| |
| |||||||
Log-Analyse und Auswertung: User wangzhisong unter c:\users\Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
22.06.2014, 22:52
| #1 |
 |  User wangzhisong unter c:\users\ Hallo, ich habe unter c:\users\ den Benutzer wangzhisong gefunden. Das bin ich definitiv nicht. Durch googeln hab ich nicht ausschließen können, ob es sich dabei um einen Virus handelt oder nicht, daher wende ich mich hier an euch. Mein Virenscanner hat bisher nicht Alarm geschlagen. Da ich beim erstellen des Threads die Warnung bekommen habe, dass er zu lang ist, habe ich die Dateien angefügt. Beim Hochladen der Logs habe ich die Fehlermeldung bekommen, dass die Dateien zu groß sind, deshalb habe ich sie gepackt. Vielen Dank |
|
23.06.2014, 06:15
| #2 |
| /// the machine /// TB-Ausbilder    | User wangzhisong unter c:\users\ Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
23.06.2014, 06:17
| #3 |
| | User wangzhisong unter c:\users\ Hey,
__________________danke für die schnelle Antwort. Ich probiere es mal mit aufteilen: Defogger-disable Code:
ATTFilter d e f o g g e r _ d i s a b l e b y j p s h o r t s t u f f ( 2 3 . 0 2 . 1 0 . 1 )
L o g c r e a t e d a t 2 2 : 3 4 o n 2 2 / 0 6 / 2 0 1 4 ( M a t t h i a s )
C h e c k i n g f o r a u t o s t a r t v a l u e s . . .
H K C U \ ~ \ R u n v a l u e s r e t r i e v e d .
H K L M \ ~ \ R u n v a l u e s r e t r i e v e d .
C h e c k i n g f o r s e r v i c e s / d r i v e r s . . .
S P T D - > D i s a b l e d ( S e r v i c e r u n n i n g - > r e b o o t r e q u i r e d )
- = E . O . F = -
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-06-2014 01
Ran by Matthias (administrator) on MATTHIAS-PC on 22-06-2014 22:42:56
Running from C:\Users\Matthias\Downloads
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(SOURCENEXT) C:\Windows\SysWOW64\bgsvcgen.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files (x86)\ownCloud Client\owncloud.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\Matthias\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Seagate) C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\nacl64.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Ghisler Software GmbH) C:\Program Files (x86)\totalcmd\TOTALCMD.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1279480 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [1807360 2011-10-19] (Dominik Reichl)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-06-21] (AVAST Software)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1279120 2012-09-27] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM\...\Policies\Explorer: [NoInstrumentation] 0
HKU\S-1-5-21-2421184407-1128806621-541807395-1001\...\Run: [ownCloud] => C:\Program Files (x86)\ownCloud Client\owncloud.exe [16978503 2014-02-13] ()
HKU\S-1-5-21-2421184407-1128806621-541807395-1001\...\Run: [GoogleChromeAutoLaunch_8265D6534E6C32D01005D7D3455D029D] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.)
Startup: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Matthias\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ownCloud.lnk
ShortcutTarget: ownCloud.lnk -> C:\Program Files (x86)\ownCloud Client\owncloud.exe ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: 01UnsuppModule -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => No File
ShellIconOverlayIdentifiers: 02SyncingModule -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => No File
ShellIconOverlayIdentifiers: 03SyncedModule -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => No File
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
ProxyServer: :0
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x18A0B07BF47CCB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {2E4024D0-74C4-43EE-8B3D-F083E2E5BB33} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {2E4024D0-74C4-43EE-8B3D-F083E2E5BB33} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {EF8FE9E1-718E-4F3C-B1F4-E9283E313552} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll (CANON INC.)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
DPF: HKLM-x32 {6E718D87-6909-4FCE-92D4-EDCB2F725727} hxxp://www.navigram.com/engine/v911/Navigram.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15111/CTPID.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @qnap.com/MonitorPlayer - C:\Program Files (x86)\QNAP\VioStorMonitor\npMonHost.dll ( QNAP System, Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Gutscheinrausch.de - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\2v4wj4ej.qjf [2011-07-03]
FF Extension: Flash Video Downloader - Full HD Download - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\artur.dubovoy@gmail.com [2014-06-21]
FF Extension: Xmarks - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\foxmarks@kei.com [2013-05-25]
FF Extension: LavaFox V2 - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\info@djzig.com [2014-06-21]
FF Extension: DOM Inspector - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\inspector@mozilla.org [2013-04-26]
FF Extension: KeeFox - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\keefox@chris.tomlinson [2014-06-21]
FF Extension: LastPass - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\support@lastpass.com [2014-06-21]
FF Extension: FT DeepDark - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2014-06-21]
FF Extension: DownloadHelper - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-06-21]
FF Extension: Evernote Web Clipper - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800} [2014-01-04]
FF Extension: Hide My Ass Proxy Extension - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\extension@hidemyass.com.xpi [2013-10-27]
FF Extension: Firebug - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\firebug@software.joehewitt.com.xpi [2012-01-13]
FF Extension: InspectThis - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\inspectthis@mackay.dyndns.info.xpi [2012-01-13]
FF Extension: MD5 Reborned Hasher - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\md5rehasher@phoneixs.es.xpi [2012-01-07]
FF Extension: Social Fixer - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\socialfixer@mattkruse.com.xpi [2011-11-12]
FF Extension: FlashGot - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2011-06-03]
FF Extension: Cookie Monster - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\{45d8ff86-d909-11db-9705-005056c00008}.xpi [2012-01-07]
FF Extension: CookieCuller - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\{99B98C2C-7274-45a3-A640-D9DF1A1C8460}.xpi [2012-01-03]
FF Extension: Shine Bright Skin Aero - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\{c7b3cf78-9cbc-47b9-ba47-bb84a56069dd}.xpi [2012-04-06]
FF Extension: Adblock Plus - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-03-27]
FF Extension: Greasemonkey - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-09-02]
FF Extension: User Agent Switcher - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [2012-01-14]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-03-29]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Acronis Backup and Security\Acronis Backup and Security 2010\bdtbext
Chrome:
=======
CHR HomePage: hxxp://www.tagesschau.de/
CHR StartupUrls: "hxxp://start.mysearchdial.com/?f=1&a=MSD2&cd=2XzuyEtN2Y1L1QzuyDyEtByBtC0EtDtA0A0ByD0EyE0D0DtDtN0D0Tzu0CyBzztAtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=883820068&ir="
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U11) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Nitro PDF Plug-In) - C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll No File
CHR Plugin: (Monitor Host plugin) - C:\Program Files (x86)\QNAP\VioStorMonitor\npMonHost.dll ( QNAP System, Inc)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (Google Docs) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-02-06]
CHR Extension: (Google Drive) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-02-06]
CHR Extension: (YouTube) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-02-06]
CHR Extension: (Google Cast) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-04-18]
CHR Extension: (Proxy Switchy!) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\caehdcpeofiiigpdhbabniblemipncjj [2013-10-27]
CHR Extension: (Google-Suche) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-02-06]
CHR Extension: (Send to c:geo) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmjnanlejfopnmlbaglhakppcgfiehmi [2013-11-26]
CHR Extension: (sendToCgeo) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebcekkbgdfmadcndplemkpligfnoiomn [2013-03-25]
CHR Extension: (Google Play Music) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2014-06-21]
CHR Extension: (JDownloader Integration) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmochcijbhgjfdmojjenfabpafelhgdc [2013-06-23]
CHR Extension: (avast! Online Security) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-05-24]
CHR Extension: (MFCTools) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\himjbipiceflfkibobojfdblmfccnhcm [2014-01-18]
CHR Extension: (Social Fixer for Facebook) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb [2013-03-25]
CHR Extension: (FVD Downloader) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2014-04-19]
CHR Extension: (Google Maps) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2013-03-25]
CHR Extension: (pyLCEX) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\lonijbpbhgckjaagllgmgifkidcojban [2013-11-18]
CHR Extension: (Hangouts) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2013-12-01]
CHR Extension: (chaturbate) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkmhamhlgmjchgiclojjodgmbjjehmde [2014-01-18]
CHR Extension: (Google Wallet) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-28]
CHR Extension: (chromeIPass) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\ompiailgknfdndiefoaoiligalphfdae [2013-03-25]
CHR Extension: (Google Mail) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-02-06]
CHR Extension: (Sexy Girl Chrome Theme - Arthur) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkibpgkliocdchedibhioiibdiddomac [2013-03-25]
CHR Extension: (Tapatalk Notifier) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\plfhcjljnfjpfcbjpgnflfofmahljkjj [2013-03-31]
==================== Services (Whitelisted) =================
R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-04] (AVAST Software)
R2 bgsvcgen; C:\Windows\SysWOW64\bgsvcgen.exe [139264 2011-07-07] (SOURCENEXT) [File not signed]
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2010-01-27] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2010-01-27] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2008-11-18] (Creative Technology Ltd) [File not signed]
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-03-26] (Nitro PDF Software)
S2 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [278336 2011-09-19] (NVIDIA)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-02-16] ()
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-07-03] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [245760 2011-02-18] () [File not signed]
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
S2 Aspi32; C:\Windows\SysWow64\Drivers\Aspi32.sys [23936 1997-12-23] (Adaptec) [File not signed]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-04] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-04] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-06-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-04] ()
S3 ATITool; C:\Windows\System32\DRIVERS\ATITool64.sys [30720 2006-11-10] () [File not signed]
S1 cdrbsdrv; C:\Windows\SysWow64\Drivers\cdrbsdrv.sys [38944 2011-07-07] (B.H.A Corporation)
S3 DbusAudio; C:\Windows\System32\drivers\DbusAudio.sys [33336 2010-04-28] (Windows (R) Codename Longhorn DDK provider)
S3 DLPortIO; C:\Windows\SysWOW64\DRIVERS\DLPortIO.SYS [3584 2000-06-29] () [File not signed]
S3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 nvoclk64; C:\Windows\System32\DRIVERS\nvoclk64.sys [42088 2009-09-15] (NVIDIA Corp.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 PciPPorts; C:\Windows\System32\DRIVERS\PciPPorts.sys [96768 2009-07-23] ()
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-07-03] (Secunia)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2013-01-11] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2013-01-11] ()
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-02-18] (Duplex Secure Ltd.)
S3 StarOpen; No ImagePath
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-09-17] (Anchorfree Inc.)
R0 tdrpman258; C:\Windows\System32\DRIVERS\tdrpm258.sys [1477728 2012-10-05] (Acronis)
S1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [59184 2011-11-17] (Windows (R) 2000 DDK provider)
S1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [572336 2011-11-17] (Paragon)
S1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [352816 2011-11-17] (Paragon)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [51712 2011-02-18] (Apple, Inc.) [File not signed]
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [113936 2013-12-18] (Oracle Corporation)
R1 vmm; C:\Windows\system32\Treiber\vmm.sys [294232 2013-12-30] (Microsoft Corporation)
R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [260608 2012-02-27] (Jungo)
S3 massfilter; system32\drivers\massfilter.sys [X]
S1 UserPort; \SystemRoot\System32\Drivers\UserPort.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-22 22:42 - 2014-06-22 22:44 - 00034166 _____ () C:\Users\Matthias\Downloads\FRST.txt
2014-06-22 22:42 - 2014-06-22 22:43 - 00000000 ____D () C:\FRST
2014-06-22 22:41 - 2014-06-22 22:41 - 02083328 _____ (Farbar) C:\Users\Matthias\Downloads\FRST64.exe
2014-06-22 22:34 - 2014-06-22 22:34 - 00000588 _____ () C:\Users\Matthias\Downloads\defogger_disable.log
2014-06-22 22:34 - 2014-06-22 22:34 - 00000020 _____ () C:\Users\Matthias\defogger_reenable
2014-06-22 22:33 - 2014-06-22 22:33 - 00050477 _____ () C:\Users\Matthias\Downloads\Defogger.exe
2014-06-22 22:14 - 2014-06-22 22:14 - 01333465 _____ () C:\Users\Matthias\Downloads\adwcleaner_3.212.exe
2014-06-22 22:01 - 2014-06-22 22:01 - 00511782 _____ () C:\Users\Matthias\Downloads\Autoruns.zip
2014-06-22 16:38 - 2014-06-22 16:38 - 00000000 ____D () C:\SymCache
2014-06-22 16:37 - 2014-06-22 16:39 - 00000000 ____D () C:\Users\Matthias\Documents\WPA Files
2014-06-22 16:30 - 2014-06-22 16:42 - 00000000 ____D () C:\log
2014-06-22 16:03 - 2014-06-22 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2014-06-22 16:03 - 2014-06-22 16:03 - 00000000 ____D () C:\Program Files (x86)\Windows Kits
2014-06-22 16:02 - 2014-06-22 16:03 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-22 15:58 - 2014-06-22 15:58 - 00163917 _____ () C:\Users\Matthias\Downloads\ReleaseNotes_Win7_1RTMSDK.Htm
2014-06-22 15:55 - 2014-06-22 15:55 - 00003152 _____ () C:\Windows\System32\Tasks\{2C697FBE-AB3C-4455-BE91-C1F9DD5491D6}
2014-06-22 15:48 - 2014-05-20 01:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-06-22 15:48 - 2014-05-15 01:49 - 03774821 _____ () C:\Windows\system32\nvcoproc.bin
2014-06-22 15:45 - 2014-06-22 15:45 - 00509264 _____ (Microsoft Corporation) C:\Users\Matthias\Downloads\winsdk_web.exe
2014-06-22 15:45 - 2014-05-20 04:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-06-22 15:45 - 2014-05-20 04:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-06-22 15:39 - 2014-06-22 15:39 - 00091181 _____ () C:\Windows\ZTEInstallInfo.log
2014-06-22 15:35 - 2014-06-22 15:35 - 04748896 _____ (Piriform Ltd) C:\Users\Matthias\Downloads\ccsetup414.exe
2014-06-22 15:33 - 2014-06-22 15:34 - 00991536 _____ (Microsoft Corporation) C:\Users\Matthias\Downloads\sdksetup.exe
2014-06-22 15:33 - 2014-05-30 01:07 - 01715176 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-06-22 15:33 - 2014-05-30 01:07 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-06-22 15:31 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-06-22 15:31 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-06-21 18:10 - 2014-06-21 18:10 - 00000000 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-21 18:00 - 2014-06-21 18:07 - 00000826 _____ () C:\Windows\SecuniaPackage.log
2014-06-21 17:57 - 2014-06-21 17:58 - 18732144 _____ (Adobe Systems Inc.) C:\Users\Matthias\Downloads\AdobeAIRInstaller (5).exe
2014-06-21 17:52 - 2014-06-21 17:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-21 13:41 - 2014-06-21 15:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-06-21 13:09 - 2014-06-21 13:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-21 13:08 - 2014-06-21 13:08 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-21 13:08 - 2014-06-21 13:08 - 00000000 ____D () C:\Program Files\iTunes
2014-06-21 13:08 - 2014-06-21 13:08 - 00000000 ____D () C:\Program Files\iPod
2014-06-21 13:08 - 2014-06-21 13:08 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-21 12:57 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-21 12:57 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-21 12:57 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-06-21 12:57 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-06-21 12:56 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-21 12:56 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-21 12:56 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-21 12:56 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-21 12:56 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-21 12:56 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-21 12:56 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-21 12:56 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-21 12:56 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-21 12:56 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-21 12:56 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-21 12:56 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-21 12:56 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-21 12:56 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-21 12:56 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-21 12:56 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-21 12:56 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-21 12:56 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-21 12:56 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-21 12:56 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-21 12:56 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-21 12:56 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-21 12:56 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-21 12:56 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-21 12:56 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-21 12:56 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-21 12:56 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-21 12:56 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-21 12:56 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-21 12:56 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-21 12:56 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-21 12:56 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-21 12:56 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-21 12:56 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-21 12:56 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-21 12:56 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-21 12:56 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-21 12:56 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-21 12:56 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-21 12:56 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-21 12:56 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-21 12:56 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-21 12:56 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-21 12:56 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-21 12:56 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-21 12:56 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-21 12:56 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-21 12:56 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-21 12:56 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-21 12:56 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-21 12:56 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-21 12:56 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-21 12:56 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-21 12:56 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-21 12:56 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-21 12:56 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-21 12:56 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-21 12:56 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-21 12:56 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-21 12:56 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-21 12:56 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-21 12:56 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-21 12:56 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-21 12:56 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-21 12:53 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-06-21 12:53 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-06-21 12:53 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-06-21 12:53 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-06-21 12:53 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-06-21 12:53 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-06-21 12:53 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-06-21 12:53 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-06-21 12:53 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-06-21 12:53 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-06-21 12:53 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-06-21 12:53 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-06-21 12:53 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-06-21 12:53 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-06-21 12:53 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-06-21 12:53 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-06-21 12:53 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-06-21 12:53 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-06-21 12:53 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-06-21 12:53 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-06-21 12:53 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-06-21 12:53 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-06-21 12:53 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-06-21 12:53 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-06-21 12:53 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-06-21 12:53 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-06-21 12:53 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-06-21 12:53 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-06-21 12:53 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-06-21 12:53 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-06-21 12:53 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-06-21 12:53 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-06-21 12:53 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-06-21 12:53 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-06-21 12:53 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-06-21 12:53 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-06-21 12:53 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-06-21 12:53 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-06-21 12:53 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-06-21 12:53 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-06-21 12:53 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-06-21 12:52 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-21 12:52 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-21 12:33 - 2014-06-22 22:41 - 00000000 ____D () C:\Users\Matthias\AppData\Roaming\DropboxMaster
==================== One Month Modified Files and Folders =======
2014-06-22 22:44 - 2014-06-22 22:42 - 00034166 _____ () C:\Users\Matthias\Downloads\FRST.txt
2014-06-22 22:43 - 2014-06-22 22:42 - 00000000 ____D () C:\FRST
2014-06-22 22:43 - 2012-01-08 15:39 - 00000000 ____D () C:\Users\Matthias\AppData\Roaming\Dropbox
2014-06-22 22:42 - 2012-01-08 15:42 - 00000000 ___RD () C:\Users\Matthias\Dropbox
2014-06-22 22:41 - 2014-06-22 22:41 - 02083328 _____ (Farbar) C:\Users\Matthias\Downloads\FRST64.exe
2014-06-22 22:41 - 2014-06-21 12:33 - 00000000 ____D () C:\Users\Matthias\AppData\Roaming\DropboxMaster
2014-06-22 22:40 - 2013-10-20 11:45 - 00000000 ____D () C:\Users\Matthias\ownCloud
2014-06-22 22:40 - 2013-03-29 10:48 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-22 22:39 - 2014-02-16 18:09 - 00010006 _____ () C:\Windows\setupact.log
2014-06-22 22:37 - 2014-01-12 13:27 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-06-22 22:37 - 2012-09-05 18:21 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-22 22:37 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-22 22:36 - 2012-01-06 22:34 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-22 22:34 - 2014-06-22 22:34 - 00000588 _____ () C:\Users\Matthias\Downloads\defogger_disable.log
2014-06-22 22:34 - 2014-06-22 22:34 - 00000020 _____ () C:\Users\Matthias\defogger_reenable
2014-06-22 22:34 - 2013-01-14 21:09 - 01233546 _____ () C:\Windows\WindowsUpdate.log
2014-06-22 22:34 - 2010-01-26 14:18 - 00000000 ____D () C:\Users\Matthias
2014-06-22 22:34 - 2009-07-14 06:45 - 00013760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-22 22:34 - 2009-07-14 06:45 - 00013760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-22 22:33 - 2014-06-22 22:33 - 00050477 _____ () C:\Users\Matthias\Downloads\Defogger.exe
2014-06-22 22:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2014-06-22 22:24 - 2014-02-16 18:09 - 00011100 _____ () C:\Windows\PFRO.log
2014-06-22 22:17 - 2013-10-02 20:31 - 00000000 ____D () C:\AdwCleaner
2014-06-22 22:14 - 2014-06-22 22:14 - 01333465 _____ () C:\Users\Matthias\Downloads\adwcleaner_3.212.exe
2014-06-22 22:12 - 2012-04-05 08:41 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-22 22:08 - 2013-02-22 18:33 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-22 22:05 - 2012-06-15 22:15 - 00006062 _____ () C:\Windows\wininit.ini
2014-06-22 22:04 - 2010-11-09 11:19 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-22 22:01 - 2014-06-22 22:01 - 00511782 _____ () C:\Users\Matthias\Downloads\Autoruns.zip
2014-06-22 21:53 - 2012-09-05 18:21 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-22 16:42 - 2014-06-22 16:30 - 00000000 ____D () C:\log
2014-06-22 16:39 - 2014-06-22 16:37 - 00000000 ____D () C:\Users\Matthias\Documents\WPA Files
2014-06-22 16:38 - 2014-06-22 16:38 - 00000000 ____D () C:\SymCache
2014-06-22 16:03 - 2014-06-22 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2014-06-22 16:03 - 2014-06-22 16:03 - 00000000 ____D () C:\Program Files (x86)\Windows Kits
2014-06-22 16:03 - 2014-06-22 16:02 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-22 15:58 - 2014-06-22 15:58 - 00163917 _____ () C:\Users\Matthias\Downloads\ReleaseNotes_Win7_1RTMSDK.Htm
2014-06-22 15:57 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-06-22 15:55 - 2014-06-22 15:55 - 00003152 _____ () C:\Windows\System32\Tasks\{2C697FBE-AB3C-4455-BE91-C1F9DD5491D6}
2014-06-22 15:49 - 2012-01-06 22:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-06-22 15:48 - 2012-01-06 22:34 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-22 15:45 - 2014-06-22 15:45 - 00509264 _____ (Microsoft Corporation) C:\Users\Matthias\Downloads\winsdk_web.exe
2014-06-22 15:42 - 2010-01-28 21:18 - 00000000 ____D () C:\Windows\WindowsMobile
2014-06-22 15:40 - 2011-01-10 20:28 - 00000000 ____D () C:\Windows\SysWOW64\SupportAppCB
2014-06-22 15:40 - 2010-01-27 10:45 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-22 15:39 - 2014-06-22 15:39 - 00091181 _____ () C:\Windows\ZTEInstallInfo.log
2014-06-22 15:36 - 2011-03-27 00:45 - 00001017 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-06-22 15:36 - 2010-03-01 12:23 - 00000000 ____D () C:\Program Files (x86)\CCleaner
2014-06-22 15:35 - 2014-06-22 15:35 - 04748896 _____ (Piriform Ltd) C:\Users\Matthias\Downloads\ccsetup414.exe
2014-06-22 15:34 - 2014-06-22 15:33 - 00991536 _____ (Microsoft Corporation) C:\Users\Matthias\Downloads\sdksetup.exe
2014-06-22 15:31 - 2010-03-01 12:48 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-22 15:30 - 2012-06-01 17:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synology
2014-06-22 15:17 - 2012-04-21 14:30 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{257B08F2-5683-4379-A9C6-53F01BC7C7ED}
2014-06-22 15:11 - 2012-05-12 12:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-21 20:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-21 18:10 - 2014-06-21 18:10 - 00000000 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-21 18:10 - 2010-01-28 17:17 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-21 18:07 - 2014-06-21 18:00 - 00000826 _____ () C:\Windows\SecuniaPackage.log
2014-06-21 18:06 - 2012-04-05 08:41 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-21 18:06 - 2012-04-05 08:41 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-21 18:06 - 2011-06-01 23:44 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-21 17:58 - 2014-06-21 17:57 - 18732144 _____ (Adobe Systems Inc.) C:\Users\Matthias\Downloads\AdobeAIRInstaller (5).exe
2014-06-21 17:52 - 2014-06-21 17:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-21 17:31 - 2011-06-18 20:04 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-06-21 17:29 - 2011-07-26 12:37 - 00000494 __RSH () C:\Users\Matthias\ntuser.pol
2014-06-21 17:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-06-21 15:27 - 2013-09-28 13:09 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-21 15:23 - 2010-01-27 16:25 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-21 15:18 - 2014-05-10 13:05 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-21 15:09 - 2014-06-21 13:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-06-21 13:09 - 2014-06-21 13:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-21 13:09 - 2013-11-08 21:51 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-06-21 13:08 - 2014-06-21 13:08 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-21 13:08 - 2014-06-21 13:08 - 00000000 ____D () C:\Program Files\iTunes
2014-06-21 13:08 - 2014-06-21 13:08 - 00000000 ____D () C:\Program Files\iPod
2014-06-21 13:08 - 2014-06-21 13:08 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-21 13:06 - 2013-12-06 18:00 - 00000000 ____D () C:\Users\Matthias\AppData\Local\JDownloader v2.0
2014-06-21 12:38 - 2014-01-11 13:43 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-21 12:38 - 2013-03-29 10:49 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-06-21 12:38 - 2013-03-29 10:48 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-21 12:33 - 2012-01-08 15:40 - 00000000 ____D () C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-06-08 11:13 - 2014-06-21 12:52 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-21 12:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-01 17:17 - 2010-01-27 15:05 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-30 12:21 - 2014-06-21 12:56 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 12:02 - 2014-06-21 12:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 12:02 - 2014-06-21 12:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 11:45 - 2014-06-21 12:56 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 11:39 - 2014-06-21 12:56 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 11:39 - 2014-06-21 12:56 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 11:38 - 2014-06-21 12:56 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 11:28 - 2014-06-21 12:56 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 11:27 - 2014-06-21 12:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 11:24 - 2014-06-21 12:56 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 11:21 - 2014-06-21 12:56 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 11:21 - 2014-06-21 12:56 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 11:20 - 2014-06-21 12:56 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 11:18 - 2014-06-21 12:56 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 11:11 - 2014-06-21 12:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 11:08 - 2014-06-21 12:56 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 11:06 - 2014-06-21 12:56 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 11:02 - 2014-06-21 12:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 10:55 - 2014-06-21 12:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:49 - 2014-06-21 12:56 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 10:46 - 2014-06-21 12:56 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 10:44 - 2014-06-21 12:56 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 10:44 - 2014-06-21 12:56 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 10:43 - 2014-06-21 12:56 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 10:42 - 2014-06-21 12:56 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-21 12:56 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 10:35 - 2014-06-21 12:56 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 10:34 - 2014-06-21 12:56 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 10:33 - 2014-06-21 12:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 10:30 - 2014-06-21 12:56 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 10:29 - 2014-06-21 12:56 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 10:28 - 2014-06-21 12:56 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 10:27 - 2014-06-21 12:56 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 10:24 - 2014-06-21 12:56 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 10:23 - 2014-06-21 12:56 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 10:16 - 2014-06-21 12:56 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 10:10 - 2014-06-21 12:56 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-21 12:56 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 10:04 - 2014-06-21 12:56 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 10:02 - 2014-06-21 12:56 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 09:56 - 2014-06-21 12:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 09:56 - 2014-06-21 12:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 09:54 - 2014-06-21 12:56 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 09:50 - 2014-06-21 12:56 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-21 12:56 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 09:43 - 2014-06-21 12:56 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 09:40 - 2014-06-21 12:56 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 09:30 - 2014-06-21 12:56 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 09:21 - 2014-06-21 12:56 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 09:15 - 2014-06-21 12:56 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 09:13 - 2014-06-21 12:56 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 09:13 - 2014-06-21 12:56 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-30 01:07 - 2014-06-22 15:33 - 01715176 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-05-30 01:07 - 2014-06-22 15:33 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-05-30 01:07 - 2013-10-28 23:12 - 01279480 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-05-30 01:07 - 2013-10-28 23:12 - 01122312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
Some content of TEMP:
====================
C:\Users\Matthias\AppData\Local\Temp\AskPIP_FF_.exe
C:\Users\Matthias\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpm1uype.dll
C:\Users\Matthias\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Matthias\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
C:\Users\Matthias\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Matthias\AppData\Local\Temp\nvStInst.exe
C:\Users\Matthias\AppData\Local\Temp\proxy_vole3265535323113007805.dll
C:\Users\Matthias\AppData\Local\Temp\Synology-CloudStation-Upgrader-3005.exe
C:\Users\Matthias\AppData\Local\Temp\vlc-2.1.3-win32.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-21 13:25
==================== End Of Log ============================
|
|
23.06.2014, 06:20
| #4 |
| | User wangzhisong unter c:\users\ Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-06-2014 01
Ran by Matthias at 2014-06-22 22:45:01
Running from C:\Users\Matthias\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Disabled - Out of date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Out of date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
7-Zip 4.65 (HKLM-x32\...\7-Zip) (Version: - )
7-Zip 9.20 (HKLM-x32\...\{23170F69-40C1-2701-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
AC3Filter 1.63b (HKLM-x32\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\{1F5E5F2E-5E61-431D-B796-58CCC6B68E28}) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\{C4B32291-F7B2-4BEC-BA4D-4195676A08CC}) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
AFPL Ghostscript 8.54 (HKLM-x32\...\AFPL Ghostscript 8.54) (Version: - )
AFPL Ghostscript Fonts (HKLM-x32\...\AFPL Ghostscript Fonts) (Version: - )
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Any Video Converter 3.0.5 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 2009 (HKLM-x32\...\Ashampoo Burning Studio 2009_is1) (Version: 8.0.4 - ashampoo GmbH & Co. KG)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.03 - Ubisoft)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
ATITool Overclocking Utility (HKLM-x32\...\ATITool) (Version: 0.26 - )
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber Deutschland)
Audiograbber Lame-MP3-Plugin (HKLM-x32\...\Audiograbber-Lame) (Version: 1.0 - AG)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2018 - Avast Software)
Aximer (HKLM-x32\...\{B8FD3F68-1741-4147-97F6-AFB0961050EE}) (Version: 1.0.0 - Sohaib aerospace)
Baldur's Gate (HKLM-x32\...\Baldur's Gate) (Version: - )
Baldur's Gate Enhanced Edition (HKLM-x32\...\Baldur's Gate Enhanced Edition) (Version: 0.2.6.2 - Beamdog)
Bitcoin (HKCU\...\Bitcoin) (Version: 0.3.24 - Bitcoin project)
BlackArmor Backup (HKLM-x32\...\{9DF6EC22-733E-4EDC-AC88-54CAD4BF4E7B}) (Version: 12.1.9819 - Seagate)
Blu-ray Copy 1.0.38 (HKLM-x32\...\{EE56B531-B655-4afa-9664-0C0970E5798B}_is1) (Version: - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)
Canon MX920 series Benutzerregistrierung (HKLM-x32\...\Canon MX920 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.)
Canon MX920 series On-screen Manual (HKLM-x32\...\Canon MX920 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)
Captcha Brotherhood (HKLM-x32\...\{CCD438F0-5D72-4945-9E72-6560C7E5E0D0}) (Version: 1.1.9 - Brotherhood Software)
Carbon (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP)
Codec Pack - All In 1 6.0.3.0 (HKLM-x32\...\Cool's_Codec_pack_4.12) (Version: - )
ConTEXT v0.98.6 (HKLM-x32\...\{73E0D3A0-9C30-4F59-ABBF-6233686FB396}_is1) (Version: - ConTEXT Project Ltd)
CPUID HWMonitor 1.18 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.41 - Creative Technology Limited)
Creative Audio-Systemsteuerung (HKLM-x32\...\AudioCS) (Version: 2.56 - Creative Technology Limited)
Creative MediaSource 5 (HKLM-x32\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.26 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: - )
Creative WaveStudio 7 (HKLM-x32\...\WaveStudio 7) (Version: 7.12 - Creative Technology Limited)
CrypTool 1.4.30 (HKLM-x32\...\CrypTool) (Version: 1.4.30 - )
CrypTool 2.0 (Beta 10 - Build 5751.1) (HKLM\...\CrypTool 2) (Version: 2.0.5751.1 - University of Kassel (Applied Information Security Group))
CrystalDiskInfo 4.6.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 4.6.0 - Crystal Dew World)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dangerous Waters (HKLM-x32\...\{C3BEB0E3-FE9F-4B47-A471-02E185FAC51E}) (Version: - )
Divinity II - Ego Draconis (HKLM-x32\...\Divinity II - Ego Draconis_is1) (Version: - dtp)
Drakensang - Am Fluss der Zeit (HKLM-x32\...\Drakensang_TRoT_is1) (Version: - dtp)
Drakensang (HKLM-x32\...\Drakensang_is1) (Version: - dtp)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Evernote v. 5.0.3 (HKLM-x32\...\{32D39568-3B77-11E3-88CE-00163E98E7D0}) (Version: 5.0.3.1614 - Evernote Corp.)
Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)
Fences (HKLM-x32\...\Fences) (Version: - Stardock Corporation)
Fences (Version: 1.0 - Stardock Corporation) Hidden
ffdshow v1.3.4500 [2013-01-06] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4500.0 - )
ffdshow x64 v1.3.4500 [2013-01-06] (HKLM\...\ffdshow64_is1) (Version: 1.3.4500.0 - )
Free Audio CD Burner version 1.4 (HKLM-x32\...\Free Audio CD Burner_is1) (Version: - DVDVideoSoft Limited.)
Free YouTube to MP3 Converter version 3.10.15.1228 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: - DVDVideoSoft Ltd.)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
GnuWin32: File-5.03 (HKLM-x32\...\File-5.03_is1) (Version: 5.03 - GnuWin32)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
GSiteCrawler (HKLM-x32\...\GSiteCrawler) (Version: v1.23 - SOFTplus Entwicklungen GmbH, CH-6340 Baar)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Hex-Editor MX (HKLM-x32\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
HTC Sync (HKLM-x32\...\{526B2AE8-73DF-4CE0-B140-9968677A7C93}) (Version: 3.0.5606 - HTC Corporation)
IDA Pro Free v5.0 (HKLM-x32\...\IDA Pro Free_is1) (Version: - Hex-Rays SA)
inSSIDer (HKLM-x32\...\{65A5E87D-7A3F-4819-807D-B86990D5F369}) (Version: 2.1.6 - MetaGeek)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
JLink OB CDC Driver Package (HKLM\...\{85153CE3-6356-407F-A672-C1FA085FB031}) (Version: 1.2.2 - SEGGER)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KeePass Password Safe 1.21 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.21 - Dominik Reichl)
KeePass Password Safe 2.17 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: - Dominik Reichl)
Kits Configuration Installer (x32 Version: 8.59.25584 - Microsoft) Hidden
Klever PumpKIN 2.7.3 (HKLM-x32\...\PumpKIN) (Version: 2.7.3 - Klever Group)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.8 - Thibaut Lauziere)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MediaInfo 0.7.64 (HKLM\...\MediaInfo) (Version: 0.7.64 - MediaArea.net)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft Virtual PC 2007 (HKLM\...\{8A7CAA24-7B23-410B-A7C3-F994B0944160}) (Version: 6.0.156.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60816.0 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50325 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50330 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.50325 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50325 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft_VC100_CRT_x64 (HKLM\...\{17106CA8-E65A-4D02-95BE-79AF8C698935}) (Version: 1.0.0 - Microsoft)
MiniTool Partition Wizard Home Edition 7.7 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
MKVToolNix 5.2.0 [20111203-387] (HKLM-x32\...\MKVToolNix) (Version: 5.2.0 - Moritz Bunkus)
MosChip PCI Multi-IO Controller (HKLM\...\ASIX Electronics Corporation) (Version: - )
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
Mp3tag v2.49a (HKLM-x32\...\Mp3tag) (Version: v2.49a - Florian Heidenreich)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.4 - F.J. Wechselberger)
Neverwinter Nights 2 (HKLM-x32\...\{F20C1251-1D0A-4944-B2AE-678581B33B19}) (Version: 1.00.0000 - Obsidian)
Nitro Reader 3 (HKLM\...\{4436B9BD-CA66-4D69-9091-2D2EB62F09AD}) (Version: 3.5.2.10 - Nitro)
NVIDIA 3D Vision Controller-Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Performance (HKLM-x32\...\InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}) (Version: 6.5 - NVIDIA Corporation)
NVIDIA Performance (x32 Version: 6.5 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA System Monitor (HKLM-x32\...\InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}) (Version: 6.5 - NVIDIA Corporation)
NVIDIA System Monitor (x32 Version: 6.5 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Oracle VM VirtualBox 4.3.10 (HKLM\...\{5632714F-6A48-4BF2-89E0-F8B6CE9FE6D1}) (Version: 4.3.10 - Oracle Corporation)
ownCloud (HKLM-x32\...\ownCloud) (Version: 1.5.1.2337 - ownCloud)
PCI Multi-IO Controller (HKLM\...\MosChip Technology) (Version: - )
PDF Blender (HKLM-x32\...\PDF Blender) (Version: - )
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 0.9.9 - Frank Heindörfer, Philip Chinery)
pdfforge Toolbar v4.4 (HKLM-x32\...\{BCB52F35-4C56-49F2-A3D6-FDED54B01847}) (Version: 4.4 - Spigot, Inc.) <==== ATTENTION
pdfsam (HKCU\...\pdfsam) (Version: 2.2.1 - )
PonyProg v1.17h (HKLM-x32\...\PonyProg v1.17h_is1) (Version: - )
PonyProg2000 v2.06f (HKLM-x32\...\PonyProg2000_is1) (Version: 2.06f - LancOS)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: - Jan Fiala)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
QNAP Web Monitor Component (HKLM-x32\...\QNAPVioStorMonitor) (Version: - )
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
Secunia PSI (3.0.0.7011) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.7011 - Secunia)
Secure Download Manager (HKLM-x32\...\{6E839820-0BBA-4310-9D06-4463BAEA6641}) (Version: 3.1.01 - Kivuto Solutions Inc.)
SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden
SketchUp 2013 (HKLM-x32\...\{2C0777B8-E91F-45AA-976B-7EB6B40E5400}) (Version: 13.0.4812 - Trimble Navigation Limited)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spellforce 2 Gold (HKLM-x32\...\{746F49C9-3789-4F8E-AF3A-3A4B42ACFAF8}) (Version: 1.00.0000 - JoWooD Productions Software AG)
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
STEUEReasy 2011 (HKLM-x32\...\{0B3B35C8-5429-4A90-A447-D1B9ED499FE8}) (Version: 16.10 - Akademische Arbeitsgemeinschaft Verlag)
STEUEReasy 2013 (HKLM-x32\...\{4D0EAA2D-8EE2-43AB-BE00-18A1D0A9281C}) (Version: 18.09 - Wolters Kluwer Deutschland GmbH)
Steuer-Software 2012 (HKLM-x32\...\{F19178B7-F232-4E97-8511-E4D37A339E9C}) (Version: 17.08 - Wolters Kluwer Deutschland GmbH)
Steuer-Taxi 2010 (HKLM-x32\...\{9582ED80-CB4D-4350-BBB9-34CDBA20EED0}) (Version: 15.12 - Akademische Arbeitsgemeinschaft Verlag)
SUPER © v2011.build.49 (July 1st, 2011) Version v2011.build.49 (HKLM-x32\...\{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1) (Version: v2011.build.49 - eRightSoft)
Sweet Home 3D version 4.0 (HKLM-x32\...\Sweet Home 3D_is1) (Version: - eTeks)
SyncMyCal (HKLM-x32\...\{50450519-22FF-4A8D-BE8F-0161D9134892}) (Version: 2.6.270 - Synchronization Technologies Inc.)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: - )
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version: - )
TCPEye 1.0 (HKLM-x32\...\{998C9435-DAF8-4BDF-B9A5-F844B01D524C}_is1) (Version: - Free Software Relase)
TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.13989 - TeamViewer)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
The Witcher Enhanced Edition (HKLM-x32\...\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}) (Version: 1.4.5.1280 - CD Projekt Red)
TMPGEnc Authoring Works 4 (HKLM-x32\...\{B8D91F6B-803A-4579-9DAD-1377B56DC657}) (Version: 4.0.7.32 - Pegasys Inc.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
TP-LINK Wireless Client Utility (HKLM-x32\...\{1E58B969-9BB4-4012-8D8B-D06005D1CD24}) (Version: 7.0 - TP-LINK)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.0a - TrueCrypt Foundation)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B7EF38F7-1D58-4085-A9A4-0F6C69A5AA1E}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
USB/DVD-Downloadtool für Windows 7 (HKLM-x32\...\{7D6DDE45-FE2F-4D11-A7E7-BC2C2910536C}) (Version: 1.0.30 - Microsoft Corporation)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Software Development Kit (HKLM-x32\...\{363a2c1e-637f-45ce-933b-5a5463efd945}) (Version: 8.59.29750 - Microsoft Corporation)
Windows Software Development Kit EULA (x32 Version: 8.59.25584 - Microsoft Corporations) Hidden
Windows Support Tools (HKLM-x32\...\{89B078C4-50B0-453E-BF53-3A7E6A0D85FA}) (Version: 5.1.2600.2180 - Microsoft Corporation)
Windows-Treiberpaket - Segger (jlink) USB (04/11/2012 2.6.8.2) (HKLM\...\419546AE8E4244C647A348987F769803F43B9C4F) (Version: 04/11/2012 2.6.8.2 - Segger)
Windows-Treiberpaket - SEGGER (usbser) Ports (01/25/2012 6.0.2600.4) (HKLM\...\BD6BF8BBF7BE0D0091163F649A1A423B7EB9D4F1) (Version: 01/25/2012 6.0.2600.4 - SEGGER)
WinHex (HKLM-x32\...\WinHex) (Version: - )
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WPT Redistributables (x32 Version: 8.59.29750 - Microsoft) Hidden
WPTx64 (x32 Version: 8.59.29722 - Microsoft) Hidden
XMedia Recode 3.0.6.0 (HKLM-x32\...\XMedia Recode) (Version: 3.0.6.0 - Sebastian Dörfler)
XviD v1.2.0 CVS (HKLM\...\XviD MPEG-4 Video Codec_is1) (Version: - Celtic Druid)
==================== Restore Points =========================
10-05-2014 07:53:41 Windows Update
10-05-2014 11:04:34 Windows Update
21-06-2014 10:52:19 Windows Update
21-06-2014 13:13:48 Windows Update
21-06-2014 15:34:40 Windows Update
21-06-2014 16:09:28 Installed Java 7 Update 60
22-06-2014 13:29:33 Synology Data Replicator 3 wird entfernt
22-06-2014 13:33:17 DirectX wurde installiert
22-06-2014 13:39:44 Entfernt Mobile Partner Manager
22-06-2014 13:41:14 Removed Windows Mobile-Gerätecenter: Treiberupdate
==================== Hosts content: ==========================
2009-07-14 04:34 - 2012-04-09 19:17 - 00000938 ____R C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {241B054E-1616-424D-AFDE-0390BC5B9539} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-05] (Google Inc.)
Task: {2A1661E5-0874-49FB-9843-59AC705DAF43} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-21] (Adobe Systems Incorporated)
Task: {522730EB-E5D2-417F-9EA4-3037D34B5310} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-05] (Google Inc.)
Task: {5A3CC763-96F5-4D45-9A58-BD2E456D5DA4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {6392E578-EDFA-401E-9496-C4CAB57B869C} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {85CFE5A3-7CAB-4FEF-9131-A6CB72B61B58} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2011-11-01] ()
Task: {8D8BA08E-AFA9-4D43-9869-52472F201648} - System32\Tasks\Paragon Archive name diff_061012115901535 => C:\Program Files (x86)\Paragon Software\Backup and Recovery 2012 Free\program\scripts.exe
Task: {913539BC-674D-4C1C-8C44-8B7867F366FA} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {B7355AF5-5B11-479E-AD83-ADEFB930E517} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {BA641D87-2963-47CA-93A8-E599FA021AAD} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {D8F352FE-92B3-4834-97E5-C2D444B742A6} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-05-04] (AVAST Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Paragon Archive name diff_061012115901535.job => C:\Program Files (x86)\Paragon Software\Backup and Recovery 2012 Free\program\scripts.exe
==================== Loaded Modules (whitelisted) =============
2013-09-28 13:55 - 2014-05-20 03:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-02-08 01:00 - 2005-03-12 01:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2008-10-24 17:35 - 2008-10-24 17:35 - 00128296 _____ () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
2014-02-13 20:10 - 2014-02-13 20:10 - 16978503 _____ () C:\Program Files (x86)\ownCloud Client\owncloud.exe
2014-02-16 16:54 - 2014-02-16 16:54 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2011-02-18 08:18 - 2011-02-18 08:18 - 00245760 _____ () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
2014-06-22 21:44 - 2014-06-22 21:44 - 02783744 _____ () C:\Program Files\AVAST Software\Avast\defs\14062201\algo.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-25 04:40 - 2013-09-25 04:40 - 00106234 _____ () C:\Program Files (x86)\ownCloud Client\zlib1.dll
2013-09-24 12:29 - 2013-09-24 12:29 - 00117730 _____ () C:\Program Files (x86)\ownCloud Client\libgcc_s_sjlj-1.dll
2013-09-24 12:29 - 2013-09-24 12:29 - 00847985 _____ () C:\Program Files (x86)\ownCloud Client\libstdc++-6.dll
2013-09-24 06:55 - 2013-09-24 06:55 - 00173623 _____ () C:\Program Files (x86)\ownCloud Client\libpng15-15.dll
2014-02-13 20:09 - 2014-02-13 20:09 - 13338973 _____ () C:\Program Files (x86)\ownCloud Client\libowncloudsync.dll
2014-02-13 20:09 - 2014-02-13 20:09 - 00896403 _____ () C:\Program Files (x86)\ownCloud Client\libocsync.dll
2013-11-13 21:55 - 2013-11-13 21:55 - 00180055 _____ () C:\Program Files (x86)\ownCloud Client\libneon-27.dll
2013-09-25 11:09 - 2013-09-25 11:09 - 00190770 _____ () C:\Program Files (x86)\ownCloud Client\libproxy.dll
2013-09-24 22:56 - 2013-09-24 22:56 - 00064659 _____ () C:\Program Files (x86)\ownCloud Client\libmodman.dll
2013-09-24 06:54 - 2013-09-24 06:54 - 01169897 _____ () C:\Program Files (x86)\ownCloud Client\libxml2-2.dll
2013-09-24 07:15 - 2013-09-24 07:15 - 00566268 _____ () C:\Program Files (x86)\ownCloud Client\libsqlite3-0.dll
2013-11-13 01:56 - 2013-11-13 01:56 - 00070251 _____ () C:\Program Files (x86)\ownCloud Client\libqtkeychain.dll
2013-09-24 07:10 - 2013-09-24 07:10 - 00218650 _____ () C:\Program Files (x86)\ownCloud Client\libjpeg-8.dll
2014-06-21 12:39 - 2014-06-05 15:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-21 12:39 - 2014-06-05 15:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-21 12:39 - 2014-06-05 15:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-21 12:40 - 2014-06-05 15:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-21 12:39 - 2014-06-05 15:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-06-22 22:40 - 2014-06-22 22:40 - 00043008 _____ () c:\users\matthias\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpm1uype.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Matthias\AppData\Roaming\Dropbox\bin\libcef.dll
2013-09-26 14:50 - 2013-09-26 14:50 - 00433664 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2013-09-26 14:49 - 2013-09-26 14:49 - 00315392 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2013-10-18 10:57 - 2013-10-18 10:57 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-05-10 10:20 - 1980-01-01 01:00 - 00181760 _____ () C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd\2014.430.433.1_0\plugin\ace.dll
2014-06-21 12:40 - 2014-06-05 15:58 - 14612296 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
HKU\S-1-5-21-2421184407-1128806621-541807395-1001\Software\Classes\.exe: => <===== ATTENTION!
==================== MSCONFIG/TASK MANAGER disabled items =========
MSCONFIG\startupreg: AcronisTimounterMonitor => C:\Program Files (x86)\Seagate\BlackArmorBackup\TimounterMonitor.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BingDesktop => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey
MSCONFIG\startupreg: BlackArmorBackupMonitor.exe => C:\Program Files (x86)\Seagate\BlackArmorBackup\BlackArmorBackupMonitor.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Data Replicator 3 => "C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe" /MIN
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HTC Sync Loader => "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KeePass 2 PreLoad => "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
MSCONFIG\startupreg: P17RunE => RunDll32 P17RunE.dll,RunDLLEntry
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Seagate Scheduler2 Service => "C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: SearchSettings => "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Matthias\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe
==================== Faulty Device Manager Devices =============
Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/22/2014 06:13:28 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error: (06/22/2014 05:39:06 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
Error: (06/22/2014 05:39:06 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
Error: (06/22/2014 05:39:06 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
Error: (06/22/2014 03:35:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvtray.exe, Version: 7.17.13.2078, Zeitstempel: 0x52054387
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000001926d
ID des fehlerhaften Prozesses: 0xef0
Startzeit der fehlerhaften Anwendung: 0xnvtray.exe0
Pfad der fehlerhaften Anwendung: nvtray.exe1
Pfad des fehlerhaften Moduls: nvtray.exe2
Berichtskennung: nvtray.exe3
Error: (06/22/2014 03:34:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvtray.exe, Version: 7.17.13.2078, Zeitstempel: 0x52054387
Name des fehlerhaften Moduls: NvGFTrayPlugin.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x5387b942
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000007fee5305751
ID des fehlerhaften Prozesses: 0xef0
Startzeit der fehlerhaften Anwendung: 0xnvtray.exe0
Pfad der fehlerhaften Anwendung: nvtray.exe1
Pfad des fehlerhaften Moduls: nvtray.exe2
Berichtskennung: nvtray.exe3
Error: (06/22/2014 03:30:31 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: Matthias-PC)
Description: Die Anwendung oder der Dienst "SynoDrService" konnte nicht neu gestartet werden.
Error: (06/21/2014 01:26:58 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error: (06/21/2014 00:28:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CNQMUPDT.EXE, Version: 2.1.0.0, Zeitstempel: 0x5063d75d
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b96f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003bc21
ID des fehlerhaften Prozesses: 0x18d0
Startzeit der fehlerhaften Anwendung: 0xCNQMUPDT.EXE0
Pfad der fehlerhaften Anwendung: CNQMUPDT.EXE1
Pfad des fehlerhaften Moduls: CNQMUPDT.EXE2
Berichtskennung: CNQMUPDT.EXE3
Error: (05/10/2014 10:16:26 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.
System errors:
=============
Error: (06/22/2014 10:40:16 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
UimBus
Uim_IM
Uim_VIM
UserPort
Error: (06/22/2014 10:39:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TeamViewer 9" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/22/2014 10:39:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst TeamViewer 9 erreicht.
Error: (06/22/2014 10:38:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Performance Service erreicht.
Error: (06/22/2014 10:37:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Aspi32" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (06/22/2014 10:37:38 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\Aspi32.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (06/22/2014 10:35:41 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\UserPort.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (06/22/2014 10:35:40 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\cdrbsdrv.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (06/22/2014 10:28:16 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
UimBus
Uim_IM
Uim_VIM
UserPort
Error: (06/22/2014 10:28:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Net.Pipe-Listeneradapter" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Microsoft Office Sessions:
=========================
Error: (02/21/2012 07:56:56 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 25 seconds with 0 seconds of active time. This session ended with a crash.
Error: (06/29/2011 09:35:15 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 2100 seconds with 0 seconds of active time. This session ended with a crash.
Error: (06/29/2011 09:00:08 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 8933 seconds with 120 seconds of active time. This session ended with a crash.
Error: (05/01/2010 09:47:30 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 838 seconds with 0 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2014-06-22 22:36:36.162
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-06-22 22:36:35.943
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-06-22 22:24:01.817
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-06-22 22:24:01.583
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-06-22 22:08:20.363
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-06-22 22:08:20.144
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-06-22 17:36:46.338
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-06-22 17:36:46.104
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-06-22 17:13:59.104
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-06-22 17:13:58.886
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 38%
Total physical RAM: 8191.05 MB
Available physical RAM: 5047.04 MB
Total Pagefile: 16380.29 MB
Available Pagefile: 11932.08 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:596.07 GB) (Free:117.7 GB) NTFS
Drive e: (Matthias) (Fixed) (Total:931.51 GB) (Free:194.59 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: (1TB) (Fixed) (Total:931.51 GB) (Free:235.87 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 49968EA2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=596 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 99BE47F2)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: CBCC0257)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: E2EA3E20)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
==================== End Of Log ============================
https://www.dropbox.com/s/lxrtl5mswv2g8jf/gmer.txt |
|
23.06.2014, 18:47
| #5 |
| /// the machine /// TB-Ausbilder | User wangzhisong unter c:\users\ hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
23.06.2014, 19:34
| #6 |
| | User wangzhisong unter c:\users\ Danke für die Antwort. Hier die Ergebnisse: Malwarebytes Anti-Rootkit Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.07.0.1012
www.malwarebytes.org
Database version: v2014.06.23.12
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17126
Matthias :: MATTHIAS-PC [administrator]
23.06.2014 19:52:20
mbar-log-2014-06-23 (19-52-20).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 367519
Time elapsed: 15 minute(s), 28 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 20:20:55.0352 0x1e6c TDSS rootkit removing tool 3.0.0.39 Jun 5 2014 20:35:54
20:20:59.0163 0x1e6c ============================================================
20:20:59.0163 0x1e6c Current date / time: 2014/06/23 20:20:59.0163
20:20:59.0163 0x1e6c SystemInfo:
20:20:59.0163 0x1e6c
20:20:59.0163 0x1e6c OS Version: 6.1.7601 ServicePack: 1.0
20:20:59.0163 0x1e6c Product type: Workstation
20:20:59.0163 0x1e6c ComputerName: MATTHIAS-PC
20:20:59.0163 0x1e6c UserName: Matthias
20:20:59.0163 0x1e6c Windows directory: C:\Windows
20:20:59.0163 0x1e6c System windows directory: C:\Windows
20:20:59.0163 0x1e6c Running under WOW64
20:20:59.0163 0x1e6c Processor architecture: Intel x64
20:20:59.0163 0x1e6c Number of processors: 4
20:20:59.0163 0x1e6c Page size: 0x1000
20:20:59.0164 0x1e6c Boot type: Normal boot
20:20:59.0164 0x1e6c ============================================================
20:21:00.0810 0x1e6c KLMD registered as C:\Windows\system32\drivers\14802426.sys
20:21:01.0237 0x1e6c System UUID: {AD2A03A1-6758-29F7-13CD-EE93F3C3DC67}
20:21:02.0032 0x1e6c Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x47B84, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000040
20:21:02.0033 0x1e6c Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xE8E180C, SectorsPerTrack: 0x4, TracksPerCylinder: 0x1, Type 'K0', Flags 0x00000040
20:21:02.0033 0x1e6c Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x8512C68, SectorsPerTrack: 0x7, TracksPerCylinder: 0x2, Type 'K0', Flags 0x00000040
20:21:02.0033 0x1e6c Drive \Device\Harddisk3\DR3 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:21:02.0058 0x1e6c ============================================================
20:21:02.0058 0x1e6c \Device\Harddisk0\DR0:
20:21:02.0070 0x1e6c MBR partitions:
20:21:02.0071 0x1e6c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:21:02.0071 0x1e6c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x4A824800
20:21:02.0071 0x1e6c \Device\Harddisk1\DR1:
20:21:02.0071 0x1e6c MBR partitions:
20:21:02.0071 0x1e6c \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
20:21:02.0071 0x1e6c \Device\Harddisk2\DR2:
20:21:02.0071 0x1e6c MBR partitions:
20:21:02.0071 0x1e6c \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74704FF8
20:21:02.0071 0x1e6c \Device\Harddisk3\DR3:
20:21:02.0071 0x1e6c MBR partitions:
20:21:02.0071 0x1e6c \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
20:21:02.0071 0x1e6c ============================================================
20:21:02.0110 0x1e6c C: <-> \Device\Harddisk0\DR0\Partition2
20:21:02.0138 0x1e6c E: <-> \Device\Harddisk2\DR2\Partition1
20:21:02.0157 0x1e6c G: <-> \Device\Harddisk3\DR3\Partition1
20:21:02.0157 0x1e6c ============================================================
20:21:02.0157 0x1e6c Initialize success
20:21:02.0158 0x1e6c ============================================================
20:22:01.0980 0x1728 ============================================================
20:22:01.0980 0x1728 Scan started
20:22:01.0981 0x1728 Mode: Manual; SigCheck; TDLFS;
20:22:01.0981 0x1728 ============================================================
20:22:01.0981 0x1728 KSN ping started
20:22:35.0668 0x1728 KSN ping finished: false
20:22:36.0648 0x1728 ================ Scan system memory ========================
20:22:36.0648 0x1728 System memory - ok
20:22:36.0649 0x1728 ================ Scan services =============================
20:22:36.0828 0x1728 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:22:36.0930 0x1728 1394ohci - ok
20:22:37.0099 0x1728 [ 7EEB488346FBFA3731276C3EE8A8FD9E, 97D2E49C2E615E38E8176F1C1551BF452CC6A00787FF90845EFF27A4E6E20B1F ] AAV UpdateService C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
20:22:37.0118 0x1728 AAV UpdateService - ok
20:22:37.0167 0x1728 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:22:37.0188 0x1728 ACPI - ok
20:22:37.0215 0x1728 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:22:37.0259 0x1728 AcpiPmi - ok
20:22:37.0342 0x1728 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:22:37.0360 0x1728 AdobeARMservice - ok
20:22:37.0488 0x1728 [ B5D8DE922237CEDDC7992297654A4BE4, 88EF0B5EBFB383C9069A29AEA8D76EDBE1E70DD6F7C18970EE01ECAE9F408B38 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:22:37.0510 0x1728 AdobeFlashPlayerUpdateSvc - ok
20:22:37.0570 0x1728 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:22:37.0601 0x1728 adp94xx - ok
20:22:37.0614 0x1728 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:22:37.0636 0x1728 adpahci - ok
20:22:37.0658 0x1728 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:22:37.0676 0x1728 adpu320 - ok
20:22:37.0705 0x1728 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:22:37.0831 0x1728 AeLookupSvc - ok
20:22:37.0892 0x1728 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys
20:22:37.0956 0x1728 AFD - ok
20:22:37.0995 0x1728 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
20:22:38.0015 0x1728 agp440 - ok
20:22:38.0030 0x1728 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
20:22:38.0067 0x1728 ALG - ok
20:22:38.0099 0x1728 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
20:22:38.0112 0x1728 aliide - ok
20:22:38.0150 0x1728 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
20:22:38.0163 0x1728 amdide - ok
20:22:38.0196 0x1728 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:22:38.0234 0x1728 AmdK8 - ok
20:22:38.0253 0x1728 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:22:38.0289 0x1728 AmdPPM - ok
20:22:38.0344 0x1728 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:22:38.0366 0x1728 amdsata - ok
20:22:38.0390 0x1728 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:22:38.0408 0x1728 amdsbs - ok
20:22:38.0425 0x1728 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:22:38.0438 0x1728 amdxata - ok
20:22:38.0502 0x1728 [ F47CEC45FB85791D4AB237563AD0FA8F, 1035066D48BD179855BCA7F62EFA1B951E6E839D2E29E15A31844E18A126DD41 ] androidusb C:\Windows\system32\Drivers\androidusb.sys
20:22:38.0563 0x1728 androidusb - ok
20:22:38.0648 0x1728 [ 59D01FA91962C9C1E9B4022B2D3B46DB, 3A111588538B77F010B5C900FB8425DDE55A08DBAC308CA7FB7BD9FCCCDEC69F ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
20:22:38.0712 0x1728 AppHostSvc - ok
20:22:38.0764 0x1728 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
20:22:38.0898 0x1728 AppID - ok
20:22:38.0922 0x1728 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:22:38.0974 0x1728 AppIDSvc - ok
20:22:39.0011 0x1728 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
20:22:39.0081 0x1728 Appinfo - ok
20:22:39.0172 0x1728 [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:22:39.0188 0x1728 Apple Mobile Device - ok
20:22:39.0219 0x1728 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
20:22:39.0280 0x1728 AppMgmt - ok
20:22:39.0308 0x1728 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
20:22:39.0327 0x1728 arc - ok
20:22:39.0345 0x1728 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:22:39.0364 0x1728 arcsas - ok
20:22:39.0395 0x1728 Aspi32 - ok
20:22:39.0505 0x1728 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:22:39.0529 0x1728 aspnet_state - ok
20:22:39.0598 0x1728 [ 340B0467E98A8C92697D73034DB4BCB7, 342572B566747A05DA5391CFC027A6703AECCE29C3D288428884D8641A35D0F5 ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
20:22:39.0620 0x1728 aswHwid - ok
20:22:39.0668 0x1728 [ ED5B09937D559FFA53FC988D20031E98, EC9E50C9BC2184AE93944EA3115A25BADF5FFB91D11776498EBC9A0D60029A84 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
20:22:39.0688 0x1728 aswMonFlt - ok
20:22:39.0712 0x1728 [ 33C77DCB0AEC76E26BD6352A1A5281BB, CEA7BB3407C1F900DE5CB09F42AF7734811F86B7DE0085FADC7AAE8178D59665 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
20:22:39.0733 0x1728 aswRdr - ok
20:22:39.0772 0x1728 [ BF5B9E9E97CED45208E498D9FA73688F, BCB2CC516EAD040573D80599C2306ECB26FCCB16A97B940327CD3A3CE9077877 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
20:22:39.0791 0x1728 aswRvrt - ok
20:22:39.0879 0x1728 [ F88CE00A7736C349ED1414D7ECDC9BED, 8C0783CE32968874065C2F46088B34F9C872F26C98AB8E8BA895D84CCB25E534 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
20:22:39.0919 0x1728 aswSnx - ok
20:22:39.0989 0x1728 [ 3AE912B08E2A1ABB2B63F3C56BED95C2, BE99BA3A74427444FEE5D47D70BDBA631DBBF50D80B0483C0675F87119926765 ] aswSP C:\Windows\system32\drivers\aswSP.sys
20:22:40.0019 0x1728 aswSP - ok
20:22:40.0080 0x1728 [ A7115ED31675BB823CFA9FE571C25676, DEEBB3920934DCDDD488DCFCB1E6F4C7EFDD3C79F31E41D59E292C3CF9400E95 ] aswStm C:\Windows\system32\drivers\aswStm.sys
20:22:40.0100 0x1728 aswStm - ok
20:22:40.0154 0x1728 [ 47CBD3F64E412FFAFD93404580A3C7B9, F9B02E232416BAFC21BCBCDC0A3D9E5E855BFAF11F29ED2C4C469692E6688278 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
20:22:40.0178 0x1728 aswVmm - ok
20:22:40.0196 0x1728 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:22:40.0257 0x1728 AsyncMac - ok
20:22:40.0289 0x1728 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
20:22:40.0301 0x1728 atapi - ok
20:22:40.0398 0x1728 [ D6CAD7E5B05055BB8226BDCB1644DA27, 053DBE95BE044C2674825561619A188660865AFCC4FD3C1D1E4F08972F5CC8DF ] athr C:\Windows\system32\DRIVERS\athrx.sys
20:22:40.0496 0x1728 athr - ok
20:22:40.0523 0x1728 [ B07E6681D303A612680223C729B021E2, DEF063A2A45B5FAF3B676AD5025417B9437A073D9BB2A47F57A0FCCBC78C2FEE ] ATITool C:\Windows\system32\DRIVERS\ATITool64.sys
20:22:40.0545 0x1728 ATITool - detected UnsignedFile.Multi.Generic ( 1 )
20:22:40.0622 0x1728 ATITool ( UnsignedFile.Multi.Generic ) - warning
20:22:40.0622 0x1728 Force sending object to P2P due to detect: ATITool
20:22:43.0155 0x1728 Object send P2P result: true
20:22:45.0633 0x1728 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:22:45.0712 0x1728 AudioEndpointBuilder - ok
20:22:45.0731 0x1728 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:22:45.0783 0x1728 AudioSrv - ok
20:22:45.0903 0x1728 [ 37D17AE2936867F88EB3C4CBCBC6B8A1, E1F4D288CE1E5482A5594C8F9EEDE1E8134466F5E0C7DA32D88985497CD8588B ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
20:22:45.0921 0x1728 avast! Antivirus - ok
20:22:45.0972 0x1728 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:22:46.0025 0x1728 AxInstSV - ok
20:22:46.0083 0x1728 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
20:22:46.0176 0x1728 b06bdrv - ok
20:22:46.0203 0x1728 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:22:46.0254 0x1728 b57nd60a - ok
20:22:46.0291 0x1728 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
20:22:46.0344 0x1728 BDESVC - ok
20:22:46.0353 0x1728 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
20:22:46.0427 0x1728 Beep - ok
20:22:46.0513 0x1728 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
20:22:46.0584 0x1728 BFE - ok
20:22:46.0636 0x1728 [ 27FDD13BEC08CEEAC4BE6B900A6C39CE, D2ED8A81284063F8C634BD84C941C42B29D494A44A4A3E0FBACE2BF9C24EAC54 ] bgsvcgen C:\Windows\SysWOW64\bgsvcgen.exe
20:22:46.0665 0x1728 bgsvcgen - detected UnsignedFile.Multi.Generic ( 1 )
20:22:46.0665 0x1728 bgsvcgen ( UnsignedFile.Multi.Generic ) - warning
20:22:49.0108 0x1728 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
20:22:49.0190 0x1728 BITS - ok
20:22:49.0217 0x1728 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:22:49.0252 0x1728 blbdrive - ok
20:22:49.0315 0x1728 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:22:49.0338 0x1728 Bonjour Service - ok
20:22:49.0380 0x1728 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:22:49.0434 0x1728 bowser - ok
20:22:49.0462 0x1728 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:22:49.0506 0x1728 BrFiltLo - ok
20:22:49.0526 0x1728 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:22:49.0548 0x1728 BrFiltUp - ok
20:22:49.0592 0x1728 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
20:22:49.0621 0x1728 Browser - ok
20:22:49.0646 0x1728 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:22:49.0719 0x1728 Brserid - ok
20:22:49.0735 0x1728 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:22:49.0775 0x1728 BrSerWdm - ok
20:22:49.0796 0x1728 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:22:49.0836 0x1728 BrUsbMdm - ok
20:22:49.0855 0x1728 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:22:49.0890 0x1728 BrUsbSer - ok
20:22:49.0919 0x1728 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:22:49.0960 0x1728 BTHMODEM - ok
20:22:50.0007 0x1728 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
20:22:50.0049 0x1728 bthserv - ok
20:22:50.0102 0x1728 [ FC278504BFA3AC7E9ED92359D0EE7282, FFB7F3D9D3CB8528E052F9AD773004EEE0D976E086286CC907004F5C52A0F720 ] busenum C:\Windows\system32\DRIVERS\busenum.sys
20:22:50.0121 0x1728 busenum - ok
20:22:50.0136 0x1728 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:22:50.0190 0x1728 cdfs - ok
20:22:50.0228 0x1728 cdrbsdrv - ok
20:22:50.0283 0x1728 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:22:50.0324 0x1728 cdrom - ok
20:22:50.0382 0x1728 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
20:22:50.0447 0x1728 CertPropSvc - ok
20:22:50.0476 0x1728 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:22:50.0508 0x1728 circlass - ok
20:22:50.0542 0x1728 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
20:22:50.0564 0x1728 CLFS - ok
20:22:50.0617 0x1728 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:22:50.0636 0x1728 clr_optimization_v2.0.50727_32 - ok
20:22:50.0696 0x1728 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:22:50.0714 0x1728 clr_optimization_v2.0.50727_64 - ok
20:22:50.0813 0x1728 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:22:50.0835 0x1728 clr_optimization_v4.0.30319_32 - ok
20:22:50.0885 0x1728 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:22:50.0908 0x1728 clr_optimization_v4.0.30319_64 - ok
20:22:50.0927 0x1728 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:22:50.0974 0x1728 CmBatt - ok
20:22:51.0014 0x1728 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:22:51.0027 0x1728 cmdide - ok
20:22:51.0084 0x1728 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
20:22:51.0139 0x1728 CNG - ok
20:22:51.0149 0x1728 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:22:51.0163 0x1728 Compbatt - ok
20:22:51.0204 0x1728 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:22:51.0237 0x1728 CompositeBus - ok
20:22:51.0259 0x1728 COMSysApp - ok
20:22:51.0335 0x1728 [ 262969A3FAB32B9E17E63E2D17A57744, 1EE59EB28688E73D10838C66E0D8E011C8DF45B6B43A4AC5D0B75795CA3EB512 ] cpuz135 C:\Windows\system32\drivers\cpuz135_x64.sys
20:22:51.0351 0x1728 cpuz135 - ok
20:22:51.0366 0x1728 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:22:51.0381 0x1728 crcdisk - ok
20:22:51.0458 0x1728 [ C8BD651E13895B93ED9EC5B4F1DF42BC, D86D6BF0BA3C09B49B3A52C86A7F3B3856A27F79EDD86A8FFA469D9A5F196E8D ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
20:22:51.0487 0x1728 Creative ALchemy AL6 Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
20:22:51.0487 0x1728 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - warning
20:22:53.0875 0x1728 [ C0EAD9F8AB83D41FF07303C75589C2B8, C89CAC39BCD2FA2DCC56D7EE84FF66127BCECCAE400E119FE41BF4C4D769504B ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
20:22:53.0906 0x1728 Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
20:22:53.0906 0x1728 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning
20:22:53.0906 0x1728 Force sending object to P2P due to detect: Creative Audio Engine Licensing Service
20:22:56.0383 0x1728 Object send P2P result: true
20:22:58.0799 0x1728 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:22:58.0841 0x1728 CryptSvc - ok
20:22:58.0887 0x1728 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
20:22:58.0946 0x1728 CSC - ok
20:22:58.0980 0x1728 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
20:22:59.0029 0x1728 CscService - ok
20:22:59.0091 0x1728 [ 69CDBA2B9C397E349A04FA70DD9170A2, 7879E58CB221063EF17A8A7677E81B47BFD600C3FC3353378690E4A2131327ED ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
20:22:59.0129 0x1728 CTAudSvcService - detected UnsignedFile.Multi.Generic ( 1 )
20:22:59.0129 0x1728 CTAudSvcService ( UnsignedFile.Multi.Generic ) - warning
20:23:01.0539 0x1728 [ 259A72DCCE223361B9989B8A63A2DFE6, 3236118A1BBC93253044E306855486B3255BCD149571C0363098EEB0A71CF864 ] DbusAudio C:\Windows\system32\drivers\DbusAudio.sys
20:23:01.0674 0x1728 DbusAudio - ok
20:23:01.0750 0x1728 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:23:01.0823 0x1728 DcomLaunch - ok
20:23:01.0855 0x1728 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
20:23:01.0917 0x1728 defragsvc - ok
20:23:01.0970 0x1728 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:23:02.0032 0x1728 DfsC - ok
20:23:02.0071 0x1728 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:23:02.0132 0x1728 Dhcp - ok
20:23:02.0152 0x1728 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
20:23:02.0204 0x1728 discache - ok
20:23:02.0236 0x1728 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:23:02.0251 0x1728 Disk - ok
20:23:02.0286 0x1728 DLPortIO - ok
20:23:02.0336 0x1728 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:23:02.0404 0x1728 Dnscache - ok
20:23:02.0448 0x1728 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
20:23:02.0512 0x1728 dot3svc - ok
20:23:02.0545 0x1728 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
20:23:02.0601 0x1728 DPS - ok
20:23:02.0650 0x1728 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:23:02.0683 0x1728 drmkaud - ok
20:23:02.0746 0x1728 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:23:02.0788 0x1728 DXGKrnl - ok
20:23:02.0810 0x1728 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
20:23:02.0867 0x1728 EapHost - ok
20:23:02.0986 0x1728 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
20:23:03.0119 0x1728 ebdrv - ok
20:23:03.0154 0x1728 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
20:23:03.0208 0x1728 EFS - ok
20:23:03.0238 0x1728 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:23:03.0266 0x1728 elxstor - ok
20:23:03.0312 0x1728 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:23:03.0358 0x1728 ErrDev - ok
20:23:03.0401 0x1728 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
20:23:03.0467 0x1728 EventSystem - ok
20:23:03.0493 0x1728 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
20:23:03.0546 0x1728 exfat - ok
20:23:03.0573 0x1728 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:23:03.0628 0x1728 fastfat - ok
20:23:03.0701 0x1728 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
20:23:03.0782 0x1728 Fax - ok
20:23:03.0796 0x1728 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:23:03.0825 0x1728 fdc - ok
20:23:03.0850 0x1728 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
20:23:03.0905 0x1728 fdPHost - ok
20:23:03.0928 0x1728 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
20:23:03.0985 0x1728 FDResPub - ok
20:23:04.0002 0x1728 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:23:04.0017 0x1728 FileInfo - ok
20:23:04.0029 0x1728 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:23:04.0080 0x1728 Filetrace - ok
20:23:04.0102 0x1728 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:23:04.0142 0x1728 flpydisk - ok
20:23:04.0177 0x1728 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:23:04.0201 0x1728 FltMgr - ok
20:23:04.0277 0x1728 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
20:23:04.0337 0x1728 FontCache - ok
20:23:04.0391 0x1728 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:23:04.0408 0x1728 FontCache3.0.0.0 - ok
20:23:04.0427 0x1728 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:23:04.0441 0x1728 FsDepends - ok
20:23:04.0479 0x1728 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:23:04.0498 0x1728 Fs_Rec - ok
20:23:04.0567 0x1728 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:23:04.0597 0x1728 fvevol - ok
20:23:04.0611 0x1728 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:23:04.0626 0x1728 gagp30kx - ok
20:23:04.0675 0x1728 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:23:04.0689 0x1728 GEARAspiWDM - ok
20:23:04.0763 0x1728 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
20:23:04.0839 0x1728 gpsvc - ok
20:23:05.0006 0x1728 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:23:05.0024 0x1728 gupdate - ok
20:23:05.0038 0x1728 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:23:05.0052 0x1728 gupdatem - ok
20:23:05.0065 0x1728 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:23:05.0107 0x1728 hcw85cir - ok
20:23:05.0158 0x1728 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:23:05.0202 0x1728 HdAudAddService - ok
20:23:05.0236 0x1728 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:23:05.0270 0x1728 HDAudBus - ok
20:23:05.0289 0x1728 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:23:05.0319 0x1728 HidBatt - ok
20:23:05.0346 0x1728 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:23:05.0368 0x1728 HidBth - ok
20:23:05.0386 0x1728 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:23:05.0420 0x1728 HidIr - ok
20:23:05.0451 0x1728 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
20:23:05.0506 0x1728 hidserv - ok
20:23:05.0571 0x1728 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:23:05.0598 0x1728 HidUsb - ok
20:23:05.0641 0x1728 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:23:05.0680 0x1728 hkmsvc - ok
20:23:05.0719 0x1728 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:23:05.0767 0x1728 HomeGroupListener - ok
20:23:05.0815 0x1728 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:23:05.0863 0x1728 HomeGroupProvider - ok
20:23:05.0897 0x1728 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:23:05.0915 0x1728 HpSAMD - ok
20:23:05.0961 0x1728 [ F47CEC45FB85791D4AB237563AD0FA8F, 1035066D48BD179855BCA7F62EFA1B951E6E839D2E29E15A31844E18A126DD41 ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
20:23:05.0981 0x1728 HTCAND64 - ok
20:23:06.0062 0x1728 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:23:06.0138 0x1728 HTTP - ok
20:23:06.0173 0x1728 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:23:06.0186 0x1728 hwpolicy - ok
20:23:06.0230 0x1728 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:23:06.0253 0x1728 i8042prt - ok
20:23:06.0316 0x1728 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:23:06.0345 0x1728 iaStorV - ok
20:23:06.0392 0x1728 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:23:06.0425 0x1728 idsvc - ok
20:23:06.0460 0x1728 IEEtwCollectorService - ok
20:23:06.0480 0x1728 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:23:06.0498 0x1728 iirsp - ok
20:23:06.0580 0x1728 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
20:23:06.0641 0x1728 IKEEXT - ok
20:23:06.0720 0x1728 [ CAA8BC6737DFA3BF1A50175CFB226788, F4453E136BDD3441A95972B217784EA3A7F914A0DDE3E9F503E107682B50E248 ] InputFilter_Hid_FlexDef2b C:\Windows\system32\DRIVERS\InputFilter_FlexDef2b.sys
20:23:06.0779 0x1728 InputFilter_Hid_FlexDef2b - ok
20:23:06.0822 0x1728 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
20:23:06.0841 0x1728 intelide - ok
20:23:06.0863 0x1728 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:23:06.0892 0x1728 intelppm - ok
20:23:06.0931 0x1728 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:23:06.0987 0x1728 IPBusEnum - ok
20:23:07.0019 0x1728 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:23:07.0073 0x1728 IpFilterDriver - ok
20:23:07.0134 0x1728 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:23:07.0189 0x1728 iphlpsvc - ok
20:23:07.0224 0x1728 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:23:07.0260 0x1728 IPMIDRV - ok
20:23:07.0280 0x1728 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:23:07.0338 0x1728 IPNAT - ok
20:23:07.0441 0x1728 [ 835FC2EA0631B734BB06C12B0665F01D, B8A8B0148C6C3AFC40835B44E3D6508CB9EEE8AC430A7904711C8B51C2116A8D ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:23:07.0466 0x1728 iPod Service - ok
20:23:07.0483 0x1728 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:23:07.0517 0x1728 IRENUM - ok
20:23:07.0554 0x1728 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:23:07.0567 0x1728 isapnp - ok
20:23:07.0615 0x1728 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:23:07.0643 0x1728 iScsiPrt - ok
20:23:07.0672 0x1728 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
20:23:07.0692 0x1728 kbdclass - ok
20:23:07.0741 0x1728 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:23:07.0783 0x1728 kbdhid - ok
20:23:07.0807 0x1728 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
20:23:07.0830 0x1728 KeyIso - ok
20:23:07.0865 0x1728 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:23:07.0886 0x1728 KSecDD - ok
20:23:07.0904 0x1728 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:23:07.0921 0x1728 KSecPkg - ok
20:23:07.0934 0x1728 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:23:07.0997 0x1728 ksthunk - ok
20:23:08.0035 0x1728 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
20:23:08.0097 0x1728 KtmRm - ok
20:23:08.0151 0x1728 [ B8E670D7EF61615FA03104552854FAC9, 4037B5A5D1E6E0310B73D5AF8E40A5C0ED4AD238F0EDAFF6AC6F392A2886197F ] L1E C:\Windows\system32\DRIVERS\L1E62x64.sys
20:23:08.0185 0x1728 L1E - ok
20:23:08.0235 0x1728 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:23:08.0300 0x1728 LanmanServer - ok
20:23:08.0335 0x1728 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:23:08.0393 0x1728 LanmanWorkstation - ok
20:23:08.0426 0x1728 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:23:08.0464 0x1728 lltdio - ok
20:23:08.0483 0x1728 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:23:08.0544 0x1728 lltdsvc - ok
20:23:08.0564 0x1728 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:23:08.0602 0x1728 lmhosts - ok
20:23:08.0622 0x1728 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:23:08.0638 0x1728 LSI_FC - ok
20:23:08.0650 0x1728 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:23:08.0666 0x1728 LSI_SAS - ok
20:23:08.0679 0x1728 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:23:08.0694 0x1728 LSI_SAS2 - ok
20:23:08.0715 0x1728 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:23:08.0730 0x1728 LSI_SCSI - ok
20:23:08.0757 0x1728 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
20:23:08.0811 0x1728 luafv - ok
20:23:08.0839 0x1728 massfilter - ok
20:23:08.0857 0x1728 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:23:08.0871 0x1728 megasas - ok
20:23:08.0899 0x1728 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:23:08.0919 0x1728 MegaSR - ok
20:23:08.0971 0x1728 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
20:23:08.0987 0x1728 Microsoft Office Groove Audit Service - ok
20:23:09.0006 0x1728 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
20:23:09.0073 0x1728 MMCSS - ok
20:23:09.0096 0x1728 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
20:23:09.0148 0x1728 Modem - ok
20:23:09.0209 0x1728 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:23:09.0251 0x1728 monitor - ok
20:23:09.0282 0x1728 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:23:09.0300 0x1728 mouclass - ok
20:23:09.0319 0x1728 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:23:09.0350 0x1728 mouhid - ok
20:23:09.0407 0x1728 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:23:09.0428 0x1728 mountmgr - ok
20:23:09.0512 0x1728 [ 26EA1DAD601EE3ACAC301D66F07BA219, C9594BB15D53D4AC2156CCCD2DB65B2C20620F1F60DA85F48D1586FC10028096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:23:09.0532 0x1728 MozillaMaintenance - ok
20:23:09.0556 0x1728 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
20:23:09.0577 0x1728 mpio - ok
20:23:09.0596 0x1728 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:23:09.0634 0x1728 mpsdrv - ok
20:23:09.0702 0x1728 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:23:09.0784 0x1728 MpsSvc - ok
20:23:09.0817 0x1728 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:23:09.0874 0x1728 MRxDAV - ok
20:23:09.0918 0x1728 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:23:09.0975 0x1728 mrxsmb - ok
20:23:10.0008 0x1728 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:23:10.0054 0x1728 mrxsmb10 - ok
20:23:10.0075 0x1728 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:23:10.0114 0x1728 mrxsmb20 - ok
20:23:10.0171 0x1728 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
20:23:10.0188 0x1728 msahci - ok
20:23:10.0234 0x1728 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:23:10.0257 0x1728 msdsm - ok
20:23:10.0279 0x1728 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
20:23:10.0313 0x1728 MSDTC - ok
20:23:10.0354 0x1728 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:23:10.0391 0x1728 Msfs - ok
20:23:10.0403 0x1728 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:23:10.0440 0x1728 mshidkmdf - ok
20:23:10.0484 0x1728 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:23:10.0502 0x1728 msisadrv - ok
20:23:10.0530 0x1728 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:23:10.0588 0x1728 MSiSCSI - ok
20:23:10.0592 0x1728 msiserver - ok
20:23:10.0616 0x1728 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:23:10.0671 0x1728 MSKSSRV - ok
20:23:10.0691 0x1728 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:23:10.0739 0x1728 MSPCLOCK - ok
20:23:10.0754 0x1728 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:23:10.0790 0x1728 MSPQM - ok
20:23:10.0843 0x1728 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:23:10.0872 0x1728 MsRPC - ok
20:23:10.0883 0x1728 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:23:10.0896 0x1728 mssmbios - ok
20:23:10.0913 0x1728 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:23:10.0965 0x1728 MSTEE - ok
20:23:10.0981 0x1728 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:23:11.0011 0x1728 MTConfig - ok
20:23:11.0050 0x1728 [ 03B7145C889603537E9FFEABB1AD1089, B3CD93B893D4A2370CBF382366C6F596372857F8711EF6FFF83BFE2B449F424E ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
20:23:11.0081 0x1728 MTsensor - ok
20:23:11.0105 0x1728 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
20:23:11.0123 0x1728 Mup - ok
20:23:11.0230 0x1728 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
20:23:11.0304 0x1728 napagent - ok
20:23:11.0354 0x1728 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:23:11.0403 0x1728 NativeWifiP - ok
20:23:11.0478 0x1728 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
20:23:11.0517 0x1728 NDIS - ok
20:23:11.0531 0x1728 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:23:11.0569 0x1728 NdisCap - ok
20:23:11.0592 0x1728 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:23:11.0656 0x1728 NdisTapi - ok
20:23:11.0714 0x1728 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:23:11.0789 0x1728 Ndisuio - ok
20:23:11.0837 0x1728 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:23:11.0899 0x1728 NdisWan - ok
20:23:11.0930 0x1728 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:23:11.0982 0x1728 NDProxy - ok
20:23:12.0005 0x1728 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:23:12.0058 0x1728 NetBIOS - ok
20:23:12.0099 0x1728 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:23:12.0148 0x1728 NetBT - ok
20:23:12.0160 0x1728 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
20:23:12.0177 0x1728 Netlogon - ok
20:23:12.0210 0x1728 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
20:23:12.0272 0x1728 Netman - ok
20:23:12.0327 0x1728 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:23:12.0349 0x1728 NetMsmqActivator - ok
20:23:12.0361 0x1728 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:23:12.0377 0x1728 NetPipeActivator - ok
20:23:12.0406 0x1728 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
20:23:12.0476 0x1728 netprofm - ok
20:23:12.0497 0x1728 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:23:12.0513 0x1728 NetTcpActivator - ok
20:23:12.0519 0x1728 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:23:12.0536 0x1728 NetTcpPortSharing - ok
20:23:12.0549 0x1728 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:23:12.0563 0x1728 nfrd960 - ok
20:23:12.0676 0x1728 [ 9ED6B2F6D9D04FB883F578ABC239EE07, F93F2AFB91AE605D96E83258F2EA20BF08E74FE8C36EEF39650F369071A080AF ] NitroReaderDriverReadSpool3 C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
20:23:12.0697 0x1728 NitroReaderDriverReadSpool3 - ok
20:23:12.0743 0x1728 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:23:12.0787 0x1728 NlaSvc - ok
20:23:12.0808 0x1728 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:23:12.0845 0x1728 Npfs - ok
20:23:12.0863 0x1728 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
20:23:12.0914 0x1728 nsi - ok
20:23:12.0927 0x1728 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:23:12.0978 0x1728 nsiproxy - ok
20:23:13.0069 0x1728 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:23:13.0120 0x1728 Ntfs - ok
20:23:13.0203 0x1728 nTuneService - ok
20:23:13.0216 0x1728 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
20:23:13.0258 0x1728 Null - ok
20:23:13.0694 0x1728 [ 0AC797F70F2F3E5B69A34FF2F63496F3, 80A811F8234BA00779BA76AAF41E830FB6CED03667E6E8F430C14DEBF2E45DD9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:23:14.0120 0x1728 nvlddmkm - ok
20:23:14.0247 0x1728 [ 048C6FACA905A7DF0A86D3CC31D7E6AE, 7222B301DBBDFF15B038E13FEA076759D8AC392F5145ECD60A640BDA6CFABE8C ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
20:23:14.0297 0x1728 NvNetworkService - ok
20:23:14.0332 0x1728 [ 8C1D181480796D7D3366A9381FD7782D, 642857FC8D737E92DB8771E46E8638A37D9743928C959ED056C15427C6197A54 ] nvoclk64 C:\Windows\system32\DRIVERS\nvoclk64.sys
20:23:14.0344 0x1728 nvoclk64 - ok
20:23:14.0399 0x1728 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:23:14.0421 0x1728 nvraid - ok
20:23:14.0435 0x1728 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:23:14.0453 0x1728 nvstor - ok
20:23:14.0646 0x1728 [ 3ABCD8F8853FEB12B961E9A48FC12133, 58255D53E810EE0D89FA2F1DC9D6208BF44F3C0FDE74A9264FB740024F1EDD44 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
20:23:14.0669 0x1728 NvStreamKms - ok
20:23:14.0709 0x1728 NvStreamSvc - ok
20:23:14.0793 0x1728 [ C135A25E8CF21EB631AB041ABB1F73EA, D0A3DC0411E888D0934B7579EEB980FA7824E3F22F70819A33411D8B8BC9EE42 ] nvsvc C:\Windows\system32\nvvsvc.exe
20:23:14.0829 0x1728 nvsvc - ok
20:23:14.0881 0x1728 [ 75034A4D7C02327D150B617571D4196A, 8E7DAFEC4307E883D52BD0B5F0732E26E019C953770B52ACBBAD3074A66393CB ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
20:23:14.0898 0x1728 nvvad_WaveExtensible - ok
20:23:14.0955 0x1728 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:23:14.0977 0x1728 nv_agp - ok
20:23:15.0059 0x1728 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:23:15.0088 0x1728 odserv - ok
20:23:15.0103 0x1728 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:23:15.0137 0x1728 ohci1394 - ok
20:23:15.0179 0x1728 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:23:15.0193 0x1728 ose - ok
20:23:15.0255 0x1728 [ EDD1DCD36F6115ACC6935C3F88FF54D7, 43A84A7459D926B635F23EE09FC7C67C2B03725A3EEA9D38A18FDB9CD7C7F785 ] P17 C:\Windows\system32\drivers\P17.sys
20:23:15.0324 0x1728 P17 - ok
20:23:15.0359 0x1728 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:23:15.0410 0x1728 p2pimsvc - ok
20:23:15.0434 0x1728 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
20:23:15.0463 0x1728 p2psvc - ok
20:23:15.0499 0x1728 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:23:15.0517 0x1728 Parport - ok
20:23:15.0561 0x1728 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:23:15.0581 0x1728 partmgr - ok
20:23:15.0598 0x1728 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
20:23:15.0645 0x1728 PcaSvc - ok
20:23:15.0682 0x1728 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
20:23:15.0699 0x1728 pci - ok
20:23:15.0737 0x1728 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
20:23:15.0756 0x1728 pciide - ok
20:23:15.0796 0x1728 [ 28C9AF2398DA99BCCD647A44F838949B, 7325C9E9DED91E2D9FF7A2ADEFD194FD3E5474F609E88DA26757070A35EA1C0C ] PciPPorts C:\Windows\system32\DRIVERS\PciPPorts.sys
20:23:15.0827 0x1728 PciPPorts - ok
20:23:15.0850 0x1728 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:23:15.0873 0x1728 pcmcia - ok
20:23:15.0890 0x1728 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
20:23:15.0904 0x1728 pcw - ok
20:23:15.0931 0x1728 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:23:16.0003 0x1728 PEAUTH - ok
20:23:16.0083 0x1728 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
20:23:16.0171 0x1728 PeerDistSvc - ok
20:23:16.0238 0x1728 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:23:16.0278 0x1728 PerfHost - ok
20:23:16.0364 0x1728 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
20:23:16.0459 0x1728 pla - ok
20:23:16.0526 0x1728 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:23:16.0594 0x1728 PlugPlay - ok
20:23:16.0620 0x1728 PnkBstrA - ok
20:23:16.0639 0x1728 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:23:16.0675 0x1728 PNRPAutoReg - ok
20:23:16.0702 0x1728 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:23:16.0727 0x1728 PNRPsvc - ok
20:23:16.0751 0x1728 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:23:16.0844 0x1728 PolicyAgent - ok
20:23:16.0866 0x1728 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
20:23:16.0925 0x1728 Power - ok
20:23:16.0966 0x1728 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:23:17.0025 0x1728 PptpMiniport - ok
20:23:17.0059 0x1728 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:23:17.0091 0x1728 Processor - ok
20:23:17.0158 0x1728 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
20:23:17.0196 0x1728 ProfSvc - ok
20:23:17.0203 0x1728 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:23:17.0219 0x1728 ProtectedStorage - ok
20:23:17.0267 0x1728 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:23:17.0328 0x1728 Psched - ok
20:23:17.0380 0x1728 [ DD3FD48D69F5FBBB21D46D1514C1C2DB, 2B188E3AC4BD9B608D375DD550507717852C2AF7C0F99FFED90098999B9D4F01 ] PSI C:\Windows\system32\DRIVERS\psi_mf_amd64.sys
20:23:17.0397 0x1728 PSI - ok
20:23:17.0448 0x1728 [ 3DF18A193C758BE8E610B01331C237FB, 0F8CEF540596696997B093E2952A69FABA72CF34F97DCA1B0EB0DCAF1D3311D8 ] pwdrvio C:\Windows\system32\pwdrvio.sys
20:23:17.0470 0x1728 pwdrvio - ok
20:23:17.0512 0x1728 [ 1EBD98FB3B567C552C9C85AB73729AEC, B8C997D245FF146FCCD3AFA9914DCEBE83DF29E0D7BE8E046BEA7BB9FE61E66A ] pwdspio C:\Windows\system32\pwdspio.sys
20:23:17.0533 0x1728 pwdspio - ok
20:23:17.0595 0x1728 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:23:17.0649 0x1728 ql2300 - ok
20:23:17.0669 0x1728 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:23:17.0686 0x1728 ql40xx - ok
20:23:17.0708 0x1728 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
20:23:17.0753 0x1728 QWAVE - ok
20:23:17.0771 0x1728 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:23:17.0808 0x1728 QWAVEdrv - ok
20:23:17.0860 0x1728 [ A55E7D0D873B2C97585B3B5926AC6ADE, 3BE3895DA7F0888E85B1941525878BA0846A8F215AD39ED8138BB39615468E32 ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
20:23:17.0884 0x1728 RapiMgr - ok
20:23:17.0897 0x1728 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:23:17.0949 0x1728 RasAcd - ok
20:23:17.0990 0x1728 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:23:18.0027 0x1728 RasAgileVpn - ok
20:23:18.0043 0x1728 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
20:23:18.0085 0x1728 RasAuto - ok
20:23:18.0124 0x1728 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:23:18.0189 0x1728 Rasl2tp - ok
20:23:18.0222 0x1728 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
20:23:18.0287 0x1728 RasMan - ok
20:23:18.0305 0x1728 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:23:18.0358 0x1728 RasPppoe - ok
20:23:18.0364 0x1728 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:23:18.0421 0x1728 RasSstp - ok
20:23:18.0471 0x1728 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:23:18.0521 0x1728 rdbss - ok
20:23:18.0530 0x1728 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:23:18.0564 0x1728 rdpbus - ok
20:23:18.0585 0x1728 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:23:18.0621 0x1728 RDPCDD - ok
20:23:18.0666 0x1728 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
20:23:18.0697 0x1728 RDPDR - ok
20:23:18.0707 0x1728 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:23:18.0757 0x1728 RDPENCDD - ok
20:23:18.0779 0x1728 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:23:18.0815 0x1728 RDPREFMP - ok
20:23:18.0888 0x1728 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:23:18.0942 0x1728 RdpVideoMiniport - ok
20:23:18.0990 0x1728 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:23:19.0025 0x1728 RDPWD - ok
20:23:19.0083 0x1728 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:23:19.0105 0x1728 rdyboost - ok
20:23:19.0135 0x1728 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:23:19.0187 0x1728 RemoteAccess - ok
20:23:19.0211 0x1728 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:23:19.0268 0x1728 RemoteRegistry - ok
20:23:19.0297 0x1728 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:23:19.0352 0x1728 RpcEptMapper - ok
20:23:19.0373 0x1728 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
20:23:19.0409 0x1728 RpcLocator - ok
20:23:19.0464 0x1728 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
20:23:19.0518 0x1728 RpcSs - ok
20:23:19.0530 0x1728 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:23:19.0581 0x1728 rspndr - ok
20:23:19.0656 0x1728 [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
20:23:19.0687 0x1728 RTL8167 - ok
20:23:19.0728 0x1728 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
20:23:19.0749 0x1728 s3cap - ok
20:23:19.0765 0x1728 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
20:23:19.0782 0x1728 SamSs - ok
20:23:19.0795 0x1728 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:23:19.0811 0x1728 sbp2port - ok
20:23:19.0836 0x1728 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:23:19.0897 0x1728 SCardSvr - ok
20:23:19.0930 0x1728 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:23:19.0992 0x1728 scfilter - ok
20:23:20.0053 0x1728 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
20:23:20.0137 0x1728 Schedule - ok
20:23:20.0171 0x1728 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:23:20.0207 0x1728 SCPolicySvc - ok
20:23:20.0252 0x1728 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:23:20.0304 0x1728 SDRSVC - ok
20:23:20.0336 0x1728 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:23:20.0395 0x1728 secdrv - ok
20:23:20.0412 0x1728 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
20:23:20.0467 0x1728 seclogon - ok
20:23:20.0565 0x1728 [ 05E383849FA1FBBBC160612B0080618C, 43A33CC6BD24635EE849E89DB4391AB36292DDC0AC407E1B480B6E1DF7FC3BC5 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
20:23:20.0609 0x1728 Secunia PSI Agent - ok
20:23:20.0691 0x1728 [ F8173F1454F21C451439CB47EF75830A, CF87917CD061686CD956884D4ED73AA8C0B04B0B7B5BA36BAA4CC4A03C8C0263 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
20:23:20.0721 0x1728 Secunia Update Agent - ok
20:23:20.0743 0x1728 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
20:23:20.0796 0x1728 SENS - ok
20:23:20.0814 0x1728 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:23:20.0870 0x1728 SensrSvc - ok
20:23:20.0881 0x1728 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:23:20.0912 0x1728 Serenum - ok
20:23:20.0933 0x1728 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:23:20.0967 0x1728 Serial - ok
20:23:21.0022 0x1728 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:23:21.0043 0x1728 sermouse - ok
20:23:21.0093 0x1728 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
20:23:21.0153 0x1728 SessionEnv - ok
20:23:21.0170 0x1728 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:23:21.0216 0x1728 sffdisk - ok
20:23:21.0227 0x1728 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:23:21.0262 0x1728 sffp_mmc - ok
20:23:21.0266 0x1728 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:23:21.0284 0x1728 sffp_sd - ok
20:23:21.0299 0x1728 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:23:21.0315 0x1728 sfloppy - ok
20:23:21.0398 0x1728 [ E5B4AD148D806860B9F956C63A9598CD, 35C507D13EB7F130B57E8D5DAA2E670C18E32C6A0DCD69BEA79F326ECDE57F54 ] SgtSch2Svc C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
20:23:21.0426 0x1728 SgtSch2Svc - ok
20:23:21.0458 0x1728 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:23:21.0525 0x1728 SharedAccess - ok
20:23:21.0574 0x1728 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:23:21.0623 0x1728 ShellHWDetection - ok
20:23:21.0634 0x1728 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:23:21.0648 0x1728 SiSRaid2 - ok
20:23:21.0661 0x1728 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:23:21.0676 0x1728 SiSRaid4 - ok
20:23:21.0707 0x1728 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:23:21.0763 0x1728 Smb - ok
20:23:21.0824 0x1728 [ 53A5A9C7160DA3BBB4FDDA2BF22680A9, CE7A96C8022421C206DD92501AB5790021A0BDFC125F4AFC30410E3C651890DF ] snapman C:\Windows\system32\DRIVERS\snapman.sys
20:23:21.0848 0x1728 snapman - ok
20:23:21.0878 0x1728 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:23:21.0927 0x1728 SNMPTRAP - ok
20:23:22.0002 0x1728 [ 12583AF6CBE0050651EAF2723B3AD7B3, 965D4F981B54669A96C5AB02D09BF0A9850D13862425B8981F1A9271350F28BB ] speedfan C:\Windows\syswow64\speedfan.sys
20:23:22.0022 0x1728 speedfan - ok
20:23:22.0036 0x1728 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
20:23:22.0050 0x1728 spldr - ok
20:23:22.0100 0x1728 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
20:23:22.0169 0x1728 Spooler - ok
20:23:22.0307 0x1728 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
20:23:22.0471 0x1728 sppsvc - ok
20:23:22.0491 0x1728 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:23:22.0549 0x1728 sppuinotify - ok
20:23:22.0561 0x1728 sptd - ok
20:23:22.0617 0x1728 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:23:22.0684 0x1728 srv - ok
20:23:22.0740 0x1728 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:23:22.0796 0x1728 srv2 - ok
20:23:22.0834 0x1728 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:23:22.0871 0x1728 srvnet - ok
20:23:22.0933 0x1728 [ 1612881760C9DF7FBB09B6CF1D3BA0DF, 05577979FE3B5C8C616FD790E162C3A5A721C1442D15A75A0D01C5CAAB5A0AE7 ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
20:23:22.0993 0x1728 sscdbus - ok
20:23:23.0033 0x1728 [ D7803A687E85189EA2B525CC22093521, 10F58A17FCD9C95B0A206C1222246452E344D96FAA2A89F6DE249471CC7FCC8B ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys
20:23:23.0083 0x1728 sscdmdfl - ok
20:23:23.0101 0x1728 [ 06DB3D5EB2444083C7F5AF7874765505, 81BC35AF6D3DC7D30C4A0F6BC01FB8018295F158B8D204167CBD185028FF0E23 ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys
20:23:23.0134 0x1728 sscdmdm - ok
20:23:23.0162 0x1728 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:23:23.0226 0x1728 SSDPSRV - ok
20:23:23.0244 0x1728 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:23:23.0300 0x1728 SstpSvc - ok
20:23:23.0328 0x1728 StarOpen - ok
20:23:23.0431 0x1728 [ 718D79F2E7EC3AFFD3661DA81F93BBEA, BA2A4E58E5EE06392EE6F4C2E738DC807EC5A8B9F6DD4B7935FE27CBC648E390 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:23:23.0457 0x1728 Stereo Service - ok
20:23:23.0474 0x1728 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:23:23.0488 0x1728 stexstor - ok
20:23:23.0542 0x1728 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\drivers\serscan.sys
20:23:23.0575 0x1728 StillCam - ok
20:23:23.0624 0x1728 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
20:23:23.0682 0x1728 stisvc - ok
20:23:23.0718 0x1728 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
20:23:23.0732 0x1728 storflt - ok
20:23:23.0748 0x1728 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
20:23:23.0799 0x1728 StorSvc - ok
20:23:23.0815 0x1728 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
20:23:23.0829 0x1728 storvsc - ok
20:23:23.0863 0x1728 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
20:23:23.0882 0x1728 swenum - ok
20:23:23.0917 0x1728 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
20:23:23.0987 0x1728 swprv - ok
20:23:24.0080 0x1728 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
20:23:24.0155 0x1728 SysMain - ok
20:23:24.0194 0x1728 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:23:24.0248 0x1728 TabletInputService - ok
20:23:24.0317 0x1728 [ BD06799129D17F9BE08E2F6C168BBCF0, B115A49B14E241B4CE03274878A7ACFA9004603A08BD265BD7F75424E5FBB8F4 ] taphss6 C:\Windows\system32\DRIVERS\taphss6.sys
20:23:24.0334 0x1728 taphss6 - ok
20:23:24.0359 0x1728 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
20:23:24.0423 0x1728 TapiSrv - ok
20:23:24.0446 0x1728 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
20:23:24.0500 0x1728 TBS - ok
20:23:24.0592 0x1728 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:23:24.0655 0x1728 Tcpip - ok
20:23:24.0710 0x1728 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:23:24.0766 0x1728 TCPIP6 - ok
20:23:24.0813 0x1728 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:23:24.0851 0x1728 tcpipreg - ok
20:23:24.0884 0x1728 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:23:24.0940 0x1728 TDPIPE - ok
20:23:25.0055 0x1728 [ BF7AC81DF6FBE09438D9DC7188178EA9, 283E2F86785016F0784B6B908E194F92306250E6A699D1B415D51FAE5659D19C ] tdrpman258 C:\Windows\system32\DRIVERS\tdrpm258.sys
20:23:25.0106 0x1728 tdrpman258 - ok
20:23:25.0147 0x1728 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:23:25.0188 0x1728 TDTCP - ok
20:23:25.0249 0x1728 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:23:25.0311 0x1728 tdx - ok
20:23:25.0505 0x1728 [ 2BBB318EA9F34FDC508CEA4AAB98D770, AA98BDB7677A452E38DB207E09A522C558F9E09DE43A57D24CD776C6248CC015 ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
20:23:25.0575 0x1728 TeamViewer7 - ok
20:23:25.0811 0x1728 [ 97F6FFB8A305A77D25C6C0E07B71D252, 97C5FC73A250FC2016E29148A6A37E54BD74AE983D99AAF4890C059719C93EC2 ] TeamViewer9 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
20:23:25.0934 0x1728 TeamViewer9 - ok
20:23:25.0972 0x1728 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
20:23:25.0987 0x1728 TermDD - ok
20:23:26.0053 0x1728 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
20:23:26.0124 0x1728 TermService - ok
20:23:26.0155 0x1728 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
20:23:26.0191 0x1728 Themes - ok
20:23:26.0222 0x1728 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
20:23:26.0270 0x1728 THREADORDER - ok
20:23:26.0299 0x1728 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
20:23:26.0341 0x1728 TrkWks - ok
20:23:26.0409 0x1728 [ EA43DE1743C1BA0D2D17B8DB90C91D88, 54115F3002D2C87B82DDA62E96AD8296FFC59DC83E9F3D7F22325325DB73C486 ] truecrypt C:\Windows\system32\drivers\truecrypt.sys
20:23:26.0434 0x1728 truecrypt - ok
20:23:26.0496 0x1728 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:23:26.0564 0x1728 TrustedInstaller - ok
20:23:26.0605 0x1728 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:23:26.0652 0x1728 tssecsrv - ok
20:23:26.0689 0x1728 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:23:26.0742 0x1728 TsUsbFlt - ok
20:23:26.0795 0x1728 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:23:26.0864 0x1728 tunnel - ok
20:23:26.0896 0x1728 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:23:26.0911 0x1728 uagp35 - ok
20:23:26.0959 0x1728 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:23:27.0025 0x1728 udfs - ok
20:23:27.0052 0x1728 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:23:27.0100 0x1728 UI0Detect - ok
20:23:27.0167 0x1728 [ 34859D3801F4BD3DACFA131DD928455A, 337A111474D28B9B1DE3280925654F941804E4B1F13759B1664C5F7953A27521 ] UimBus C:\Windows\system32\DRIVERS\uimx64.sys
20:23:27.0186 0x1728 UimBus - ok
20:23:27.0236 0x1728 [ D3CE4776E7FFB25E6935B1C797F4650C, CF25CB7E596D8E4778E6B4C9D04D3AB7533E20234A76984FE9A010224F4F3EF8 ] Uim_IM C:\Windows\system32\Drivers\Uim_IMx64.sys
20:23:27.0265 0x1728 Uim_IM - ok
20:23:27.0285 0x1728 [ 532E4BED5C7803B2EE5681818B2528B7, DF1ED9C44D8DD2AFDDCC8D1F027840DAA560D5B72EB77A64A85541040364BD15 ] Uim_VIM C:\Windows\system32\Drivers\uim_vimx64.sys
20:23:27.0305 0x1728 Uim_VIM - ok
20:23:27.0360 0x1728 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:23:27.0379 0x1728 uliagpkx - ok
20:23:27.0403 0x1728 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:23:27.0437 0x1728 umbus - ok
20:23:27.0457 0x1728 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:23:27.0476 0x1728 UmPass - ok
20:23:27.0528 0x1728 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
20:23:27.0570 0x1728 UmRdpService - ok
20:23:27.0601 0x1728 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
20:23:27.0680 0x1728 upnphost - ok
20:23:27.0735 0x1728 [ 54D4B48D443E7228BF64CF7CDC3118AC, 4C953166EAECFD217218E386B411A4BDDA86AE65DCF352D271DF8E3D7DECC85F ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
20:23:27.0759 0x1728 USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
20:23:27.0759 0x1728 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
20:23:27.0759 0x1728 Force sending object to P2P due to detect: USBAAPL64
20:23:41.0262 0x1728 Object send P2P result: true
20:23:43.0673 0x1728 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:23:43.0731 0x1728 usbccgp - ok
20:23:43.0789 0x1728 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:23:43.0826 0x1728 usbcir - ok
20:23:43.0971 0x1728 [ 6AF12011C88C80920D0543616E107CFF, 952A824119A4FC97BB5E62E4710607FE3988E3612A8412302CD6DB2250BCA902 ] UsbClientService C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
20:23:44.0109 0x1728 UsbClientService - detected UnsignedFile.Multi.Generic ( 1 )
20:23:44.0109 0x1728 UsbClientService ( UnsignedFile.Multi.Generic ) - warning
20:23:44.0109 0x1728 Force sending object to P2P due to detect: UsbClientService
20:23:46.0637 0x1728 Object send P2P result: true
20:23:49.0047 0x1728 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:23:49.0071 0x1728 usbehci - ok
20:23:49.0147 0x1728 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:23:49.0210 0x1728 usbhub - ok
20:23:49.0280 0x1728 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:23:49.0319 0x1728 usbohci - ok
20:23:49.0347 0x1728 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:23:49.0383 0x1728 usbprint - ok
20:23:49.0413 0x1728 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:23:49.0449 0x1728 usbscan - ok
20:23:49.0482 0x1728 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:23:49.0535 0x1728 USBSTOR - ok
20:23:49.0549 0x1728 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
20:23:49.0569 0x1728 usbuhci - ok
20:23:49.0610 0x1728 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
20:23:49.0662 0x1728 usb_rndisx - ok
20:23:49.0682 0x1728 UserPort - ok
20:23:49.0709 0x1728 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
20:23:49.0774 0x1728 UxSms - ok
20:23:49.0794 0x1728 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
20:23:49.0810 0x1728 VaultSvc - ok
20:23:49.0866 0x1728 [ 197AF90E01A473A1862BB5381BE77877, 5E7D219F7A982356D09F9742501267D38F96F2A493BBF1D59643B314A23C0573 ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
20:23:49.0886 0x1728 VBoxDrv - ok
20:23:49.0901 0x1728 [ 9AFB83D5E465E7F3C2C20F968C774756, 232B35E10FCCD40C3D9A0CAC37D0B0256C39F999696647B70070FF1438AED95E ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
20:23:49.0916 0x1728 VBoxNetAdp - ok
20:23:49.0943 0x1728 [ 1205DFE6DF344DF80FB3AF10F6E9AC77, 2F5CF70E16963C10E3A484EFBF33C809C3719D1E3A5B3ACF52D1AF8350CF14C0 ] VBoxNetFlt C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
20:23:49.0959 0x1728 VBoxNetFlt - ok
20:23:50.0015 0x1728 [ E40ED858DB77EC5D92871B4BF26DE3CA, 44454E6A1F5A119DB7E52E96FDBFBFA72FD884413F5D3FA6652E725D00FEEDDF ] VBoxUSB C:\Windows\system32\Drivers\VBoxUSB.sys
20:23:50.0037 0x1728 VBoxUSB - ok
20:23:50.0095 0x1728 [ 132DFA8D09CE78952259D1A9B480C335, A172B67034F17EFA24151587BD1B9240C98543555DCA7DF7CB0430EB6068093D ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
20:23:50.0116 0x1728 VBoxUSBMon - ok
20:23:50.0136 0x1728 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:23:50.0156 0x1728 vdrvroot - ok
20:23:50.0212 0x1728 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
20:23:50.0285 0x1728 vds - ok
20:23:50.0311 0x1728 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:23:50.0329 0x1728 vga - ok
20:23:50.0346 0x1728 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:23:50.0401 0x1728 VgaSave - ok
20:23:50.0442 0x1728 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
20:23:50.0468 0x1728 vhdmp - ok
20:23:50.0503 0x1728 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
20:23:50.0517 0x1728 viaide - ok
20:23:50.0566 0x1728 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
20:23:50.0590 0x1728 vmbus - ok
20:23:50.0602 0x1728 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
20:23:50.0637 0x1728 VMBusHID - ok
20:23:50.0731 0x1728 [ 091E009EF749C9D65CF9ADFAD316D251, BA3D03C535BA120E40332DD3F88956C853AFF4E44346B29D59943901A0737B02 ] vmm C:\Windows\system32\Treiber\vmm.sys
20:23:50.0756 0x1728 vmm - ok
20:23:50.0774 0x1728 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:23:50.0788 0x1728 volmgr - ok
20:23:50.0838 0x1728 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:23:50.0860 0x1728 volmgrx - ok
20:23:50.0877 0x1728 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:23:50.0897 0x1728 volsnap - ok
20:23:50.0939 0x1728 [ BC2EA40B98B5E866D9A4F98AFB66B682, 838EAF1ADDC2826FE4830F2410F6EE3517CDDEF0D5212BC6FD009BC3CA7D70E6 ] VPCNetS2 C:\Windows\system32\DRIVERS\VMNetSrv.sys
20:23:50.0952 0x1728 VPCNetS2 - ok
20:23:50.0982 0x1728 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:23:50.0999 0x1728 vsmraid - ok
20:23:51.0091 0x1728 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
20:23:51.0191 0x1728 VSS - ok
20:23:51.0214 0x1728 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:23:51.0248 0x1728 vwifibus - ok
20:23:51.0283 0x1728 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:23:51.0318 0x1728 vwififlt - ok
20:23:51.0363 0x1728 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
20:23:51.0425 0x1728 W32Time - ok
20:23:51.0527 0x1728 [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll
20:23:51.0584 0x1728 W3SVC - ok
20:23:51.0612 0x1728 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:23:51.0647 0x1728 WacomPen - ok
20:23:51.0707 0x1728 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:23:51.0774 0x1728 WANARP - ok
20:23:51.0781 0x1728 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:23:51.0819 0x1728 Wanarpv6 - ok
20:23:51.0876 0x1728 [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
20:23:51.0908 0x1728 WAS - ok
20:23:52.0000 0x1728 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
20:23:52.0076 0x1728 wbengine - ok
20:23:52.0109 0x1728 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:23:52.0137 0x1728 WbioSrvc - ok
20:23:52.0184 0x1728 [ 8BDA6DB43AA54E8BB5E0794541DDC209, 8753C507BE77B019A3403AF5252434A01DB9F9332E58AC3783ABCE3D21AD9DD4 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
20:23:52.0213 0x1728 WcesComm - ok
20:23:52.0254 0x1728 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:23:52.0301 0x1728 wcncsvc - ok
20:23:52.0319 0x1728 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:23:52.0348 0x1728 WcsPlugInService - ok
20:23:52.0367 0x1728 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:23:52.0381 0x1728 Wd - ok
20:23:52.0445 0x1728 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:23:52.0481 0x1728 Wdf01000 - ok
20:23:52.0503 0x1728 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:23:52.0590 0x1728 WdiServiceHost - ok
20:23:52.0597 0x1728 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:23:52.0622 0x1728 WdiSystemHost - ok
20:23:52.0666 0x1728 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
20:23:52.0697 0x1728 WebClient - ok
20:23:52.0740 0x1728 [ D5BA7D43FA2EF656BF7E98A188391E40, 56CF132B7C43A0F9C7C4D070730315FE7AFD2E87E94014DFC3D7107BB52B9C64 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:23:52.0778 0x1728 Wecsvc - ok
20:23:52.0801 0x1728 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:23:52.0857 0x1728 wercplsupport - ok
20:23:52.0886 0x1728 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
20:23:52.0940 0x1728 WerSvc - ok
20:23:52.0968 0x1728 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:23:53.0004 0x1728 WfpLwf - ok
20:23:53.0015 0x1728 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:23:53.0029 0x1728 WIMMount - ok
20:23:53.0050 0x1728 WinDefend - ok
20:23:53.0117 0x1728 [ 4032F1D329FBB5E3662DDD8EF2343E3B, 06CC4AE026EE61F7C0A535D16F04846308FDFBB50EB423021E1FA361CC73D35B ] WinDriver6 C:\Windows\system32\drivers\windrvr6.sys
20:23:53.0163 0x1728 WinDriver6 - ok
20:23:53.0166 0x1728 WinHttpAutoProxySvc - ok
20:23:53.0242 0x1728 [ 136760C1E9697BAF4ECDEAE5590A0806, 12E80D0923D794F4C520FEA7CB98EF581231B996FB1876EB20995E6E457EFF56 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:23:53.0268 0x1728 Winmgmt - ok
20:23:53.0397 0x1728 [ 3BB6B401A780BF434C8F58137DE10BF7, 1A377C39B78B92A1A1FED699EE5E5ED0271A6FFAC143F1D29FC1FDF4D726A522 ] WinRM C:\Windows\system32\WsmSvc.dll
20:23:53.0519 0x1728 WinRM - ok
20:23:53.0593 0x1728 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WINUSB C:\Windows\system32\DRIVERS\WinUSB.sys
20:23:53.0632 0x1728 WINUSB - ok
20:23:53.0687 0x1728 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:23:53.0754 0x1728 Wlansvc - ok
20:23:53.0907 0x1728 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:23:53.0969 0x1728 wlidsvc - ok
20:23:54.0014 0x1728 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:23:54.0037 0x1728 WmiAcpi - ok
20:23:54.0091 0x1728 [ 4DF841632B62A7CF19A79A05046A8AB1, D80F28FD7FEB95DB83976EAFECB2E9AE1423DA4D34EC5D820FC39A33444B82DA ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:23:54.0134 0x1728 wmiApSrv - ok
20:23:54.0159 0x1728 WMPNetworkSvc - ok
20:23:54.0173 0x1728 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:23:54.0206 0x1728 WPCSvc - ok
20:23:54.0257 0x1728 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:23:54.0286 0x1728 WPDBusEnum - ok
20:23:54.0298 0x1728 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:23:54.0351 0x1728 ws2ifsl - ok
20:23:54.0402 0x1728 [ AD12F5C7251BB8D575D560894E73CBBA, FAAA1440CBBDC889C0B8917065B932A9CC86E5C0FD5845D8830482915AF83F40 ] WsAudio_DeviceS(1) C:\Windows\system32\drivers\WsAudio_DeviceS(1).sys
20:23:54.0414 0x1728 WsAudio_DeviceS(1) - ok
20:23:54.0430 0x1728 [ AD12F5C7251BB8D575D560894E73CBBA, FAAA1440CBBDC889C0B8917065B932A9CC86E5C0FD5845D8830482915AF83F40 ] WsAudio_DeviceS(2) C:\Windows\system32\drivers\WsAudio_DeviceS(2).sys
20:23:54.0442 0x1728 WsAudio_DeviceS(2) - ok
20:23:54.0451 0x1728 [ AD12F5C7251BB8D575D560894E73CBBA, FAAA1440CBBDC889C0B8917065B932A9CC86E5C0FD5845D8830482915AF83F40 ] WsAudio_DeviceS(3) C:\Windows\system32\drivers\WsAudio_DeviceS(3).sys
20:23:54.0463 0x1728 WsAudio_DeviceS(3) - ok
20:23:54.0468 0x1728 [ AD12F5C7251BB8D575D560894E73CBBA, FAAA1440CBBDC889C0B8917065B932A9CC86E5C0FD5845D8830482915AF83F40 ] WsAudio_DeviceS(4) C:\Windows\system32\drivers\WsAudio_DeviceS(4).sys
20:23:54.0479 0x1728 WsAudio_DeviceS(4) - ok
20:23:54.0484 0x1728 [ AD12F5C7251BB8D575D560894E73CBBA, FAAA1440CBBDC889C0B8917065B932A9CC86E5C0FD5845D8830482915AF83F40 ] WsAudio_DeviceS(5) C:\Windows\system32\drivers\WsAudio_DeviceS(5).sys
20:23:54.0496 0x1728 WsAudio_DeviceS(5) - ok
20:23:54.0511 0x1728 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
20:23:54.0555 0x1728 wscsvc - ok
20:23:54.0594 0x1728 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
20:23:54.0637 0x1728 WSDPrintDevice - ok
20:23:54.0642 0x1728 WSearch - ok
20:23:54.0766 0x1728 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
20:23:54.0847 0x1728 wuauserv - ok
20:23:54.0888 0x1728 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:23:54.0924 0x1728 WudfPf - ok
20:23:54.0956 0x1728 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:23:54.0994 0x1728 WUDFRd - ok
20:23:55.0038 0x1728 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:23:55.0083 0x1728 wudfsvc - ok
20:23:55.0122 0x1728 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
20:23:55.0164 0x1728 WwanSvc - ok
20:23:55.0228 0x1728 [ 2C6BC21B2D5B58D8B1D638C1704CB494, 0AABCEB627E274E338DDD9BA664BAA128D7C00AF04C95C776C2AFFA6BB17F680 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
20:23:55.0245 0x1728 xusb21 - ok
20:23:55.0255 0x1728 ZTEusbmdm6k - ok
20:23:55.0272 0x1728 ZTEusbnmea - ok
20:23:55.0278 0x1728 ZTEusbser6k - ok
20:23:55.0304 0x1728 ================ Scan global ===============================
20:23:55.0324 0x1728 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
20:23:55.0375 0x1728 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
20:23:55.0395 0x1728 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
20:23:55.0420 0x1728 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
20:23:55.0453 0x1728 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
20:23:55.0467 0x1728 [ Global ] - ok
20:23:55.0467 0x1728 ================ Scan MBR ==================================
20:23:55.0474 0x1728 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:23:55.0689 0x1728 \Device\Harddisk0\DR0 - ok
20:23:55.0693 0x1728 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
20:23:55.0740 0x1728 \Device\Harddisk1\DR1 - ok
20:23:55.0744 0x1728 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
20:23:55.0962 0x1728 \Device\Harddisk2\DR2 - ok
20:23:56.0003 0x1728 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk3\DR3
20:23:56.0075 0x1728 \Device\Harddisk3\DR3 - ok
20:23:56.0076 0x1728 ================ Scan VBR ==================================
20:23:56.0079 0x1728 [ A93483D0475AA8763BE036BC0FAACB8B ] \Device\Harddisk0\DR0\Partition1
20:23:56.0082 0x1728 \Device\Harddisk0\DR0\Partition1 - ok
20:23:56.0086 0x1728 [ 49E99C5F3C18F0658C4AB54E0674EF77 ] \Device\Harddisk0\DR0\Partition2
20:23:56.0087 0x1728 \Device\Harddisk0\DR0\Partition2 - ok
20:23:56.0092 0x1728 [ 14E2730568F53B714E23FA5FF6F2A0F2 ] \Device\Harddisk1\DR1\Partition1
20:23:56.0092 0x1728 \Device\Harddisk1\DR1\Partition1 - ok
20:23:56.0096 0x1728 [ 10DD16D0CB4A4FEB7E83F15FD2BDD0B6 ] \Device\Harddisk2\DR2\Partition1
20:23:56.0192 0x1728 \Device\Harddisk2\DR2\Partition1 - ok
20:23:56.0196 0x1728 [ 8D6417DD274E81988A5E7EDB1E547E8E ] \Device\Harddisk3\DR3\Partition1
20:23:56.0230 0x1728 \Device\Harddisk3\DR3\Partition1 - ok
20:23:56.0230 0x1728 ================ Scan generic autorun ======================
20:23:56.0230 0x1728 Nvtmru - ok
20:23:56.0237 0x1728 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
20:23:56.0262 0x1728 ShadowPlay - ok
20:23:56.0335 0x1728 [ ED43758BF94B8A5221D69F1B7F63F13D, F6E7418823E45085F4D4F50DD25A55ED517C0A335C6C2F69A1139B30677D3DA9 ] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
20:23:56.0366 0x1728 XboxStat - ok
20:23:56.0478 0x1728 [ 436A83E5555A8449B9BFBE1AAB314654, DE956310B2EF80B43399E63E309E659018879942EBBA5063B9A366C2314E8158 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
20:23:56.0541 0x1728 NvBackend - ok
20:23:56.0673 0x1728 [ 74693E8465ACA1A57BEF1BC29C1E1BCE, 9DD001203AD92BEFA93A2A623BDC9741DB7937C78C5CC42B7E3E3DB45309D263 ] C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
20:23:56.0752 0x1728 KeePass 2 PreLoad - detected UnsignedFile.Multi.Generic ( 1 )
20:23:56.0752 0x1728 KeePass 2 PreLoad ( UnsignedFile.Multi.Generic ) - warning
20:23:56.0752 0x1728 Force sending object to P2P due to detect: C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
20:23:59.0270 0x1728 Object send P2P result: true
20:24:01.0715 0x1728 [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
20:24:01.0750 0x1728 Adobe ARM - ok
20:24:01.0836 0x1728 [ 94A4D6915D4F572309DF6137E1846528, E46BDF83CAA6683AA655DBA3D2C8DC7AC06251E952466A20CFDA3A16B1840455 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
20:24:01.0851 0x1728 APSDaemon - ok
20:24:02.0032 0x1728 [ 5CA0EB9538C6ACEBDC3593FC53527B9D, 35AC60899254C7414FF42BCDA4165FB58F6369BD5EDCAC24EBB1B5A095664CAC ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
20:24:02.0132 0x1728 AvastUI.exe - ok
20:24:02.0231 0x1728 [ 247FD3171B3E08CFCC8ACB540818CA15, 7F1195A40187C04CEE532B258421A3422AACA16BE54FD55F12966DC00FDBDCC4 ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
20:24:02.0256 0x1728 IJNetworkScannerSelectorEX - ok
20:24:02.0307 0x1728 [ D2E3E6D94A9E1CFA1561D9C748136FD0, C8CD851F1872086D18A329B47C7DEFAD2CE2E3A8F4321411247D06D07B2DB1D3 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
20:24:02.0324 0x1728 iTunesHelper - ok
20:24:02.0492 0x1728 [ DFCD94101C5AAE5BDE2F662A60E725EA, ACEF94E75342AE8328C21555B2D640FA80F0110ED0BDE1CB4D3188A8AE9F600F ] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
20:24:02.0533 0x1728 CanonQuickMenu - ok
20:24:02.0624 0x1728 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:24:02.0693 0x1728 Sidebar - ok
20:24:02.0712 0x1728 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:24:02.0735 0x1728 mctadmin - ok
20:24:02.0765 0x1728 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:24:02.0809 0x1728 Sidebar - ok
20:24:02.0815 0x1728 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:24:02.0837 0x1728 mctadmin - ok
20:24:03.0365 0x1728 [ 6C2C2CB70A9DD61A12E8D60BBC05368B, 691A81AED6DA0D60CF0C7DE7546BBE0A61109FB9AB755BE45FCF8EFA5CA06E06 ] C:\Program Files (x86)\ownCloud Client\owncloud.exe
20:24:03.0986 0x1728 ownCloud - detected UnsignedFile.Multi.Generic ( 1 )
20:24:03.0986 0x1728 ownCloud ( UnsignedFile.Multi.Generic ) - warning
20:24:06.0497 0x1728 [ A5FCD42334CCC682DA1882A54338686C, 74C8B614672D1A7F0889243056EA4B3E03B5F66DFDFEFF5DD6CC17DBE088D18F ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
20:24:06.0543 0x1728 GoogleChromeAutoLaunch_8265D6534E6C32D01005D7D3455D029D - ok
20:24:06.0607 0x1728 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:24:06.0652 0x1728 Sidebar - ok
20:24:06.0667 0x1728 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:24:06.0689 0x1728 mctadmin - ok
20:24:06.0723 0x1728 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2018.391 ), 0x41000 ( enabled : updated )
20:24:06.0727 0x1728 Win FW state via NFP2: enabled
20:24:09.0086 0x1728 ============================================================
20:24:09.0086 0x1728 Scan finished
20:24:09.0086 0x1728 ============================================================
20:24:09.0098 0x1f38 Detected object count: 9
20:24:09.0098 0x1f38 Actual detected object count: 9
20:31:25.0393 0x1f38 ATITool ( UnsignedFile.Multi.Generic ) - skipped by user
20:31:25.0393 0x1f38 ATITool ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:31:25.0395 0x1f38 bgsvcgen ( UnsignedFile.Multi.Generic ) - skipped by user
20:31:25.0396 0x1f38 bgsvcgen ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:31:25.0397 0x1f38 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:31:25.0397 0x1f38 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:31:25.0399 0x1f38 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:31:25.0399 0x1f38 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:31:25.0400 0x1f38 CTAudSvcService ( UnsignedFile.Multi.Generic ) - skipped by user
20:31:25.0401 0x1f38 CTAudSvcService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:31:25.0402 0x1f38 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
20:31:25.0402 0x1f38 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:31:25.0404 0x1f38 UsbClientService ( UnsignedFile.Multi.Generic ) - skipped by user
20:31:25.0404 0x1f38 UsbClientService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:31:25.0405 0x1f38 KeePass 2 PreLoad ( UnsignedFile.Multi.Generic ) - skipped by user
20:31:25.0405 0x1f38 KeePass 2 PreLoad ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:31:25.0407 0x1f38 ownCloud ( UnsignedFile.Multi.Generic ) - skipped by user
20:31:25.0407 0x1f38 ownCloud ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:31:44.0992 0x065c Deinitialize success
|
|
24.06.2014, 13:20
| #7 |
| /// the machine /// TB-Ausbilder | User wangzhisong unter c:\users\ Scan mit Combofix
Downloade dir bitte Farbar's MiniToolBox auf deinen Desktop und starte das Tool Setze einen Haken bei folgenden Einträgen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
24.06.2014, 14:09
| #8 |
| | User wangzhisong unter c:\users\ Combofix.txt Code:
ATTFilter ComboFix 14-06-24.01 - Matthias 24.06.2014 14:33:11.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.8191.5430 [GMT 2:00]
ausgeführt von:: c:\users\Matthias\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\ownCloud Client\owncloud.exe
c:\users\Matthias\AppData\Local\assembly\tmp
c:\users\Matthias\AppData\Roaming\poclbm
c:\users\Matthias\AppData\Roaming\poclbm\poclbm.ini
c:\windows\IsUn0407.exe
c:\windows\SysWow64\SET15AB.tmp
c:\windows\SysWow64\SET79CC.tmp
c:\windows\SysWow64\SET87D6.tmp
c:\windows\SysWow64\SETACD.tmp
c:\windows\SysWow64\SETD52B.tmp
c:\windows\SysWow64\SETEB33.tmp
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-05-24 bis 2014-06-24 ))))))))))))))))))))))))))))))
.
.
2014-06-24 12:43 . 2014-06-24 12:43 -------- d-----w- c:\users\test\AppData\Local\temp
2014-06-24 12:43 . 2014-06-24 12:43 -------- d-----w- c:\users\DefaultAppPool\AppData\Local\temp
2014-06-24 12:43 . 2014-06-24 12:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-06-24 06:39 . 2014-06-17 00:57 10779000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1A20A8CE-1E3B-4993-B39C-B0AAEB2B7345}\mpengine.dll
2014-06-23 17:52 . 2014-06-23 18:19 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-06-23 17:52 . 2014-06-23 17:52 128728 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-06-23 17:50 . 2014-06-23 17:51 92888 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-06-22 20:42 . 2014-06-22 20:46 -------- d-----w- C:\FRST
2014-06-22 14:38 . 2014-06-22 14:38 -------- d-----w- C:\SymCache
2014-06-22 14:30 . 2014-06-22 14:42 -------- d-----w- C:\log
2014-06-22 14:03 . 2014-06-22 14:03 -------- d-----w- c:\program files (x86)\Windows Kits
2014-06-22 14:02 . 2014-06-22 14:03 -------- d-----w- c:\programdata\Package Cache
2014-06-22 13:48 . 2014-05-19 23:10 601432 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2014-06-22 13:48 . 2014-05-14 23:49 3774821 ----a-w- c:\windows\system32\nvcoproc.bin
2014-06-22 13:33 . 2014-05-29 23:07 1291232 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2014-06-22 13:33 . 2014-05-29 23:07 1715176 ----a-w- c:\windows\system32\nvspbridge64.dll
2014-06-22 13:31 . 2014-03-31 16:42 40392 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2014-06-22 13:31 . 2014-03-31 16:42 34760 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2014-06-21 11:41 . 2014-06-21 13:09 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2014-06-21 11:08 . 2014-06-21 11:08 -------- d-----w- c:\program files\iPod
2014-06-21 11:08 . 2014-06-21 11:08 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-21 11:08 . 2014-06-21 11:08 -------- d-----w- c:\program files\iTunes
2014-06-21 11:08 . 2014-06-21 11:08 -------- d-----w- c:\program files (x86)\iTunes
2014-06-21 10:57 . 2014-03-25 02:43 14175744 ----a-w- c:\windows\system32\shell32.dll
2014-06-21 10:57 . 2014-04-25 02:34 801280 ----a-w- c:\windows\system32\usp10.dll
2014-06-21 10:57 . 2014-04-25 02:06 626688 ----a-w- c:\windows\SysWow64\usp10.dll
2014-06-21 10:53 . 2014-04-12 02:19 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-06-21 10:52 . 2014-06-08 09:13 506368 ----a-w- c:\windows\system32\aepdu.dll
2014-06-21 10:52 . 2014-06-08 09:08 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-06-21 10:33 . 2014-06-24 12:09 -------- d-----w- c:\users\Matthias\AppData\Roaming\DropboxMaster
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-21 16:06 . 2012-04-05 06:41 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-21 16:06 . 2011-06-01 21:44 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-06-21 10:38 . 2013-03-29 08:48 1039096 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-06-21 10:38 . 2013-03-29 08:49 423240 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-06-21 10:38 . 2014-01-11 11:43 85328 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-06-01 15:17 . 2010-01-27 13:05 95414520 ----a-w- c:\windows\system32\MRT.exe
2014-05-29 23:07 . 2013-10-28 21:12 1122312 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-05-29 23:07 . 2013-10-28 21:12 1279480 ----a-w- c:\windows\system32\nvspcap64.dll
2014-05-20 02:44 . 2013-09-28 11:54 61216 ----a-w- c:\windows\system32\OpenCL.dll
2014-05-20 02:44 . 2013-09-28 11:54 52056 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-05-20 02:44 . 2013-09-28 11:51 18531568 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-05-20 02:44 . 2013-09-28 11:51 3109248 ----a-w- c:\windows\system32\nvapi64.dll
2014-05-20 02:44 . 2013-09-28 11:51 2730208 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-05-20 02:44 . 2013-08-27 06:53 14434704 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-05-20 01:25 . 2013-09-28 11:55 3514144 ----a-w- c:\windows\system32\nvsvc64.dll
2014-05-20 01:25 . 2013-09-28 11:55 6769096 ----a-w- c:\windows\system32\nvcpl.dll
2014-05-20 01:25 . 2013-09-28 11:55 927520 ----a-w- c:\windows\system32\nvvsvc.exe
2014-05-20 01:25 . 2013-09-28 11:55 62808 ----a-w- c:\windows\system32\nvshext.dll
2014-05-20 01:25 . 2013-09-28 11:55 2560968 ----a-w- c:\windows\system32\nvsvcr.dll
2014-05-20 01:25 . 2013-09-28 11:55 387528 ----a-w- c:\windows\system32\nvmctray.dll
2014-05-04 16:32 . 2014-05-04 16:32 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-05-04 16:32 . 2013-03-29 08:48 208416 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-05-04 16:32 . 2013-03-29 08:48 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-05-04 16:32 . 2013-03-29 08:48 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-05-04 16:32 . 2013-03-29 08:48 334648 ----a-w- c:\windows\system32\aswBoot.exe
2014-05-04 16:32 . 2014-05-04 16:32 43152 ----a-w- c:\windows\avastSS.scr
2014-05-04 16:32 . 2013-03-29 08:48 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-03-31 20:46 . 2014-03-31 20:46 130712 ----a-w- c:\windows\SysWow64\MSSTDFMT.DLL
2014-03-31 20:46 . 2014-03-31 20:46 1070232 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX
2014-03-31 16:42 . 2013-09-28 11:51 37320 ----a-w- c:\windows\system32\nvaudcap64v.dll
2014-03-31 07:35 . 2010-01-27 08:51 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-03-26 17:01 . 2014-04-22 20:35 254240 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2014-03-26 17:00 . 2014-04-22 20:35 128288 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2014-03-26 17:00 . 2014-03-26 17:00 156448 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2014-03-26 17:00 . 2014-03-26 17:00 141600 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2014-03-26 16:58 . 2014-03-26 16:58 204064 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
2006-05-03 11:06 163328 --sha-r- c:\windows\SysWOW64\flvDX.dll
2007-02-21 12:47 31232 --sha-r- c:\windows\SysWOW64\msfDX.dll
2008-03-16 14:30 216064 --sha-r- c:\windows\SysWOW64\nbDX.dll
2010-01-06 23:00 107520 --sha-r- c:\windows\SysWOW64\TAKDSDecoder.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_8265D6534E6C32D01005D7D3455D029D"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2014-06-05 860488]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"KeePass 2 PreLoad"="c:\program files (x86)\KeePass Password Safe 2\KeePass.exe" [2011-10-19 1807360]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-02-05 43848]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-06-21 3890208]
"IJNetworkScannerSelectorEX"="c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2012-08-31 452272]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-05-26 152392]
"CanonQuickMenu"="c:\program files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" [2013-07-23 1282632]
.
c:\users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Matthias\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-5-20 33322312]
EvernoteClipper.lnk - c:\program files (x86)\Evernote\Evernote\EvernoteClipper.exe [2013-10-22 1103712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
R1 Uim_VIM;UIM Virtual Image Plugin;c:\windows\system32\Drivers\uim_vimx64.sys;c:\windows\SYSNATIVE\Drivers\uim_vimx64.sys [x]
R1 UserPort;UserPort;c:\windows\System32\Drivers\UserPort.sys;c:\windows\SYSNATIVE\Drivers\UserPort.sys [x]
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys;c:\windows\SYSNATIVE\Drivers\androidusb.sys [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 DbusAudio;DbusAudio;c:\windows\system32\drivers\DbusAudio.sys;c:\windows\SYSNATIVE\drivers\DbusAudio.sys [x]
R3 DLPortIO;DriverLINX Port I/O Driver;c:\windows\system32\DRIVERS\DLPortIO.SYS;c:\windows\SYSNATIVE\DRIVERS\DLPortIO.SYS [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 InputFilter_Hid_FlexDef2b;Siliten HID Devices(FlexDef2b) Driver Service;c:\windows\system32\DRIVERS\InputFilter_FlexDef2b.sys;c:\windows\SYSNATIVE\DRIVERS\InputFilter_FlexDef2b.sys [x]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 PciPPorts;PCI ECP Parallel Port;c:\windows\system32\DRIVERS\PciPPorts.sys;c:\windows\SYSNATIVE\DRIVERS\PciPPorts.sys [x]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_amd64.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf_amd64.sys [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys;c:\windows\SYSNATIVE\Drivers\VBoxUSB.sys [x]
R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys;c:\windows\SYSNATIVE\drivers\WsAudio_DeviceS(1).sys [x]
R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys;c:\windows\SYSNATIVE\drivers\WsAudio_DeviceS(2).sys [x]
R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys;c:\windows\SYSNATIVE\drivers\WsAudio_DeviceS(3).sys [x]
R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys;c:\windows\SYSNATIVE\drivers\WsAudio_DeviceS(4).sys [x]
R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys;c:\windows\SYSNATIVE\drivers\WsAudio_DeviceS(5).sys [x]
R4 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258);c:\windows\system32\DRIVERS\tdrpm258.sys;c:\windows\SYSNATIVE\DRIVERS\tdrpm258.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 AAV UpdateService;AAV UpdateService;c:\program files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe;c:\program files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys;c:\windows\SYSNATIVE\drivers\cpuz135_x64.sys [x]
S2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
S2 SgtSch2Svc;Seagate Scheduler2 Service;c:\program files (x86)\Common Files\Seagate\Schedule2\schedul2.exe;c:\program files (x86)\Common Files\Seagate\Schedule2\schedul2.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 UsbClientService;UsbClientService;c:\program files (x86)\Synology\Assistant\UsbClientService.exe;c:\program files (x86)\Synology\Assistant\UsbClientService.exe [x]
S3 busenum;Synology Virtual USB Hub;c:\windows\system32\DRIVERS\busenum.sys;c:\windows\SYSNATIVE\DRIVERS\busenum.sys [x]
S3 nvoclk64;NVIDIA Enthusiasts Platform KDM;c:\windows\system32\DRIVERS\nvoclk64.sys;c:\windows\SYSNATIVE\DRIVERS\nvoclk64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-21 10:29 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-06-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 16:06]
.
2014-06-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-05 16:21]
.
2014-06-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-05 16:21]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-05-04 16:32 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Matthias\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-05-29 1279480]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-10-01 825184]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-05-29 2352072]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files (x86)\Stardock\Fences\FencesMenu64.dll" [2010-06-22 253288]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = localhost;127.0.0.1;<local>
IE: Auswahl speichern - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
IE: Bild ausschneiden - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
IE: Diese Seite ausschneiden - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
IE: Free YouTube to Mp3 Converter - c:\users\Matthias\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Neue Notiz - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html
IE: URL notieren - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-ownCloud - c:\program files (x86)\ownCloud Client\owncloud.exe
c:\users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ownCloud.lnk - c:\program files (x86)\ownCloud Client\owncloud.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
ShellIconOverlayIdentifiers-{AEB16659-2125-4ADA-A4AB-45EE21E86469} - (no file)
ShellIconOverlayIdentifiers-{48AB5ADA-36B1-4137-99C9-2BD97F8788AB} - (no file)
ShellIconOverlayIdentifiers-{472CE1AD-5D53-4BCF-A1FB-3982A5F55138} - (no file)
HKLM-Run-Nvtmru - c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
AddRemove-Baldur's Gate - c:\windows\IsUn0407.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2898869 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2901126 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2931368 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_125_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_125_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_125_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_125_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_125.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_125.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_125.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_125.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}]
@Denied: (A) (Everyone)
"Solution"="{36eb6792-3a29-43b3-8cd0-f67d266fb426}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane\0]
"Key"="ActionsPane"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\8.0\\ActionsPane.xsd"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-06-24 14:46:40
ComboFix-quarantined-files.txt 2014-06-24 12:46
.
Vor Suchlauf: 21 Verzeichnis(se), 143.893.028.864 Bytes frei
Nach Suchlauf: 26 Verzeichnis(se), 144.385.703.936 Bytes frei
.
- - End Of File - - 7B31F149B310842EAF27F955CC80E556
A36C5E4F47E84449FF07ED3517B43A31
Result.txt Code:
ATTFilter MiniToolBox by Farbar Version: 20-06-2014
Ran by Matthias (administrator) on 24-06-2014 at 14:54:25
Running from "C:\Users\Matthias\Desktop"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
========================= Flush DNS: ===================================
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
ProxyServer: :0
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= FF Proxy Settings: ==============================
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
========================= Hosts content: =================================
127.0.0.1 localhost
========================= IP Configuration: ================================
Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller = LAN-Verbindung (Connected)
VirtualBox Host-Only Ethernet Adapter = VirtualBox Host-Only Network (Connected)
Realtek PCI GBE Family Controller = LAN-Verbindung 3 (Media disconnected)
# ----------------------------------
# IPv4-Konfiguration
# ----------------------------------
pushd interface ipv4
reset
set global icmpredirects=enabled
add route prefix=169.254.0.0/16 interface="iftype0_0" nexthop=192.168.1.21 metric=1 publish=Ja
add route prefix=169.254.0.0/16 interface="iftype0_0" nexthop=192.168.56.1 metric=1 publish=Ja
add route prefix=169.254.0.0/16 interface="iftype0_0" nexthop=192.168.178.21 metric=1 publish=Ja
add address name="LAN-Verbindung* 15" address=192.168.56.1 mask=255.255.255.0
add address name="VirtualBox Host-Only Network" address=192.168.56.1 mask=255.255.255.0
add neighbor interface="LAN-Verbindung" address=192.168.11.1 neighbor="20-aa-bb-cc-dd-20"
popd
# Ende der IPv4-Konfiguration
Windows-IP-Konfiguration
Hostname . . . . . . . . . . . . : Matthias-PC
Prim„res DNS-Suffix . . . . . . . :
Knotentyp . . . . . . . . . . . . : Gemischt
IP-Routing aktiviert . . . . . . : Nein
WINS-Proxy aktiviert . . . . . . : Nein
DNS-Suffixsuchliste . . . . . . . : fritz.box
Ethernet-Adapter LAN-Verbindung 3:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Realtek PCI GBE Family Controller
Physikalische Adresse . . . . . . : 10-FE-ED-03-E9-00
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja
Ethernet-Adapter LAN-Verbindung:
Verbindungsspezifisches DNS-Suffix: fritz.box
Beschreibung. . . . . . . . . . . : Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller
Physikalische Adresse . . . . . . : 00-22-15-F3-20-99
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja
Verbindungslokale IPv6-Adresse . : fe80::545b:22d7:8d47:d35a%10(Bevorzugt)
IPv4-Adresse . . . . . . . . . . : 192.168.178.21(Bevorzugt)
Subnetzmaske . . . . . . . . . . : 255.255.255.0
Lease erhalten. . . . . . . . . . : Dienstag, 24. Juni 2014 14:48:46
Lease l„uft ab. . . . . . . . . . : Freitag, 4. Juli 2014 14:48:45
Standardgateway . . . . . . . . . : 192.168.178.1
DHCP-Server . . . . . . . . . . . : 192.168.178.1
DHCPv6-IAID . . . . . . . . . . . : 234889749
DHCPv6-Client-DUID. . . . . . . . : 00-01-00-01-12-F0-93-30-00-22-15-F3-20-99
DNS-Server . . . . . . . . . . . : 192.168.178.1
NetBIOS ber TCP/IP . . . . . . . : Aktiviert
Ethernet-Adapter VirtualBox Host-Only Network:
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : VirtualBox Host-Only Ethernet Adapter
Physikalische Adresse . . . . . . : 08-00-27-00-F0-21
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Verbindungslokale IPv6-Adresse . : fe80::3142:bbba:e27f:8bc0%33(Bevorzugt)
IPv4-Adresse . . . . . . . . . . : 192.168.56.1(Bevorzugt)
Subnetzmaske . . . . . . . . . . : 255.255.255.0
Standardgateway . . . . . . . . . :
DHCPv6-IAID . . . . . . . . . . . : 369623079
DHCPv6-Client-DUID. . . . . . . . : 00-01-00-01-12-F0-93-30-00-22-15-F3-20-99
DNS-Server . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS ber TCP/IP . . . . . . . : Aktiviert
Tunneladapter isatap.fritz.box:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix: fritz.box
Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter LAN-Verbindung* 3:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter Reusable ISATAP Interface {B20BB8DD-36F9-46CB-A786-83364BC28415}:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter #2
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter isatap.{532C7657-9B24-44FC-B541-898BF5060DA4}:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter #3
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Server: fritz.box
Address: 192.168.178.1
Name: google.com
Addresses: 2a00:1450:4001:80f::100e
173.194.116.206
173.194.116.200
173.194.116.194
173.194.116.192
173.194.116.198
173.194.116.195
173.194.116.201
173.194.116.199
173.194.116.197
173.194.116.196
173.194.116.193
Ping wird ausgefhrt fr google.com [173.194.116.206] mit 32 Bytes Daten:
Antwort von 173.194.116.206: Bytes=32 Zeit=30ms TTL=56
Antwort von 173.194.116.206: Bytes=32 Zeit=29ms TTL=56
Ping-Statistik fr 173.194.116.206:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 29ms, Maximum = 30ms, Mittelwert = 29ms
Server: fritz.box
Address: 192.168.178.1
Name: yahoo.com
Addresses: 206.190.36.45
98.139.183.24
98.138.253.109
Ping wird ausgefhrt fr yahoo.com [206.190.36.45] mit 32 Bytes Daten:
Antwort von 206.190.36.45: Bytes=32 Zeit=201ms TTL=48
Antwort von 206.190.36.45: Bytes=32 Zeit=206ms TTL=48
Ping-Statistik fr 206.190.36.45:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 201ms, Maximum = 206ms, Mittelwert = 203ms
Ping wird ausgefhrt fr 127.0.0.1 mit 32 Bytes Daten:
Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128
Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128
Ping-Statistik fr 127.0.0.1:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 0ms, Maximum = 0ms, Mittelwert = 0ms
===========================================================================
Schnittstellenliste
21...10 fe ed 03 e9 00 ......Realtek PCI GBE Family Controller
10...00 22 15 f3 20 99 ......Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller
33...08 00 27 00 f0 21 ......VirtualBox Host-Only Ethernet Adapter
1...........................Software Loopback Interface 1
24...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
25...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter #2
26...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter #3
===========================================================================
IPv4-Routentabelle
===========================================================================
Aktive Routen:
Netzwerkziel Netzwerkmaske Gateway Schnittstelle Metrik
0.0.0.0 0.0.0.0 192.168.178.1 192.168.178.21 10
127.0.0.0 255.0.0.0 Auf Verbindung 127.0.0.1 306
127.0.0.1 255.255.255.255 Auf Verbindung 127.0.0.1 306
127.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 306
169.254.0.0 255.255.0.0 Auf Verbindung 192.168.56.1 21
169.254.0.0 255.255.0.0 Auf Verbindung 192.168.178.21 11
169.254.255.255 255.255.255.255 Auf Verbindung 192.168.56.1 276
169.254.255.255 255.255.255.255 Auf Verbindung 192.168.178.21 266
192.168.56.0 255.255.255.0 Auf Verbindung 192.168.56.1 276
192.168.56.1 255.255.255.255 Auf Verbindung 192.168.56.1 276
192.168.56.255 255.255.255.255 Auf Verbindung 192.168.56.1 276
192.168.178.0 255.255.255.0 Auf Verbindung 192.168.178.21 266
192.168.178.21 255.255.255.255 Auf Verbindung 192.168.178.21 266
192.168.178.255 255.255.255.255 Auf Verbindung 192.168.178.21 266
224.0.0.0 240.0.0.0 Auf Verbindung 127.0.0.1 306
224.0.0.0 240.0.0.0 Auf Verbindung 192.168.56.1 276
224.0.0.0 240.0.0.0 Auf Verbindung 192.168.178.21 266
255.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 306
255.255.255.255 255.255.255.255 Auf Verbindung 192.168.56.1 276
255.255.255.255 255.255.255.255 Auf Verbindung 192.168.178.21 266
===========================================================================
St„ndige Routen:
Netzwerkadresse Netzmaske Gatewayadresse Metrik
169.254.0.0 255.255.0.0 192.168.1.21 1
169.254.0.0 255.255.0.0 192.168.56.1 1
169.254.0.0 255.255.0.0 192.168.178.21 1
===========================================================================
IPv6-Routentabelle
===========================================================================
Aktive Routen:
If Metrik Netzwerkziel Gateway
1 306 ::1/128 Auf Verbindung
33 276 fe80::/64 Auf Verbindung
10 266 fe80::/64 Auf Verbindung
33 276 fe80::3142:bbba:e27f:8bc0/128
Auf Verbindung
10 266 fe80::545b:22d7:8d47:d35a/128
Auf Verbindung
1 306 ff00::/8 Auf Verbindung
33 276 ff00::/8 Auf Verbindung
10 266 ff00::/8 Auf Verbindung
===========================================================================
St„ndige Routen:
Keine
========================= Winsock entries =====================================
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
========================= Event log errors: ===============================
Application errors:
==================
Error: (06/24/2014 02:27:53 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (06/24/2014 11:09:50 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error: (06/22/2014 06:13:28 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error: (06/22/2014 05:39:06 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
Error: (06/22/2014 05:39:06 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
Error: (06/22/2014 05:39:06 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
Error: (06/22/2014 03:35:07 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: nvtray.exe, Version: 7.17.13.2078, Zeitstempel: 0x52054387
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000001926d
ID des fehlerhaften Prozesses: 0xef0
Startzeit der fehlerhaften Anwendung: 0xnvtray.exe0
Pfad der fehlerhaften Anwendung: nvtray.exe1
Pfad des fehlerhaften Moduls: nvtray.exe2
Berichtskennung: nvtray.exe3
Error: (06/22/2014 03:34:36 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: nvtray.exe, Version: 7.17.13.2078, Zeitstempel: 0x52054387
Name des fehlerhaften Moduls: NvGFTrayPlugin.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x5387b942
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000007fee5305751
ID des fehlerhaften Prozesses: 0xef0
Startzeit der fehlerhaften Anwendung: 0xnvtray.exe0
Pfad der fehlerhaften Anwendung: nvtray.exe1
Pfad des fehlerhaften Moduls: nvtray.exe2
Berichtskennung: nvtray.exe3
Error: (06/22/2014 03:30:31 PM) (Source: Microsoft-Windows-RestartManager) (User: Matthias-PC)
Description: Die Anwendung oder der Dienst "SynoDrService" konnte nicht neu gestartet werden.
Error: (06/21/2014 01:26:58 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.
System errors:
=============
Error: (06/24/2014 02:48:54 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
UimBus
Uim_IM
Uim_VIM
UserPort
Error: (06/24/2014 02:48:47 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Aspi32" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (06/24/2014 02:48:47 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\Aspi32.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (06/24/2014 02:48:26 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\UserPort.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (06/24/2014 02:48:26 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\cdrbsdrv.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (06/24/2014 02:43:05 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (06/24/2014 02:42:19 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\ComboFix\catchme.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (06/24/2014 02:41:44 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "UsbClientService" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 200 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/24/2014 02:40:13 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "UsbClientService" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 200 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/24/2014 02:38:08 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Microsoft Office Sessions:
=========================
Error: (02/21/2012 07:56:56 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 25 seconds with 0 seconds of active time. This session ended with a crash.
Error: (06/29/2011 09:35:15 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 2100 seconds with 0 seconds of active time. This session ended with a crash.
Error: (06/29/2011 09:00:08 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 8933 seconds with 120 seconds of active time. This session ended with a crash.
Error: (05/01/2010 09:47:30 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 838 seconds with 0 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2014-06-24 14:48:37.936
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-06-24 14:48:37.608
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-06-24 14:42:19.189
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-06-24 14:42:18.868
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-06-24 13:59:46.028
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-06-24 13:59:45.684
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-06-24 10:34:57.347
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-06-24 10:34:57.113
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-06-24 08:09:43.503
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-06-24 08:09:43.269
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
=========================== Installed Programs ============================
7-Zip 4.65 (HKLM-x32\...\7-Zip) (Version: - )
7-Zip 9.20 (HKLM-x32\...\{23170F69-40C1-2701-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
AC3Filter 1.63b (HKLM-x32\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\{1F5E5F2E-5E61-431D-B796-58CCC6B68E28}) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\{C4B32291-F7B2-4BEC-BA4D-4195676A08CC}) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
AFPL Ghostscript 8.54 (HKLM-x32\...\AFPL Ghostscript 8.54) (Version: - )
AFPL Ghostscript Fonts (HKLM-x32\...\AFPL Ghostscript Fonts) (Version: - )
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Any Video Converter 3.0.5 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 2009 (HKLM-x32\...\Ashampoo Burning Studio 2009_is1) (Version: 8.0.4 - ashampoo GmbH & Co. KG)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.03 - Ubisoft)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
ATITool Overclocking Utility (HKLM-x32\...\ATITool) (Version: 0.26 - )
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber Deutschland)
Audiograbber Lame-MP3-Plugin (HKLM-x32\...\Audiograbber-Lame) (Version: 1.0 - AG)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2018 - Avast Software)
Aximer (HKLM-x32\...\{B8FD3F68-1741-4147-97F6-AFB0961050EE}) (Version: 1.0.0 - Sohaib aerospace)
Baldur's Gate (HKLM-x32\...\Baldur's Gate) (Version: - )
Baldur's Gate Enhanced Edition (HKLM-x32\...\Baldur's Gate Enhanced Edition) (Version: 0.2.6.2 - Beamdog)
Bitcoin (HKCU\...\Bitcoin) (Version: 0.3.24 - Bitcoin project)
BlackArmor Backup (HKLM-x32\...\{9DF6EC22-733E-4EDC-AC88-54CAD4BF4E7B}) (Version: 12.1.9819 - Seagate)
Blu-ray Copy 1.0.38 (HKLM-x32\...\{EE56B531-B655-4afa-9664-0C0970E5798B}_is1) (Version: - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)
Canon MX920 series Benutzerregistrierung (HKLM-x32\...\Canon MX920 series Benutzerregistrierung) (Version: - ?Canon Inc.)
Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.)
Canon MX920 series On-screen Manual (HKLM-x32\...\Canon MX920 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.3.0 - Canon Inc.)
Captcha Brotherhood (HKLM-x32\...\{CCD438F0-5D72-4945-9E72-6560C7E5E0D0}) (Version: 1.1.9 - Brotherhood Software)
Carbon (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP)
Codec Pack - All In 1 6.0.3.0 (HKLM-x32\...\Cool's_Codec_pack_4.12) (Version: - )
ConTEXT v0.98.6 (HKLM-x32\...\{73E0D3A0-9C30-4F59-ABBF-6233686FB396}_is1) (Version: - ConTEXT Project Ltd)
CPUID HWMonitor 1.18 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.41 - Creative Technology Limited)
Creative Audio-Systemsteuerung (HKLM-x32\...\AudioCS) (Version: 2.56 - Creative Technology Limited)
Creative MediaSource 5 (HKLM-x32\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.26 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: - )
Creative WaveStudio 7 (HKLM-x32\...\WaveStudio 7) (Version: 7.12 - Creative Technology Limited)
CrypTool 1.4.30 (HKLM-x32\...\CrypTool) (Version: 1.4.30 - )
CrypTool 2.0 (Beta 10 - Build 5751.1) (HKLM\...\CrypTool 2) (Version: 2.0.5751.1 - University of Kassel (Applied Information Security Group))
CrystalDiskInfo 4.6.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 4.6.0 - Crystal Dew World)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dangerous Waters (HKLM-x32\...\{C3BEB0E3-FE9F-4B47-A471-02E185FAC51E}) (Version: - )
Divinity II - Ego Draconis (HKLM-x32\...\Divinity II - Ego Draconis_is1) (Version: - dtp)
Drakensang - Am Fluss der Zeit (HKLM-x32\...\Drakensang_TRoT_is1) (Version: - dtp)
Drakensang (HKLM-x32\...\Drakensang_is1) (Version: - dtp)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Evernote v. 5.0.3 (HKLM-x32\...\{32D39568-3B77-11E3-88CE-00163E98E7D0}) (Version: 5.0.3.1614 - Evernote Corp.)
Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)
Fences (HKLM-x32\...\Fences) (Version: - Stardock Corporation)
Fences (Version: 1.0 - Stardock Corporation) Hidden
ffdshow v1.3.4500 [2013-01-06] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4500.0 - )
ffdshow x64 v1.3.4500 [2013-01-06] (HKLM\...\ffdshow64_is1) (Version: 1.3.4500.0 - )
Free Audio CD Burner version 1.4 (HKLM-x32\...\Free Audio CD Burner_is1) (Version: - DVDVideoSoft Limited.)
Free YouTube to MP3 Converter version 3.10.15.1228 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: - DVDVideoSoft Ltd.)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
GnuWin32: File-5.03 (HKLM-x32\...\File-5.03_is1) (Version: 5.03 - GnuWin32)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GSiteCrawler (HKLM-x32\...\GSiteCrawler) (Version: v1.23 - SOFTplus Entwicklungen GmbH, CH-6340 Baar)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Hex-Editor MX (HKLM-x32\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
HTC Sync (HKLM-x32\...\{526B2AE8-73DF-4CE0-B140-9968677A7C93}) (Version: 3.0.5606 - HTC Corporation)
IDA Pro Free v5.0 (HKLM-x32\...\IDA Pro Free_is1) (Version: - Hex-Rays SA)
inSSIDer (HKLM-x32\...\{65A5E87D-7A3F-4819-807D-B86990D5F369}) (Version: 2.1.6 - MetaGeek)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
JLink OB CDC Driver Package (HKLM\...\{85153CE3-6356-407F-A672-C1FA085FB031}) (Version: 1.2.2 - SEGGER)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KeePass Password Safe 1.21 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.21 - Dominik Reichl)
KeePass Password Safe 2.17 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: - Dominik Reichl)
Kits Configuration Installer (x32 Version: 8.59.25584 - Microsoft) Hidden
Klever PumpKIN 2.7.3 (HKLM-x32\...\PumpKIN) (Version: 2.7.3 - Klever Group)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.8 - Thibaut Lauziere)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MediaInfo 0.7.64 (HKLM\...\MediaInfo) (Version: 0.7.64 - MediaArea.net)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft Virtual PC 2007 (HKLM\...\{8A7CAA24-7B23-410B-A7C3-F994B0944160}) (Version: 6.0.156.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60816.0 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50325 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50330 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.50325 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50325 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft_VC100_CRT_x64 (HKLM\...\{17106CA8-E65A-4D02-95BE-79AF8C698935}) (Version: 1.0.0 - Microsoft)
MiniTool Partition Wizard Home Edition 7.7 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
MKVToolNix 5.2.0 [20111203-387] (HKLM-x32\...\MKVToolNix) (Version: 5.2.0 - Moritz Bunkus)
MosChip PCI Multi-IO Controller (HKLM\...\ASIX Electronics Corporation) (Version: - )
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
Mp3tag v2.49a (HKLM-x32\...\Mp3tag) (Version: v2.49a - Florian Heidenreich)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.4 - F.J. Wechselberger)
Neverwinter Nights 2 (HKLM-x32\...\{F20C1251-1D0A-4944-B2AE-678581B33B19}) (Version: 1.00.0000 - Obsidian)
Nitro Reader 3 (HKLM\...\{4436B9BD-CA66-4D69-9091-2D2EB62F09AD}) (Version: 3.5.2.10 - Nitro)
NVIDIA 3D Vision Controller-Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Performance (HKLM-x32\...\InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}) (Version: 6.5 - NVIDIA Corporation)
NVIDIA Performance (x32 Version: 6.5 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA System Monitor (HKLM-x32\...\InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}) (Version: 6.5 - NVIDIA Corporation)
NVIDIA System Monitor (x32 Version: 6.5 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Oracle VM VirtualBox 4.3.10 (HKLM\...\{5632714F-6A48-4BF2-89E0-F8B6CE9FE6D1}) (Version: 4.3.10 - Oracle Corporation)
ownCloud (HKLM-x32\...\ownCloud) (Version: 1.5.1.2337 - ownCloud)
PCI Multi-IO Controller (HKLM\...\MosChip Technology) (Version: - )
PDF Blender (HKLM-x32\...\PDF Blender) (Version: - )
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 0.9.9 - Frank Heindörfer, Philip Chinery)
pdfforge Toolbar v4.4 (HKLM-x32\...\{BCB52F35-4C56-49F2-A3D6-FDED54B01847}) (Version: 4.4 - Spigot, Inc.)
pdfsam (HKCU\...\pdfsam) (Version: 2.2.1 - )
PonyProg v1.17h (HKLM-x32\...\PonyProg v1.17h_is1) (Version: - )
PonyProg2000 v2.06f (HKLM-x32\...\PonyProg2000_is1) (Version: 2.06f - LancOS)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: - Jan Fiala)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
QNAP Web Monitor Component (HKLM-x32\...\QNAPVioStorMonitor) (Version: - )
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
Secunia PSI (3.0.0.7011) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.7011 - Secunia)
Secure Download Manager (HKLM-x32\...\{6E839820-0BBA-4310-9D06-4463BAEA6641}) (Version: 3.1.01 - Kivuto Solutions Inc.)
SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden
SketchUp 2013 (HKLM-x32\...\{2C0777B8-E91F-45AA-976B-7EB6B40E5400}) (Version: 13.0.4812 - Trimble Navigation Limited)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spellforce 2 Gold (HKLM-x32\...\{746F49C9-3789-4F8E-AF3A-3A4B42ACFAF8}) (Version: 1.00.0000 - JoWooD Productions Software AG)
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
STEUEReasy 2011 (HKLM-x32\...\{0B3B35C8-5429-4A90-A447-D1B9ED499FE8}) (Version: 16.10 - Akademische Arbeitsgemeinschaft Verlag)
STEUEReasy 2013 (HKLM-x32\...\{4D0EAA2D-8EE2-43AB-BE00-18A1D0A9281C}) (Version: 18.09 - Wolters Kluwer Deutschland GmbH)
Steuer-Software 2012 (HKLM-x32\...\{F19178B7-F232-4E97-8511-E4D37A339E9C}) (Version: 17.08 - Wolters Kluwer Deutschland GmbH)
Steuer-Taxi 2010 (HKLM-x32\...\{9582ED80-CB4D-4350-BBB9-34CDBA20EED0}) (Version: 15.12 - Akademische Arbeitsgemeinschaft Verlag)
SUPER © v2011.build.49 (July 1st, 2011) Version v2011.build.49 (HKLM-x32\...\{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1) (Version: v2011.build.49 - eRightSoft)
Sweet Home 3D version 4.0 (HKLM-x32\...\Sweet Home 3D_is1) (Version: - eTeks)
SyncMyCal (HKLM-x32\...\{50450519-22FF-4A8D-BE8F-0161D9134892}) (Version: 2.6.270 - Synchronization Technologies Inc.)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: - )
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version: - )
TCPEye 1.0 (HKLM-x32\...\{998C9435-DAF8-4BDF-B9A5-F844B01D524C}_is1) (Version: - Free Software Relase)
TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.13989 - TeamViewer)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
The Witcher Enhanced Edition (HKLM-x32\...\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}) (Version: 1.4.5.1280 - CD Projekt Red)
TMPGEnc Authoring Works 4 (HKLM-x32\...\{B8D91F6B-803A-4579-9DAD-1377B56DC657}) (Version: 4.0.7.32 - Pegasys Inc.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
TP-LINK Wireless Client Utility (HKLM-x32\...\{1E58B969-9BB4-4012-8D8B-D06005D1CD24}) (Version: 7.0 - TP-LINK)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.0a - TrueCrypt Foundation)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B7EF38F7-1D58-4085-A9A4-0F6C69A5AA1E}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
USB/DVD-Downloadtool für Windows 7 (HKLM-x32\...\{7D6DDE45-FE2F-4D11-A7E7-BC2C2910536C}) (Version: 1.0.30 - Microsoft Corporation)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Software Development Kit (HKLM-x32\...\{363a2c1e-637f-45ce-933b-5a5463efd945}) (Version: 8.59.29750 - Microsoft Corporation)
Windows Software Development Kit EULA (x32 Version: 8.59.25584 - Microsoft Corporations) Hidden
Windows Support Tools (HKLM-x32\...\{89B078C4-50B0-453E-BF53-3A7E6A0D85FA}) (Version: 5.1.2600.2180 - Microsoft Corporation)
Windows-Treiberpaket - Segger (jlink) USB (04/11/2012 2.6.8.2) (HKLM\...\419546AE8E4244C647A348987F769803F43B9C4F) (Version: 04/11/2012 2.6.8.2 - Segger)
Windows-Treiberpaket - SEGGER (usbser) Ports (01/25/2012 6.0.2600.4) (HKLM\...\BD6BF8BBF7BE0D0091163F649A1A423B7EB9D4F1) (Version: 01/25/2012 6.0.2600.4 - SEGGER)
WinHex (HKLM-x32\...\WinHex) (Version: - )
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WPT Redistributables (x32 Version: 8.59.29750 - Microsoft) Hidden
WPTx64 (x32 Version: 8.59.29722 - Microsoft) Hidden
XMedia Recode 3.0.6.0 (HKLM-x32\...\XMedia Recode) (Version: 3.0.6.0 - Sebastian Dörfler)
XviD v1.2.0 CVS (HKLM\...\XviD MPEG-4 Video Codec_is1) (Version: - Celtic Druid)
========================= Memory info: ===================================
Percentage of memory in use: 34%
Total physical RAM: 8191.05 MB
Available physical RAM: 5360.61 MB
Total Pagefile: 16380.29 MB
Available Pagefile: 13242.4 MB
Total Virtual: 4095.88 MB
Available Virtual: 3970.36 MB
========================= Partitions: =====================================
1 Drive c: () (Fixed) (Total:596.07 GB) (Free:134.65 GB) NTFS
2 Drive e: (Matthias) (Fixed) (Total:931.51 GB) (Free:211.78 GB) NTFS
4 Drive g: (1TB) (Fixed) (Total:931.51 GB) (Free:255 GB) NTFS
========================= Users: ========================================
Benutzerkonten fr \\MATTHIAS-PC
Administrator Gast Matthias
Der Befehl wurde erfolgreich ausgefhrt.
========================= Minidump Files ==================================
No minidump file found
**** End of log ****
|
|
24.06.2014, 18:06
| #9 |
| /// the machine /// TB-Ausbilder | User wangzhisong unter c:\users\ Zeig mal nen Screenshot von dem User-Ordner, ebenso von Systemsteuerung > Benutzerkonten, die Gesamtansicht aller Konten.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
24.06.2014, 18:16
| #10 |
| | User wangzhisong unter c:\users\ Der taucht in den Benutzerkonten gar nicht auf. In dem Ordner ist auch nur das eine Verzeichnis. Danach geht es weiter mit Local -Mobogenie --Download ---APK ---Music ---Picture ---Video -Temp Dateien sind da keine drin. Ich habe diesen Benutzer aber nie angelegt. Das hat mich halt so verwundert. |
|
25.06.2014, 17:58
| #11 |
| /// the machine /// TB-Ausbilder | User wangzhisong unter c:\users\ lösche ihn. Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.06.2014, 17:36
| #12 |
| | User wangzhisong unter c:\users\ Hey, ich war die letzten Tagen im Außendienst und kann deshalb erst jetzt wieder antworten. Der Ordner ist gelöscht. Hier sind die Logs: mbam.txt Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 27.06.2014 Suchlauf-Zeit: 17:18:01 Logdatei: mbam.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.06.27.06 Rootkit Datenbank: v2014.06.23.02 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Matthias Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 381845 Verstrichene Zeit: 19 Min, 33 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 5 PUP.Optional.Spigot.A, C:\Windows\Installer\14a2802.msi, In Quarantäne, [2b473944ff7c65d17c8b652245bcb54b], PUP.Optional.Superfish.A, C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, In Quarantäne, [ff73c9b46d0eaa8c0ce27f383cc6ae52], PUP.Optional.Superfish.A, C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, In Quarantäne, [155d82fb710a77bf945ad9de2bd7d32d], PUP.Optional.MySearchDial.A, C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Preferences, Gut: (), Schlecht: ( "startup_urls": [ "hxxp://start.mysearchdial.com/?f=1&a=MSD2&cd=2XzuyEtN2Y1L1QzuyDyEtByBtC0EtDtA0A0ByD0EyE0D0DtDtN0D0Tzu0CyBzztAtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=883820068&ir=" ],), Ersetzt,[e989ea939ae1f244367408b0c4409f61] PUP.Optional.CrossRider.A, C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.crossrider.bic", "1417e07ed1d148377012d4ed65c1e87f");), Ersetzt,[4c26601d304b8ea8953f74430ef659a7] Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter # AdwCleaner v3.213 - Bericht erstellt am 27/06/2014 um 17:49:13
# Aktualisiert 23/06/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Matthias - MATTHIAS-PC
# Gestartet von : C:\Users\Matthias\Desktop\adwcleaner_3.213.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Program Files (x86)\Mobogenie
Ordner Gelöscht : C:\Windows\SysWOW64\hotspot shield
Ordner Gelöscht : C:\Users\Matthias\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Matthias\Documents\Mobogenie
Datei Gelöscht : C:\Users\Matthias\daemonprocess.txt
Datei Gelöscht : C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage
Datei Gelöscht : C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage-journal
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\Software\dt soft\daemon tools toolbar
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17126
-\\ Mozilla Firefox v30.0 (de)
[ Datei : C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\prefs.js ]
-\\ Google Chrome v35.0.1916.153
[ Datei : C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=MSD2&cd=2XzuyEtN2Y1L1QzuyDyEtByBtC0EtDtA0A0ByD0EyE0D0DtDtN0D0Tzu0CyBzztAtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=883820068&ir=
Gelöscht [Startup_urls] : hxxp://start.mysearchdial.com/?f=1&a=MSD2&cd=2XzuyEtN2Y1L1QzuyDyEtByBtC0EtDtA0A0ByD0EyE0D0DtDtN0D0Tzu0CyBzztAtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=883820068&ir=
*************************
AdwCleaner[R0].txt - [12677 octets] - [02/10/2013 20:31:59]
AdwCleaner[R1].txt - [2817 octets] - [22/06/2014 22:15:55]
AdwCleaner[R2].txt - [1953 octets] - [27/06/2014 17:47:30]
AdwCleaner[S0].txt - [12644 octets] - [02/10/2013 20:33:29]
AdwCleaner[S1].txt - [2108 octets] - [27/06/2014 17:49:13]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2168 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by Matthias on 27.06.2014 at 18:02:59,40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-2421184407-1128806621-541807395-1001\Software\Microsoft\Internet Explorer\Main\\Start Page
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\Matthias\appdata\local\{9E46F44C-A45D-4A96-A370-831D5BA33A77}
Successfully deleted: [Empty Folder] C:\Users\Matthias\appdata\local\{E906321C-3D15-4942-BCA9-69BDE6E4D6BF}
~~~ FireFox
Successfully deleted the following from C:\Users\Matthias\AppData\Roaming\mozilla\firefox\profiles\hfk0rn1h.default\prefs.js
user_pref("extensions.greasemonkey.scriptvals.mafiawars/Facebook Mafia Wars Autoplayer.itemLog", "<div class=\"logEvent updateGood Icon\"><div class=\"eventTime\">Mar 7<br>6:3
user_pref("extensions.xmarks.702f0cbf9af463be.authToken", "ODQ4YmUyMTMzYmExMDQxZjFkZDZmNjcwMTU3NzQ2ZDNlZDM4ZTU4MnsidXNlcm5hbWUiOiJibGFkZV9teiIsIl9jcmVhdGVkIjoiMjAxMjA0MDkxNjQw
Emptied folder: C:\Users\Matthias\AppData\Roaming\mozilla\firefox\profiles\hfk0rn1h.default\minidumps [9 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27.06.2014 at 18:12:41,01
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-06-2014
Ran by Matthias (administrator) on MATTHIAS-PC on 27-06-2014 18:29:29
Running from C:\Users\Matthias\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(SOURCENEXT) C:\Windows\SysWOW64\bgsvcgen.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Dropbox, Inc.) C:\Users\Matthias\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Seagate) C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1279480 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [1807360 2011-10-19] (Dominik Reichl)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-06-21] (AVAST Software)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282632 2013-07-23] (CANON INC.)
HKLM\...\Policies\Explorer: [NoInstrumentation] 0
HKU\S-1-5-21-2421184407-1128806621-541807395-1001\...\Run: [GoogleChromeAutoLaunch_8265D6534E6C32D01005D7D3455D029D] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.)
Startup: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Matthias\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: 01UnsuppModule -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => No File
ShellIconOverlayIdentifiers: 02SyncingModule -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => No File
ShellIconOverlayIdentifiers: 03SyncedModule -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => No File
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x18A0B07BF47CCB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {2E4024D0-74C4-43EE-8B3D-F083E2E5BB33} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {EF8FE9E1-718E-4F3C-B1F4-E9283E313552} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll (CANON INC.)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
DPF: HKLM-x32 {6E718D87-6909-4FCE-92D4-EDCB2F725727} hxxp://www.navigram.com/engine/v911/Navigram.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15111/CTPID.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @qnap.com/MonitorPlayer - C:\Program Files (x86)\QNAP\VioStorMonitor\npMonHost.dll ( QNAP System, Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Gutscheinrausch.de - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\2v4wj4ej.qjf [2011-07-03]
FF Extension: Flash Video Downloader - Full HD Download - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\artur.dubovoy@gmail.com [2014-06-21]
FF Extension: Xmarks - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\foxmarks@kei.com [2013-05-25]
FF Extension: LavaFox V2 - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\info@djzig.com [2014-06-21]
FF Extension: DOM Inspector - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\inspector@mozilla.org [2013-04-26]
FF Extension: KeeFox - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\keefox@chris.tomlinson [2014-06-21]
FF Extension: LastPass - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\support@lastpass.com [2014-06-21]
FF Extension: FT DeepDark - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2014-06-24]
FF Extension: DownloadHelper - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-06-21]
FF Extension: Evernote Web Clipper - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800} [2014-01-04]
FF Extension: Hide My Ass Proxy Extension - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\extension@hidemyass.com.xpi [2013-10-27]
FF Extension: Firebug - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\firebug@software.joehewitt.com.xpi [2012-01-13]
FF Extension: InspectThis - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\inspectthis@mackay.dyndns.info.xpi [2012-01-13]
FF Extension: MD5 Reborned Hasher - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\md5rehasher@phoneixs.es.xpi [2012-01-07]
FF Extension: Social Fixer - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\socialfixer@mattkruse.com.xpi [2011-11-12]
FF Extension: FlashGot - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2011-06-03]
FF Extension: Cookie Monster - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\{45d8ff86-d909-11db-9705-005056c00008}.xpi [2012-01-07]
FF Extension: CookieCuller - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\{99B98C2C-7274-45a3-A640-D9DF1A1C8460}.xpi [2012-01-03]
FF Extension: Shine Bright Skin Aero - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\{c7b3cf78-9cbc-47b9-ba47-bb84a56069dd}.xpi [2012-04-06]
FF Extension: Adblock Plus - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-03-27]
FF Extension: Greasemonkey - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-09-02]
FF Extension: User Agent Switcher - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [2012-01-14]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-03-29]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Acronis Backup and Security\Acronis Backup and Security 2010\bdtbext
Chrome:
=======
CHR HomePage: hxxp://www.tagesschau.de/
CHR StartupUrls: "hxxp://start.mysearchdial.com/?f=1&a=MSD2&cd=2XzuyEtN2Y1L1QzuyDyEtByBtC0EtDtA0A0ByD0EyE0D0DtDtN0D0Tzu0CyBzztAtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=883820068&ir="
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U11) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Nitro PDF Plug-In) - C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll No File
CHR Plugin: (Monitor Host plugin) - C:\Program Files (x86)\QNAP\VioStorMonitor\npMonHost.dll ( QNAP System, Inc)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (Google Docs) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-02-06]
CHR Extension: (Google Drive) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-02-06]
CHR Extension: (YouTube) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-02-06]
CHR Extension: (Google Cast) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-04-18]
CHR Extension: (Proxy Switchy!) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\caehdcpeofiiigpdhbabniblemipncjj [2013-10-27]
CHR Extension: (Google-Suche) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-02-06]
CHR Extension: (Send to c:geo) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmjnanlejfopnmlbaglhakppcgfiehmi [2013-11-26]
CHR Extension: (sendToCgeo) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebcekkbgdfmadcndplemkpligfnoiomn [2013-03-25]
CHR Extension: (Google Play Music) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2014-06-21]
CHR Extension: (JDownloader Integration) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmochcijbhgjfdmojjenfabpafelhgdc [2013-06-23]
CHR Extension: (avast! Online Security) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-05-24]
CHR Extension: (MFCTools) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\himjbipiceflfkibobojfdblmfccnhcm [2014-01-18]
CHR Extension: (Social Fixer for Facebook) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb [2013-03-25]
CHR Extension: (FVD Downloader) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2014-04-19]
CHR Extension: (Google Maps) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2013-03-25]
CHR Extension: (pyLCEX) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\lonijbpbhgckjaagllgmgifkidcojban [2013-11-18]
CHR Extension: (Hangouts) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2013-12-01]
CHR Extension: (chaturbate) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkmhamhlgmjchgiclojjodgmbjjehmde [2014-01-18]
CHR Extension: (Google Wallet) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-28]
CHR Extension: (chromeIPass) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\ompiailgknfdndiefoaoiligalphfdae [2013-03-25]
CHR Extension: (Google Mail) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-02-06]
CHR Extension: (Sexy Girl Chrome Theme - Arthur) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkibpgkliocdchedibhioiibdiddomac [2013-03-25]
CHR Extension: (Tapatalk Notifier) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\plfhcjljnfjpfcbjpgnflfofmahljkjj [2013-03-31]
==================== Services (Whitelisted) =================
R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-04] (AVAST Software)
R2 bgsvcgen; C:\Windows\SysWOW64\bgsvcgen.exe [139264 2011-07-07] (SOURCENEXT) [File not signed]
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2010-01-27] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2010-01-27] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2008-11-18] (Creative Technology Ltd) [File not signed]
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-03-26] (Nitro PDF Software)
R2 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [278336 2011-09-19] (NVIDIA)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-02-16] ()
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-07-03] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [245760 2011-02-18] () [File not signed]
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
S2 Aspi32; C:\Windows\SysWow64\Drivers\Aspi32.sys [23936 1997-12-23] (Adaptec) [File not signed]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-04] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-04] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-06-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-04] ()
S3 ATITool; C:\Windows\System32\DRIVERS\ATITool64.sys [30720 2006-11-10] () [File not signed]
S1 cdrbsdrv; C:\Windows\SysWow64\Drivers\cdrbsdrv.sys [38944 2011-07-07] (B.H.A Corporation)
S3 DbusAudio; C:\Windows\System32\drivers\DbusAudio.sys [33336 2010-04-28] (Windows (R) Codename Longhorn DDK provider)
S3 DLPortIO; C:\Windows\SysWOW64\DRIVERS\DLPortIO.SYS [3584 2000-06-29] () [File not signed]
S3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 nvoclk64; C:\Windows\System32\DRIVERS\nvoclk64.sys [42088 2009-09-15] (NVIDIA Corp.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 PciPPorts; C:\Windows\System32\DRIVERS\PciPPorts.sys [96768 2009-07-23] ()
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-07-03] (Secunia)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2013-01-11] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2013-01-11] ()
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-02-18] (Duplex Secure Ltd.)
S3 StarOpen; No ImagePath
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-09-17] (Anchorfree Inc.)
R0 tdrpman258; C:\Windows\System32\DRIVERS\tdrpm258.sys [1477728 2012-10-05] (Acronis)
S1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [59184 2011-11-17] (Windows (R) 2000 DDK provider)
S1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [572336 2011-11-17] (Paragon)
S1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [352816 2011-11-17] (Paragon)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [51712 2011-02-18] (Apple, Inc.) [File not signed]
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [113936 2013-12-18] (Oracle Corporation)
R1 vmm; C:\Windows\system32\Treiber\vmm.sys [294232 2013-12-30] (Microsoft Corporation)
R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [260608 2012-02-27] (Jungo)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S1 UserPort; \SystemRoot\System32\Drivers\UserPort.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-27 18:29 - 2014-06-27 18:29 - 00032157 _____ () C:\Users\Matthias\Desktop\FRST.txt
2014-06-27 18:29 - 2014-06-27 18:29 - 00000000 ____D () C:\Users\Matthias\Desktop\FRST-OlderVersion
2014-06-27 18:12 - 2014-06-27 18:12 - 00002191 _____ () C:\Users\Matthias\Desktop\JRT.txt
2014-06-27 18:02 - 2014-06-27 18:02 - 00000000 ____D () C:\Windows\ERUNT
2014-06-27 18:01 - 2014-06-27 18:01 - 01016261 _____ (Thisisu) C:\Users\Matthias\Downloads\JRT.exe
2014-06-27 17:58 - 2014-06-27 17:58 - 01016261 _____ (Thisisu) C:\Users\Matthias\Desktop\JRT.exe
2014-06-27 17:58 - 2014-06-27 17:58 - 00002248 _____ () C:\Users\Matthias\Desktop\AdwCleaner[S1].txt
2014-06-27 17:45 - 2014-06-27 17:45 - 01342659 _____ () C:\Users\Matthias\Desktop\adwcleaner_3.213.exe
2014-06-27 17:44 - 2014-06-27 17:44 - 00002271 _____ () C:\Users\Matthias\Desktop\mbam.txt
2014-06-27 17:11 - 2014-06-27 17:12 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-27 17:11 - 2014-06-27 17:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-06-27 17:11 - 2014-06-27 17:11 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-06-27 17:11 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-24 21:48 - 2014-06-24 21:48 - 00012609 _____ () C:\Users\Matthias\Documents\Computerkrams.xlsx
2014-06-24 14:54 - 2014-06-24 14:55 - 00060535 _____ () C:\Users\Matthias\Desktop\Result.txt
2014-06-24 14:51 - 2014-06-24 14:51 - 00400384 _____ (Farbar) C:\Users\Matthias\Desktop\MiniToolBox.exe
2014-06-24 14:46 - 2014-06-24 14:46 - 00029757 _____ () C:\ComboFix.txt
2014-06-24 14:29 - 2014-06-24 14:46 - 00000000 ____D () C:\Qoobox
2014-06-24 14:29 - 2014-06-24 14:44 - 00000000 ____D () C:\Windows\erdnt
2014-06-24 14:29 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-06-24 14:29 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-06-24 14:29 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-06-24 14:29 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-06-24 14:29 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-06-24 14:29 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-06-24 14:29 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-06-24 14:29 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-06-24 14:27 - 2014-06-24 14:28 - 05211571 ____R (Swearware) C:\Users\Matthias\Desktop\ComboFix.exe
2014-06-24 08:38 - 2014-06-24 08:38 - 00317351 _____ () C:\Users\Matthias\Downloads\sign-handwriting.zip
2014-06-24 08:38 - 2014-06-24 08:38 - 00022050 _____ () C:\Users\Matthias\Downloads\always-forever.zip
2014-06-23 20:19 - 2014-06-23 20:19 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Matthias\Desktop\tdsskiller.exe
2014-06-23 19:52 - 2014-06-23 20:19 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-06-23 19:50 - 2014-06-23 20:19 - 00000000 ____D () C:\Users\Matthias\Desktop\mbar
2014-06-23 19:50 - 2014-06-23 19:50 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Matthias\Downloads\mbar-1.07.0.1012.exe
2014-06-23 19:50 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-23 10:27 - 2014-06-23 10:27 - 00000160 _____ () C:\Users\Matthias\Downloads\Kalenderwochen_2010-2015.ics
2014-06-22 23:36 - 2014-06-22 23:36 - 00599500 _____ () C:\Users\Matthias\Downloads\gmer.txt
2014-06-22 22:47 - 2014-06-22 22:47 - 00380416 _____ () C:\Users\Matthias\Desktop\Gmer-19357.exe
2014-06-22 22:45 - 2014-06-22 22:46 - 00056946 _____ () C:\Users\Matthias\Downloads\Addition.txt
2014-06-22 22:42 - 2014-06-27 18:29 - 00000000 ____D () C:\FRST
2014-06-22 22:42 - 2014-06-22 22:46 - 00069029 _____ () C:\Users\Matthias\Downloads\FRST.txt
2014-06-22 22:41 - 2014-06-27 18:29 - 02082816 _____ (Farbar) C:\Users\Matthias\Desktop\FRST64.exe
2014-06-22 22:34 - 2014-06-22 22:34 - 00000588 _____ () C:\Users\Matthias\Downloads\defogger_disable.log
2014-06-22 22:34 - 2014-06-22 22:34 - 00000020 _____ () C:\Users\Matthias\defogger_reenable
2014-06-22 22:33 - 2014-06-22 22:33 - 00050477 _____ () C:\Users\Matthias\Downloads\Defogger.exe
2014-06-22 22:14 - 2014-06-22 22:14 - 01333465 _____ () C:\Users\Matthias\Downloads\adwcleaner_3.212.exe
2014-06-22 22:01 - 2014-06-22 22:01 - 00511782 _____ () C:\Users\Matthias\Downloads\Autoruns.zip
2014-06-22 16:38 - 2014-06-22 16:38 - 00000000 ____D () C:\SymCache
2014-06-22 16:37 - 2014-06-22 16:39 - 00000000 ____D () C:\Users\Matthias\Documents\WPA Files
2014-06-22 16:30 - 2014-06-22 16:42 - 00000000 ____D () C:\log
2014-06-22 16:03 - 2014-06-22 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2014-06-22 16:03 - 2014-06-22 16:03 - 00000000 ____D () C:\Program Files (x86)\Windows Kits
2014-06-22 16:02 - 2014-06-22 16:03 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-22 15:58 - 2014-06-22 15:58 - 00163917 _____ () C:\Users\Matthias\Downloads\ReleaseNotes_Win7_1RTMSDK.Htm
2014-06-22 15:55 - 2014-06-22 15:55 - 00003152 _____ () C:\Windows\System32\Tasks\{2C697FBE-AB3C-4455-BE91-C1F9DD5491D6}
2014-06-22 15:48 - 2014-05-20 01:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-06-22 15:48 - 2014-05-15 01:49 - 03774821 _____ () C:\Windows\system32\nvcoproc.bin
2014-06-22 15:45 - 2014-06-22 15:45 - 00509264 _____ (Microsoft Corporation) C:\Users\Matthias\Downloads\winsdk_web.exe
2014-06-22 15:45 - 2014-05-20 04:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-06-22 15:45 - 2014-05-20 04:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-06-22 15:39 - 2014-06-22 15:39 - 00091181 _____ () C:\Windows\ZTEInstallInfo.log
2014-06-22 15:35 - 2014-06-22 15:35 - 04748896 _____ (Piriform Ltd) C:\Users\Matthias\Downloads\ccsetup414.exe
2014-06-22 15:33 - 2014-06-22 15:34 - 00991536 _____ (Microsoft Corporation) C:\Users\Matthias\Downloads\sdksetup.exe
2014-06-22 15:33 - 2014-05-30 01:07 - 01715176 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-06-22 15:33 - 2014-05-30 01:07 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-06-22 15:31 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-06-22 15:31 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-06-21 18:10 - 2014-06-21 18:10 - 00000000 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-21 18:00 - 2014-06-21 18:07 - 00000826 _____ () C:\Windows\SecuniaPackage.log
2014-06-21 17:57 - 2014-06-21 17:58 - 18732144 _____ (Adobe Systems Inc.) C:\Users\Matthias\Downloads\AdobeAIRInstaller (5).exe
2014-06-21 17:52 - 2014-06-21 17:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-21 13:41 - 2014-06-21 15:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-06-21 13:09 - 2014-06-21 13:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-21 13:08 - 2014-06-21 13:08 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-21 13:08 - 2014-06-21 13:08 - 00000000 ____D () C:\Program Files\iTunes
2014-06-21 13:08 - 2014-06-21 13:08 - 00000000 ____D () C:\Program Files\iPod
2014-06-21 13:08 - 2014-06-21 13:08 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-21 12:57 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-21 12:57 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-21 12:57 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-06-21 12:57 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-06-21 12:56 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-21 12:56 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-21 12:56 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-21 12:56 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-21 12:56 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-21 12:56 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-21 12:56 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-21 12:56 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-21 12:56 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-21 12:56 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-21 12:56 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-21 12:56 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-21 12:56 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-21 12:56 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-21 12:56 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-21 12:56 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-21 12:56 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-21 12:56 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-21 12:56 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-21 12:56 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-21 12:56 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-21 12:56 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-21 12:56 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-21 12:56 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-21 12:56 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-21 12:56 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-21 12:56 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-21 12:56 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-21 12:56 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-21 12:56 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-21 12:56 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-21 12:56 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-21 12:56 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-21 12:56 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-21 12:56 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-21 12:56 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-21 12:56 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-21 12:56 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-21 12:56 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-21 12:56 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-21 12:56 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-21 12:56 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-21 12:56 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-21 12:56 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-21 12:56 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-21 12:56 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-21 12:56 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-21 12:56 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-21 12:56 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-21 12:56 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-21 12:56 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-21 12:56 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-21 12:56 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-21 12:56 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-21 12:56 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-21 12:56 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-21 12:56 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-21 12:56 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-21 12:56 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-21 12:56 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-21 12:56 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-21 12:56 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-21 12:56 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-21 12:56 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-21 12:53 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-06-21 12:53 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-06-21 12:53 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-06-21 12:53 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-06-21 12:53 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-06-21 12:53 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-06-21 12:53 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-06-21 12:53 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-06-21 12:53 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-06-21 12:53 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-06-21 12:53 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-06-21 12:53 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-06-21 12:53 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-06-21 12:53 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-06-21 12:53 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-06-21 12:53 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-06-21 12:53 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-06-21 12:53 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-06-21 12:53 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-06-21 12:53 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-06-21 12:53 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-06-21 12:53 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-06-21 12:53 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-06-21 12:53 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-06-21 12:53 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-06-21 12:53 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-06-21 12:53 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-06-21 12:53 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-06-21 12:53 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-06-21 12:53 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-06-21 12:53 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-06-21 12:53 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-06-21 12:53 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-06-21 12:53 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-06-21 12:53 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-06-21 12:53 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-06-21 12:53 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-06-21 12:53 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-06-21 12:53 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-06-21 12:53 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-06-21 12:53 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-06-21 12:52 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-21 12:52 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-21 12:33 - 2014-06-27 17:54 - 00000000 ____D () C:\Users\Matthias\AppData\Roaming\DropboxMaster
==================== One Month Modified Files and Folders =======
2014-06-27 18:30 - 2014-06-27 18:29 - 00032157 _____ () C:\Users\Matthias\Desktop\FRST.txt
2014-06-27 18:29 - 2014-06-27 18:29 - 00000000 ____D () C:\Users\Matthias\Desktop\FRST-OlderVersion
2014-06-27 18:29 - 2014-06-22 22:42 - 00000000 ____D () C:\FRST
2014-06-27 18:29 - 2014-06-22 22:41 - 02082816 _____ (Farbar) C:\Users\Matthias\Desktop\FRST64.exe
2014-06-27 18:27 - 2010-01-28 18:47 - 00000000 ____D () C:\Program Files (x86)\totalcmd
2014-06-27 18:12 - 2014-06-27 18:12 - 00002191 _____ () C:\Users\Matthias\Desktop\JRT.txt
2014-06-27 18:11 - 2012-04-05 08:41 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-27 18:02 - 2014-06-27 18:02 - 00000000 ____D () C:\Windows\ERUNT
2014-06-27 18:01 - 2014-06-27 18:01 - 01016261 _____ (Thisisu) C:\Users\Matthias\Downloads\JRT.exe
2014-06-27 18:01 - 2009-07-14 06:45 - 00013760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-27 18:01 - 2009-07-14 06:45 - 00013760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-27 17:59 - 2012-09-05 18:21 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-27 17:58 - 2014-06-27 17:58 - 01016261 _____ (Thisisu) C:\Users\Matthias\Desktop\JRT.exe
2014-06-27 17:58 - 2014-06-27 17:58 - 00002248 _____ () C:\Users\Matthias\Desktop\AdwCleaner[S1].txt
2014-06-27 17:56 - 2012-01-08 15:39 - 00000000 ____D () C:\Users\Matthias\AppData\Roaming\Dropbox
2014-06-27 17:55 - 2012-01-08 15:42 - 00000000 ___RD () C:\Users\Matthias\Dropbox
2014-06-27 17:54 - 2014-06-21 12:33 - 00000000 ____D () C:\Users\Matthias\AppData\Roaming\DropboxMaster
2014-06-27 17:53 - 2014-02-16 18:09 - 00011350 _____ () C:\Windows\setupact.log
2014-06-27 17:53 - 2013-03-29 10:48 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-27 17:52 - 2012-09-05 18:21 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-27 17:51 - 2014-02-16 18:09 - 00011966 _____ () C:\Windows\PFRO.log
2014-06-27 17:51 - 2014-01-12 13:27 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-06-27 17:51 - 2012-01-06 22:34 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-27 17:51 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-27 17:50 - 2013-01-14 21:09 - 01376821 _____ () C:\Windows\WindowsUpdate.log
2014-06-27 17:49 - 2013-10-02 20:31 - 00000000 ____D () C:\AdwCleaner
2014-06-27 17:49 - 2010-01-26 14:18 - 00000000 ____D () C:\Users\Matthias
2014-06-27 17:45 - 2014-06-27 17:45 - 01342659 _____ () C:\Users\Matthias\Desktop\adwcleaner_3.213.exe
2014-06-27 17:44 - 2014-06-27 17:44 - 00002271 _____ () C:\Users\Matthias\Desktop\mbam.txt
2014-06-27 17:21 - 2012-04-21 14:30 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{257B08F2-5683-4379-A9C6-53F01BC7C7ED}
2014-06-27 17:12 - 2014-06-27 17:11 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-27 17:11 - 2014-06-27 17:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-06-27 17:11 - 2014-06-27 17:11 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-06-27 17:11 - 2012-02-07 11:16 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-27 17:11 - 2011-03-27 15:53 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-27 17:11 - 2011-03-27 15:53 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-06-24 21:48 - 2014-06-24 21:48 - 00012609 _____ () C:\Users\Matthias\Documents\Computerkrams.xlsx
2014-06-24 14:55 - 2014-06-24 14:54 - 00060535 _____ () C:\Users\Matthias\Desktop\Result.txt
2014-06-24 14:51 - 2014-06-24 14:51 - 00400384 _____ (Farbar) C:\Users\Matthias\Desktop\MiniToolBox.exe
2014-06-24 14:48 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2014-06-24 14:46 - 2014-06-24 14:46 - 00029757 _____ () C:\ComboFix.txt
2014-06-24 14:46 - 2014-06-24 14:29 - 00000000 ____D () C:\Qoobox
2014-06-24 14:44 - 2014-06-24 14:29 - 00000000 ____D () C:\Windows\erdnt
2014-06-24 14:43 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-06-24 14:42 - 2012-09-03 17:27 - 00000000 ____D () C:\Program Files (x86)\ownCloud Client
2014-06-24 14:30 - 2013-10-20 11:45 - 00000000 ____D () C:\Users\Matthias\ownCloud
2014-06-24 14:28 - 2014-06-24 14:27 - 05211571 ____R (Swearware) C:\Users\Matthias\Desktop\ComboFix.exe
2014-06-24 10:36 - 2012-01-10 22:47 - 00427824 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-24 10:32 - 2010-03-20 19:21 - 00000000 ____D () C:\Users\Matthias\AppData\Roaming\vlc
2014-06-24 10:21 - 2012-01-10 16:00 - 00115168 _____ () C:\Users\Matthias\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-24 08:54 - 2012-09-05 18:21 - 00004110 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-24 08:54 - 2012-09-05 18:21 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-24 08:38 - 2014-06-24 08:38 - 00317351 _____ () C:\Users\Matthias\Downloads\sign-handwriting.zip
2014-06-24 08:38 - 2014-06-24 08:38 - 00022050 _____ () C:\Users\Matthias\Downloads\always-forever.zip
2014-06-23 20:19 - 2014-06-23 20:19 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Matthias\Desktop\tdsskiller.exe
2014-06-23 20:19 - 2014-06-23 19:52 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-06-23 20:19 - 2014-06-23 19:50 - 00000000 ____D () C:\Users\Matthias\Desktop\mbar
2014-06-23 19:50 - 2014-06-23 19:50 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Matthias\Downloads\mbar-1.07.0.1012.exe
2014-06-23 10:27 - 2014-06-23 10:27 - 00000160 _____ () C:\Users\Matthias\Downloads\Kalenderwochen_2010-2015.ics
2014-06-23 09:22 - 2014-01-02 11:48 - 00002021 _____ () C:\Users\Public\Desktop\Canon Quick Menu.lnk
2014-06-23 09:22 - 2014-01-02 11:48 - 00000000 ____D () C:\ProgramData\CanonIJWSpt
2014-06-23 09:22 - 2014-01-02 11:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2014-06-22 23:36 - 2014-06-22 23:36 - 00599500 _____ () C:\Users\Matthias\Downloads\gmer.txt
2014-06-22 22:47 - 2014-06-22 22:47 - 00380416 _____ () C:\Users\Matthias\Desktop\Gmer-19357.exe
2014-06-22 22:46 - 2014-06-22 22:45 - 00056946 _____ () C:\Users\Matthias\Downloads\Addition.txt
2014-06-22 22:46 - 2014-06-22 22:42 - 00069029 _____ () C:\Users\Matthias\Downloads\FRST.txt
2014-06-22 22:34 - 2014-06-22 22:34 - 00000588 _____ () C:\Users\Matthias\Downloads\defogger_disable.log
2014-06-22 22:34 - 2014-06-22 22:34 - 00000020 _____ () C:\Users\Matthias\defogger_reenable
2014-06-22 22:33 - 2014-06-22 22:33 - 00050477 _____ () C:\Users\Matthias\Downloads\Defogger.exe
2014-06-22 22:14 - 2014-06-22 22:14 - 01333465 _____ () C:\Users\Matthias\Downloads\adwcleaner_3.212.exe
2014-06-22 22:08 - 2013-02-22 18:33 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-22 22:05 - 2012-06-15 22:15 - 00006062 _____ () C:\Windows\wininit.ini
2014-06-22 22:04 - 2010-11-09 11:19 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-22 22:01 - 2014-06-22 22:01 - 00511782 _____ () C:\Users\Matthias\Downloads\Autoruns.zip
2014-06-22 16:42 - 2014-06-22 16:30 - 00000000 ____D () C:\log
2014-06-22 16:39 - 2014-06-22 16:37 - 00000000 ____D () C:\Users\Matthias\Documents\WPA Files
2014-06-22 16:38 - 2014-06-22 16:38 - 00000000 ____D () C:\SymCache
2014-06-22 16:03 - 2014-06-22 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2014-06-22 16:03 - 2014-06-22 16:03 - 00000000 ____D () C:\Program Files (x86)\Windows Kits
2014-06-22 16:03 - 2014-06-22 16:02 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-22 15:58 - 2014-06-22 15:58 - 00163917 _____ () C:\Users\Matthias\Downloads\ReleaseNotes_Win7_1RTMSDK.Htm
2014-06-22 15:57 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-06-22 15:55 - 2014-06-22 15:55 - 00003152 _____ () C:\Windows\System32\Tasks\{2C697FBE-AB3C-4455-BE91-C1F9DD5491D6}
2014-06-22 15:49 - 2012-01-06 22:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-06-22 15:48 - 2012-01-06 22:34 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-22 15:45 - 2014-06-22 15:45 - 00509264 _____ (Microsoft Corporation) C:\Users\Matthias\Downloads\winsdk_web.exe
2014-06-22 15:42 - 2010-01-28 21:18 - 00000000 ____D () C:\Windows\WindowsMobile
2014-06-22 15:40 - 2011-01-10 20:28 - 00000000 ____D () C:\Windows\SysWOW64\SupportAppCB
2014-06-22 15:40 - 2010-01-27 10:45 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-22 15:39 - 2014-06-22 15:39 - 00091181 _____ () C:\Windows\ZTEInstallInfo.log
2014-06-22 15:36 - 2011-03-27 00:45 - 00001017 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-06-22 15:36 - 2010-03-01 12:23 - 00000000 ____D () C:\Program Files (x86)\CCleaner
2014-06-22 15:35 - 2014-06-22 15:35 - 04748896 _____ (Piriform Ltd) C:\Users\Matthias\Downloads\ccsetup414.exe
2014-06-22 15:34 - 2014-06-22 15:33 - 00991536 _____ (Microsoft Corporation) C:\Users\Matthias\Downloads\sdksetup.exe
2014-06-22 15:31 - 2010-03-01 12:48 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-22 15:30 - 2012-06-01 17:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synology
2014-06-22 15:11 - 2012-05-12 12:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-21 20:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-21 18:10 - 2014-06-21 18:10 - 00000000 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-21 18:10 - 2010-01-28 17:17 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-21 18:07 - 2014-06-21 18:00 - 00000826 _____ () C:\Windows\SecuniaPackage.log
2014-06-21 18:06 - 2012-04-05 08:41 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-21 18:06 - 2012-04-05 08:41 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-21 18:06 - 2011-06-01 23:44 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-21 17:58 - 2014-06-21 17:57 - 18732144 _____ (Adobe Systems Inc.) C:\Users\Matthias\Downloads\AdobeAIRInstaller (5).exe
2014-06-21 17:52 - 2014-06-21 17:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-21 17:31 - 2011-06-18 20:04 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-06-21 17:29 - 2011-07-26 12:37 - 00000494 __RSH () C:\Users\Matthias\ntuser.pol
2014-06-21 17:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-06-21 15:27 - 2013-09-28 13:09 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-21 15:23 - 2010-01-27 16:25 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-21 15:18 - 2014-05-10 13:05 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-21 15:09 - 2014-06-21 13:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-06-21 13:09 - 2014-06-21 13:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-21 13:08 - 2014-06-21 13:08 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-21 13:08 - 2014-06-21 13:08 - 00000000 ____D () C:\Program Files\iTunes
2014-06-21 13:08 - 2014-06-21 13:08 - 00000000 ____D () C:\Program Files\iPod
2014-06-21 13:08 - 2014-06-21 13:08 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-21 13:06 - 2013-12-06 18:00 - 00000000 ____D () C:\Users\Matthias\AppData\Local\JDownloader v2.0
2014-06-21 12:38 - 2014-01-11 13:43 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-21 12:38 - 2013-03-29 10:49 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-06-21 12:38 - 2013-03-29 10:48 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-21 12:33 - 2012-01-08 15:40 - 00000000 ____D () C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-06-08 11:13 - 2014-06-21 12:52 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-21 12:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-01 17:17 - 2010-01-27 15:05 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-30 12:21 - 2014-06-21 12:56 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 12:02 - 2014-06-21 12:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 12:02 - 2014-06-21 12:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 11:45 - 2014-06-21 12:56 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 11:39 - 2014-06-21 12:56 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 11:39 - 2014-06-21 12:56 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 11:38 - 2014-06-21 12:56 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 11:28 - 2014-06-21 12:56 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 11:27 - 2014-06-21 12:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 11:24 - 2014-06-21 12:56 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 11:21 - 2014-06-21 12:56 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 11:21 - 2014-06-21 12:56 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 11:20 - 2014-06-21 12:56 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 11:18 - 2014-06-21 12:56 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 11:11 - 2014-06-21 12:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 11:08 - 2014-06-21 12:56 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 11:06 - 2014-06-21 12:56 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 11:02 - 2014-06-21 12:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 10:55 - 2014-06-21 12:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:49 - 2014-06-21 12:56 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 10:46 - 2014-06-21 12:56 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 10:44 - 2014-06-21 12:56 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 10:44 - 2014-06-21 12:56 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 10:43 - 2014-06-21 12:56 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 10:42 - 2014-06-21 12:56 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-21 12:56 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 10:35 - 2014-06-21 12:56 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 10:34 - 2014-06-21 12:56 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 10:33 - 2014-06-21 12:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 10:30 - 2014-06-21 12:56 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 10:29 - 2014-06-21 12:56 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 10:28 - 2014-06-21 12:56 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 10:27 - 2014-06-21 12:56 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 10:24 - 2014-06-21 12:56 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 10:23 - 2014-06-21 12:56 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 10:16 - 2014-06-21 12:56 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 10:10 - 2014-06-21 12:56 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-21 12:56 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 10:04 - 2014-06-21 12:56 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 10:02 - 2014-06-21 12:56 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 09:56 - 2014-06-21 12:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 09:56 - 2014-06-21 12:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 09:54 - 2014-06-21 12:56 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 09:50 - 2014-06-21 12:56 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-21 12:56 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 09:43 - 2014-06-21 12:56 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 09:40 - 2014-06-21 12:56 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 09:30 - 2014-06-21 12:56 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 09:21 - 2014-06-21 12:56 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 09:15 - 2014-06-21 12:56 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 09:13 - 2014-06-21 12:56 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 09:13 - 2014-06-21 12:56 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-30 01:07 - 2014-06-22 15:33 - 01715176 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-05-30 01:07 - 2014-06-22 15:33 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-05-30 01:07 - 2013-10-28 23:12 - 01279480 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-05-30 01:07 - 2013-10-28 23:12 - 01122312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
Some content of TEMP:
====================
C:\Users\Matthias\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwx__ry.dll
C:\Users\Matthias\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-21 13:25
==================== End Of Log ============================
--- --- --- Danke. Was hab ich mir denn da eingefangen?? |
|
28.06.2014, 18:03
| #13 |
| /// the machine /// TB-Ausbilder | User wangzhisong unter c:\users\ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
30.06.2014, 07:08
| #14 |
| | User wangzhisong unter c:\users\ ESET Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=23a06a40c5a0d440bdd2a66932a28cb7
# engine=18941
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-06-30 01:54:41
# local_time=2014-06-30 03:54:41 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 97 730334 168513771 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 29912 155723131 0 0
# scanned=538031
# found=103
# cleaned=0
# scan_time=27707
sh=8992F72873D09212597E582A16F8D9BC60E6A22A ft=1 fh=e21391a34e842ffc vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir"
sh=359D977D432E4F90FE627B2717144AE873990AC4 ft=1 fh=63c7b0ee3e7f229d vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\DVDVideoSoftTB.exe.vir"
sh=67D59D15A734F2B41373F1CAF8347D199215D42C ft=1 fh=86e026dc2bf78850 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\New_UpdateMoboGenie.exe.vir"
sh=EBF01B3EC4607AEB707184674F723440272D4EF5 ft=0 fh=0000000000000000 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Matthias\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie2.1.32.zip.vir"
sh=748E90CBB284A00D9E9396B9EE387AC5905FF8D1 ft=1 fh=ab95f3a7820679d6 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Matthias\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\DaemonProcess.exe.vir"
sh=D0E5E11ACDD3E7AF720794C6AD722169570CA169 ft=1 fh=afc8ab45c959803b vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Matthias\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\Mobogenie.exe.vir"
sh=A703E83DC6447E84E8582B80A3DBF6C03B77D04A ft=0 fh=0000000000000000 vn="Variante von Android/Mobserv.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Matthias\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\MUServer.apk.vir"
sh=67D59D15A734F2B41373F1CAF8347D199215D42C ft=1 fh=86e026dc2bf78850 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Matthias\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\New_UpdateMoboGenie.exe.vir"
sh=3A093F21B3D5C815B047050B9AF52AEF35224D6D ft=0 fh=0000000000000000 vn="Android/HackTool.FaceNiff.A potenziell unsichere Anwendung" ac=I fn="C:\Temp\SAVE SD HANDY\download\FaceNiff-1.9.4.apk"
sh=87ACC6A6278B45DC5A3297AD2A5AB8AC7CEEE211 ft=0 fh=0000000000000000 vn="Variante von Android/Inmobi.A potenziell unsichere Anwendung" ac=I fn="C:\Temp2\20120804 Save SD Handy\[GeekFiles.in]Angry_Birds_Space_1.0.1.apk"
sh=5B22620876214094D6ECCDBB6AC9144A880E384D ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AirPush.K evtl. unerwünschte Anwendung" ac=I fn="C:\Temp2\20120804 Save SD Handy\rerware\MyBackup\AllAppsBackups\AppsMedia_2011_10_07\Apps\com.androidlab.gpsfix_110921.apk"
sh=3A093F21B3D5C815B047050B9AF52AEF35224D6D ft=0 fh=0000000000000000 vn="Android/HackTool.FaceNiff.A potenziell unsichere Anwendung" ac=I fn="C:\Temp2\20120804 Save SD Handy\rerware\MyBackup\AllAppsBackups\AppsMedia_2011_10_07\Apps\net.ponury.faceniff_2.apk"
sh=5875A754390B48E0EE13F9AEECC5F569088515A2 ft=0 fh=0000000000000000 vn="Variante von Android/Inmobi.A potenziell unsichere Anwendung" ac=I fn="C:\Temp2\20120804 Save SD Handy\rerware\MyBackup\AllAppsBackups\AppsMedia_2011_12_21\Apps\com.gameloft.android.ANMP.GloftUFHM_106.apk"
sh=5875A754390B48E0EE13F9AEECC5F569088515A2 ft=0 fh=0000000000000000 vn="Variante von Android/Inmobi.A potenziell unsichere Anwendung" ac=I fn="C:\Temp2\20120804 Save SD Handy\rerware\MyBackup\AllAppsBackups\AppsMedia_2011_12_21_2\Apps\com.gameloft.android.ANMP.GloftUFHM_106.apk"
sh=5875A754390B48E0EE13F9AEECC5F569088515A2 ft=0 fh=0000000000000000 vn="Variante von Android/Inmobi.A potenziell unsichere Anwendung" ac=I fn="C:\Temp2\20120804 Save SD Handy\rerware\MyBackup\AllAppsBackups\AppsMedia_2011_12_23\Apps\com.gameloft.android.ANMP.GloftUFHM_106.apk"
sh=9B2DEB1AAFF8B252E961F9B28CEFA7F20CF659B9 ft=0 fh=0000000000000000 vn="Variante von Android/Leadbolt.E evtl. unerwünschte Anwendung" ac=I fn="C:\Temp2\20120804 Save SD Handy\rerware\MyBackup\AllAppsBackups\AppsMedia_2012_04_20\Apps\com.androidlab.gpsfix_120325.apk"
sh=34E23051898CAB475E0B6D5B9F1C3AC00D7EF0CB ft=0 fh=0000000000000000 vn="Variante von Android/Inmobi.A potenziell unsichere Anwendung" ac=I fn="C:\Temp2\20120804 Save SD Handy\rerware\MyBackup\AllAppsBackups\AppsMedia_2012_04_20\Apps\com.rovio.angrybirdsrio_1440.apk"
sh=D129C6B48995700019B1D2D84CC4351CFD7148CF ft=0 fh=0000000000000000 vn="möglicherweise Variante von Android/Inmobi.A potenziell unsichere Anwendung" ac=I fn="C:\Temp2\20120804 Save SD Handy\rerware\MyBackup\AllAppsBackups\AppsMedia_2012_04_20\Apps\com.rovio.angrybirdsseasons_230.apk"
sh=87ACC6A6278B45DC5A3297AD2A5AB8AC7CEEE211 ft=0 fh=0000000000000000 vn="Variante von Android/Inmobi.A potenziell unsichere Anwendung" ac=I fn="C:\Temp2\20120804 Save SD Handy\rerware\MyBackup\AllAppsBackups\AppsMedia_2012_04_20\Apps\com.rovio.angrybirdsspace.premium_1001.apk"
sh=7511ED474783C68FC65034F862C913C4B820287A ft=0 fh=0000000000000000 vn="Variante von Android/Leadbolt.E evtl. unerwünschte Anwendung" ac=I fn="C:\Temp2\20120804 Save SD Handy\TitaniumBackup\com.androidlab.gpsfix-544a0e7cc232333e48ce3d02e74db080.apk.gz"
sh=546885A06029D5FB550A6AE085D363F08317E5FC ft=0 fh=0000000000000000 vn="Variante von Android/Inmobi.A potenziell unsichere Anwendung" ac=I fn="C:\Temp2\20120804 Save SD Handy\TitaniumBackup\com.rovio.angrybirdsrio-b9a2a5eef39ab02cf19ee494b5b5d9b7.apk.gz"
sh=E6CF9BF00979083F6681FFAC4BB46C5E916CB350 ft=0 fh=0000000000000000 vn="möglicherweise Variante von Android/Inmobi.A potenziell unsichere Anwendung" ac=I fn="C:\Temp2\20120804 Save SD Handy\TitaniumBackup\com.rovio.angrybirdsseasons-1aea704d0a4d310eb5795fc1ec396607.apk.gz"
sh=08A67767B510F6160D3222C36A0DA3CC24BD3AA5 ft=0 fh=0000000000000000 vn="Variante von Android/Inmobi.A potenziell unsichere Anwendung" ac=I fn="C:\Temp2\20120804 Save SD Handy\TitaniumBackup\com.rovio.angrybirdsspace.premium-e0399f61bbd2d9a3b3b2d79f19cec8ec.apk.gz"
sh=3A093F21B3D5C815B047050B9AF52AEF35224D6D ft=0 fh=0000000000000000 vn="Android/HackTool.FaceNiff.A potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Documents\FaceNiff_1.9.4.apk"
sh=EA91A7B4AB2DE640BBDAE944E5F91E6C479DCDDF ft=1 fh=9996c0ea4bfd5a76 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\avira_free_antivirus_898de.exe"
sh=B45806F85A8EFA8AA923A09B28B26EE1FCFD97BA ft=1 fh=021ef04e4af54844 vn="Win32/Bundled.Toolbar.Google.E potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\ccsetup309.exe"
sh=B289C53DBB01232884364F964E8A5BCCDFBCE00A ft=1 fh=20604ce9407285e3 vn="Win32/Bundled.Toolbar.Google.E potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\ccsetup310.exe"
sh=5FB6822B24CE1EDC510AD20BBAEA3DFDA97F87B8 ft=1 fh=86f5f05c7551e90b vn="Win32/Bundled.Toolbar.Google.E potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\ccsetup311.exe"
sh=429FC48BC53BC454DBF9DD799994FD538DD2CD1C ft=1 fh=b14d744a763a52f9 vn="Win32/Bundled.Toolbar.Google.E potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\ccsetup312.exe"
sh=3FC75D7EC85B4B4766AE1195896F0C2C5FB3E6FE ft=1 fh=f3111313b4ad1f30 vn="Win32/Bundled.Toolbar.Google.E potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\ccsetup314.exe"
sh=DC1FE696A24E0072BA7221FCB0DAFEDB9B3560B4 ft=1 fh=5aa7e24d05d642d5 vn="Win32/Bundled.Toolbar.Google.E potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\ccsetup315.exe"
sh=9663CAB5F4802FDAD8C719864F2E390BB99F195C ft=1 fh=02a711254bf91c09 vn="Win32/Bundled.Toolbar.Google.E potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\ccsetup316.exe"
sh=F39A1D9201D021180B9FC8543783D8CE69054DCE ft=1 fh=10783dd2892ae31b vn="Win32/Bundled.Toolbar.Google.E potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\ccsetup317(1).exe"
sh=A33A7FD91250141CEE0A868EA6C574D671A02134 ft=1 fh=254d8bfbc67d1106 vn="Win32/Bundled.Toolbar.Google.E potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\ccsetup317.exe"
sh=2E9FC5EE22DDB3588857BAEB1EC51885EB3D3C27 ft=1 fh=78aa2c558c3526a3 vn="Win32/Bundled.Toolbar.Google.E potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\ccsetup318.exe"
sh=2C16CF7AF335A0943C5973070050474E2565691B ft=1 fh=dbab1590fe63551b vn="Win32/Bundled.Toolbar.Google.E potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\ccsetup319.exe"
sh=7EF1CA17E9835CBBA989D1F2CFEF4B794D928D13 ft=1 fh=c7fc25b20d8e6134 vn="Win32/Bundled.Toolbar.Google.E potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\ccsetup320.exe"
sh=432E95C9B13671B563FDDECA6C408A763B4020F8 ft=1 fh=5a87b2eed39a59c6 vn="Win32/Bundled.Toolbar.Google.E potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\ccsetup321.exe"
sh=B876F5F15137EF8A1680C2AC04DC786D2A191DC9 ft=1 fh=850ac12ce80cbbb1 vn="Win32/Bundled.Toolbar.Google.E potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\ccsetup322.exe"
sh=03659459CF218748D115AB0EBD09E04AE43D9BC4 ft=1 fh=b7fea6e53bda36e3 vn="Win32/Bundled.Toolbar.Google.E potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\ccsetup323.exe"
sh=9EBEEAD23C136B3C8E6CC0220B4F47C3D67B9B4D ft=1 fh=f7cfbc4528e170a2 vn="Win32/Bundled.Toolbar.Google.E potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\ccsetup324.exe"
sh=6B7392086BFE81C9C47D0D041CD900A239011F74 ft=1 fh=a2718fd4c56b599b vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\ccsetup325.exe"
sh=25CF9B7BB46B581ED8DE03DDC56E1574087CACAA ft=1 fh=10c5a1651be6049d vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\ccsetup326.exe"
sh=180C8ED7C81E3AE7B0507B26C927EA93584B017C ft=1 fh=b0b83453fcc7b480 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\ccsetup327.exe"
sh=60C77FF66F63F585FCE95C78FF44B513E2AAB9F9 ft=1 fh=17494879e4339ab3 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\ccsetup400.exe"
sh=EA244E84E1468A6AF4741F2184E113A16F833D8B ft=1 fh=a9c73d0d07b22a58 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\ccsetup402 (1).exe"
sh=EA244E84E1468A6AF4741F2184E113A16F833D8B ft=1 fh=a9c73d0d07b22a58 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\ccsetup402.exe"
sh=ADF2AD3B94EB35DC371AB7A1A49B004B7C76BFA5 ft=1 fh=f95766f30bc4ebc6 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\ccsetup406.exe"
sh=6585F3BCD797EFC2F81599CDE50115668B677D52 ft=1 fh=c4c5afd1d69feff3 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\ccsetup408.exe"
sh=932E042070F1567ED5A116E98E3C04D7D07E0681 ft=1 fh=3bf8f6c29b1c29c3 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\ccsetup409.exe"
sh=0F97FB08E6FC4500F86E64D3285C171C6462BD61 ft=1 fh=acbbffe185c36761 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\ccsetup410.exe"
sh=C662A89E2318810A6012EF702A9C39F6E0AC3B36 ft=1 fh=e8789dd77b481b56 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\ccsetup411.exe"
sh=F83855D2F4CB2063085A6A66A6A1C7CB377C28CB ft=1 fh=bcd5e45444e76df6 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\ccsetup414.exe"
sh=261CACC79B4B8FF9A7A2A75162178377C069C868 ft=1 fh=6885c1417d3b07df vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\cdbxp_setup_4.3.8.2568.exe"
sh=2A5832EF4D08B90E3C4667358DD8FF7A5C0B6FFD ft=1 fh=f2fc770a21244f09 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\CrystalDiskInfo4_6_0-en.exe"
sh=92696C41515E4893895FEA3F6394BF7B07D2ECF9 ft=1 fh=32bf32aaa0e797ef vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Matthias\Downloads\DeviceDoctor_Bundle.exe"
sh=D86D2FC37B1FED635CAF6F25254D7A575466ED1E ft=1 fh=7614c1446a9b863f vn="Variante von Win32/Hao123.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Matthias\Downloads\FFSetup3.3.4.0.exe"
sh=8547D1E5EACE099ECFE5EDBF6958FA077650894B ft=1 fh=61435738673b6524 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Matthias\Downloads\FreeYouTubeToMP3Converter(3).exe"
sh=ABA0F43F547A86487917BB706D83F7F32FEA479E ft=1 fh=64f4ef9d4dc3c582 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Matthias\Downloads\FreeYouTubeToMp3Converter.exe"
sh=C067B5D6310A154C1928842F5EFB4927B1F1AF63 ft=1 fh=39abebded85e4195 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Matthias\Downloads\HSS-3.17-install-hss-561-conduit.exe"
sh=95D3383B685C5E91834077E651EC6B110AB10DAA ft=1 fh=4c25fc55b5d2b687 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\hwmonitor_1.18-setup.exe"
sh=2CECC4EE10BD0497BD1D08E69C32167B25AC7C3C ft=1 fh=3c781ae03bb53561 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\MyPhoneExplorer_Setup_1.8.0.exe"
sh=6851D3C78F055592084C3788CCCC13014B03C7AD ft=1 fh=31b9ec135aa3da52 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\NTFSUndelete_setup.exe"
sh=125822456F9087EC792C29660EB8289735E07627 ft=1 fh=31688d33bbba7bf4 vn="Win32/DownWare.W evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Matthias\Downloads\pspad456inst_en.exe"
sh=FD96857DCCC6C2967FE90864BA708A56674930BB ft=0 fh=0000000000000000 vn="Win32/PrcView potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\RipBot264v1.17.3.7z"
sh=64B5D49DECF9604E0EB3EB81A3C84A08D7FF4869 ft=1 fh=8d4c11b07ad3c782 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Matthias\Downloads\SoftonicDownloader_fuer_guitar-pro.exe"
sh=38CCEB47628D4C73344595B1FAF505F874B86EB0 ft=1 fh=8c018257833e8034 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\SUPERsetup201149.exe"
sh=5BC63A1264D124BA96333BB6ED05F725DE01E0EF ft=0 fh=0000000000000000 vn="Win32/PSWTool.KonBoot.A potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\ubcd511(1).iso"
sh=47418AD4698F40CBBD570C6FEAFEEE71BED07F29 ft=0 fh=0000000000000000 vn="Win32/PSWTool.KonBoot.A potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\ubcd528.iso"
sh=87ACC6A6278B45DC5A3297AD2A5AB8AC7CEEE211 ft=0 fh=0000000000000000 vn="Variante von Android/Inmobi.A potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\[GeekFiles.in]Angry_Birds_Space_1.0.1.apk"
sh=2CD0545332E2CAA5090A95DD42F538A80E8301D8 ft=1 fh=5a66576d6abb6331 vn="Variante von Win32/BitCoinMiner.AR potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\guiminer\miners\puddinpop\rpcminer-4way.exe"
sh=2F3BEC0D32639629B3B73497B0F54BD0AB6646DC ft=1 fh=60d3d9f1d16c95fc vn="Variante von Win32/BitCoinMiner.AR potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\guiminer\miners\puddinpop\rpcminer-cpu.exe"
sh=81A262D0BD5D43FCD0A0C336465BD54E1A83BE46 ft=1 fh=098b70eded409bba vn="Variante von Win32/BitCoinMiner.AR potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\guiminer\miners\puddinpop\rpcminer-cuda.exe"
sh=10E84F5AC81C9ABB602B863F94A7223C9AD7A563 ft=1 fh=60d3d9f176b5db69 vn="Variante von Win32/BitCoinMiner.AR potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Downloads\guiminer\miners\puddinpop\rpcminer-opencl.exe"
sh=CF2EB58482134A7F5528E4D1BB32DACF82A53849 ft=1 fh=09d4328defaa8fd4 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Dropbox\Sweet Home 3D\Wohnung Spiekeroogstr\SweetHome3D-4.0-windows-oc.exe"
sh=2ACE9396472B021EA7E74774D0390AA6ECEA9659 ft=0 fh=0000000000000000 vn="Variante von Android/SMSreg.GC potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Dropbox\Umzug Tablet\Download\Gangstar_Rio_City_of_Saints_Paymium_HD_Asus_Google_Nexus_7_android.apk"
sh=A9547F79D5D106E60B4A2731AD5394F86F52F939 ft=0 fh=0000000000000000 vn="Variante von Android/SMSreg.GC potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Dropbox\Umzug Tablet\Download\NOVA_3_Paymium_HD_Asus_Google_Nexus_7_android.apk"
sh=CF2EB58482134A7F5528E4D1BB32DACF82A53849 ft=1 fh=09d4328defaa8fd4 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Users\Matthias\Pictures\Wohnung*******\SweetHome3D-4.0-windows-oc.exe"
sh=890368473ECBC404DCD42FF0C6C38397102F59C0 ft=1 fh=4c7db45bf4256cb3 vn="Win32/PrcView potenziell unsichere Anwendung" ac=I fn="E:\Program Files\RipBot264v1.17.3\Tools\Process\Process.exe"
sh=90D418822E2F34957396836C929299E5F71C6589 ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AppLovin.A evtl. unerwünschte Anwendung" ac=I fn="E:\SAVE_SD_HTC_DESIRE\TitaniumBackup\com.arbstudios.tikikartfree-65c12c3ef4c138c57f27f361312fb27f.apk.gz"
sh=B7907D2B2E7169EE8AA23448EB71659E0FF85C23 ft=0 fh=0000000000000000 vn="Variante von Android/Inmobi.A potenziell unsichere Anwendung" ac=I fn="E:\SAVE_SD_HTC_DESIRE\TitaniumBackup\com.rovio.angrybirds-f24e83849db53f789b5e3b1e2f63663c.apk.gz"
sh=546885A06029D5FB550A6AE085D363F08317E5FC ft=0 fh=0000000000000000 vn="Variante von Android/Inmobi.A potenziell unsichere Anwendung" ac=I fn="E:\SAVE_SD_HTC_DESIRE\TitaniumBackup\com.rovio.angrybirdsrio-b9a2a5eef39ab02cf19ee494b5b5d9b7.apk.gz"
sh=9BD92D53BE978B9B9E02C3C8583383F03F9E04F3 ft=0 fh=0000000000000000 vn="Variante von Android/Inmobi.A potenziell unsichere Anwendung" ac=I fn="E:\SAVE_SD_HTC_DESIRE\TitaniumBackup\com.rovio.angrybirdsseasons-bfc621c28fc332db4d2fb3e22e513981.apk.gz"
sh=08A67767B510F6160D3222C36A0DA3CC24BD3AA5 ft=0 fh=0000000000000000 vn="Variante von Android/Inmobi.A potenziell unsichere Anwendung" ac=I fn="E:\SAVE_SD_HTC_DESIRE\TitaniumBackup\com.rovio.angrybirdsspace.premium-e0399f61bbd2d9a3b3b2d79f19cec8ec.apk.gz"
sh=1EFF205D7D0D82BAF841A98C176D700114E13FE6 ft=1 fh=b22528247c19a550 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="G:\alterLaptop\DPlatte\Programme\Avira\AntiVir Desktop\ApnIC.dll"
sh=F03442B504B5CE723ABE855CB805DABEF4E78F1E ft=1 fh=5c1d6bdce6f6a178 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="G:\alterLaptop\DPlatte\Programme\Avira\AntiVir Desktop\ApnToolbarInstaller.exe"
sh=9EBEEAD23C136B3C8E6CC0220B4F47C3D67B9B4D ft=1 fh=f7cfbc4528e170a2 vn="Win32/Bundled.Toolbar.Google.E potenziell unsichere Anwendung" ac=I fn="G:\MSI GE70-i547\Downloads\ccsetup324.exe"
sh=6B7392086BFE81C9C47D0D041CD900A239011F74 ft=1 fh=a2718fd4c56b599b vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="G:\MSI GE70-i547\Downloads\ccsetup325.exe"
sh=25CF9B7BB46B581ED8DE03DDC56E1574087CACAA ft=1 fh=10c5a1651be6049d vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="G:\MSI GE70-i547\Downloads\ccsetup326.exe"
sh=180C8ED7C81E3AE7B0507B26C927EA93584B017C ft=1 fh=b0b83453fcc7b480 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="G:\MSI GE70-i547\Downloads\ccsetup327.exe"
sh=3D84C7C0E316EAD02DD7A59E746EC798DAB8BC0C ft=1 fh=ce50a11e70bad71c vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="G:\MSI GE70-i547\Downloads\ccsetup328.exe"
sh=60C77FF66F63F585FCE95C78FF44B513E2AAB9F9 ft=1 fh=17494879e4339ab3 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="G:\MSI GE70-i547\Downloads\ccsetup400.exe"
sh=2FEC2BB06C11B711B37E7D1BAC0004F8F25A4C7B ft=1 fh=9586b0754c97a9e0 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="G:\MSI GE70-i547\Downloads\ccsetup401.exe"
sh=EA244E84E1468A6AF4741F2184E113A16F833D8B ft=1 fh=a9c73d0d07b22a58 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="G:\MSI GE70-i547\Downloads\ccsetup402.exe"
sh=A4854C3C5A7277D3C02F88330D2023AAD3667533 ft=1 fh=818bd9cd8f0d2ffa vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="G:\MSI GE70-i547\Downloads\ccsetup403.exe"
sh=6525F85F423A8ACB9DE261FCE7C1BFDCAF0651EC ft=1 fh=e751b5239200023c vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="G:\MSI GE70-i547\Downloads\ccsetup404.exe"
sh=59C75B45AC46FAC8C4018205544938C46B1BA631 ft=1 fh=ab462a0af6e69b03 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="G:\MSI GE70-i547\Downloads\ccsetup405.exe"
sh=ADF2AD3B94EB35DC371AB7A1A49B004B7C76BFA5 ft=1 fh=f95766f30bc4ebc6 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="G:\MSI GE70-i547\Downloads\ccsetup406.exe"
sh=DD6E088E22874B283348A15DB5159C7B20CC6D22 ft=1 fh=fe9dda6ca79832a6 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="G:\MSI GE70-i547\Downloads\ccsetup407.exe"
sh=6585F3BCD797EFC2F81599CDE50115668B677D52 ft=1 fh=c4c5afd1d69feff3 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="G:\MSI GE70-i547\Downloads\ccsetup408.exe"
sh=CA7F071E0A0C89A3DB1F9667D88DBC897933400A ft=1 fh=f650406294598c45 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="G:\MSI GE70-i547\Downloads\CrystalDiskInfo5_1_0-en.exe"
sh=DEB9F64ABBF9425B70217747FEED6D2CF8BD9B6D ft=1 fh=a8b5d0d60197659c vn="Variante von MSIL/DownloadGuide.A evtl. unerwünschte Anwendung" ac=I fn="G:\MSI GE70-i547\Downloads\DLG_free-driver-scout_chip_de-DE.exe"
sh=CD09C0EE3FDDFDF811BAC3EFEDAE23A8A21EA165 ft=1 fh=bcb50db406e2830e vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="G:\MSI GE70-i547\Downloads\Sweet Home 3D - CHIP-Downloader.exe"
Hier das FRST-Log: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-06-2014 02
Ran by Matthias (administrator) on MATTHIAS-PC on 30-06-2014 08:04:31
Running from C:\Users\Matthias\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(SOURCENEXT) C:\Windows\SysWOW64\bgsvcgen.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Seagate) C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Dropbox, Inc.) C:\Users\Matthias\AppData\Roaming\Dropbox\bin\Dropbox.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1279480 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [1807360 2011-10-19] (Dominik Reichl)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-06-21] (AVAST Software)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282632 2013-07-23] (CANON INC.)
HKLM\...\Policies\Explorer: [NoInstrumentation] 0
HKU\S-1-5-21-2421184407-1128806621-541807395-1001\...\Run: [GoogleChromeAutoLaunch_8265D6534E6C32D01005D7D3455D029D] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.)
Startup: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Matthias\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: 01UnsuppModule -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => No File
ShellIconOverlayIdentifiers: 02SyncingModule -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => No File
ShellIconOverlayIdentifiers: 03SyncedModule -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => No File
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x18A0B07BF47CCB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {2E4024D0-74C4-43EE-8B3D-F083E2E5BB33} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {EF8FE9E1-718E-4F3C-B1F4-E9283E313552} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll (CANON INC.)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
DPF: HKLM-x32 {6E718D87-6909-4FCE-92D4-EDCB2F725727} hxxp://www.navigram.com/engine/v911/Navigram.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15111/CTPID.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @qnap.com/MonitorPlayer - C:\Program Files (x86)\QNAP\VioStorMonitor\npMonHost.dll ( QNAP System, Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Gutscheinrausch.de - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\2v4wj4ej.qjf [2011-07-03]
FF Extension: Flash Video Downloader - Full HD Download - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\artur.dubovoy@gmail.com [2014-06-21]
FF Extension: Xmarks - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\foxmarks@kei.com [2013-05-25]
FF Extension: LavaFox V2 - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\info@djzig.com [2014-06-21]
FF Extension: DOM Inspector - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\inspector@mozilla.org [2013-04-26]
FF Extension: KeeFox - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\keefox@chris.tomlinson [2014-06-21]
FF Extension: LastPass - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\support@lastpass.com [2014-06-21]
FF Extension: FT DeepDark - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2014-06-24]
FF Extension: DownloadHelper - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-06-21]
FF Extension: Evernote Web Clipper - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800} [2014-01-04]
FF Extension: Hide My Ass Proxy Extension - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\extension@hidemyass.com.xpi [2013-10-27]
FF Extension: Firebug - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\firebug@software.joehewitt.com.xpi [2012-01-13]
FF Extension: InspectThis - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\inspectthis@mackay.dyndns.info.xpi [2012-01-13]
FF Extension: MD5 Reborned Hasher - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\md5rehasher@phoneixs.es.xpi [2012-01-07]
FF Extension: Social Fixer - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\socialfixer@mattkruse.com.xpi [2011-11-12]
FF Extension: FlashGot - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2011-06-03]
FF Extension: Cookie Monster - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\{45d8ff86-d909-11db-9705-005056c00008}.xpi [2012-01-07]
FF Extension: CookieCuller - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\{99B98C2C-7274-45a3-A640-D9DF1A1C8460}.xpi [2012-01-03]
FF Extension: Shine Bright Skin Aero - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\{c7b3cf78-9cbc-47b9-ba47-bb84a56069dd}.xpi [2012-04-06]
FF Extension: Adblock Plus - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-03-27]
FF Extension: Greasemonkey - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-09-02]
FF Extension: User Agent Switcher - C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\hfk0rn1h.default\Extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [2012-01-14]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-03-29]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Acronis Backup and Security\Acronis Backup and Security 2010\bdtbext
Chrome:
=======
CHR HomePage: hxxp://www.tagesschau.de/
CHR StartupUrls: "hxxp://start.mysearchdial.com/?f=1&a=MSD2&cd=2XzuyEtN2Y1L1QzuyDyEtByBtC0EtDtA0A0ByD0EyE0D0DtDtN0D0Tzu0CyBzztAtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=883820068&ir="
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U11) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Nitro PDF Plug-In) - C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll No File
CHR Plugin: (Monitor Host plugin) - C:\Program Files (x86)\QNAP\VioStorMonitor\npMonHost.dll ( QNAP System, Inc)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (Google Docs) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-02-06]
CHR Extension: (Google Drive) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-02-06]
CHR Extension: (YouTube) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-02-06]
CHR Extension: (Google Cast) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-04-18]
CHR Extension: (Proxy Switchy!) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\caehdcpeofiiigpdhbabniblemipncjj [2013-10-27]
CHR Extension: (Google-Suche) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-02-06]
CHR Extension: (Send to c:geo) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmjnanlejfopnmlbaglhakppcgfiehmi [2013-11-26]
CHR Extension: (sendToCgeo) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebcekkbgdfmadcndplemkpligfnoiomn [2013-03-25]
CHR Extension: (Google Play Music) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2014-06-21]
CHR Extension: (JDownloader Integration) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmochcijbhgjfdmojjenfabpafelhgdc [2013-06-23]
CHR Extension: (avast! Online Security) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-05-24]
CHR Extension: (MFCTools) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\himjbipiceflfkibobojfdblmfccnhcm [2014-01-18]
CHR Extension: (Social Fixer for Facebook) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb [2013-03-25]
CHR Extension: (FVD Downloader) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2014-04-19]
CHR Extension: (Google Maps) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2013-03-25]
CHR Extension: (pyLCEX) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\lonijbpbhgckjaagllgmgifkidcojban [2013-11-18]
CHR Extension: (Hangouts) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2013-12-01]
CHR Extension: (chaturbate) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkmhamhlgmjchgiclojjodgmbjjehmde [2014-01-18]
CHR Extension: (Google Wallet) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-28]
CHR Extension: (chromeIPass) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\ompiailgknfdndiefoaoiligalphfdae [2013-03-25]
CHR Extension: (Google Mail) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-02-06]
CHR Extension: (Sexy Girl Chrome Theme - Arthur) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkibpgkliocdchedibhioiibdiddomac [2013-03-25]
CHR Extension: (Tapatalk Notifier) - C:\Users\Matthias\AppData\Local\Google\Chrome\User Data\Default\Extensions\plfhcjljnfjpfcbjpgnflfofmahljkjj [2013-03-31]
==================== Services (Whitelisted) =================
R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-04] (AVAST Software)
R2 bgsvcgen; C:\Windows\SysWOW64\bgsvcgen.exe [139264 2011-07-07] (SOURCENEXT) [File not signed]
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2010-01-27] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2010-01-27] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2008-11-18] (Creative Technology Ltd) [File not signed]
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-03-26] (Nitro PDF Software)
R2 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [278336 2011-09-19] (NVIDIA)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-02-16] ()
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-07-03] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [245760 2011-02-18] () [File not signed]
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
S2 Aspi32; C:\Windows\SysWow64\Drivers\Aspi32.sys [23936 1997-12-23] (Adaptec) [File not signed]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-04] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-04] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-06-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-04] ()
S3 ATITool; C:\Windows\System32\DRIVERS\ATITool64.sys [30720 2006-11-10] () [File not signed]
S1 cdrbsdrv; C:\Windows\SysWow64\Drivers\cdrbsdrv.sys [38944 2011-07-07] (B.H.A Corporation)
S3 DbusAudio; C:\Windows\System32\drivers\DbusAudio.sys [33336 2010-04-28] (Windows (R) Codename Longhorn DDK provider)
S3 DLPortIO; C:\Windows\SysWOW64\DRIVERS\DLPortIO.SYS [3584 2000-06-29] () [File not signed]
S3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 nvoclk64; C:\Windows\System32\DRIVERS\nvoclk64.sys [42088 2009-09-15] (NVIDIA Corp.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 PciPPorts; C:\Windows\System32\DRIVERS\PciPPorts.sys [96768 2009-07-23] ()
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-07-03] (Secunia)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2013-01-11] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2013-01-11] ()
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-02-18] (Duplex Secure Ltd.)
S3 StarOpen; No ImagePath
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-09-17] (Anchorfree Inc.)
R0 tdrpman258; C:\Windows\System32\DRIVERS\tdrpm258.sys [1477728 2012-10-05] (Acronis)
S1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [59184 2011-11-17] (Windows (R) 2000 DDK provider)
S1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [572336 2011-11-17] (Paragon)
S1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [352816 2011-11-17] (Paragon)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [51712 2011-02-18] (Apple, Inc.) [File not signed]
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [113936 2013-12-18] (Oracle Corporation)
R1 vmm; C:\Windows\system32\Treiber\vmm.sys [294232 2013-12-30] (Microsoft Corporation)
R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [260608 2012-02-27] (Jungo)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S1 UserPort; \SystemRoot\System32\Drivers\UserPort.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-30 07:06 - 2014-06-30 07:06 - 00000000 _____ () C:\Users\Matthias\Desktop\checkup.txt
2014-06-30 06:47 - 2014-06-30 06:47 - 00854367 _____ () C:\Users\Matthias\Desktop\SecurityCheck.exe
2014-06-29 20:08 - 2014-06-29 20:08 - 02347384 _____ (ESET) C:\Users\Matthias\Downloads\esetsmartinstaller_deu.exe
2014-06-27 18:29 - 2014-06-30 08:04 - 00032181 _____ () C:\Users\Matthias\Desktop\FRST.txt
2014-06-27 18:29 - 2014-06-30 08:04 - 00000000 ____D () C:\Users\Matthias\Desktop\FRST-OlderVersion
2014-06-27 18:12 - 2014-06-27 18:12 - 00002191 _____ () C:\Users\Matthias\Desktop\JRT.txt
2014-06-27 18:02 - 2014-06-27 18:02 - 00000000 ____D () C:\Windows\ERUNT
2014-06-27 18:01 - 2014-06-27 18:01 - 01016261 _____ (Thisisu) C:\Users\Matthias\Downloads\JRT.exe
2014-06-27 17:58 - 2014-06-27 17:58 - 01016261 _____ (Thisisu) C:\Users\Matthias\Desktop\JRT.exe
2014-06-27 17:58 - 2014-06-27 17:58 - 00002248 _____ () C:\Users\Matthias\Desktop\AdwCleaner[S1].txt
2014-06-27 17:45 - 2014-06-27 17:45 - 01342659 _____ () C:\Users\Matthias\Desktop\adwcleaner_3.213.exe
2014-06-27 17:44 - 2014-06-27 17:44 - 00002271 _____ () C:\Users\Matthias\Desktop\mbam.txt
2014-06-27 17:11 - 2014-06-27 17:12 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-27 17:11 - 2014-06-27 17:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-06-27 17:11 - 2014-06-27 17:11 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-06-27 17:11 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-24 21:48 - 2014-06-24 21:48 - 00012609 _____ () C:\Users\Matthias\Documents\Computerkrams.xlsx
2014-06-24 14:54 - 2014-06-24 14:55 - 00060535 _____ () C:\Users\Matthias\Desktop\Result.txt
2014-06-24 14:51 - 2014-06-24 14:51 - 00400384 _____ (Farbar) C:\Users\Matthias\Desktop\MiniToolBox.exe
2014-06-24 14:46 - 2014-06-24 14:46 - 00029757 _____ () C:\ComboFix.txt
2014-06-24 14:29 - 2014-06-24 14:46 - 00000000 ____D () C:\Qoobox
2014-06-24 14:29 - 2014-06-24 14:44 - 00000000 ____D () C:\Windows\erdnt
2014-06-24 14:29 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-06-24 14:29 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-06-24 14:29 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-06-24 14:29 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-06-24 14:29 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-06-24 14:29 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-06-24 14:29 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-06-24 14:29 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-06-24 14:27 - 2014-06-24 14:28 - 05211571 ____R (Swearware) C:\Users\Matthias\Desktop\ComboFix.exe
2014-06-24 08:38 - 2014-06-24 08:38 - 00317351 _____ () C:\Users\Matthias\Downloads\sign-handwriting.zip
2014-06-24 08:38 - 2014-06-24 08:38 - 00022050 _____ () C:\Users\Matthias\Downloads\always-forever.zip
2014-06-23 20:19 - 2014-06-23 20:19 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Matthias\Desktop\tdsskiller.exe
2014-06-23 19:52 - 2014-06-23 20:19 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-06-23 19:50 - 2014-06-23 20:19 - 00000000 ____D () C:\Users\Matthias\Desktop\mbar
2014-06-23 19:50 - 2014-06-23 19:50 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Matthias\Downloads\mbar-1.07.0.1012.exe
2014-06-23 19:50 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-23 10:27 - 2014-06-23 10:27 - 00000160 _____ () C:\Users\Matthias\Downloads\Kalenderwochen_2010-2015.ics
2014-06-22 23:36 - 2014-06-22 23:36 - 00599500 _____ () C:\Users\Matthias\Downloads\gmer.txt
2014-06-22 22:47 - 2014-06-22 22:47 - 00380416 _____ () C:\Users\Matthias\Desktop\Gmer-19357.exe
2014-06-22 22:45 - 2014-06-22 22:46 - 00056946 _____ () C:\Users\Matthias\Downloads\Addition.txt
2014-06-22 22:42 - 2014-06-30 08:04 - 00000000 ____D () C:\FRST
2014-06-22 22:42 - 2014-06-22 22:46 - 00069029 _____ () C:\Users\Matthias\Downloads\FRST.txt
2014-06-22 22:41 - 2014-06-30 08:04 - 02083328 _____ (Farbar) C:\Users\Matthias\Desktop\FRST64.exe
2014-06-22 22:34 - 2014-06-22 22:34 - 00000588 _____ () C:\Users\Matthias\Downloads\defogger_disable.log
2014-06-22 22:34 - 2014-06-22 22:34 - 00000020 _____ () C:\Users\Matthias\defogger_reenable
2014-06-22 22:33 - 2014-06-22 22:33 - 00050477 _____ () C:\Users\Matthias\Downloads\Defogger.exe
2014-06-22 22:14 - 2014-06-22 22:14 - 01333465 _____ () C:\Users\Matthias\Downloads\adwcleaner_3.212.exe
2014-06-22 22:01 - 2014-06-22 22:01 - 00511782 _____ () C:\Users\Matthias\Downloads\Autoruns.zip
2014-06-22 16:38 - 2014-06-22 16:38 - 00000000 ____D () C:\SymCache
2014-06-22 16:37 - 2014-06-22 16:39 - 00000000 ____D () C:\Users\Matthias\Documents\WPA Files
2014-06-22 16:30 - 2014-06-22 16:42 - 00000000 ____D () C:\log
2014-06-22 16:03 - 2014-06-22 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2014-06-22 16:03 - 2014-06-22 16:03 - 00000000 ____D () C:\Program Files (x86)\Windows Kits
2014-06-22 16:02 - 2014-06-22 16:03 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-22 15:58 - 2014-06-22 15:58 - 00163917 _____ () C:\Users\Matthias\Downloads\ReleaseNotes_Win7_1RTMSDK.Htm
2014-06-22 15:55 - 2014-06-22 15:55 - 00003152 _____ () C:\Windows\System32\Tasks\{2C697FBE-AB3C-4455-BE91-C1F9DD5491D6}
2014-06-22 15:48 - 2014-05-20 01:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-06-22 15:48 - 2014-05-15 01:49 - 03774821 _____ () C:\Windows\system32\nvcoproc.bin
2014-06-22 15:45 - 2014-06-22 15:45 - 00509264 _____ (Microsoft Corporation) C:\Users\Matthias\Downloads\winsdk_web.exe
2014-06-22 15:45 - 2014-05-20 04:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-06-22 15:45 - 2014-05-20 04:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-06-22 15:45 - 2014-05-20 04:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-06-22 15:39 - 2014-06-22 15:39 - 00091181 _____ () C:\Windows\ZTEInstallInfo.log
2014-06-22 15:35 - 2014-06-22 15:35 - 04748896 _____ (Piriform Ltd) C:\Users\Matthias\Downloads\ccsetup414.exe
2014-06-22 15:33 - 2014-06-22 15:34 - 00991536 _____ (Microsoft Corporation) C:\Users\Matthias\Downloads\sdksetup.exe
2014-06-22 15:33 - 2014-05-30 01:07 - 01715176 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-06-22 15:33 - 2014-05-30 01:07 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-06-22 15:31 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-06-22 15:31 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-06-21 18:10 - 2014-06-21 18:10 - 00000000 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-21 18:00 - 2014-06-21 18:07 - 00000826 _____ () C:\Windows\SecuniaPackage.log
2014-06-21 17:57 - 2014-06-21 17:58 - 18732144 _____ (Adobe Systems Inc.) C:\Users\Matthias\Downloads\AdobeAIRInstaller (5).exe
2014-06-21 17:52 - 2014-06-21 17:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-21 13:41 - 2014-06-21 15:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-06-21 13:09 - 2014-06-21 13:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-21 13:08 - 2014-06-21 13:08 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-21 13:08 - 2014-06-21 13:08 - 00000000 ____D () C:\Program Files\iTunes
2014-06-21 13:08 - 2014-06-21 13:08 - 00000000 ____D () C:\Program Files\iPod
2014-06-21 13:08 - 2014-06-21 13:08 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-21 12:57 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-21 12:57 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-21 12:57 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-06-21 12:57 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-06-21 12:56 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-21 12:56 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-21 12:56 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-21 12:56 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-21 12:56 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-21 12:56 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-21 12:56 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-21 12:56 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-21 12:56 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-21 12:56 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-21 12:56 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-21 12:56 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-21 12:56 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-21 12:56 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-21 12:56 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-21 12:56 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-21 12:56 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-21 12:56 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-21 12:56 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-21 12:56 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-21 12:56 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-21 12:56 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-21 12:56 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-21 12:56 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-21 12:56 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-21 12:56 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-21 12:56 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-21 12:56 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-21 12:56 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-21 12:56 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-21 12:56 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-21 12:56 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-21 12:56 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-21 12:56 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-21 12:56 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-21 12:56 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-21 12:56 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-21 12:56 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-21 12:56 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-21 12:56 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-21 12:56 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-21 12:56 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-21 12:56 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-21 12:56 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-21 12:56 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-21 12:56 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-21 12:56 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-21 12:56 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-21 12:56 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-21 12:56 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-21 12:56 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-21 12:56 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-21 12:56 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-21 12:56 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-21 12:56 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-21 12:56 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-21 12:56 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-21 12:56 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-21 12:56 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-21 12:56 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-21 12:56 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-21 12:56 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-21 12:56 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-21 12:56 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-21 12:53 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-06-21 12:53 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-06-21 12:53 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-06-21 12:53 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-06-21 12:53 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-06-21 12:53 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-06-21 12:53 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-06-21 12:53 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-06-21 12:53 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-06-21 12:53 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-06-21 12:53 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-06-21 12:53 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-06-21 12:53 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-06-21 12:53 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-06-21 12:53 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-06-21 12:53 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-06-21 12:53 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-06-21 12:53 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-06-21 12:53 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-06-21 12:53 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-06-21 12:53 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-06-21 12:53 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-06-21 12:53 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-06-21 12:53 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-06-21 12:53 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-06-21 12:53 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-06-21 12:53 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-06-21 12:53 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-06-21 12:53 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-06-21 12:53 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-06-21 12:53 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-06-21 12:53 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-06-21 12:53 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-06-21 12:53 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-06-21 12:53 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-06-21 12:53 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-06-21 12:53 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-06-21 12:53 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-06-21 12:53 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-06-21 12:53 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-06-21 12:53 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-06-21 12:52 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-21 12:52 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-21 12:33 - 2014-06-30 07:54 - 00000000 ____D () C:\Users\Matthias\AppData\Roaming\DropboxMaster
==================== One Month Modified Files and Folders =======
2014-06-30 08:05 - 2014-06-27 18:29 - 00032181 _____ () C:\Users\Matthias\Desktop\FRST.txt
2014-06-30 08:04 - 2014-06-27 18:29 - 00000000 ____D () C:\Users\Matthias\Desktop\FRST-OlderVersion
2014-06-30 08:04 - 2014-06-22 22:42 - 00000000 ____D () C:\FRST
2014-06-30 08:04 - 2014-06-22 22:41 - 02083328 _____ (Farbar) C:\Users\Matthias\Desktop\FRST64.exe
2014-06-30 07:59 - 2012-09-05 18:21 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-30 07:56 - 2012-04-21 14:30 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{257B08F2-5683-4379-A9C6-53F01BC7C7ED}
2014-06-30 07:55 - 2012-01-08 15:42 - 00000000 ___RD () C:\Users\Matthias\Dropbox
2014-06-30 07:55 - 2012-01-08 15:39 - 00000000 ____D () C:\Users\Matthias\AppData\Roaming\Dropbox
2014-06-30 07:55 - 2009-07-14 06:45 - 00013760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-30 07:55 - 2009-07-14 06:45 - 00013760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-30 07:54 - 2014-06-21 12:33 - 00000000 ____D () C:\Users\Matthias\AppData\Roaming\DropboxMaster
2014-06-30 07:54 - 2012-09-05 18:21 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-30 07:51 - 2013-01-14 21:09 - 01406085 _____ () C:\Windows\WindowsUpdate.log
2014-06-30 07:47 - 2014-02-16 18:09 - 00011686 _____ () C:\Windows\setupact.log
2014-06-30 07:47 - 2014-01-12 13:27 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-06-30 07:47 - 2012-01-06 22:34 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-30 07:47 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-30 07:11 - 2012-04-05 08:41 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-30 07:06 - 2014-06-30 07:06 - 00000000 _____ () C:\Users\Matthias\Desktop\checkup.txt
2014-06-30 06:47 - 2014-06-30 06:47 - 00854367 _____ () C:\Users\Matthias\Desktop\SecurityCheck.exe
2014-06-29 20:08 - 2014-06-29 20:08 - 02347384 _____ (ESET) C:\Users\Matthias\Downloads\esetsmartinstaller_deu.exe
2014-06-27 20:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2014-06-27 18:27 - 2010-01-28 18:47 - 00000000 ____D () C:\Program Files (x86)\totalcmd
2014-06-27 18:12 - 2014-06-27 18:12 - 00002191 _____ () C:\Users\Matthias\Desktop\JRT.txt
2014-06-27 18:02 - 2014-06-27 18:02 - 00000000 ____D () C:\Windows\ERUNT
2014-06-27 18:01 - 2014-06-27 18:01 - 01016261 _____ (Thisisu) C:\Users\Matthias\Downloads\JRT.exe
2014-06-27 17:58 - 2014-06-27 17:58 - 01016261 _____ (Thisisu) C:\Users\Matthias\Desktop\JRT.exe
2014-06-27 17:58 - 2014-06-27 17:58 - 00002248 _____ () C:\Users\Matthias\Desktop\AdwCleaner[S1].txt
2014-06-27 17:53 - 2013-03-29 10:48 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-27 17:51 - 2014-02-16 18:09 - 00011966 _____ () C:\Windows\PFRO.log
2014-06-27 17:49 - 2013-10-02 20:31 - 00000000 ____D () C:\AdwCleaner
2014-06-27 17:49 - 2010-01-26 14:18 - 00000000 ____D () C:\Users\Matthias
2014-06-27 17:45 - 2014-06-27 17:45 - 01342659 _____ () C:\Users\Matthias\Desktop\adwcleaner_3.213.exe
2014-06-27 17:44 - 2014-06-27 17:44 - 00002271 _____ () C:\Users\Matthias\Desktop\mbam.txt
2014-06-27 17:12 - 2014-06-27 17:11 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-27 17:11 - 2014-06-27 17:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-06-27 17:11 - 2014-06-27 17:11 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-06-27 17:11 - 2012-02-07 11:16 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-27 17:11 - 2011-03-27 15:53 - 00000000 ____D () C:\Users\Matthias\AppData\Roaming\Malwarebytes
2014-06-27 17:11 - 2011-03-27 15:53 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-27 17:11 - 2011-03-27 15:53 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-06-24 21:48 - 2014-06-24 21:48 - 00012609 _____ () C:\Users\Matthias\Documents\Computerkrams.xlsx
2014-06-24 14:55 - 2014-06-24 14:54 - 00060535 _____ () C:\Users\Matthias\Desktop\Result.txt
2014-06-24 14:51 - 2014-06-24 14:51 - 00400384 _____ (Farbar) C:\Users\Matthias\Desktop\MiniToolBox.exe
2014-06-24 14:46 - 2014-06-24 14:46 - 00029757 _____ () C:\ComboFix.txt
2014-06-24 14:46 - 2014-06-24 14:29 - 00000000 ____D () C:\Qoobox
2014-06-24 14:44 - 2014-06-24 14:29 - 00000000 ____D () C:\Windows\erdnt
2014-06-24 14:43 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-06-24 14:42 - 2012-09-03 17:27 - 00000000 ____D () C:\Program Files (x86)\ownCloud Client
2014-06-24 14:30 - 2013-10-20 11:45 - 00000000 ____D () C:\Users\Matthias\ownCloud
2014-06-24 14:28 - 2014-06-24 14:27 - 05211571 ____R (Swearware) C:\Users\Matthias\Desktop\ComboFix.exe
2014-06-24 10:36 - 2012-01-10 22:47 - 00427824 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-24 10:32 - 2010-03-20 19:21 - 00000000 ____D () C:\Users\Matthias\AppData\Roaming\vlc
2014-06-24 10:21 - 2012-01-10 16:00 - 00115168 _____ () C:\Users\Matthias\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-24 08:54 - 2012-09-05 18:21 - 00004110 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-24 08:54 - 2012-09-05 18:21 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-24 08:38 - 2014-06-24 08:38 - 00317351 _____ () C:\Users\Matthias\Downloads\sign-handwriting.zip
2014-06-24 08:38 - 2014-06-24 08:38 - 00022050 _____ () C:\Users\Matthias\Downloads\always-forever.zip
2014-06-23 20:19 - 2014-06-23 20:19 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Matthias\Desktop\tdsskiller.exe
2014-06-23 20:19 - 2014-06-23 19:52 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-06-23 20:19 - 2014-06-23 19:50 - 00000000 ____D () C:\Users\Matthias\Desktop\mbar
2014-06-23 19:50 - 2014-06-23 19:50 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Matthias\Downloads\mbar-1.07.0.1012.exe
2014-06-23 10:27 - 2014-06-23 10:27 - 00000160 _____ () C:\Users\Matthias\Downloads\Kalenderwochen_2010-2015.ics
2014-06-23 09:22 - 2014-01-02 11:48 - 00002021 _____ () C:\Users\Public\Desktop\Canon Quick Menu.lnk
2014-06-23 09:22 - 2014-01-02 11:48 - 00000000 ____D () C:\ProgramData\CanonIJWSpt
2014-06-23 09:22 - 2014-01-02 11:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2014-06-22 23:36 - 2014-06-22 23:36 - 00599500 _____ () C:\Users\Matthias\Downloads\gmer.txt
2014-06-22 22:47 - 2014-06-22 22:47 - 00380416 _____ () C:\Users\Matthias\Desktop\Gmer-19357.exe
2014-06-22 22:46 - 2014-06-22 22:45 - 00056946 _____ () C:\Users\Matthias\Downloads\Addition.txt
2014-06-22 22:46 - 2014-06-22 22:42 - 00069029 _____ () C:\Users\Matthias\Downloads\FRST.txt
2014-06-22 22:34 - 2014-06-22 22:34 - 00000588 _____ () C:\Users\Matthias\Downloads\defogger_disable.log
2014-06-22 22:34 - 2014-06-22 22:34 - 00000020 _____ () C:\Users\Matthias\defogger_reenable
2014-06-22 22:33 - 2014-06-22 22:33 - 00050477 _____ () C:\Users\Matthias\Downloads\Defogger.exe
2014-06-22 22:14 - 2014-06-22 22:14 - 01333465 _____ () C:\Users\Matthias\Downloads\adwcleaner_3.212.exe
2014-06-22 22:08 - 2013-02-22 18:33 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-22 22:05 - 2012-06-15 22:15 - 00006062 _____ () C:\Windows\wininit.ini
2014-06-22 22:04 - 2010-11-09 11:19 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-22 22:01 - 2014-06-22 22:01 - 00511782 _____ () C:\Users\Matthias\Downloads\Autoruns.zip
2014-06-22 16:42 - 2014-06-22 16:30 - 00000000 ____D () C:\log
2014-06-22 16:39 - 2014-06-22 16:37 - 00000000 ____D () C:\Users\Matthias\Documents\WPA Files
2014-06-22 16:38 - 2014-06-22 16:38 - 00000000 ____D () C:\SymCache
2014-06-22 16:03 - 2014-06-22 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2014-06-22 16:03 - 2014-06-22 16:03 - 00000000 ____D () C:\Program Files (x86)\Windows Kits
2014-06-22 16:03 - 2014-06-22 16:02 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-22 15:58 - 2014-06-22 15:58 - 00163917 _____ () C:\Users\Matthias\Downloads\ReleaseNotes_Win7_1RTMSDK.Htm
2014-06-22 15:57 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-06-22 15:55 - 2014-06-22 15:55 - 00003152 _____ () C:\Windows\System32\Tasks\{2C697FBE-AB3C-4455-BE91-C1F9DD5491D6}
2014-06-22 15:49 - 2012-01-06 22:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-06-22 15:48 - 2012-01-06 22:34 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-22 15:45 - 2014-06-22 15:45 - 00509264 _____ (Microsoft Corporation) C:\Users\Matthias\Downloads\winsdk_web.exe
2014-06-22 15:42 - 2010-01-28 21:18 - 00000000 ____D () C:\Windows\WindowsMobile
2014-06-22 15:40 - 2011-01-10 20:28 - 00000000 ____D () C:\Windows\SysWOW64\SupportAppCB
2014-06-22 15:40 - 2010-01-27 10:45 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-22 15:39 - 2014-06-22 15:39 - 00091181 _____ () C:\Windows\ZTEInstallInfo.log
2014-06-22 15:36 - 2011-03-27 00:45 - 00001017 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-06-22 15:36 - 2010-03-01 12:23 - 00000000 ____D () C:\Program Files (x86)\CCleaner
2014-06-22 15:35 - 2014-06-22 15:35 - 04748896 _____ (Piriform Ltd) C:\Users\Matthias\Downloads\ccsetup414.exe
2014-06-22 15:34 - 2014-06-22 15:33 - 00991536 _____ (Microsoft Corporation) C:\Users\Matthias\Downloads\sdksetup.exe
2014-06-22 15:31 - 2010-03-01 12:48 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-22 15:30 - 2012-06-01 17:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synology
2014-06-22 15:11 - 2012-05-12 12:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-21 20:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-21 18:10 - 2014-06-21 18:10 - 00000000 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-21 18:10 - 2010-01-28 17:17 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-21 18:07 - 2014-06-21 18:00 - 00000826 _____ () C:\Windows\SecuniaPackage.log
2014-06-21 18:06 - 2012-04-05 08:41 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-21 18:06 - 2012-04-05 08:41 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-21 18:06 - 2011-06-01 23:44 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-21 17:58 - 2014-06-21 17:57 - 18732144 _____ (Adobe Systems Inc.) C:\Users\Matthias\Downloads\AdobeAIRInstaller (5).exe
2014-06-21 17:52 - 2014-06-21 17:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-21 17:31 - 2011-06-18 20:04 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-06-21 17:29 - 2011-07-26 12:37 - 00000494 __RSH () C:\Users\Matthias\ntuser.pol
2014-06-21 17:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-06-21 15:27 - 2013-09-28 13:09 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-21 15:23 - 2010-01-27 16:25 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-21 15:18 - 2014-05-10 13:05 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-21 15:09 - 2014-06-21 13:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-06-21 13:09 - 2014-06-21 13:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-21 13:08 - 2014-06-21 13:08 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-21 13:08 - 2014-06-21 13:08 - 00000000 ____D () C:\Program Files\iTunes
2014-06-21 13:08 - 2014-06-21 13:08 - 00000000 ____D () C:\Program Files\iPod
2014-06-21 13:08 - 2014-06-21 13:08 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-21 13:06 - 2013-12-06 18:00 - 00000000 ____D () C:\Users\Matthias\AppData\Local\JDownloader v2.0
2014-06-21 12:38 - 2014-01-11 13:43 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-21 12:38 - 2013-03-29 10:49 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-06-21 12:38 - 2013-03-29 10:48 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-21 12:33 - 2012-01-08 15:40 - 00000000 ____D () C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-06-08 11:13 - 2014-06-21 12:52 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-21 12:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-01 17:17 - 2010-01-27 15:05 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
Some content of TEMP:
====================
C:\Users\Matthias\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphbuvxy.dll
C:\Users\Matthias\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-30 04:12
==================== End Of Log ============================
--- --- --- Nachdem ich den Ordner jetzt gelöscht habe ist er nicht mehr wieder aufgetaucht. Geändert von ValdoAddams (30.06.2014 um 07:33 Uhr) |
|
30.06.2014, 13:30
| #15 |
| /// the machine /// TB-Ausbilder | User wangzhisong unter c:\users\ passt. Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
Linear-Darstellung
