Code-Sample-Katalog
    Nachrichten - 25.02.2011 (0)
  12. Logfile nach Infizierung durch Microsoft Security Essentials Alert und soo -.-
    Log-Analyse und Auswertung - 15.01.2011 (58)
  13. Fünf Mal "Remote Code Execution" zum Microsoft Patchday
    Nachrichten - 04.09.2009 (0)
  14. Fehlermeldung Microsoft Visual C++ Debug Library
    Mülltonne - 03.10.2008 (1)
  15. Microsoft Office Outlook 2003 Fehlermeldung
    Alles rund um Windows - 03.01.2008 (2)
  16. Windows Logon - Hinweis auf neue Mails
    Alles rund um Windows - 30.07.2005 (5)
  17. hinweis zum windows xp sp1a
    Alles rund um Windows - 09.02.2003 (3)

Zum Thema Windows 7 Premium 64: Microsoft Fixit Fehlermeldung [Code 8004FE2C] als Hinweis auf Infizierung - Lieber Helferinnen, liebe Helfer, ich wende mich an Euch mit der Bitte um Hilfe. Ich benutze Windows Home 7 Premium in einer 64bit Version. Bei dem Versuch Java Runtime auf - Windows 7 Premium 64: Microsoft Fixit Fehlermeldung [Code 8004FE2C] als Hinweis auf Infizierung...
Archiv
Du betrachtest: Windows 7 Premium 64: Microsoft Fixit Fehlermeldung [Code 8004FE2C] als Hinweis auf Infizierung auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.