Tastatur macht sich selbstständig und schreibt wwwww und großes h nicht möglich

chrissi32123 · 16.09.2014, 16:38

Moin Leute
Ich habe folgendes Problem , Wenn ich meinen Computer (Medion Erazer X7817) Starte wird mir das Tastatur voll gespammt wenn ich es nun geschaft habe mein Passwort einzugeben, ohne das ein anderer Buchstabe dazwischen gerät habe ich das problem sobalt ich ein Textfeld öffne das lauter wwwwww im Textfeld auftauchen und das ich das H nicht Groß schreiben kann nach einer weile verschwindet das Problem wieder.
Jedoch taucht es nach jedem Neustart wieder auf
Log Dateien im Anhang
Freue mich über jede Antwort
MFG chrissi32123

schrauber · 16.09.2014, 19:21

Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

chrissi32123 · 17.09.2014, 17:01

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Christian (administrator) on CHRISTIANS-PC on 16-09-2014 17:00:42
Running from C:\Users\Christian\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Hercules®) C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\System Control Manager\MSIService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\nis.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\nis.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ITE Tech. Inc.) C:\Windows\System32\IRMonitor.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2598696 2012-02-29] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-12-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [123400 2009-01-21] (Logitech Inc.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [456704 2012-02-20] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [507744 2011-12-21] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [MGSysCtrl] => C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe [2482176 2011-06-29] (Micro-Star International Co., Ltd.)
HKLM-x32\...\Run: [Hercules DJ Series] => C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe [3399240 2011-12-29] (Hercules®)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3181025288-2607898056-3576324558-1001\...\MountPoints2: {659c8296-6cd0-11e3-acdf-8c89a501c6db} - G:\HTC_Sync_Manager_PC.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: ,C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
IFEO\lwemon.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=20.3.1.22
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchURL = hxxp://home.microsoft.com/access/autosearch.asp?p=%s
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
URLSearchHook: HKCU - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {01bd49d7-c76b-4310-8beb-14d7e5f322c6} URL = hxxp://search.easylifeapp.com/?q={searchTerms}&pid=724&src=ie2&r=2013/02/21&hid=502892880&lg=EN&cc=DE
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {2BB00D0C-ADF8-404B-8752-9D064DF8699E} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=HIP&o=102875&src=kw&q={searchTerms}&locale=&apn_ptnrs=^6F&apn_dtid=^YYYYYY^YY^DE&apn_uid=eb71914f-8682-48b4-bf03-8046ac0431ec&apn_sauid=3B1E77CF-51D6-4558-B988-2C4D3FE67BD3
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=DE&ver=21&locale=de_DE&gct=kwd&qsrc=2869
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\Windows\SysWOW64\BfLLR.dll [183808] (Bigfoot Networks, Inc.)
Winsock: Catalog9 02 C:\Windows\SysWOW64\BfLLR.dll [183808] (Bigfoot Networks, Inc.)
Winsock: Catalog9 03 C:\Windows\SysWOW64\BfLLR.dll [183808] (Bigfoot Networks, Inc.)
Winsock: Catalog9 04 C:\Windows\SysWOW64\BfLLR.dll [183808] (Bigfoot Networks, Inc.)
Winsock: Catalog9 15 C:\Windows\SysWOW64\BfLLR.dll [183808] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 01 %SYSTEMROOT%\system32\BfLLR.dll [200704] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 02 %SYSTEMROOT%\system32\BfLLR.dll [200704] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 03 %SYSTEMROOT%\system32\BfLLR.dll [200704] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 04 %SYSTEMROOT%\system32\BfLLR.dll [200704] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 15 %SYSTEMROOT%\system32\BfLLR.dll [200704] (Bigfoot Networks, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.73.254

FireFox:
========
FF ProfilePath: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\zbih5gha.default
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll No File
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF user.js: detected! => C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\zbih5gha.default\user.js
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Scriptish - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\zbih5gha.default\Extensions\scriptish@erikvold.com.xpi [2013-04-19]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn [2014-09-16]

Chrome: 
=======
CHR HomePage: Default -> 1763A14746A85F4AC4F32D3CB964129D893A671C6FA9A931DC9EBAEBF241C98C
CHR DefaultSearchKeyword: Default -> D2227B3D0BA8CE4EECA4E97E5AA3334E578CB75D83179BB20E1E878512A12A34
CHR DefaultSearchProvider: Default -> 5A34A6EF985F43ED0F9DC65AB0A8B82B6177C706333EDF8516B9C25494E7DBF9
CHR DefaultSearchURL: Default -> 922532B0ADD4FE6FE6365542C90323A5E6C361411BCA67506088F7FB29746815
CHR Profile: C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-08-27]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (AdBlock) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-27]
CHR Extension: (Ghostery) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-08-27]
CHR Extension: (Google Wallet) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\Exts\Chrome.crx [2014-08-15]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 HerculesDJControlMP3; C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [18944 2011-12-01] (Hercules®) [File not signed]
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-10] (Nero AG)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [162648 2012-03-15] (Intel Corporation)
R2 Micro Star SCM; C:\Program Files (x86)\System Control Manager\MSIService.exe [160768 2009-07-10] (Micro-Star International Co., Ltd.) [File not signed]
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\NIS.exe [276376 2014-07-31] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-08-19] ()
R2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [492032 2012-02-23] () [File not signed]
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [239616 2012-09-18] (Samsung Electronics Co., Ltd.) [File not signed]
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1225312 2012-11-26] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [659040 2012-11-26] (Secunia)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2412344 2014-01-28] (TuneUp Software)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [75880 2012-02-23] (Bigfoot Networks, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140912.003\BHDrvx64.sys [1586904 2014-09-13] (Symantec Corporation)
S3 Bulk; C:\Windows\System32\Drivers\HDJBulk.sys [229200 2011-12-27] (© Guillemot R&D, 2010. All rights reserved.)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1505000.013\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-14] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-14] (Symantec Corporation)
S3 HDJAsioK; C:\Windows\System32\Drivers\HDJAsioK.sys [297808 2011-12-27] (© Guillemot R&D, 2010. All rights reserved.)
S3 HDJMidi; C:\Windows\System32\DRIVERS\HDJMidi.sys [251728 2011-12-27] (© Guillemot R&D, 2011. All rights reserved.)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140915.001\IDSvia64.sys [633560 2014-08-27] (Symantec Corporation)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [165504 2013-01-29] (ITE                      )
R3 L1C; C:\Windows\System32\DRIVERS\e22w7x64.sys [159848 2012-02-23] (Qualcomm Atheros, Inc.)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140915.032\ENG64.SYS [129752 2014-09-13] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140915.032\EX64.SYS [2137304 2014-09-13] (Symantec Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1505000.013\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1505000.013\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1505000.013\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1505000.013\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-09] (Symantec Corporation)
R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [78936 2013-09-10] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1505000.013\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1505000.013\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-10-16] (Anchorfree Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-07-19] (TuneUp Software)
R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102664 2014-01-23] ()
R1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25992 2014-01-23] ()
R1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [700680 2014-01-23] ()
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S2 iPodDrv; \??\C:\Windows\system32\drivers\iPodDrv.sys [X]
S4 nvkflt; system32\DRIVERS\nvkflt.sys [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-16 17:00 - 2014-09-16 17:01 - 00029000 _____ () C:\Users\Christian\Downloads\FRST.txt
2014-09-16 17:00 - 2014-09-16 17:00 - 00000000 ____D () C:\FRST
2014-09-16 16:59 - 2014-09-16 16:59 - 02105856 _____ (Farbar) C:\Users\Christian\Downloads\FRST64.exe
2014-09-16 16:51 - 2014-09-16 16:51 - 00347816 _____ (Microsoft Corporation) C:\Users\Christian\Downloads\MicrosoftFixit.maintenance.FISC.1334309823228445.1.1.Run.exe
2014-09-15 17:58 - 2014-09-15 18:07 - 00000000 ____D () C:\Users\Christian\Desktop\FTB
2014-09-15 17:57 - 2014-09-15 17:59 - 00000000 ____D () C:\Users\Christian\AppData\Local\ftblauncher
2014-09-15 17:57 - 2014-09-15 17:58 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\ftblauncher
2014-09-15 17:56 - 2014-09-15 17:56 - 04980105 _____ () C:\Users\Christian\Desktop\launcher^FTB_Launcher.exe
2014-09-14 23:24 - 2014-09-14 23:26 - 00000000 ____D () C:\NPE
2014-09-14 23:21 - 2014-09-14 23:44 - 00000000 ____D () C:\Users\Christian\AppData\Local\NPE
2014-09-14 18:13 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-14 18:13 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-14 18:13 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-14 18:13 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-14 18:13 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-14 18:13 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-14 18:13 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-14 18:13 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-14 18:13 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-14 18:13 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-14 18:13 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-14 18:13 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-14 18:13 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-14 18:13 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-14 18:13 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-14 18:13 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-14 18:13 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-14 18:13 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-14 18:13 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-14 18:13 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-14 18:13 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-14 18:13 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-14 18:13 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-14 18:13 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-14 18:13 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-14 18:13 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-14 18:13 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-14 18:13 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-14 18:13 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-14 18:13 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-14 18:13 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-14 18:13 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-14 18:13 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-14 18:13 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-14 18:13 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-14 18:13 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-14 18:13 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-14 18:13 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-14 18:13 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-14 18:13 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-14 18:13 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-14 18:13 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-14 18:13 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-14 18:13 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-14 18:13 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-14 18:13 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-14 18:13 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-14 18:13 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-14 18:13 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-14 18:13 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-14 18:13 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-14 18:13 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-14 18:13 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-14 18:13 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-14 18:13 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-14 18:13 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-14 17:59 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-14 17:59 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-14 17:57 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-14 17:57 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-14 17:57 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-14 17:57 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-14 17:56 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-14 17:56 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-14 17:56 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-14 17:56 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-14 17:56 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-14 17:56 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-14 17:56 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-05 21:04 - 2014-09-05 21:04 - 00000000 ____D () C:\Users\Christian\Desktop\08 - 2014 - German TOP100 Single Charts 18.08.2014
2014-09-04 23:07 - 2014-09-04 23:07 - 00001015 _____ () C:\Users\Public\Desktop\mHotspot.lnk
2014-09-04 23:07 - 2014-09-04 23:07 - 00000000 ____D () C:\Users\Christian\AppData\Local\1BN_(www.1bn.in)
2014-09-04 23:07 - 2014-09-04 23:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mHotspot
2014-09-04 23:07 - 2014-09-04 23:07 - 00000000 ____D () C:\Program Files (x86)\mHotspot
2014-09-04 23:05 - 2014-09-04 23:05 - 00832581 _____ (1BN Software Pvt. Ltd. ) C:\Users\Christian\Downloads\mHotspot_setup_7.6.0.0.exe
2014-09-04 20:48 - 2014-09-04 20:48 - 00000000 ____D () C:\Users\Christian\AppData\Local\mHotspot_Inc
2014-08-29 01:16 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-29 01:16 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-29 01:16 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-28 22:47 - 2014-08-28 22:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IVONA
2014-08-28 22:47 - 2014-08-28 22:47 - 00000000 ____D () C:\Program Files (x86)\IVONA
2014-08-28 22:42 - 2014-08-28 22:42 - 00000000 ____D () C:\Users\Christian\Desktop\IVONA Voices 2
2014-08-28 22:34 - 2014-08-28 22:34 - 00184573 _____ () C:\Users\Christian\Documents\Unbenannt.wma
2014-08-28 18:34 - 2014-08-28 18:34 - 00000965 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Speech Recognition Macros.lnk
2014-08-28 15:24 - 2014-09-05 20:58 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\vlc
2014-08-28 15:23 - 2014-08-28 15:23 - 00001074 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-28 15:23 - 2014-08-28 15:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-08-28 15:19 - 2014-08-28 15:21 - 24743106 _____ () C:\Users\Christian\Downloads\vlc-2.1.5-win32.exe
2014-08-27 11:42 - 2014-08-27 11:42 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-08-26 19:38 - 2014-08-26 19:38 - 00363041 _____ () C:\Users\Christian\Documents\Deckblatt_ Ausbildung_Sowi.pptx
2014-08-25 18:36 - 2014-08-25 18:36 - 00000000 ____D () C:\Users\Christian\Documents\Respawn
2014-08-25 18:35 - 2014-09-05 21:49 - 00001186 _____ () C:\Users\Public\Desktop\Titanfall.lnk
2014-08-25 03:47 - 2014-08-25 03:47 - 00001202 _____ () C:\Users\Public\Desktop\Battlefield 4.lnk
2014-08-24 21:40 - 2014-08-24 21:40 - 00000000 ____D () C:\Users\Christian\Documents\My Cheat Tables
2014-08-24 21:36 - 2014-08-24 21:38 - 09052192 _____ (Cheat Engine ) C:\Users\Christian\Downloads\CheatEngine64.exe
2014-08-24 20:32 - 2014-08-24 20:33 - 00000058 _____ () C:\Users\Christian\Desktop\Youtube Account.txt
2014-08-24 11:27 - 2014-08-24 11:27 - 00000000 ____D () C:\Users\Christian\Desktop\Bewerbung
2014-08-22 20:02 - 2014-08-24 20:20 - 00000000 ____D () C:\Users\Christian\AppData\Local\Adobe
2014-08-19 19:32 - 2014-08-19 19:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-17 21:40 - 2014-08-17 21:40 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-08-17 21:40 - 2014-08-17 21:40 - 00000000 ____D () C:\Windows\system32\NV
2014-08-17 21:37 - 2014-07-02 22:48 - 31512520 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-08-17 21:37 - 2014-07-02 22:48 - 24196896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-08-17 21:37 - 2014-07-02 22:48 - 22994208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-08-17 21:37 - 2014-07-02 22:48 - 18626304 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-08-17 21:37 - 2014-07-02 22:48 - 17555104 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-08-17 21:37 - 2014-07-02 22:48 - 16122344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-08-17 21:37 - 2014-07-02 22:48 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-08-17 21:37 - 2014-07-02 22:48 - 13922752 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-08-17 21:37 - 2014-07-02 22:48 - 13835208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-08-17 21:37 - 2014-07-02 22:48 - 12866008 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-08-17 21:37 - 2014-07-02 22:48 - 11283344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-08-17 21:37 - 2014-07-02 22:48 - 11222048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-08-17 21:37 - 2014-07-02 22:48 - 04247000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-08-17 21:37 - 2014-07-02 22:48 - 03989960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-08-17 21:37 - 2014-07-02 22:48 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434052.dll
2014-08-17 21:37 - 2014-07-02 22:48 - 01539928 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434052.dll
2014-08-17 21:37 - 2014-07-02 22:48 - 00944928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-08-17 21:37 - 2014-07-02 22:48 - 00907096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-08-17 21:37 - 2014-07-02 22:48 - 00903624 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-08-17 21:37 - 2014-07-02 22:48 - 00869152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-08-17 21:37 - 2014-07-02 22:48 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-08-17 21:37 - 2014-07-02 22:48 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-08-17 21:37 - 2014-07-02 22:48 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-16 17:01 - 2014-09-16 17:00 - 00029000 _____ () C:\Users\Christian\Downloads\FRST.txt
2014-09-16 17:00 - 2014-09-16 17:00 - 00000000 ____D () C:\FRST
2014-09-16 16:59 - 2014-09-16 16:59 - 02105856 _____ (Farbar) C:\Users\Christian\Downloads\FRST64.exe
2014-09-16 16:51 - 2014-09-16 16:51 - 00347816 _____ (Microsoft Corporation) C:\Users\Christian\Downloads\MicrosoftFixit.maintenance.FISC.1334309823228445.1.1.Run.exe
2014-09-16 16:51 - 2013-06-08 21:01 - 01929607 _____ () C:\Windows\WindowsUpdate.log
2014-09-16 16:50 - 2009-07-14 06:45 - 00024800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-16 16:50 - 2009-07-14 06:45 - 00024800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-16 16:48 - 2012-12-24 22:01 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-16 16:48 - 2012-12-24 16:20 - 00000000 ____D () C:\Users\Christian\Documents\Youcam
2014-09-16 16:45 - 2013-12-24 23:09 - 00000000 ____D () C:\Users\Christian\AppData\Local\HTC MediaHub
2014-09-16 16:45 - 2013-01-29 15:13 - 00000048 _____ () C:\monitor.log
2014-09-16 16:45 - 2012-12-24 16:16 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-16 16:42 - 2014-04-04 16:56 - 00044457 _____ () C:\Windows\setupact.log
2014-09-16 16:42 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-16 16:38 - 2014-04-04 16:55 - 00107026 _____ () C:\Windows\PFRO.log
2014-09-15 19:46 - 2012-12-24 17:11 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\Skype
2014-09-15 19:29 - 2012-12-27 20:57 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-15 19:27 - 2012-12-24 16:16 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-15 18:10 - 2013-03-29 22:40 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\.minecraft
2014-09-15 18:07 - 2014-09-15 17:58 - 00000000 ____D () C:\Users\Christian\Desktop\FTB
2014-09-15 17:59 - 2014-09-15 17:57 - 00000000 ____D () C:\Users\Christian\AppData\Local\ftblauncher
2014-09-15 17:58 - 2014-09-15 17:57 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\ftblauncher
2014-09-15 17:56 - 2014-09-15 17:56 - 04980105 _____ () C:\Users\Christian\Desktop\launcher^FTB_Launcher.exe
2014-09-15 16:25 - 2011-05-16 16:04 - 00765854 _____ () C:\Windows\system32\perfh007.dat
2014-09-15 16:25 - 2011-05-16 16:04 - 00175052 _____ () C:\Windows\system32\perfc007.dat
2014-09-15 16:25 - 2009-07-14 07:13 - 01807410 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-14 23:44 - 2014-09-14 23:21 - 00000000 ____D () C:\Users\Christian\AppData\Local\NPE
2014-09-14 23:26 - 2014-09-14 23:24 - 00000000 ____D () C:\NPE
2014-09-14 23:22 - 2012-12-24 16:38 - 00000000 ____D () C:\ProgramData\Norton
2014-09-14 22:36 - 2012-12-27 20:57 - 00000000 ____D () C:\ProgramData\Origin
2014-09-14 18:49 - 2012-12-24 22:01 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-14 18:49 - 2012-12-24 22:01 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-14 18:49 - 2011-12-01 23:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-14 18:48 - 2013-02-09 18:49 - 10036224 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-09-14 18:12 - 2012-12-24 19:49 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-14 18:10 - 2013-01-08 18:56 - 01781690 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-14 18:09 - 2013-07-14 20:20 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-14 18:00 - 2011-07-18 22:31 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-14 17:59 - 2014-05-01 15:25 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-14 17:46 - 2013-01-27 19:35 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\TS3Client
2014-09-14 17:44 - 2013-01-27 19:34 - 00000000 ____D () C:\Users\Christian\AppData\Local\TeamSpeak 3 Client
2014-09-05 21:49 - 2014-08-25 18:35 - 00001186 _____ () C:\Users\Public\Desktop\Titanfall.lnk
2014-09-05 21:48 - 2014-05-23 14:40 - 00092897 _____ () C:\Windows\DirectX.log
2014-09-05 21:17 - 2013-11-28 22:03 - 00000520 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-09-05 21:04 - 2014-09-05 21:04 - 00000000 ____D () C:\Users\Christian\Desktop\08 - 2014 - German TOP100 Single Charts 18.08.2014
2014-09-05 20:58 - 2014-08-28 15:24 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\vlc
2014-09-05 16:19 - 2013-03-04 22:13 - 00000000 ____D () C:\Users\Christian\Documents\Outlook-Dateien
2014-09-05 04:10 - 2014-09-14 17:57 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 04:05 - 2014-09-14 17:57 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-04 23:07 - 2014-09-04 23:07 - 00001015 _____ () C:\Users\Public\Desktop\mHotspot.lnk
2014-09-04 23:07 - 2014-09-04 23:07 - 00000000 ____D () C:\Users\Christian\AppData\Local\1BN_(www.1bn.in)
2014-09-04 23:07 - 2014-09-04 23:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mHotspot
2014-09-04 23:07 - 2014-09-04 23:07 - 00000000 ____D () C:\Program Files (x86)\mHotspot
2014-09-04 23:05 - 2014-09-04 23:05 - 00832581 _____ (1BN Software Pvt. Ltd. ) C:\Users\Christian\Downloads\mHotspot_setup_7.6.0.0.exe
2014-09-04 23:04 - 2013-11-28 22:52 - 00000000 ____D () C:\Program Files (x86)\Virtual Router
2014-09-04 20:48 - 2014-09-04 20:48 - 00000000 ____D () C:\Users\Christian\AppData\Local\mHotspot_Inc
2014-09-04 18:50 - 2012-12-24 19:59 - 00000000 ___RD () C:\Users\Christian\Desktop\Nicht benutzte Desktop Symbole
2014-08-30 15:59 - 2013-12-16 22:27 - 00000000 ____D () C:\Users\Christian\Documents\Speech Macros
2014-08-29 03:20 - 2013-07-30 12:16 - 05260432 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-28 22:47 - 2014-08-28 22:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IVONA
2014-08-28 22:47 - 2014-08-28 22:47 - 00000000 ____D () C:\Program Files (x86)\IVONA
2014-08-28 22:42 - 2014-08-28 22:42 - 00000000 ____D () C:\Users\Christian\Desktop\IVONA Voices 2
2014-08-28 22:34 - 2014-08-28 22:34 - 00184573 _____ () C:\Users\Christian\Documents\Unbenannt.wma
2014-08-28 18:56 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-08-28 18:34 - 2014-08-28 18:34 - 00000965 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Speech Recognition Macros.lnk
2014-08-28 18:34 - 2013-12-16 22:27 - 00000000 ____D () C:\Program Files (x86)\WSRMacros
2014-08-28 18:27 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-28 15:23 - 2014-08-28 15:23 - 00001074 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-28 15:23 - 2014-08-28 15:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-08-28 15:22 - 2013-07-02 11:42 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-28 15:21 - 2014-08-28 15:19 - 24743106 _____ () C:\Users\Christian\Downloads\vlc-2.1.5-win32.exe
2014-08-27 11:42 - 2014-08-27 11:42 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-08-27 11:42 - 2013-11-09 12:10 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-08-27 11:42 - 2012-12-24 16:39 - 00003234 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-08-27 11:42 - 2012-12-24 16:38 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64
2014-08-27 00:03 - 2013-06-16 17:12 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2014-08-26 19:43 - 2013-08-31 14:20 - 00000000 ___RD () C:\Users\Christian\Dropbox
2014-08-26 19:38 - 2014-08-26 19:38 - 00363041 _____ () C:\Users\Christian\Documents\Deckblatt_ Ausbildung_Sowi.pptx
2014-08-26 19:34 - 2013-10-22 18:34 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-08-26 19:30 - 2013-08-31 14:18 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-26 19:30 - 2013-08-31 14:17 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\Dropbox
2014-08-26 16:08 - 2013-02-27 19:30 - 00000000 ____D () C:\Users\Christian\AppData\Local\CrashDumps
2014-08-25 18:36 - 2014-08-25 18:36 - 00000000 ____D () C:\Users\Christian\Documents\Respawn
2014-08-25 18:35 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-25 15:52 - 2013-01-07 21:01 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\Audacity
2014-08-25 15:37 - 2014-06-02 22:14 - 00000023 _____ () C:\Users\Christian\Desktop\DJ Name.txt
2014-08-25 03:47 - 2014-08-25 03:47 - 00001202 _____ () C:\Users\Public\Desktop\Battlefield 4.lnk
2014-08-25 03:47 - 2013-11-06 18:53 - 00001178 _____ () C:\Users\Public\Desktop\Battlefield 4(64 bit).lnk
2014-08-24 21:40 - 2014-08-24 21:40 - 00000000 ____D () C:\Users\Christian\Documents\My Cheat Tables
2014-08-24 21:38 - 2014-08-24 21:36 - 09052192 _____ (Cheat Engine ) C:\Users\Christian\Downloads\CheatEngine64.exe
2014-08-24 20:33 - 2014-08-24 20:32 - 00000058 _____ () C:\Users\Christian\Desktop\Youtube Account.txt
2014-08-24 20:20 - 2014-08-22 20:02 - 00000000 ____D () C:\Users\Christian\AppData\Local\Adobe
2014-08-24 18:33 - 2012-12-25 00:37 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-08-24 16:05 - 2013-11-18 19:15 - 00093696 ___SH () C:\Users\Christian\Thumbs.db
2014-08-24 14:57 - 2012-12-27 21:01 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-08-24 14:17 - 2013-07-30 00:13 - 00184168 _____ () C:\Users\Christian\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-24 14:03 - 2013-10-22 19:12 - 00000000 ____D () C:\Users\Christian\Documents\Scan
2014-08-24 11:49 - 2013-01-13 22:54 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-08-24 11:27 - 2014-08-24 11:27 - 00000000 ____D () C:\Users\Christian\Desktop\Bewerbung
2014-08-23 04:07 - 2014-08-29 01:16 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-29 01:16 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-29 01:16 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 19:35 - 2013-04-19 18:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-20 22:49 - 2013-11-07 23:53 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-08-20 22:49 - 2013-02-23 18:46 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-08-20 22:49 - 2013-02-23 15:53 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-08-20 21:37 - 2013-11-07 00:54 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-08-19 21:47 - 2014-03-22 19:27 - 00000000 ____D () C:\Fraps
2014-08-19 20:05 - 2014-09-14 18:13 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-19 19:39 - 2014-09-14 18:13 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-19 19:32 - 2014-08-19 19:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-19 18:44 - 2013-02-23 15:53 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-08-19 18:30 - 2014-03-12 00:58 - 00000000 ____D () C:\Users\Christian\Desktop\Alle Adobe
2014-08-19 16:22 - 2014-06-26 22:38 - 00000000 ____D () C:\Program Files (x86)\WarThunder
2014-08-19 01:01 - 2014-09-14 18:13 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-19 00:29 - 2014-09-14 18:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-19 00:29 - 2014-09-14 18:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-19 00:26 - 2014-09-14 18:13 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-19 00:20 - 2014-09-14 18:13 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-19 00:19 - 2014-09-14 18:13 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-19 00:15 - 2014-09-14 18:13 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-19 00:15 - 2014-09-14 18:13 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-19 00:14 - 2014-09-14 18:13 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-19 00:14 - 2014-09-14 18:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-19 00:08 - 2014-09-14 18:13 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-19 00:08 - 2014-09-14 18:13 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-19 00:08 - 2014-09-14 18:13 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-19 00:05 - 2014-09-14 18:13 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-19 00:03 - 2014-09-14 18:13 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-19 00:03 - 2014-09-14 18:13 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-19 00:03 - 2014-09-14 18:13 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-18 23:57 - 2014-09-14 18:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-18 23:56 - 2014-09-14 18:13 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-18 23:51 - 2014-09-14 18:13 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-18 23:46 - 2014-09-14 18:13 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-18 23:45 - 2014-09-14 18:13 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-18 23:45 - 2014-09-14 18:13 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-18 23:44 - 2014-09-14 18:13 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-18 23:44 - 2014-09-14 18:13 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-18 23:42 - 2014-09-14 18:13 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-18 23:40 - 2014-09-14 18:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-18 23:39 - 2014-09-14 18:13 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-18 23:39 - 2014-09-14 18:13 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-18 23:39 - 2014-09-14 18:13 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-18 23:38 - 2014-09-14 18:13 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-18 23:37 - 2014-09-14 18:13 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-18 23:36 - 2014-09-14 18:13 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-18 23:35 - 2014-09-14 18:13 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-18 23:27 - 2014-09-14 18:13 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-18 23:25 - 2014-09-14 18:13 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-18 23:25 - 2014-09-14 18:13 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-18 23:23 - 2014-09-14 18:13 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-18 23:23 - 2014-09-14 18:13 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-18 23:23 - 2013-04-19 18:00 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\Mozilla
2014-08-18 23:22 - 2014-09-14 18:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-18 23:19 - 2014-09-14 18:13 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-18 23:17 - 2014-09-14 18:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-18 23:17 - 2014-09-14 18:13 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-18 23:16 - 2014-09-14 18:13 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-18 23:15 - 2014-09-14 18:13 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-18 23:15 - 2014-09-14 18:13 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-18 23:09 - 2014-09-14 18:13 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-18 23:08 - 2014-09-14 18:13 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-18 23:07 - 2014-09-14 18:13 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-18 22:55 - 2014-09-14 18:13 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-18 22:46 - 2014-09-14 18:13 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-18 22:38 - 2014-09-14 18:13 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-18 22:38 - 2014-09-14 18:13 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-18 22:36 - 2014-09-14 18:13 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-17 21:40 - 2014-08-17 21:40 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-08-17 21:40 - 2014-08-17 21:40 - 00000000 ____D () C:\Windows\system32\NV
2014-08-17 21:40 - 2013-12-24 22:51 - 00000000 ____D () C:\Temp
2014-08-17 21:40 - 2012-03-31 02:03 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-17 21:38 - 2012-03-31 02:02 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-08-17 21:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-17 19:51 - 2013-12-23 00:44 - 00000000 ____D () C:\Users\Christian\AppData\Local\NVIDIA Corporation
2014-08-17 19:25 - 2014-02-25 17:40 - 00001106 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-08-17 19:25 - 2014-02-25 17:40 - 00001094 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk

Some content of TEMP:
====================
C:\Users\Christian\AppData\Local\Temp\i4jdel0.exe
C:\Users\Christian\AppData\Local\Temp\OpenComputersMod-1.3.2.525-native.64.dll
C:\Users\Christian\AppData\Local\Temp\OpenComputersMod-native.64.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-27 00:48

==================== End Of Log ============================

--- --- ---

chrissi32123 · 17.09.2014, 17:02

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by Christian at 2014-09-16 17:01:22
Running from C:\Users\Christian\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Internet Security (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe After Effects CC (HKLM-x32\...\{317243C1-6580-4F43-AED7-37D4438C3DD5}) (Version: 12.2.1 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.8.0.1430 - Adobe Systems Incorporated) Hidden
Adobe Audition CC (HKLM-x32\...\{DE1E055B-679C-42F8-B114-7B6ED0B8ED95}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.4.1.351 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Illustrator CC (HKLM-x32\...\{F2321021-08A2-44D6-B1DF-BDB415F23EC3}) (Version: 17.0 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC (HKLM-x32\...\{505FF1AC-E7F5-4462-BBA7-08900E7E9EEF}) (Version: 7.2.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe SpeedGrade CC (HKLM-x32\...\{29AA12E9-934C-485E-A9A1-D823FEB29880}) (Version: 7.2.0 - Adobe Systems Incorporated)
AeroFly Professional Deluxe (HKLM-x32\...\{8B3E5A90-1F6E-4FAF-B84F-C306C8A80809}) (Version: 1.8.0.9 - )
aerofly RC 7 (HKLM-x32\...\aerofly RC 7_is1) (Version: 7.0.7 - IPACS)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta1 - Michael Tippach)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 3.8.7955 - DsNET Corp)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.3.2.3825 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
BlazeDTV 6.0 (HKLM-x32\...\BlazeDTV 6.0_is1) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty: Modern Warfare 3 - Dedicated Server (HKLM-x32\...\Steam App 42750) (Version:  - Infinity Ward - Sledgehammer Games)
Camtasia Studio 8 (HKLM-x32\...\{8F6F7194-0734-4CDA-8C04-6B766F2241A6}) (Version: 8.0.4.1060 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.02 - Piriform)
Cinema 4D version R12 (HKLM-x32\...\{7D9D8134-9FA3-4FFF-ADA1-BF609F29997A}_is1) (Version: R12 - Salat Production)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.0.0.0 - Electronic Arts)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.3624 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 7.0.0.1327 - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerDVD Copy (x32 Version: 1.5.1306 - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.4125 - CyberLink Corp.)
CyberLink PowerRecover (x32 Version: 5.5.4125 - CyberLink Corp.) Hidden
CyberLink WaveEditor (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 1.0.1.3320 - CyberLink Corp.)
CyberLink WaveEditor (x32 Version: 1.0.1.3320 - CyberLink Corp.) Hidden
CyberLink YouCam 5 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.2219 - CyberLink Corp.)
CyberLink YouCam 5 (x32 Version: 5.0.2219 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version:  - Microsoft)
DJC Sample Pack V1 (HKCU\...\DJC Sample Pack V1) (Version:  - )
DJC Sample Pack V2 (HKCU\...\DJC Sample Pack V2) (Version:  - )
DJC Sample Pack V3 (HKCU\...\DJC Sample Pack V3) (Version:  - )
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.11 - Dolby Laboratories Inc)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)
ETDWare PS/2-X64 8.0.5.7_WHQL (HKLM\...\Elantech) (Version: 8.0.5.7 - ELAN Microelectronic Corp.)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hercules DJ Products Series drivers (HKLM-x32\...\{33999F1F-EA46-4E55-A239-1BA803235396}) (Version: 7.HDJS.2011 - Hercules)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.10.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{368E4EF8-E840-40EE-A224-50B8D1DC2B12}) (Version: 2.4.11.0 - HTC)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2669 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{37EC048A-81A2-452A-8D1F-3BE2018E767D}) (Version: 15.1.0.0096 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{F0932859-AA60-459E-B843-0BDECA34E2C7}) (Version: 2.0.0.0086 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{E97F409F-9E1C-42A0-B72D-765A78DF3696}) (Version: 15.01.0000.0830 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
IVONA 2 (HKLM-x32\...\IVONA 2) (Version: 1.6.60 - IVONA Software Sp. z o.o.)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Logitech Gaming Software 5.04 (HKLM\...\{8753DF4D-64B0-474E-9A97-0AB5585D9A53}) (Version: 5.04.110 - Logitech)
MAGIX Audio Cleaning Lab 2013 (HKLM-x32\...\MAGIX_{E9DDC5F7-A1A2-4CDA-9D4B-26C859C37C88}) (Version: 19.0.0.10 - MAGIX AG)
MAGIX Audio Cleaning Lab 2013 (Version: 19.0.0.10 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{5A4E0EA5-1E2E-41C7-9944-88D4AD12901F}) (Version: 7.0.1.27 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.1.27 - MAGIX AG) Hidden
MAGIX Video deluxe 2013 Premium (HKLM-x32\...\MAGIX_{47E960B1-A285-4D31-87BA-4D2936FC8FF1}) (Version: 12.0.3.4 - MAGIX AG)
MAGIX Video deluxe 2013 Premium (Version: 12.0.3.4 - MAGIX AG) Hidden
Medal of Honor™ Warfighter (HKLM-x32\...\{48379835-BF2E-4487-9CB1-D5E654502B53}) (Version: 1.0.0.0 - Electronic Arts)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.3216 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.3216 - CyberLink Corp.) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
mHotspot version 7.6.0.0 (HKLM-x32\...\{beeb7906-9268-4520-8850-8d8af9b1c7c8}_is1) (Version: 7.6.0.0 - 1BN Software Pvt. Ltd.)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (Version:  - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Native Client (HKLM\...\{8325FD0C-2FDB-46C3-921A-3A78385EA972}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mp3tag v2.55a (HKLM-x32\...\Mp3tag) (Version: v2.55a - Florian Heidenreich)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.2.0.0 - Electronic Arts)
Nero 2014 Trial Soccer Edition (HKLM-x32\...\{F7F556CF-AE02-47EC-8C61-1A08BF7221AA}) (Version: 15.0.00000 - Nero AG)
Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero Blu-ray Player (x32 Version: 12.1.20074 - Nero AG) Hidden
Nero Blu-ray Player Help (CHM) (x32 Version: 15.0.00015 - Nero AG) Hidden
Nero Burning Core (x32 Version: 15.0.25001 - Nero AG) Hidden
Nero Burning ROM (x32 Version: 15.0.25001 - Nero AG) Hidden
Nero Burning ROM Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.16700 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 15.0.00015 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.23200 - Nero AG) Hidden
Nero Device Updates (x32 Version: 15.0.1002 - Nero AG) Hidden
Nero Disc Menus Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Disc to Device (x32 Version: 15.0.12032 - Nero AG) Hidden
Nero Effects Basic (x32 Version: 15.0.10011 - Nero AG) Hidden
Nero Express (x32 Version: 15.0.25001 - Nero AG) Hidden
Nero Express Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden
Nero Football (Soccer) Themes (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Nero Kwik Themes Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Launcher (x32 Version: 15.0.12000 - Nero AG) Hidden
Nero MediaHome (x32 Version: 1.22.3800 - Nero AG) Hidden
Nero MediaHome Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden
Nero PiP Effects Basic (x32 Version: 15.0.10008 - Nero AG) Hidden
Nero Recode (x32 Version: 15.0.25000 - Nero AG) Hidden
Nero Recode Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 15.0.2000 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 15.0.00015 - Nero AG) Hidden
Nero SharedVideoCodecs (x32 Version: 1.0.15005 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.13600.45.0 - Nero AG) Hidden
Nero Video (x32 Version: 15.0.25000 - Nero AG) Hidden
Nero Video Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.5.0.19 - Symantec Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.0.13.2141 - Electronic Arts, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
Paragon Backup & Recovery™ 2014 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
PlanetSide 2 (HKCU\...\SOE-PlanetSide 2 PSG) (Version: 1.0.3.183 - Sony Online Entertainment)
PlanetSide 2 (HKCU\...\SOE-PlanetSide 2) (Version:  - Sony Online Entertainment)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Portal: First Slice (HKLM-x32\...\Steam App 410) (Version:  - Valve)
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
Qualcomm Atheros Killer Network Manager (HKLM-x32\...\InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}) (Version: 6.1.0.310 - Qualcomm Atheros)
Qualcomm Atheros Killer Network Manager (Version: 6.1.0.310 - Qualcomm Atheros) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6531 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
Robocraft version 0.3.290 (HKCU\...\{9F101691-69D3-422E-BB5C-8CAD7110781B}_is1) (Version: 0.3.290 - Freejam)
Samsung CLX-6260 Series (HKLM-x32\...\Samsung CLX-6260 Series) (Version: 1.07 (07.01.2013) - Samsung Electronics Co., Ltd.)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.04.21 (10.12.2012) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.02.84.01(11.12.2012) - Samsung Electronics Co., Ltd.)
Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 1.06.34 (04.09.2012) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00.04 - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.00.20.03 - Samsung Electronics Co., Ltd.) Hidden
Secunia PSI (3.0.0.6001) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.6001 - Secunia)
Service Pack 1 für SQL Server 2008 (KB 968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
Sp5 (x32 Version: 5.1.4324.0 - Microsoft) Hidden
Sp5Intl (x32 Version: 5.1.4324.0 - Microsoft) Hidden
Sp5TTInt (x32 Version: 5.1.4324.0 - Microsoft) Hidden
SpCommon (x32 Version: 5.1.4324.0 - Microsoft) Hidden
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
SpPhones (x32 Version: 6.0.3122.0 - Microsoft) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Star Trek Online (HKLM-x32\...\Star Trek Online) (Version:  - Cryptic Studios)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
System Control Manager (HKLM-x32\...\{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}) (Version: 2.211.0629.M007.03 - Micro-Star International Co., Ltd.)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.6.3 - Electronic Arts)
TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.4000.260 - TuneUp Software)
TuneUp Utilities 2013 (x32 Version: 13.0.4000.260 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.4000.260 - TuneUp Software) Hidden
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9179FC17-97A8-4D98-9E09-05720AF5D44E}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
VirtualDJ PRO Full (HKLM-x32\...\{82BEEB3F-D0BF-42EE-8739-F4827C4805B7}) (Version: 7.0.4 - Atomix Productions)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
War Thunder Launcher 1.0.1.376 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - Gaijin Entertainment)
Who Wants To Be A Millionaire? Special Editions (HKLM-x32\...\Steam App 206740) (Version:  - )
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Speech Recognition Macros (HKLM-x32\...\{8DC197D6-F4AB-44E0-ACF7-210355E6F389}) (Version: 1.0.6862.19 - Microsoft Corporation)
WinMX (HKLM-x32\...\WinMX) (Version:  - )
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wondershare MobileGo for Android ( Version 4.2.1 ) (HKLM-x32\...\{1E04C795-7359-4E05-8A0E-5644F777AA08}_is1) (Version: 4.2.1 - Wondershare)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3181025288-2607898056-3576324558-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3181025288-2607898056-3576324558-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3181025288-2607898056-3576324558-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3181025288-2607898056-3576324558-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3181025288-2607898056-3576324558-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3181025288-2607898056-3576324558-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3181025288-2607898056-3576324558-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3181025288-2607898056-3576324558-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3181025288-2607898056-3576324558-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

05-09-2014 19:47:36 DirectX wurde installiert
14-09-2014 15:57:26 Installed Microsoft Fix it 50229
14-09-2014 15:58:32 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {23C2258D-E73E-4436-8C45-7514C643DE3E} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\WSCStub.exe [2014-07-31] (Symantec Corporation)
Task: {263133BB-B5BE-4D40-8F4E-0A73A042316F} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {297B6358-77BD-47DA-96AD-3769F0E8AA20} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-05-24] (Piriform Ltd)
Task: {34C5B344-B484-49FE-BC93-122975DF354A} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-10-16] (Nero AG)
Task: {4E8990E6-FC0D-457B-B6DC-B270FE95AA8C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-24] (Google Inc.)
Task: {6C5B6D09-23AB-4850-9AAF-E9AD8DBD4A0C} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {9002588E-5A06-40EB-B2B1-5F9809B33F9B} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2014-01-28] (TuneUp Software)
Task: {AF98342E-9026-4DE9-9FEC-8E233B7E01EB} - System32\Tasks\{DBA2B5F4-D9BA-4359-828B-81BA62D859CC} => Chrome.exe 
Task: {B0EDB6DA-657A-43AC-AD34-10F9F37B83B8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-14] (Adobe Systems Incorporated)
Task: {C563DFD6-57EF-4E9A-AE75-C7119B35FD8C} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {C5825058-D00A-4843-BD96-46B6A8F1621A} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2012-10-29] (CyberLink Corp.)
Task: {D5F1C691-3FEE-4263-AFA3-3B768DFEE846} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-24] (Google Inc.)
Task: {E1A99E84-632B-47D9-AE16-D0112606E189} - System32\Tasks\irMonitor => C:\Windows\system32\IRMonitor.exe [2013-01-29] (ITE Tech. Inc.)
Task: {E59212B6-C510-4360-A6BA-1E7F60C2A997} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-10-22 18:29 - 2012-01-10 06:15 - 00034304 _____ () C:\Windows\System32\ssy3clm.dll
2013-12-23 01:28 - 2014-07-02 22:48 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-03-30 06:11 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-12-07 19:27 - 2012-12-07 19:27 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2013-02-23 15:53 - 2014-08-19 18:44 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-02-23 00:07 - 2012-02-23 00:07 - 00492032 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
2011-05-10 04:46 - 2011-05-10 04:46 - 02760192 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtCore4.dll
2011-05-10 04:56 - 2011-05-10 04:56 - 09856000 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtGui4.dll
2011-05-10 04:47 - 2011-05-10 04:47 - 00416256 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtXml4.dll
2012-02-23 00:07 - 2012-02-23 00:07 - 00217600 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFCommon.dll
2011-05-10 20:32 - 2011-05-10 20:32 - 00731648 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\qwt5.dll
2011-05-10 04:48 - 2011-05-10 04:48 - 00990720 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtNetwork4.dll
2014-01-28 13:34 - 2014-01-28 13:34 - 00741176 _____ () C:\Program Files (x86)\TuneUp Utilities 2013\avgrepliba.dll
2014-02-11 04:21 - 2014-02-11 04:21 - 00644464 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2012-03-31 01:39 - 2012-02-28 01:07 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-02-20 22:23 - 2012-02-20 22:23 - 00456704 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-02-20 22:23 - 2012-02-20 22:23 - 00051200 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2013-11-14 22:32 - 2013-11-14 22:32 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2013-11-14 22:30 - 2013-11-14 22:30 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2013-11-14 22:31 - 2013-11-14 22:31 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2013-11-14 22:31 - 2013-11-14 22:31 - 00044392 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2013-11-14 22:31 - 2013-11-14 22:31 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2013-11-14 22:31 - 2013-11-14 22:31 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2013-11-14 22:33 - 2013-11-14 22:33 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2013-11-14 22:34 - 2013-11-14 22:34 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2014-09-14 21:26 - 2014-09-14 21:26 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\db513d73ca5c180a5b4d4b71ef3a3185\IsdiInterop.ni.dll
2012-03-31 01:52 - 2012-02-02 01:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-12-23 01:28 - 2014-07-02 22:48 - 00013272 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2012-03-31 01:42 - 2012-03-06 16:27 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-09-14 22:29 - 2014-09-04 05:01 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libglesv2.dll
2014-09-14 22:29 - 2014-09-04 05:01 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libegl.dll
2014-09-14 22:29 - 2014-09-04 05:01 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll
2014-09-14 22:29 - 2014-09-04 05:01 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll
2014-09-14 22:29 - 2014-09-04 05:01 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: BingDesktop => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey
MSCONFIG\startupreg: Clownfish => "C:\Program Files (x86)\Clownfish\Clownfish.exe"
MSCONFIG\startupreg: DS3 Tool => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe -mini
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/14/2014 08:21:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NIS.exe, Version: 12.11.2.9, Zeitstempel: 0x5355938e
Name des fehlerhaften Moduls: BfLLR.dll, Version: 8.0.3.0, Zeitstempel: 0x4f3a93ac
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00009ab3
ID des fehlerhaften Prozesses: 0xa4c
Startzeit der fehlerhaften Anwendung: 0xNIS.exe0
Pfad der fehlerhaften Anwendung: NIS.exe1
Pfad des fehlerhaften Moduls: NIS.exe2
Berichtskennung: NIS.exe3

Error: (09/14/2014 07:26:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm javaw.exe, Version 7.0.450.18 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: dec

Startzeit: 01cfd040c0f04ee7

Endzeit: 7

Anwendungspfad: C:\Program Files\Java\jre7\bin\javaw.exe

Berichts-ID: 2d80c5b5-3c34-11e4-bd1b-8c89a501c6db

Error: (09/14/2014 06:16:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm javaw.exe, Version 7.0.450.18 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 18f8

Startzeit: 01cfd036a1753399

Endzeit: 198

Anwendungspfad: C:\Program Files\Java\jre7\bin\javaw.exe

Berichts-ID: 6c49c0b0-3c2a-11e4-87fd-8c89a501c6db

Error: (09/14/2014 06:14:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm javaw.exe, Version 7.0.450.18 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1570

Startzeit: 01cfd036c8b5623a

Endzeit: 6

Anwendungspfad: C:\Program Files\Java\jre7\bin\javaw.exe

Berichts-ID: 34dcdc7e-3c2a-11e4-87fd-8c89a501c6db

Error: (09/06/2014 00:08:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ZeroConfigService.exe, Version: 15.1.0.2, Zeitstempel: 0x4f4a262d
Name des fehlerhaften Moduls: MurocApi.dll, Version: 15.1.0.1, Zeitstempel: 0x4f4a2503
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002084b
ID des fehlerhaften Prozesses: 0xf4c
Startzeit der fehlerhaften Anwendung: 0xZeroConfigService.exe0
Pfad der fehlerhaften Anwendung: ZeroConfigService.exe1
Pfad des fehlerhaften Moduls: ZeroConfigService.exe2
Berichtskennung: ZeroConfigService.exe3

Error: (08/28/2014 11:57:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SpeechUXTutorial.exe, Version 6.1.7600.16385 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 128c

Startzeit: 01cfc30b0c19a565

Endzeit: 3

Anwendungspfad: C:\Windows\system32\Speech\SpeechUX\SpeechUXTutorial.exe

Berichts-ID: 5bb2fb90-2efe-11e4-922b-8c89a501c6db

Error: (08/26/2014 04:08:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TitanFall.exe, Version: 1.0.0.0, Zeitstempel: 0x53bdb306
Name des fehlerhaften Moduls: dxgi.dll, Version: 6.2.9200.16492, Zeitstempel: 0x50f30fbd
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000022f56
ID des fehlerhaften Prozesses: 0x1b60
Startzeit der fehlerhaften Anwendung: 0xTitanFall.exe0
Pfad der fehlerhaften Anwendung: TitanFall.exe1
Pfad des fehlerhaften Moduls: TitanFall.exe2
Berichtskennung: TitanFall.exe3

Error: (08/24/2014 06:33:10 PM) (Source: MsiInstaller) (EventID: 1024) (User: Christians-PC)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011007}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (08/24/2014 06:33:10 PM) (Source: MsiInstaller) (EventID: 1024) (User: Christians-PC)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011008}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (08/24/2014 06:16:17 PM) (Source: MsiInstaller) (EventID: 1024) (User: Christians-PC)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011007}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127


System errors:
=============
Error: (09/16/2014 04:42:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "iPodDrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (09/16/2014 04:40:51 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet: 
%%13

Error: (09/16/2014 04:39:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "iPodDrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (09/15/2014 04:20:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (09/15/2014 04:20:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Live ID Sign-in Assistant erreicht.

Error: (09/15/2014 04:18:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "iPodDrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (09/14/2014 11:25:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (09/14/2014 11:25:59 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Live ID Sign-in Assistant erreicht.

Error: (09/14/2014 11:24:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "iPodDrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (09/14/2014 11:22:19 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "NPEService" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.


Microsoft Office Sessions:
=========================
Error: (09/14/2014 08:21:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: NIS.exe12.11.2.95355938eBfLLR.dll8.0.3.04f3a93acc000000500009ab3a4c01cfd03915760ed9C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\NIS.exeC:\Windows\system32\BfLLR.dllf42fa4fc-3c3b-11e4-bd1b-8c89a501c6db

Error: (09/14/2014 07:26:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: javaw.exe7.0.450.18dec01cfd040c0f04ee77C:\Program Files\Java\jre7\bin\javaw.exe2d80c5b5-3c34-11e4-bd1b-8c89a501c6db

Error: (09/14/2014 06:16:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: javaw.exe7.0.450.1818f801cfd036a1753399198C:\Program Files\Java\jre7\bin\javaw.exe6c49c0b0-3c2a-11e4-87fd-8c89a501c6db

Error: (09/14/2014 06:14:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: javaw.exe7.0.450.18157001cfd036c8b5623a6C:\Program Files\Java\jre7\bin\javaw.exe34dcdc7e-3c2a-11e4-87fd-8c89a501c6db

Error: (09/06/2014 00:08:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ZeroConfigService.exe15.1.0.24f4a262dMurocApi.dll15.1.0.14f4a2503c0000005000000000002084bf4c01cfc9ba7cf447a5C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exeC:\Program Files\Intel\WiFi\bin\MurocApi.dllc37f5e5d-35ad-11e4-bc75-8c89a501c6db

Error: (08/28/2014 11:57:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SpeechUXTutorial.exe6.1.7600.16385128c01cfc30b0c19a5653C:\Windows\system32\Speech\SpeechUX\SpeechUXTutorial.exe5bb2fb90-2efe-11e4-922b-8c89a501c6db

Error: (08/26/2014 04:08:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TitanFall.exe1.0.0.053bdb306dxgi.dll6.2.9200.1649250f30fbdc00000050000000000022f561b6001cfc136e9adf27aC:\Program Files (x86)\Origin Games\Titanfall\TitanFall.exeC:\Windows\system32\dxgi.dll79ca5ba5-2d2a-11e4-ace0-8c89a501c6db

Error: (08/24/2014 06:33:10 PM) (Source: MsiInstaller) (EventID: 1024) (User: Christians-PC)
Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011007}1625(NULL)(NULL)(NULL)

Error: (08/24/2014 06:33:10 PM) (Source: MsiInstaller) (EventID: 1024) (User: Christians-PC)
Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011008}1625(NULL)(NULL)(NULL)

Error: (08/24/2014 06:16:17 PM) (Source: MsiInstaller) (EventID: 1024) (User: Christians-PC)
Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011007}1625(NULL)(NULL)(NULL)


CodeIntegrity Errors:
===================================
  Date: 2014-09-14 18:35:40.025
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-14 18:35:39.912
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-14 18:35:39.751
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-14 18:35:39.627
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-14 18:35:19.576
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-14 18:35:19.398
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-14 18:34:23.073
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-14 18:34:22.897
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-14 17:52:33.924
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-14 17:52:33.700
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz
Percentage of memory in use: 20%
Total physical RAM: 16280.75 MB
Available physical RAM: 12913.61 MB
Total Pagefile: 65118.93 MB
Available Pagefile: 61610.79 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:414.66 GB) (Free:24.25 GB) NTFS
Drive d: (DATA) (Fixed) (Total:465.76 GB) (Free:186.51 GB) NTFS
Drive e: (Recover) (Fixed) (Total:50 GB) (Free:26.8 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 1678649D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=414.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 3742FC7A)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber · 18.09.2014, 08:26

hi,

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

chrissi32123 · 19.09.2014, 13:31

Part1

Code:

ATTFilter

14:11:57.0099 0x0434  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
14:12:14.0595 0x0434  ============================================================
14:12:14.0595 0x0434  Current date / time: 2014/09/19 14:12:14.0595
14:12:14.0595 0x0434  SystemInfo:
14:12:14.0595 0x0434  
14:12:14.0595 0x0434  OS Version: 6.1.7601 ServicePack: 1.0
14:12:14.0595 0x0434  Product type: Workstation
14:12:14.0596 0x0434  ComputerName: CHRISTIANS-PC
14:12:14.0596 0x0434  UserName: Christian
14:12:14.0596 0x0434  Windows directory: C:\Windows
14:12:14.0596 0x0434  System windows directory: C:\Windows
14:12:14.0596 0x0434  Running under WOW64
14:12:14.0596 0x0434  Processor architecture: Intel x64
14:12:14.0596 0x0434  Number of processors: 8
14:12:14.0596 0x0434  Page size: 0x1000
14:12:14.0596 0x0434  Boot type: Normal boot
14:12:14.0596 0x0434  ============================================================
14:12:20.0691 0x0434  KLMD registered as C:\Windows\system32\drivers\08254795.sys
14:12:22.0218 0x0434  System UUID: {C5AFECD2-2A5B-3BD4-B962-CEA6D1EC9006}
14:12:23.0612 0x0434  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:12:23.0620 0x0434  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:12:23.0628 0x0434  ============================================================
14:12:23.0628 0x0434  \Device\Harddisk0\DR0:
14:12:23.0630 0x0434  MBR partitions:
14:12:23.0630 0x0434  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:12:23.0630 0x0434  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x33D53000
14:12:23.0630 0x0434  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x33D85800, BlocksNum 0x6400000
14:12:23.0630 0x0434  \Device\Harddisk1\DR1:
14:12:23.0631 0x0434  MBR partitions:
14:12:23.0631 0x0434  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
14:12:23.0631 0x0434  ============================================================
14:12:23.0692 0x0434  C: <-> \Device\Harddisk0\DR0\Partition2
14:12:23.0977 0x0434  D: <-> \Device\Harddisk1\DR1\Partition1
14:12:24.0565 0x0434  E: <-> \Device\Harddisk0\DR0\Partition3
14:12:24.0565 0x0434  ============================================================
14:12:24.0565 0x0434  Initialize success
14:12:24.0565 0x0434  ============================================================
14:13:36.0065 0x22dc  ============================================================
14:13:36.0065 0x22dc  Scan started
14:13:36.0065 0x22dc  Mode: Manual; SigCheck; TDLFS; 
14:13:36.0065 0x22dc  ============================================================
14:13:36.0065 0x22dc  KSN ping started
14:13:55.0804 0x22dc  KSN ping finished: true
14:13:59.0406 0x22dc  ================ Scan system memory ========================
14:13:59.0406 0x22dc  System memory - ok
14:13:59.0407 0x22dc  ================ Scan services =============================
14:14:02.0203 0x22dc  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
14:14:02.0526 0x22dc  1394ohci - ok
14:14:03.0155 0x22dc  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:14:03.0443 0x22dc  ACPI - ok
14:14:03.0543 0x22dc  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
14:14:03.0985 0x22dc  AcpiPmi - ok
14:14:04.0833 0x22dc  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:14:04.0855 0x22dc  AdobeARMservice - ok
14:14:06.0204 0x22dc  [ FBB312C9DA3863673EC18F4AE4101778, 4E9AAE7C700E485C17FDFCC9100A79784673B006D00D4D4CE8F1DB617D25C864 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:14:06.0232 0x22dc  AdobeFlashPlayerUpdateSvc - ok
14:14:06.0506 0x22dc  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
14:14:06.0553 0x22dc  adp94xx - ok
14:14:06.0660 0x22dc  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
14:14:06.0737 0x22dc  adpahci - ok
14:14:06.0842 0x22dc  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
14:14:06.0869 0x22dc  adpu320 - ok
14:14:06.0918 0x22dc  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:14:07.0813 0x22dc  AeLookupSvc - ok
14:14:08.0011 0x22dc  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
14:14:08.0231 0x22dc  AFD - ok
14:14:08.0336 0x22dc  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
14:14:08.0354 0x22dc  agp440 - ok
14:14:08.0491 0x22dc  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
14:14:08.0634 0x22dc  ALG - ok
14:14:08.0730 0x22dc  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:14:08.0752 0x22dc  aliide - ok
14:14:08.0877 0x22dc  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
14:14:08.0899 0x22dc  amdide - ok
14:14:08.0980 0x22dc  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
14:14:09.0073 0x22dc  AmdK8 - ok
14:14:09.0109 0x22dc  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
14:14:09.0233 0x22dc  AmdPPM - ok
14:14:09.0327 0x22dc  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:14:09.0342 0x22dc  amdsata - ok
14:14:09.0396 0x22dc  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
14:14:09.0408 0x22dc  amdsbs - ok
14:14:09.0425 0x22dc  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:14:09.0432 0x22dc  amdxata - ok
14:14:09.0482 0x22dc  [ 157B1C973637919DCD0D0464167C86BA, 26495E1390392694F0E33100FB26B2539015414C9F8384F73C66B370A16FD187 ] AMPPAL          C:\Windows\system32\DRIVERS\AMPPAL.sys
14:14:09.0606 0x22dc  AMPPAL - ok
14:14:09.0615 0x22dc  [ 157B1C973637919DCD0D0464167C86BA, 26495E1390392694F0E33100FB26B2539015414C9F8384F73C66B370A16FD187 ] AMPPALP         C:\Windows\system32\DRIVERS\amppal.sys
14:14:09.0625 0x22dc  AMPPALP - ok
14:14:09.0886 0x22dc  [ FB70F8C1283C8CC6BFAA6F9971107E68, 3EAB3703DC27EE94531DA60C2ACF73CAF33F6BA2ED5822D90BF2A97A3A98C4EA ] AMPPALR3        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
14:14:09.0910 0x22dc  AMPPALR3 - ok
14:14:10.0040 0x22dc  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
14:14:11.0265 0x22dc  AppID - ok
14:14:11.0341 0x22dc  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:14:11.0383 0x22dc  AppIDSvc - ok
14:14:11.0497 0x22dc  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
14:14:11.0616 0x22dc  Appinfo - ok
14:14:11.0769 0x22dc  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:14:11.0790 0x22dc  Apple Mobile Device - ok
14:14:11.0861 0x22dc  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
14:14:11.0885 0x22dc  arc - ok
14:14:11.0957 0x22dc  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
14:14:11.0979 0x22dc  arcsas - ok
14:14:12.0478 0x22dc  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:14:12.0504 0x22dc  aspnet_state - ok
14:14:12.0569 0x22dc  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:14:12.0692 0x22dc  AsyncMac - ok
14:14:12.0821 0x22dc  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
14:14:12.0839 0x22dc  atapi - ok
14:14:12.0989 0x22dc  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:14:13.0112 0x22dc  AudioEndpointBuilder - ok
14:14:13.0157 0x22dc  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
14:14:13.0193 0x22dc  AudioSrv - ok
14:14:13.0245 0x22dc  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:14:13.0506 0x22dc  AxInstSV - ok
14:14:13.0654 0x22dc  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
14:14:13.0872 0x22dc  b06bdrv - ok
14:14:13.0963 0x22dc  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
14:14:14.0029 0x22dc  b57nd60a - ok
14:14:14.0131 0x22dc  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:14:14.0171 0x22dc  BDESVC - ok
14:14:14.0200 0x22dc  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:14:14.0314 0x22dc  Beep - ok
14:14:14.0465 0x22dc  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
14:14:14.0580 0x22dc  BFE - ok
14:14:14.0641 0x22dc  [ A547A67CD2E6E0354A2EFDBE939C2E6C, 83CFB1511687F0975D4D074801F1B85CF3AB51674938E432B9292305C42BD40D ] BfLwf           C:\Windows\system32\DRIVERS\bflwfx64.sys
14:14:14.0661 0x22dc  BfLwf - ok
14:14:15.0173 0x22dc  [ B20C7345F7EAD6C5E3EFA52E044411B6, 63DC57908D77B77907A278AD219240AEDD502272D5D3D35D5339172CDE36DA86 ] BHDrvx64        C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140912.003\BHDrvx64.sys
14:14:15.0207 0x22dc  BHDrvx64 - ok
14:14:15.0330 0x22dc  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
14:14:15.0418 0x22dc  BITS - ok
14:14:16.0417 0x22dc  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
14:14:16.0588 0x22dc  blbdrive - ok
14:14:17.0507 0x22dc  [ 05981C3E51D827ED6B8101A54B05E392, FD010159BEC7B88C3A784844A4796D5DAEBA21788A377D12457F59A961E8D77E ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
14:14:17.0537 0x22dc  Bluetooth Device Monitor - ok
14:14:17.0723 0x22dc  [ BBFAF63BF768047FE2441B4139E803E3, 20079C578507D34C9A30FFE23A8B22D8A9E7079A994295C833A885EC193E577A ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
14:14:17.0753 0x22dc  Bluetooth Media Service - ok
14:14:17.0959 0x22dc  [ 41D8F56E6BBE0111244D87BE2FA90374, 8B73471825B929FEC0367E3B6B6FE346E22ADFB356BE61A01C3EC7CC6F5986D7 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
14:14:17.0988 0x22dc  Bluetooth OBEX Service - ok
14:14:18.0166 0x22dc  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:14:18.0189 0x22dc  Bonjour Service - ok
14:14:18.0295 0x22dc  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:14:18.0404 0x22dc  bowser - ok
14:14:18.0468 0x22dc  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
14:14:18.0580 0x22dc  BrFiltLo - ok
14:14:18.0643 0x22dc  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
14:14:18.0697 0x22dc  BrFiltUp - ok
14:14:18.0814 0x22dc  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
14:14:18.0858 0x22dc  Browser - ok
14:14:18.0926 0x22dc  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
14:14:19.0003 0x22dc  Brserid - ok
14:14:19.0068 0x22dc  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:14:19.0117 0x22dc  BrSerWdm - ok
14:14:19.0158 0x22dc  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:14:19.0200 0x22dc  BrUsbMdm - ok
14:14:19.0255 0x22dc  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:14:19.0315 0x22dc  BrUsbSer - ok
14:14:19.0404 0x22dc  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
14:14:19.0487 0x22dc  BthEnum - ok
14:14:19.0545 0x22dc  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
14:14:19.0595 0x22dc  BTHMODEM - ok
14:14:19.0681 0x22dc  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
14:14:19.0770 0x22dc  BthPan - ok
14:14:19.0853 0x22dc  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
14:14:19.0917 0x22dc  BTHPORT - ok
14:14:20.0009 0x22dc  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
14:14:20.0112 0x22dc  bthserv - ok
14:14:20.0141 0x22dc  [ FA2D081709A764F6BEE16B7FFE03E36C, 2BBDFBD313ABB87B76D4A30EC042B9D72ED4F62CF18B98229A6366B1A7211ECD ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
14:14:20.0157 0x22dc  BTHSSecurityMgr - ok
14:14:20.0204 0x22dc  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
14:14:20.0250 0x22dc  BTHUSB - ok
14:14:20.0312 0x22dc  [ BE9931E1C340441A1103DA3CCAEF6E96, 11A306787F633099CB329A9CD197E45BFEACBBF85566AB0B062CCC0103AA1B54 ] btmaudio        C:\Windows\system32\drivers\btmaud.sys
14:14:20.0363 0x22dc  btmaudio - ok
14:14:20.0442 0x22dc  [ 988CC6CC49303665D3B2435C51505C3F, 5217A7A1BAD77EBF4E5D68D191FCFD7CE4FB96ABB91638383A077BE9CE794EE3 ] btmaux          C:\Windows\system32\DRIVERS\btmaux.sys
14:14:20.0489 0x22dc  btmaux - ok
14:14:20.0600 0x22dc  [ 2B4B508AFAC2A563931AF1FE875A5B16, F6A5261BD3FB8AE7BF26F32B681A15E56317EF8A9D8AB84B9B6BCA66F5484698 ] btmhsf          C:\Windows\system32\DRIVERS\btmhsf.sys
14:14:20.0724 0x22dc  btmhsf - ok
14:14:20.0806 0x22dc  [ 991CAFC28FD4D93222D388CADD2FF8E7, 2588E82333580BC047A7AB9E2DF76CB1133874349763BC27A6D50342A25A29E4 ] Bulk            C:\Windows\system32\Drivers\HDJBulk.sys
14:14:20.0832 0x22dc  Bulk - ok
14:14:20.0980 0x22dc  [ 0510396A957E9FD7205BA62D3CAE4528, C80C39EB3A87C5111132E96E966CF74ACABA36DE7714B545A707027D35995792 ] ccSet_NIS       C:\Windows\system32\drivers\NISx64\1505000.013\ccSetx64.sys
14:14:21.0002 0x22dc  ccSet_NIS - ok
14:14:21.0043 0x22dc  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:14:21.0128 0x22dc  cdfs - ok
14:14:21.0217 0x22dc  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
14:14:21.0251 0x22dc  cdrom - ok
14:14:21.0321 0x22dc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
14:14:21.0430 0x22dc  CertPropSvc - ok
14:14:21.0496 0x22dc  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
14:14:21.0553 0x22dc  circlass - ok
14:14:21.0609 0x22dc  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
14:14:21.0644 0x22dc  CLFS - ok
14:14:21.0921 0x22dc  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:14:21.0945 0x22dc  clr_optimization_v2.0.50727_32 - ok
14:14:22.0124 0x22dc  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:14:22.0146 0x22dc  clr_optimization_v2.0.50727_64 - ok
14:14:22.0610 0x22dc  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:14:22.0635 0x22dc  clr_optimization_v4.0.30319_32 - ok
14:14:22.0667 0x22dc  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:14:22.0692 0x22dc  clr_optimization_v4.0.30319_64 - ok
14:14:22.0776 0x22dc  [ A4DC4C58F4B8D798E5F5D59099ADCF8A, 9EA32AAD464FFBE419F439C2761BB65556611E700589AD1EF3907962101159EA ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
14:14:22.0795 0x22dc  clwvd - ok
14:14:22.0846 0x22dc  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
14:14:22.0900 0x22dc  CmBatt - ok
14:14:22.0933 0x22dc  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:14:22.0951 0x22dc  cmdide - ok
14:14:23.0073 0x22dc  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
14:14:23.0151 0x22dc  CNG - ok
14:14:23.0291 0x22dc  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
14:14:23.0309 0x22dc  Compbatt - ok
14:14:23.0377 0x22dc  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
14:14:23.0450 0x22dc  CompositeBus - ok
14:14:23.0479 0x22dc  COMSysApp - ok
14:14:24.0966 0x22dc  [ 815F3180B5117E42E422188E9CCC89C6, 69E539D33F3B9F3562FE4B21D853EEBB15DBD2106509FEBD476D04562F34AC08 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
14:14:24.0994 0x22dc  cphs - ok
14:14:25.0306 0x22dc  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
14:14:25.0328 0x22dc  crcdisk - ok
14:14:25.0431 0x22dc  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:14:25.0534 0x22dc  CryptSvc - ok
14:14:25.0735 0x22dc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:14:25.0823 0x22dc  DcomLaunch - ok
14:14:25.0948 0x22dc  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
14:14:26.0074 0x22dc  defragsvc - ok
14:14:26.0105 0x22dc  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:14:26.0153 0x22dc  DfsC - ok
14:14:26.0248 0x22dc  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:14:26.0311 0x22dc  Dhcp - ok
14:14:26.0348 0x22dc  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
14:14:26.0421 0x22dc  discache - ok
14:14:26.0541 0x22dc  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
14:14:26.0562 0x22dc  Disk - ok
14:14:26.0637 0x22dc  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:14:26.0680 0x22dc  Dnscache - ok
14:14:26.0786 0x22dc  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:14:26.0945 0x22dc  dot3svc - ok
14:14:26.0985 0x22dc  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
14:14:27.0063 0x22dc  DPS - ok
14:14:27.0198 0x22dc  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:14:27.0315 0x22dc  drmkaud - ok
14:14:27.0495 0x22dc  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:14:27.0523 0x22dc  DXGKrnl - ok
14:14:27.0646 0x22dc  EagleX64 - ok
14:14:27.0787 0x22dc  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
14:14:27.0855 0x22dc  EapHost - ok
14:14:28.0314 0x22dc  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
14:14:28.0463 0x22dc  ebdrv - ok
14:14:28.0773 0x22dc  [ 03E1B8BA59327D186C7C533A6998FEF9, 224937A697B55BD9CCD790771DBE9D135021AD1DC3E6D6AC7C431C56F0FFBBB5 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
14:14:28.0805 0x22dc  eeCtrl - ok
14:14:28.0913 0x22dc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
14:14:28.0995 0x22dc  EFS - ok
14:14:29.0193 0x22dc  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:14:29.0285 0x22dc  ehRecvr - ok
14:14:29.0314 0x22dc  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
14:14:29.0392 0x22dc  ehSched - ok
14:14:29.0622 0x22dc  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
14:14:29.0687 0x22dc  elxstor - ok
14:14:29.0894 0x22dc  [ 142EA7DF1851C563571F2DCFC7AFBB40, 14DE008B68D127F246A64290DFCBD7ECDE8FF7932B3BAE660EB131860E826EAD ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
14:14:29.0914 0x22dc  EraserUtilRebootDrv - ok
14:14:30.0003 0x22dc  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:14:30.0055 0x22dc  ErrDev - ok
14:14:30.0158 0x22dc  [ 0621A1612DB6952C9554DA2AF864C9E9, E56706427C87D959E1795DCB0B89B3DD574E9E37F7D57142749BB47F86DE5D53 ] ETD             C:\Windows\system32\drivers\ETD.sys
14:14:30.0183 0x22dc  ETD - ok
14:14:30.0409 0x22dc  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
14:14:30.0481 0x22dc  EventSystem - ok
14:14:30.0939 0x22dc  [ 23D401A43DADED10A153B9F3A7E66C91, 3B6466108FFB04EC07CA07D2EAAA9F6537CBE1F2D800AAADE9C1E0C8DBADDFB5 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
14:14:30.0977 0x22dc  EvtEng - ok
14:14:31.0055 0x22dc  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
14:14:31.0129 0x22dc  exfat - ok
14:14:31.0163 0x22dc  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:14:31.0262 0x22dc  fastfat - ok
14:14:31.0534 0x22dc  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
14:14:31.0642 0x22dc  Fax - ok
14:14:31.0792 0x22dc  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
14:14:31.0855 0x22dc  fdc - ok
14:14:31.0955 0x22dc  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
14:14:32.0050 0x22dc  fdPHost - ok
14:14:32.0075 0x22dc  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:14:32.0154 0x22dc  FDResPub - ok
14:14:32.0211 0x22dc  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:14:32.0224 0x22dc  FileInfo - ok
14:14:32.0249 0x22dc  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:14:32.0277 0x22dc  Filetrace - ok
14:14:32.0356 0x22dc  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
14:14:32.0402 0x22dc  flpydisk - ok
14:14:32.0410 0x22dc  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:14:32.0424 0x22dc  FltMgr - ok
14:14:32.0613 0x22dc  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
14:14:32.0643 0x22dc  FontCache - ok
14:14:32.0786 0x22dc  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:14:32.0794 0x22dc  FontCache3.0.0.0 - ok
14:14:32.0823 0x22dc  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:14:32.0832 0x22dc  FsDepends - ok
14:14:32.0874 0x22dc  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:14:32.0882 0x22dc  Fs_Rec - ok
14:14:32.0969 0x22dc  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:14:33.0003 0x22dc  fvevol - ok
14:14:33.0102 0x22dc  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
14:14:33.0123 0x22dc  gagp30kx - ok
14:14:33.0198 0x22dc  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:14:33.0213 0x22dc  GEARAspiWDM - ok
14:14:33.0392 0x22dc  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
14:14:33.0438 0x22dc  gpsvc - ok
14:14:33.0569 0x22dc  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:14:33.0584 0x22dc  gupdate - ok
14:14:33.0603 0x22dc  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:14:33.0616 0x22dc  gupdatem - ok
14:14:33.0648 0x22dc  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:14:33.0665 0x22dc  hcw85cir - ok
14:14:33.0764 0x22dc  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:14:33.0825 0x22dc  HdAudAddService - ok
14:14:33.0882 0x22dc  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
14:14:33.0925 0x22dc  HDAudBus - ok
14:14:33.0990 0x22dc  [ E65F260B6D280776390E0DA8E118CE0E, 9452D061BED7E0D39AF0BA081DB63050171831F435B61C29D73C253355AF0B59 ] HDJAsioK        C:\Windows\system32\Drivers\HDJAsioK.sys
14:14:34.0019 0x22dc  HDJAsioK - ok
14:14:34.0073 0x22dc  [ 4C7448F922AD25452CB5157ED28CFF8B, 3380E4BEB6DE601709A7C86E0EFFD5F899BBFFBD3D097C868BD3964D1261FA17 ] HDJMidi         C:\Windows\system32\DRIVERS\HDJMidi.sys
14:14:34.0097 0x22dc  HDJMidi - ok
14:14:34.0185 0x22dc  [ EEEEED8E7A6C9BC5ECC08AE175CAB039, 0C45D12FCE4A393904FD030BD7D775FD857F56ABC3D4680DE043303079C75C0F ] HerculesDJControlMP3 C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE
14:14:34.0194 0x22dc  HerculesDJControlMP3 - detected UnsignedFile.Multi.Generic ( 1 )
14:14:38.0724 0x22dc  Detect skipped due to KSN trusted
14:14:38.0724 0x22dc  HerculesDJControlMP3 - ok
14:14:38.0759 0x22dc  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
14:14:38.0824 0x22dc  HidBatt - ok
14:14:38.0852 0x22dc  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
14:14:38.0953 0x22dc  HidBth - ok
14:14:39.0030 0x22dc  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
14:14:39.0058 0x22dc  HidIr - ok
14:14:39.0093 0x22dc  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
14:14:39.0157 0x22dc  hidserv - ok
14:14:39.0229 0x22dc  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:14:39.0254 0x22dc  HidUsb - ok
14:14:39.0316 0x22dc  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:14:39.0376 0x22dc  hkmsvc - ok
14:14:39.0412 0x22dc  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:14:39.0449 0x22dc  HomeGroupListener - ok
14:14:39.0475 0x22dc  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:14:39.0509 0x22dc  HomeGroupProvider - ok
14:14:39.0562 0x22dc  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:14:39.0580 0x22dc  HpSAMD - ok
14:14:39.0651 0x22dc  [ F47CEC45FB85791D4AB237563AD0FA8F, 1035066D48BD179855BCA7F62EFA1B951E6E839D2E29E15A31844E18A126DD41 ] HTCAND64        C:\Windows\system32\Drivers\ANDROIDUSB.sys
14:14:39.0684 0x22dc  HTCAND64 - ok
14:14:39.0824 0x22dc  [ 5C8BC8A28798FD010E7ABC4E0D588CAA, 622CAFD3DCBB05E15539589FDD4002DA6F24790FC55BDF05AA3D043E8A34E53E ] HTCMonitorService C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
14:14:39.0841 0x22dc  HTCMonitorService - ok
14:14:39.0894 0x22dc  [ B8B1B284362E1D8135112573395D5DA5, 97BC6A7B2DCD7CC854B912A85BB2FCF199592E8E16A7C405EAF89B02D5DE4AEE ] htcnprot        C:\Windows\system32\DRIVERS\htcnprot.sys
14:14:39.0912 0x22dc  htcnprot - ok
14:14:39.0977 0x22dc  [ 7C7C986776D00E575BFBDE5DCBDC615D, 4CF12851A5A45917C3A9139B19D79434F2038611B617F83A714506CC7A1A6C61 ] HtcVCom32       C:\Windows\system32\DRIVERS\HtcVComV64.sys
14:14:40.0061 0x22dc  HtcVCom32 - ok
14:14:40.0133 0x22dc  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:14:40.0240 0x22dc  HTTP - ok
14:14:41.0138 0x22dc  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:14:41.0156 0x22dc  hwpolicy - ok
14:14:41.0228 0x22dc  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
14:14:41.0256 0x22dc  i8042prt - ok
14:14:41.0426 0x22dc  [ D1753C06EE17E29352B065EACF3F10D0, 4DD4C991FAA3CCF99DF8DC9F8F5DEEDEECD55977F0C3AA8C404DEFD21E32A62B ] iaStor          C:\Windows\system32\drivers\iaStor.sys
14:14:41.0462 0x22dc  iaStor - ok
14:14:41.0681 0x22dc  [ 545462D0DBE24AF379BA869B7C185CCD, 056F9D0D5FD4FEF37665A35A4029722FF60D02A69854E952DC361CC0E5CD26F9 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
14:14:41.0699 0x22dc  IAStorDataMgrSvc - ok
14:14:41.0918 0x22dc  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:14:41.0987 0x22dc  iaStorV - ok
14:14:42.0067 0x22dc  [ 9E3D44CE737388F6BBBB6DD4A1C1847C, 98FD10D07E5801870282D6D0226051193B7D12EF3C8B84DB8365B446E02499DB ] ibtfltcoex      C:\Windows\system32\DRIVERS\iBtFltCoex.sys
14:14:42.0119 0x22dc  ibtfltcoex - ok
14:14:42.0621 0x22dc  [ 3CC7B3BB1A9EA201A040883EDFAA67A0, F543A779BA8CBFD5E0B939844B9CB47A2C05A400C693635F520438C18FFDFAF1 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
14:14:42.0691 0x22dc  IconMan_R - ok
14:14:42.0845 0x22dc  [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
14:14:42.0870 0x22dc  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
14:14:45.0561 0x22dc  Detect skipped due to KSN trusted
14:14:45.0561 0x22dc  IDriverT - ok
14:14:45.0718 0x22dc  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:14:45.0762 0x22dc  idsvc - ok
14:14:46.0083 0x22dc  [ 77AC93E28B5F4DCE317EFA695E3F59E3, 57D510CEE1B777CFB52CECBAB43B0698A53B048B7E0C622473DEA9E03E2D9BEF ] IDSVia64        C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140918.003\IDSvia64.sys
14:14:46.0108 0x22dc  IDSVia64 - ok
14:14:46.0168 0x22dc  IEEtwCollectorService - ok
14:14:46.0505 0x22dc  [ 348214F96642FD4FEF630DE021BA3540, B6A7D2EA41F6866F5AFF5022BB459E5AFF683FF2FF470B84F3E911C8AEC47C30 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
14:14:46.0781 0x22dc  igfx - ok
14:14:46.0844 0x22dc  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
14:14:46.0862 0x22dc  iirsp - ok
14:14:46.0986 0x22dc  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
14:14:47.0041 0x22dc  IKEEXT - ok
14:14:47.0334 0x22dc  [ 91ED47813243B455E2D81115A8255F0E, 278B3D4397DB98513A952E3DDCFF9B6E2572167E200AA5B6046B23A9E80CA04B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:14:47.0415 0x22dc  IntcAzAudAddService - ok
14:14:47.0526 0x22dc  [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
14:14:47.0632 0x22dc  IntcDAud - ok
14:14:47.0842 0x22dc  [ 832CE330DD987227B7DEA8C03F22AEFA, 3DE64D9519D9D865D4C1AA7483D846F0154392B6685BDC451DEC7DA5EA0E2B2E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
14:14:47.0862 0x22dc  Intel(R) Capability Licensing Service Interface - ok
14:14:47.0934 0x22dc  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
14:14:47.0959 0x22dc  intelide - ok
14:14:48.0057 0x22dc  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:14:48.0106 0x22dc  intelppm - ok
14:14:48.0201 0x22dc  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:14:48.0284 0x22dc  IPBusEnum - ok
14:14:48.0316 0x22dc  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:14:48.0380 0x22dc  IpFilterDriver - ok
14:14:48.0584 0x22dc  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:14:48.0673 0x22dc  iphlpsvc - ok
14:14:48.0698 0x22dc  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
14:14:48.0738 0x22dc  IPMIDRV - ok
14:14:48.0783 0x22dc  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:14:48.0824 0x22dc  IPNAT - ok
14:14:49.0029 0x22dc  [ 33B286326BD2B1A7748C43391058FB19, C6240C9ED5B7C227595E953E3D1AB5F2D45CCD86FDBDF985836A970B4B6467FE ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
14:14:49.0084 0x22dc  iPod Service - ok
14:14:49.0115 0x22dc  iPodDrv - ok
14:14:49.0175 0x22dc  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:14:49.0213 0x22dc  IRENUM - ok
14:14:49.0278 0x22dc  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:14:49.0299 0x22dc  isapnp - ok
14:14:49.0356 0x22dc  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
14:14:49.0383 0x22dc  iScsiPrt - ok
14:14:49.0451 0x22dc  [ 492F2DF02CD817CE8D544F96097BD77A, 6EF37BD62A49C9F55845A56498A93A26C109BEC2EBCB65A49908BECEC6FC6371 ] IT9135BDA       C:\Windows\system32\Drivers\IT9135BDA.sys
14:14:49.0475 0x22dc  IT9135BDA - ok
14:14:49.0503 0x22dc  [ 846354992EBB373F452EB9182D501B08, 453459133DCA875E93CAAE9852E652F3794F8C31CE53526C47A181FDBABE6849 ] iusb3hcs        C:\Windows\system32\drivers\iusb3hcs.sys
14:14:49.0514 0x22dc  iusb3hcs - ok
14:14:49.0577 0x22dc  [ 1D88A23853387D34D52CC8F9DDBFC56C, D00083B61E93E7E1D247EAB332787912FCF7605AF7043F071238C50E4A15016B ] iusb3hub        C:\Windows\system32\drivers\iusb3hub.sys
14:14:49.0602 0x22dc  iusb3hub - ok
14:14:49.0752 0x22dc  [ FC5EFD7C797DF19DFB999F0605A7924E, C56CE3840F3B11D81BED38E5F59ABCA190DFB7127F06263193870312A83379AF ] iusb3xhc        C:\Windows\system32\drivers\iusb3xhc.sys
14:14:49.0782 0x22dc  iusb3xhc - ok
14:14:49.0903 0x22dc  [ 13E838EA8652F8451F29301D3B56B17B, 2FE65DDBB0ACFD34227001616D0B66B8748132DB7C0FA9342D3AB404B92732CC ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
14:14:49.0923 0x22dc  jhi_service - ok
14:14:49.0987 0x22dc  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
14:14:50.0006 0x22dc  kbdclass - ok
14:14:50.0058 0x22dc  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
14:14:50.0096 0x22dc  kbdhid - ok
14:14:50.0126 0x22dc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
14:14:50.0146 0x22dc  KeyIso - ok
14:14:50.0193 0x22dc  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:14:50.0215 0x22dc  KSecDD - ok
14:14:50.0234 0x22dc  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:14:50.0245 0x22dc  KSecPkg - ok
14:14:50.0267 0x22dc  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
14:14:50.0319 0x22dc  ksthunk - ok
14:14:50.0357 0x22dc  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:14:50.0438 0x22dc  KtmRm - ok
14:14:50.0512 0x22dc  [ B360D24F23778501501404924AFD0C92, 68A13FFCEB689C7058850BC37A788EEA7FB492BF4FAC192F75C08D96FE79BA1B ] L1C             C:\Windows\system32\DRIVERS\e22w7x64.sys
14:14:50.0534 0x22dc  L1C - ok
14:14:50.0588 0x22dc  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:14:50.0653 0x22dc  LanmanServer - ok
14:14:50.0688 0x22dc  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:14:50.0722 0x22dc  LanmanWorkstation - ok
14:14:50.0769 0x22dc  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:14:50.0828 0x22dc  lltdio - ok
14:14:50.0856 0x22dc  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:14:50.0900 0x22dc  lltdsvc - ok
14:14:50.0939 0x22dc  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:14:51.0003 0x22dc  lmhosts - ok
14:14:51.0081 0x22dc  [ BD9457699AC9C1A0FE43398043617279, 7955D2F5B9CB4FAD53F8D2CCC163FD575714175623F03DA1C3C2495CE3C0F342 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:14:51.0102 0x22dc  LMS - ok
14:14:51.0140 0x22dc  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
14:14:51.0153 0x22dc  LSI_FC - ok
14:14:51.0206 0x22dc  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
14:14:51.0230 0x22dc  LSI_SAS - ok
14:14:51.0287 0x22dc  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
14:14:51.0307 0x22dc  LSI_SAS2 - ok
14:14:51.0381 0x22dc  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
14:14:51.0404 0x22dc  LSI_SCSI - ok
14:14:51.0436 0x22dc  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
14:14:51.0511 0x22dc  luafv - ok
14:14:51.0573 0x22dc  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:14:51.0601 0x22dc  Mcx2Svc - ok
14:14:51.0629 0x22dc  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
14:14:51.0648 0x22dc  megasas - ok
14:14:51.0727 0x22dc  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
14:14:51.0762 0x22dc  MegaSR - ok
14:14:51.0813 0x22dc  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
14:14:51.0832 0x22dc  MEIx64 - ok
14:14:51.0874 0x22dc  [ 71C6748EE8DE938532057EF10B4B7E44, 455175332156939B3CDA4511A2A6C213ABBFDB85EEECA98B6AB014C994F532C4 ] Micro Star SCM  C:\Program Files (x86)\System Control Manager\MSIService.exe

chrissi32123 · 19.09.2014, 13:32

Part2

Code:

ATTFilter

14:14:51.0904 0x22dc  Micro Star SCM - detected UnsignedFile.Multi.Generic ( 1 )
14:15:01.0978 0x22dc  Micro Star SCM ( UnsignedFile.Multi.Generic ) - warning
14:15:01.0978 0x22dc  Force sending object to P2P due to detect: Micro Star SCM
14:15:07.0042 0x22dc  Object send P2P result: true
14:15:09.0824 0x22dc  Microsoft SharePoint Workspace Audit Service - ok
14:15:09.0851 0x22dc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
14:15:09.0905 0x22dc  MMCSS - ok
14:15:09.0929 0x22dc  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
14:15:09.0961 0x22dc  Modem - ok
14:15:09.0987 0x22dc  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:15:10.0012 0x22dc  monitor - ok
14:15:10.0068 0x22dc  [ C030F9E822A057C1A7A9BB4EA3E8877E, 2CCEC87DEB972B6B0196A08D3781002929E9107137FE3A61F1626D3BEE26630A ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
14:15:10.0087 0x22dc  MotioninJoyXFilter - ok
14:15:10.0132 0x22dc  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:15:10.0143 0x22dc  mouclass - ok
14:15:10.0177 0x22dc  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:15:10.0217 0x22dc  mouhid - ok
14:15:10.0257 0x22dc  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:15:10.0276 0x22dc  mountmgr - ok
14:15:10.0343 0x22dc  [ 4E9D8041D352A33332FD6F59A3A78B03, D4E6229B07EF9866993EEE4F6223DC7F1FF1108273FE14A3DC74E65C181DE56A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:15:10.0365 0x22dc  MozillaMaintenance - ok
14:15:10.0381 0x22dc  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:15:10.0396 0x22dc  mpio - ok
14:15:10.0411 0x22dc  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:15:10.0444 0x22dc  mpsdrv - ok
14:15:10.0500 0x22dc  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:15:10.0573 0x22dc  MpsSvc - ok
14:15:10.0608 0x22dc  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:15:10.0621 0x22dc  MRxDAV - ok
14:15:10.0634 0x22dc  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:15:10.0681 0x22dc  mrxsmb - ok
14:15:10.0699 0x22dc  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:15:10.0743 0x22dc  mrxsmb10 - ok
14:15:10.0749 0x22dc  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:15:10.0769 0x22dc  mrxsmb20 - ok
14:15:10.0802 0x22dc  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
14:15:10.0812 0x22dc  msahci - ok
14:15:10.0837 0x22dc  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:15:10.0849 0x22dc  msdsm - ok
14:15:10.0871 0x22dc  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
14:15:10.0886 0x22dc  MSDTC - ok
14:15:10.0913 0x22dc  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:15:10.0971 0x22dc  Msfs - ok
14:15:10.0996 0x22dc  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:15:11.0048 0x22dc  mshidkmdf - ok
14:15:11.0062 0x22dc  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:15:11.0069 0x22dc  msisadrv - ok
14:15:11.0122 0x22dc  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:15:11.0193 0x22dc  MSiSCSI - ok
14:15:11.0195 0x22dc  msiserver - ok
14:15:11.0243 0x22dc  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:15:11.0307 0x22dc  MSKSSRV - ok
14:15:11.0343 0x22dc  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:15:11.0401 0x22dc  MSPCLOCK - ok
14:15:11.0416 0x22dc  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:15:11.0452 0x22dc  MSPQM - ok
14:15:11.0499 0x22dc  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:15:11.0544 0x22dc  MsRPC - ok
14:15:11.0574 0x22dc  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
14:15:11.0584 0x22dc  mssmbios - ok
14:15:11.0652 0x22dc  MSSQL$SQLEXPRESS - ok
14:15:11.0700 0x22dc  [ 7A2A8C975356858EB38466A6B1592E8D, 97C3DFCCBE1BA92EE7E4848993D6F369D543A53344A6512C84EF03E7D737A482 ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
14:15:11.0729 0x22dc  MSSQLServerADHelper100 - ok
14:15:11.0764 0x22dc  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:15:11.0831 0x22dc  MSTEE - ok
14:15:11.0849 0x22dc  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
14:15:11.0886 0x22dc  MTConfig - ok
14:15:11.0904 0x22dc  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
14:15:11.0924 0x22dc  Mup - ok
14:15:11.0977 0x22dc  [ 48C9BA25EDA90E3DB07ADAC8CD32F5F3, 9CAFFECB0F59CC758C646F886D7A9A276A152B94EE58564BD03FBB48C4C7E396 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
14:15:12.0023 0x22dc  MyWiFiDHCPDNS - ok
14:15:12.0072 0x22dc  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
14:15:12.0155 0x22dc  napagent - ok
14:15:12.0208 0x22dc  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:15:12.0236 0x22dc  NativeWifiP - ok
14:15:12.0434 0x22dc  [ 0CB8324F6CB624812FD9D4FE9186F845, 15E939AF3F11FD109BF7678C010F2C9C883DFA375A4A18FDE24B3C960C983B84 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
14:15:12.0462 0x22dc  NAUpdate - ok
14:15:12.0562 0x22dc  [ C180A82874D3CDC390A27F2F1E1AF025, 9F473661524D645D5C1D616BF2BEC2996DFAE9268B7CF280FCCBD19AA072E567 ] NAVENG          C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140918.025\ENG64.SYS
14:15:12.0585 0x22dc  NAVENG - ok
14:15:12.0765 0x22dc  [ E66CA6C321614D7BC0AFC9C8436131B9, BF732419D56E1B8AB3B11B19403087D4EDBF9108F0252ACBB561235040AB4436 ] NAVEX15         C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140918.025\EX64.SYS
14:15:12.0806 0x22dc  NAVEX15 - ok
14:15:12.0930 0x22dc  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:15:12.0999 0x22dc  NDIS - ok
14:15:13.0044 0x22dc  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:15:13.0107 0x22dc  NdisCap - ok
14:15:13.0142 0x22dc  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:15:13.0203 0x22dc  NdisTapi - ok
14:15:13.0270 0x22dc  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:15:13.0326 0x22dc  Ndisuio - ok
14:15:13.0346 0x22dc  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:15:13.0382 0x22dc  NdisWan - ok
14:15:13.0394 0x22dc  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:15:13.0429 0x22dc  NDProxy - ok
14:15:13.0457 0x22dc  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:15:13.0509 0x22dc  NetBIOS - ok
14:15:13.0636 0x22dc  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:15:13.0717 0x22dc  NetBT - ok
14:15:13.0731 0x22dc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
14:15:13.0740 0x22dc  Netlogon - ok
14:15:13.0800 0x22dc  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
14:15:13.0870 0x22dc  Netman - ok
14:15:13.0923 0x22dc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:15:13.0951 0x22dc  NetMsmqActivator - ok
14:15:13.0975 0x22dc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:15:14.0000 0x22dc  NetPipeActivator - ok
14:15:14.0033 0x22dc  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
14:15:14.0065 0x22dc  netprofm - ok
14:15:14.0070 0x22dc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:15:14.0080 0x22dc  NetTcpActivator - ok
14:15:14.0085 0x22dc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:15:14.0095 0x22dc  NetTcpPortSharing - ok
14:15:15.0322 0x22dc  [ FAD6C5610D020534401966CD72A1C306, 49D1AF9682464638BF7AC29A83E090F037543C3AA1F7E5970040633AFD5EAF29 ] NETwNs64        C:\Windows\system32\DRIVERS\Netwsw00.sys
14:15:15.0783 0x22dc  NETwNs64 - ok
14:15:15.0855 0x22dc  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
14:15:15.0873 0x22dc  nfrd960 - ok
14:15:16.0140 0x22dc  [ DA97E7798C1B1B265436BF6B2026E74D, 0A9B176D46E53A5B28262C143410CFB3C4D7ABC12F9F0E0BCE6526E11C01FF4B ] NIS             C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\NIS.exe
14:15:16.0162 0x22dc  NIS - ok
14:15:16.0197 0x22dc  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:15:16.0259 0x22dc  NlaSvc - ok
14:15:16.0318 0x22dc  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:15:16.0382 0x22dc  Npfs - ok
14:15:16.0408 0x22dc  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
14:15:16.0441 0x22dc  nsi - ok
14:15:16.0469 0x22dc  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:15:16.0517 0x22dc  nsiproxy - ok
14:15:16.0784 0x22dc  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:15:16.0855 0x22dc  Ntfs - ok
14:15:16.0886 0x22dc  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
14:15:16.0948 0x22dc  Null - ok
14:15:17.0012 0x22dc  [ A85B4F2EF3A7304A5399EF0526423040, E45854691BA6AE36E53C2922CC93FF13DC2D84CBE7FE13A2F0B1CE1C16D1D158 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
14:15:17.0105 0x22dc  NVENETFD - ok
14:15:17.0174 0x22dc  nvkflt - ok
14:15:18.0118 0x22dc  [ 2232AE1BB51A96A7381A2CA17DF12E24, 4813E27BC14EB3CBD55AF89B098EA5C8DA4C7FF0B6CCB7AACFC43BC0E578C988 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:15:18.0329 0x22dc  nvlddmkm - ok
14:15:18.0775 0x22dc  [ 45D6780D0525D7BC29E2E3605CA73C18, C8BBE8BE9824CD1D3C4314FE370FA03BD6000187B4FC4FC935F8342E1A02FA7E ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
14:15:18.0861 0x22dc  NvNetworkService - ok
14:15:18.0945 0x22dc  [ 30458B18AEA941B1FD3A6A076BE95A71, F3B36E52D63939A89658073E1DEFFCD050EF9B39F643771E846737915012D5FB ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
14:15:18.0963 0x22dc  nvpciflt - ok
14:15:19.0015 0x22dc  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:15:19.0042 0x22dc  nvraid - ok
14:15:19.0068 0x22dc  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:15:19.0083 0x22dc  nvstor - ok
14:15:19.0189 0x22dc  [ A0D870DCE152EE5B92A41AD927201D19, 67FB025CB380D933BF0FDD4AFE9BE4E3C1D69A59865E02A96533BBE9EC260D71 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
14:15:19.0205 0x22dc  NvStreamKms - ok
14:15:21.0194 0x22dc  [ E5597D09E5239C0F908948DB7057AC26, A6045D4D9D2F8007B0F75DAAABB2AD9FEB4A898E33A51ECE9A9D788D8E8F84A4 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
14:15:21.0725 0x22dc  NvStreamSvc - ok
14:15:21.0819 0x22dc  [ 2C8DD5A34A81715865D66D7AF39362A6, 62F9D873127921EE2EAA80B73E8994C4BF6DA7EEDACAEA030B8D58E086FD3850 ] nvsvc           C:\Windows\system32\nvvsvc.exe
14:15:21.0843 0x22dc  nvsvc - ok
14:15:21.0884 0x22dc  [ 75034A4D7C02327D150B617571D4196A, 8E7DAFEC4307E883D52BD0B5F0732E26E019C953770B52ACBBAD3074A66393CB ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
14:15:21.0893 0x22dc  nvvad_WaveExtensible - ok
14:15:21.0929 0x22dc  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:15:21.0952 0x22dc  nv_agp - ok
14:15:21.0974 0x22dc  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:15:21.0994 0x22dc  ohci1394 - ok
14:15:22.0043 0x22dc  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:15:22.0061 0x22dc  ose - ok
14:15:22.0331 0x22dc  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:15:22.0537 0x22dc  osppsvc - ok
14:15:22.0603 0x22dc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:15:22.0691 0x22dc  p2pimsvc - ok
14:15:22.0739 0x22dc  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
14:15:22.0800 0x22dc  p2psvc - ok
14:15:22.0819 0x22dc  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
14:15:22.0841 0x22dc  Parport - ok
14:15:22.0867 0x22dc  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:15:22.0881 0x22dc  partmgr - ok
14:15:22.0931 0x22dc  [ 3CAE2BBC86FCF7F94C9696994AF30386, 4DA063A60523567272CFB35DF5D7CA142B100EF9123B1F23A6F11AB89DB83486 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
14:15:22.0957 0x22dc  PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
14:15:25.0654 0x22dc  Detect skipped due to KSN trusted
14:15:25.0654 0x22dc  PassThru Service - ok
14:15:25.0728 0x22dc  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:15:25.0762 0x22dc  PcaSvc - ok
14:15:25.0790 0x22dc  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
14:15:25.0802 0x22dc  pci - ok
14:15:25.0844 0x22dc  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
14:15:25.0863 0x22dc  pciide - ok
14:15:25.0884 0x22dc  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
14:15:25.0918 0x22dc  pcmcia - ok
14:15:25.0944 0x22dc  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
14:15:25.0952 0x22dc  pcw - ok
14:15:25.0983 0x22dc  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:15:26.0049 0x22dc  PEAUTH - ok
14:15:26.0118 0x22dc  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:15:26.0153 0x22dc  PerfHost - ok
14:15:26.0499 0x22dc  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
14:15:26.0648 0x22dc  pla - ok
14:15:26.0680 0x22dc  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:15:26.0742 0x22dc  PlugPlay - ok
14:15:26.0784 0x22dc  PnkBstrA - ok
14:15:26.0806 0x22dc  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:15:26.0830 0x22dc  PNRPAutoReg - ok
14:15:26.0853 0x22dc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:15:26.0878 0x22dc  PNRPsvc - ok
14:15:26.0981 0x22dc  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:15:27.0041 0x22dc  PolicyAgent - ok
14:15:27.0065 0x22dc  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
14:15:27.0092 0x22dc  Power - ok
14:15:27.0135 0x22dc  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:15:27.0196 0x22dc  PptpMiniport - ok
14:15:27.0217 0x22dc  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
14:15:27.0232 0x22dc  Processor - ok
14:15:27.0262 0x22dc  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
14:15:27.0293 0x22dc  ProfSvc - ok
14:15:27.0311 0x22dc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:15:27.0323 0x22dc  ProtectedStorage - ok
14:15:27.0347 0x22dc  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:15:27.0393 0x22dc  Psched - ok
14:15:27.0451 0x22dc  [ FB46E9A827A8799EBD7BFA9128C91F37, 7C40E9C1720522D76AF45A588DFF47BDF0E2A99AF3A396854A00F1273EA13193 ] PSI             C:\Windows\system32\DRIVERS\psi_mf.sys
14:15:27.0471 0x22dc  PSI - ok
14:15:27.0536 0x22dc  [ 07D57B890DD5693A6AB660CBAE8F91B4, 934895A41C116056E22FE3298418332A9F4280F96E96EEE06C977A4925395674 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
14:15:27.0555 0x22dc  PxHlpa64 - ok
14:15:27.0777 0x22dc  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
14:15:27.0858 0x22dc  ql2300 - ok
14:15:27.0880 0x22dc  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
14:15:27.0890 0x22dc  ql40xx - ok
14:15:28.0003 0x22dc  [ E9D86D705C8A7AA3684D32429AB9B547, 676981DEEC6443A4D7BDD7D3D07B2CC3D78850EDC4CD1094157781ABD4F2388E ] Qualcomm Atheros Killer Service C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
14:15:28.0025 0x22dc  Qualcomm Atheros Killer Service - detected UnsignedFile.Multi.Generic ( 1 )
14:15:30.0701 0x22dc  Detect skipped due to KSN trusted
14:15:30.0701 0x22dc  Qualcomm Atheros Killer Service - ok
14:15:30.0766 0x22dc  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
14:15:30.0799 0x22dc  QWAVE - ok
14:15:30.0845 0x22dc  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:15:30.0866 0x22dc  QWAVEdrv - ok
14:15:30.0882 0x22dc  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:15:30.0925 0x22dc  RasAcd - ok
14:15:30.0985 0x22dc  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:15:31.0058 0x22dc  RasAgileVpn - ok
14:15:31.0117 0x22dc  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
14:15:31.0185 0x22dc  RasAuto - ok
14:15:31.0264 0x22dc  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:15:31.0335 0x22dc  Rasl2tp - ok
14:15:31.0411 0x22dc  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
14:15:31.0487 0x22dc  RasMan - ok
14:15:31.0505 0x22dc  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:15:31.0542 0x22dc  RasPppoe - ok
14:15:31.0560 0x22dc  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:15:31.0605 0x22dc  RasSstp - ok
14:15:31.0622 0x22dc  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:15:31.0662 0x22dc  rdbss - ok
14:15:31.0687 0x22dc  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
14:15:31.0709 0x22dc  rdpbus - ok
14:15:31.0741 0x22dc  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:15:31.0802 0x22dc  RDPCDD - ok
14:15:31.0806 0x22dc  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:15:31.0837 0x22dc  RDPENCDD - ok
14:15:31.0854 0x22dc  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:15:31.0891 0x22dc  RDPREFMP - ok
14:15:31.0940 0x22dc  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:15:31.0976 0x22dc  RdpVideoMiniport - ok
14:15:32.0007 0x22dc  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:15:32.0047 0x22dc  RDPWD - ok
14:15:32.0091 0x22dc  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:15:32.0114 0x22dc  rdyboost - ok
14:15:32.0185 0x22dc  [ 0C2B4C3B10D183BE116A38353E937F62, 2523E6FAB400EA1F9B4A634C1CC427D1D6FDE4B36018FF469470961EB8E432FA ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
14:15:32.0205 0x22dc  RegSrvc - ok
14:15:32.0229 0x22dc  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:15:32.0295 0x22dc  RemoteAccess - ok
14:15:32.0330 0x22dc  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:15:32.0382 0x22dc  RemoteRegistry - ok
14:15:32.0441 0x22dc  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
14:15:32.0469 0x22dc  RFCOMM - ok
14:15:32.0491 0x22dc  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:15:32.0538 0x22dc  RpcEptMapper - ok
14:15:32.0562 0x22dc  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
14:15:32.0583 0x22dc  RpcLocator - ok
14:15:32.0611 0x22dc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
14:15:32.0644 0x22dc  RpcSs - ok
14:15:32.0701 0x22dc  [ CD553B8633466A6D1C115812F2619F1F, B39B38DE8B97209BEABDBF062832A1BDE2303450238B9A4723829958C5C81A6B ] RsFx0103        C:\Windows\system32\DRIVERS\RsFx0103.sys
14:15:32.0731 0x22dc  RsFx0103 - ok
14:15:32.0784 0x22dc  [ EBBFA2B4E317AF86E93FEC4C04D7A9B3, 29480CCA0ACAB2D53D664042A0D7713247EDEBBBD4734783348669EFDE579CA9 ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
14:15:32.0813 0x22dc  RSPCIESTOR - ok
14:15:32.0857 0x22dc  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:15:32.0917 0x22dc  rspndr - ok
14:15:32.0965 0x22dc  [ BAEFEE35D27A5440D35092CE10267BEC, FB550D38C01E07B1170C52C1441874B56DD3BECB10CBE8E132EE3276A05C796E ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
14:15:32.0980 0x22dc  RTL8167 - ok
14:15:33.0060 0x22dc  [ B3F36B4B3F192EA87DDC119F3A0B3E45, DE80502994ED9977AD64483385A0BC0C6060EA9E9C08645E72FBBCFE8B2358C7 ] RTL8192su       C:\Windows\system32\DRIVERS\RTL8192su.sys
14:15:33.0096 0x22dc  RTL8192su - ok
14:15:33.0112 0x22dc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
14:15:33.0123 0x22dc  SamSs - ok
14:15:33.0211 0x22dc  [ 480B9A2A6F46405A6FF5BF227760F4E2, ECDDE0AB894326BE9BB8DB612A6417FAD00D1B3328C76DD52BA5971E7731BA15 ] Samsung Network Fax Server C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe
14:15:33.0238 0x22dc  Samsung Network Fax Server - detected UnsignedFile.Multi.Generic ( 1 )
14:15:35.0918 0x22dc  Detect skipped due to KSN trusted
14:15:35.0918 0x22dc  Samsung Network Fax Server - ok
14:15:35.0955 0x22dc  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:15:35.0973 0x22dc  sbp2port - ok
14:15:36.0050 0x22dc  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:15:36.0139 0x22dc  SCardSvr - ok
14:15:36.0179 0x22dc  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:15:36.0223 0x22dc  scfilter - ok
14:15:36.0346 0x22dc  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
14:15:36.0424 0x22dc  Schedule - ok
14:15:36.0468 0x22dc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:15:36.0491 0x22dc  SCPolicySvc - ok
14:15:36.0557 0x22dc  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
14:15:36.0602 0x22dc  sdbus - ok
14:15:36.0626 0x22dc  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:15:36.0658 0x22dc  SDRSVC - ok
14:15:36.0734 0x22dc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:15:36.0792 0x22dc  secdrv - ok
14:15:36.0815 0x22dc  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
14:15:36.0854 0x22dc  seclogon - ok
14:15:36.0995 0x22dc  [ 306F9390976E41063D21AB9AB6D48122, 77C4814AFC6719059E64492BD4B79A1B3ADA8F9EC4C34B51489983C98AC6E300 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
14:15:37.0046 0x22dc  Secunia PSI Agent - ok
14:15:37.0116 0x22dc  [ 29C852880E9634F8C6BD77A4E68B5B34, A9A5FEB3003AC5B3532275A8B35EEE89C7256F2A6870656FB417854CDC278C1E ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
14:15:37.0147 0x22dc  Secunia Update Agent - ok
14:15:37.0167 0x22dc  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
14:15:37.0201 0x22dc  SENS - ok
14:15:37.0226 0x22dc  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:15:37.0248 0x22dc  SensrSvc - ok
14:15:37.0275 0x22dc  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
14:15:37.0298 0x22dc  Serenum - ok
14:15:37.0328 0x22dc  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
14:15:37.0350 0x22dc  Serial - ok
14:15:37.0391 0x22dc  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
14:15:37.0420 0x22dc  sermouse - ok
14:15:37.0449 0x22dc  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
14:15:37.0512 0x22dc  SessionEnv - ok
14:15:37.0531 0x22dc  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:15:37.0546 0x22dc  sffdisk - ok
14:15:37.0559 0x22dc  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:15:37.0588 0x22dc  sffp_mmc - ok
14:15:37.0596 0x22dc  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:15:37.0628 0x22dc  sffp_sd - ok
14:15:37.0650 0x22dc  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
14:15:37.0685 0x22dc  sfloppy - ok
14:15:37.0739 0x22dc  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:15:37.0801 0x22dc  SharedAccess - ok
14:15:37.0823 0x22dc  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:15:37.0867 0x22dc  ShellHWDetection - ok
14:15:37.0889 0x22dc  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
14:15:37.0898 0x22dc  SiSRaid2 - ok
14:15:37.0922 0x22dc  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
14:15:37.0933 0x22dc  SiSRaid4 - ok
14:15:38.0012 0x22dc  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
14:15:38.0039 0x22dc  SkypeUpdate - ok
14:15:38.0077 0x22dc  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:15:38.0139 0x22dc  Smb - ok
14:15:38.0167 0x22dc  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:15:38.0186 0x22dc  SNMPTRAP - ok
14:15:38.0196 0x22dc  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:15:38.0204 0x22dc  spldr - ok
14:15:38.0232 0x22dc  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
14:15:38.0263 0x22dc  Spooler - ok
14:15:38.0401 0x22dc  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
14:15:38.0514 0x22dc  sppsvc - ok
14:15:38.0535 0x22dc  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
14:15:38.0595 0x22dc  sppuinotify - ok
14:15:38.0714 0x22dc  [ 12E6D95CDE974B131DEFAA44BAB8B056, 3FEF55D97915BDB222E3A60B50D53BBD8D9C0FDFF85EDC025B8EFD33E575E596 ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
14:15:38.0746 0x22dc  SQLAgent$SQLEXPRESS - ok
14:15:38.0803 0x22dc  [ B54B48F6D92423440C264E91225C5FF1, 7484D90CE309555E1FB54F011A2980D8491354223111B7AA16D1D2473570DC19 ] SQLBrowser      c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
14:15:38.0840 0x22dc  SQLBrowser - ok
14:15:38.0894 0x22dc  [ 6D65985945B03CA59B67D0B73702FC7B, B491EEFBCA2BB1145047AAF6A2DA02B012F3530F8B9306425486462358BD82CA ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
14:15:38.0913 0x22dc  SQLWriter - ok
14:15:39.0045 0x22dc  [ F718A57D946EAC76EFCB351D74E269F4, 473AE48BACEE64A9582814951B731BDDDEB48D2E9D407ACEAA3F0850B536DABA ] SRTSP           C:\Windows\System32\Drivers\NISx64\1505000.013\SRTSP64.SYS
14:15:39.0075 0x22dc  SRTSP - ok
14:15:39.0130 0x22dc  [ B18CE01B9C09C59422BA7C7064248B35, B355EE2FBB37C4B0EFFE4DC5E0788A26579266828E7988EDC497B0AE7375F8AB ] SRTSPX          C:\Windows\system32\drivers\NISx64\1505000.013\SRTSPX64.SYS
14:15:39.0147 0x22dc  SRTSPX - ok
14:15:39.0226 0x22dc  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:15:39.0299 0x22dc  srv - ok
14:15:39.0320 0x22dc  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:15:39.0351 0x22dc  srv2 - ok
14:15:39.0369 0x22dc  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:15:39.0397 0x22dc  srvnet - ok
14:15:39.0422 0x22dc  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:15:39.0450 0x22dc  SSDPSRV - ok
14:15:39.0516 0x22dc  [ 0211AB46B73A2623B86C1CFCB30579AB, 7CC9BA2DF7B9EA6BB17EE342898EDD7F54703B93B6DED6A819E83A7EE9F938B4 ] SSPORT          C:\Windows\system32\Drivers\SSPORT.sys
14:15:39.0533 0x22dc  SSPORT - ok
14:15:39.0543 0x22dc  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:15:39.0581 0x22dc  SstpSvc - ok
14:15:39.0675 0x22dc  [ 6E1A473DD2A4714EAF7D11E2315DF794, 4460546191072C7DF8B2E5A00577BA8E4FF5A1B2EA399DDF65EBE1AE4A5A5C84 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
14:15:39.0722 0x22dc  Steam Client Service - ok
14:15:39.0748 0x22dc  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
14:15:39.0767 0x22dc  stexstor - ok
14:15:39.0828 0x22dc  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
14:15:39.0873 0x22dc  stisvc - ok
14:15:39.0900 0x22dc  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
14:15:39.0907 0x22dc  swenum - ok
14:15:39.0929 0x22dc  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
14:15:39.0986 0x22dc  swprv - ok
14:15:40.0043 0x22dc  [ 5C9EE2303CA7F267665D75237862B39C, 5DECD977A823C14B4D980D3DB621BC875231B741653F0450A027FC9E87725F9D ] SymDS           C:\Windows\system32\drivers\NISx64\1505000.013\SYMDS64.SYS
14:15:40.0086 0x22dc  SymDS - ok
14:15:40.0148 0x22dc  [ 9F31630D7FC2DD9D5DA1CE359AAD1F46, 296D29EDF53956D1899DE4669AB429C280DF9F183F00AE1CE528E7C575802235 ] SymEFA          C:\Windows\system32\drivers\NISx64\1505000.013\SYMEFA64.SYS
14:15:40.0191 0x22dc  SymEFA - ok
14:15:40.0243 0x22dc  [ 97E11C50CE52277B377396EA8838E539, E17D03F80E14F961C41F2D54D1EF73D29BF01F38459C5710D786234F8BA3C835 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
14:15:40.0264 0x22dc  SymEvent - ok
14:15:40.0308 0x22dc  [ 6DE89F4CDF0B31A5BAF2855F9D80F8BA, 53064C246732594127E7D927C179FEB8134701D7D8C4A85CB1FE29B82F37A16A ] SymIM           C:\Windows\system32\DRIVERS\SymIMv.sys
14:15:40.0320 0x22dc  SymIM - ok
14:15:40.0349 0x22dc  [ 48C2934683CBD06F662B088EEF49EF6A, 2212A3588C28F33EFCB1D34618B3054EBBAC6731D177A581D21D1F969FE040C0 ] SymIRON         C:\Windows\system32\drivers\NISx64\1505000.013\Ironx64.SYS
14:15:40.0365 0x22dc  SymIRON - ok
14:15:40.0417 0x22dc  [ 5570A74FF9B1EFBC5154DD1E2F05C517, 2C883A0334CBE4AE257028805C9BB1E529A80F56BA6D341E8EBB83CB3E46FEB7 ] SymNetS         C:\Windows\System32\Drivers\NISx64\1505000.013\SYMNETS.SYS
14:15:40.0440 0x22dc  SymNetS - ok
14:15:40.0505 0x22dc  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
14:15:40.0576 0x22dc  SysMain - ok
14:15:40.0590 0x22dc  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:15:40.0616 0x22dc  TabletInputService - ok
14:15:40.0661 0x22dc  [ 4EF44915E522F3ECD1A3FF540AA64126, 3B7ABB4B263F5DC7E12BEBD0512A13877236E0C020B7FE618EE84FAB3E3BF991 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
14:15:40.0693 0x22dc  tap0901 - ok
14:15:40.0733 0x22dc  [ 2A6F99C1E2D25C4C920A37E07BB26291, DB83FEF542AA73945D693B23BCDA04C3037E0C042F7FDDECA2CEE6DA6EADD3F7 ] taphss6         C:\Windows\system32\DRIVERS\taphss6.sys
14:15:40.0749 0x22dc  taphss6 - ok
14:15:40.0771 0x22dc  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:15:40.0832 0x22dc  TapiSrv - ok
14:15:40.0843 0x22dc  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
14:15:40.0867 0x22dc  TBS - ok
14:15:40.0990 0x22dc  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:15:41.0048 0x22dc  Tcpip - ok
14:15:41.0118 0x22dc  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:15:41.0155 0x22dc  TCPIP6 - ok
14:15:41.0179 0x22dc  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:15:41.0214 0x22dc  tcpipreg - ok
14:15:41.0240 0x22dc  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:15:41.0267 0x22dc  TDPIPE - ok
14:15:41.0293 0x22dc  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:15:41.0313 0x22dc  TDTCP - ok
14:15:41.0327 0x22dc  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:15:41.0378 0x22dc  tdx - ok
14:15:41.0594 0x22dc  [ 5CEF407E235885DB5421DF79C843F2DF, B85D7C8A137B15BDF14DB9588CEDB09C67B0C7965F8E79121E2BA7796B16777C ] TeamViewer9     C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
14:15:41.0681 0x22dc  TeamViewer9 - ok
14:15:41.0703 0x22dc  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
14:15:41.0711 0x22dc  TermDD - ok
14:15:41.0779 0x22dc  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
14:15:41.0832 0x22dc  TermService - ok
14:15:41.0851 0x22dc  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
14:15:41.0864 0x22dc  Themes - ok
14:15:41.0887 0x22dc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
14:15:41.0912 0x22dc  THREADORDER - ok
14:15:41.0926 0x22dc  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
14:15:41.0965 0x22dc  TrkWks - ok
14:15:42.0010 0x22dc  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:15:42.0065 0x22dc  TrustedInstaller - ok
14:15:42.0089 0x22dc  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:15:42.0099 0x22dc  tssecsrv - ok
14:15:42.0156 0x22dc  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:15:42.0190 0x22dc  TsUsbFlt - ok
14:15:42.0214 0x22dc  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
14:15:42.0238 0x22dc  TsUsbGD - ok
14:15:42.0375 0x22dc  [ 3A662A6774405C325BE0CBCFB6BD140F, D175AEDF95B755601D835A54367A7D497BD8FC9162B9A3518B638B8D566942A2 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
14:15:42.0419 0x22dc  TuneUp.UtilitiesSvc - ok
14:15:42.0447 0x22dc  [ 7BC3381C0713F613B31ACDE38B71CB53, 275A6CB6A6157270C35FD7D6213D0D99030AEE5AE852E0D929CBE879C63FAB2F ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys
14:15:42.0454 0x22dc  TuneUpUtilitiesDrv - ok
14:15:42.0499 0x22dc  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:15:42.0525 0x22dc  tunnel - ok
14:15:42.0546 0x22dc  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
14:15:42.0556 0x22dc  uagp35 - ok
14:15:42.0578 0x22dc  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:15:42.0631 0x22dc  udfs - ok
14:15:42.0659 0x22dc  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:15:42.0691 0x22dc  UI0Detect - ok
14:15:42.0764 0x22dc  [ 5B99D25F5CA1F20CCED62381ED41793E, 672B40021E0C623ED8C7E3203261837B43A5EE750E59DAFC4D6EAC4911B12F44 ] UimBus          C:\Windows\system32\DRIVERS\UimBus.sys
14:15:42.0786 0x22dc  UimBus - ok
14:15:42.0848 0x22dc  [ 67F428FA5F059A974529ECBA6A6C9D71, 912BCAEC818317AFD051351D5EAAF3B5EC8E5AD3CC9C1B8FC17F5DB78829615A ] Uim_DEVIM       C:\Windows\system32\DRIVERS\uim_devim.sys
14:15:42.0866 0x22dc  Uim_DEVIM - ok
14:15:42.0907 0x22dc  [ 76E93AD89DEC20EE2AF99E17183F85AB, 4ED49ADA41FA2BFDCC11861241428E23E8396E72BE10929FF01F0FE48D3DF2C2 ] Uim_IM          C:\Windows\system32\DRIVERS\uim_im.sys
14:15:42.0936 0x22dc  Uim_IM - ok
14:15:43.0002 0x22dc  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:15:43.0022 0x22dc  uliagpkx - ok
14:15:43.0068 0x22dc  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
14:15:43.0107 0x22dc  umbus - ok
14:15:43.0151 0x22dc  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
14:15:43.0179 0x22dc  UmPass - ok
14:15:43.0253 0x22dc  [ F76057596EF65049869098677AB72C30, 4EE9353243CB64D0A3AFE060924D93225FB2EB085212F3AEC7A862FFF449C82A ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
14:15:43.0277 0x22dc  UNS - ok
14:15:43.0311 0x22dc  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
14:15:43.0383 0x22dc  upnphost - ok
14:15:43.0422 0x22dc  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
14:15:43.0443 0x22dc  USBAAPL64 - ok
14:15:43.0485 0x22dc  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
14:15:43.0531 0x22dc  usbaudio - ok
14:15:43.0568 0x22dc  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:15:43.0604 0x22dc  usbccgp - ok
14:15:43.0644 0x22dc  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:15:43.0671 0x22dc  usbcir - ok
14:15:43.0696 0x22dc  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
14:15:43.0715 0x22dc  usbehci - ok
14:15:43.0774 0x22dc  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:15:43.0821 0x22dc  usbhub - ok
14:15:43.0841 0x22dc  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
14:15:43.0851 0x22dc  usbohci - ok
14:15:43.0870 0x22dc  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
14:15:43.0893 0x22dc  usbprint - ok
14:15:43.0915 0x22dc  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:15:43.0942 0x22dc  USBSTOR - ok
14:15:43.0963 0x22dc  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
14:15:43.0983 0x22dc  usbuhci - ok
14:15:44.0025 0x22dc  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
14:15:44.0066 0x22dc  usbvideo - ok
14:15:44.0096 0x22dc  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
14:15:44.0149 0x22dc  UxSms - ok
14:15:44.0221 0x22dc  [ 09A0C45C7D51A1F80432178F93A39A3D, 254847DCD4B1585CF73C1C67D244C79594A5335289B1E5C059AED9E4B3B00EA7 ] UxTuneUp        C:\Windows\System32\uxtuneup.dll
14:15:44.0238 0x22dc  UxTuneUp - ok
14:15:44.0250 0x22dc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
14:15:44.0264 0x22dc  VaultSvc - ok
14:15:44.0304 0x22dc  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:15:44.0316 0x22dc  vdrvroot - ok
14:15:44.0352 0x22dc  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
14:15:44.0416 0x22dc  vds - ok
14:15:44.0454 0x22dc  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:15:44.0477 0x22dc  vga - ok
14:15:44.0491 0x22dc  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:15:44.0545 0x22dc  VgaSave - ok
14:15:44.0580 0x22dc  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
14:15:44.0609 0x22dc  vhdmp - ok
14:15:44.0659 0x22dc  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
14:15:44.0677 0x22dc  viaide - ok
14:15:44.0720 0x22dc  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:15:44.0738 0x22dc  volmgr - ok
14:15:44.0760 0x22dc  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:15:44.0785 0x22dc  volmgrx - ok
14:15:44.0793 0x22dc  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:15:44.0807 0x22dc  volsnap - ok
14:15:44.0838 0x22dc  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
14:15:44.0850 0x22dc  vsmraid - ok
14:15:44.0918 0x22dc  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
14:15:44.0990 0x22dc  VSS - ok
14:15:45.0003 0x22dc  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
14:15:45.0028 0x22dc  vwifibus - ok
14:15:45.0063 0x22dc  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
14:15:45.0104 0x22dc  vwififlt - ok
14:15:45.0120 0x22dc  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
14:15:45.0132 0x22dc  vwifimp - ok
14:15:45.0152 0x22dc  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
14:15:45.0183 0x22dc  W32Time - ok
14:15:45.0207 0x22dc  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
14:15:45.0225 0x22dc  WacomPen - ok
14:15:45.0261 0x22dc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:15:45.0309 0x22dc  WANARP - ok
14:15:45.0341 0x22dc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:15:45.0364 0x22dc  Wanarpv6 - ok
14:15:45.0462 0x22dc  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
14:15:45.0518 0x22dc  WatAdminSvc - ok
14:15:45.0580 0x22dc  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
14:15:45.0664 0x22dc  wbengine - ok
14:15:45.0689 0x22dc  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:15:45.0726 0x22dc  WbioSrvc - ok
14:15:45.0755 0x22dc  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:15:45.0789 0x22dc  wcncsvc - ok
14:15:45.0805 0x22dc  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:15:45.0826 0x22dc  WcsPlugInService - ok
14:15:45.0854 0x22dc  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
14:15:45.0862 0x22dc  Wd - ok
14:15:45.0894 0x22dc  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:15:45.0929 0x22dc  Wdf01000 - ok
14:15:45.0940 0x22dc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:15:45.0969 0x22dc  WdiServiceHost - ok
14:15:45.0981 0x22dc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:15:45.0995 0x22dc  WdiSystemHost - ok
14:15:46.0017 0x22dc  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
14:15:46.0043 0x22dc  WebClient - ok
14:15:46.0062 0x22dc  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:15:46.0100 0x22dc  Wecsvc - ok
14:15:46.0115 0x22dc  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:15:46.0155 0x22dc  wercplsupport - ok
14:15:46.0186 0x22dc  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:15:46.0221 0x22dc  WerSvc - ok
14:15:46.0266 0x22dc  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:15:46.0304 0x22dc  WfpLwf - ok
14:15:46.0315 0x22dc  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:15:46.0325 0x22dc  WIMMount - ok
14:15:46.0347 0x22dc  WinDefend - ok
14:15:46.0368 0x22dc  WinHttpAutoProxySvc - ok
14:15:46.0435 0x22dc  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:15:46.0490 0x22dc  Winmgmt - ok
14:15:46.0606 0x22dc  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
14:15:46.0697 0x22dc  WinRM - ok
14:15:46.0756 0x22dc  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
14:15:46.0784 0x22dc  WinUsb - ok
14:15:46.0827 0x22dc  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:15:46.0868 0x22dc  Wlansvc - ok
14:15:46.0920 0x22dc  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:15:46.0938 0x22dc  wlcrasvc - ok
14:15:47.0050 0x22dc  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:15:47.0115 0x22dc  wlidsvc - ok
14:15:47.0156 0x22dc  [ 14DC5897BC6C4E03C023AD80ABB7F539, E0C528555C0FCE726AF170B26A5DE4D1863BC0731365A595322444FC8E05931E ] WmBEnum         C:\Windows\system32\drivers\WmBEnum.sys
14:15:47.0163 0x22dc  WmBEnum - ok
14:15:47.0204 0x22dc  [ 2DE0A0CEA49972C82C7E9D36BD4C1247, 363632409DF88DEFABD0B67E4A26DC287749F4C39C7C7C5C879480B1ED866B95 ] WmFilter        C:\Windows\system32\drivers\WmFilter.sys
14:15:47.0222 0x22dc  WmFilter - ok
14:15:47.0236 0x22dc  [ 68AD463151D0E2325C8307A4C7A8808E, E8477B017E4A043D86E40CA4ADDC38F9D702CE1E41265AD78F8F78AD25296F63 ] WmHidLo         C:\Windows\system32\drivers\WmHidLo.sys
14:15:47.0252 0x22dc  WmHidLo - ok
14:15:47.0290 0x22dc  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
14:15:47.0324 0x22dc  WmiAcpi - ok
14:15:47.0373 0x22dc  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:15:47.0415 0x22dc  wmiApSrv - ok
14:15:47.0452 0x22dc  WMPNetworkSvc - ok
14:15:47.0469 0x22dc  [ 53C12AE1183F3F7787F1F1835001CCC0, 48CEE3AA45DE3CA140C9BC5E7791F0CA72FB2CF7E42B0B1AF7FC42B78A414F68 ] WmVirHid        C:\Windows\system32\drivers\WmVirHid.sys
14:15:47.0486 0x22dc  WmVirHid - ok
14:15:47.0504 0x22dc  [ C807E470CCA24F5E479DA4872A7D2121, 900273726C62D0815BACC15F9CCBF2E9389CB2E572D6D855B6B65B24853D0288 ] WmXlCore        C:\Windows\system32\drivers\WmXlCore.sys
14:15:47.0515 0x22dc  WmXlCore - ok
14:15:47.0560 0x22dc  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:15:47.0582 0x22dc  WPCSvc - ok
14:15:47.0597 0x22dc  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:15:47.0613 0x22dc  WPDBusEnum - ok
14:15:47.0634 0x22dc  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:15:47.0669 0x22dc  ws2ifsl - ok
14:15:47.0682 0x22dc  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
14:15:47.0697 0x22dc  wscsvc - ok
14:15:47.0699 0x22dc  WSearch - ok
14:15:47.0746 0x22dc  [ 82E8F5AA03DF7DBDB8A33F700D5D8CDA, 7EEB1B8F1430AFB06A18DC6107DBDD57EBBF473FF96F3578481EB89724823393 ] wsvd            C:\Windows\system32\DRIVERS\wsvd.sys
14:15:47.0770 0x22dc  wsvd - ok
14:15:47.0891 0x22dc  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
14:15:47.0961 0x22dc  wuauserv - ok
14:15:47.0989 0x22dc  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:15:48.0011 0x22dc  WudfPf - ok
14:15:48.0059 0x22dc  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:15:48.0088 0x22dc  WUDFRd - ok
14:15:48.0117 0x22dc  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:15:48.0149 0x22dc  wudfsvc - ok
14:15:48.0192 0x22dc  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:15:48.0248 0x22dc  WwanSvc - ok
14:15:48.0331 0x22dc  X6va011 - ok
14:15:48.0361 0x22dc  [ 9176C0822FAA649E45121875BE32F5D2, B7A7A906A7BB0F760ED241F998C647D728C4DB5D8778AFE585DF38331165803F ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
14:15:48.0380 0x22dc  xusb21 - ok
14:15:48.0530 0x22dc  [ D2FE4103450E52CB248D842501F84B90, 0775E540B5ACEE6FA90FC7BE87F45EB005F6593CDA252D64EBC509A350DDA038 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
14:15:48.0604 0x22dc  ZeroConfigService - ok
14:15:48.0643 0x22dc  ================ Scan global ===============================
14:15:48.0662 0x22dc  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
14:15:48.0692 0x22dc  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
14:15:48.0724 0x22dc  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
14:15:48.0757 0x22dc  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
14:15:48.0791 0x22dc  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
14:15:48.0804 0x22dc  [ Global ] - ok
14:15:48.0805 0x22dc  ================ Scan MBR ==================================
14:15:48.0816 0x22dc  [ EB2571B16B316C9FE5AA1C4797FF61EE ] \Device\Harddisk0\DR0
14:15:50.0672 0x22dc  \Device\Harddisk0\DR0 - ok
14:15:50.0907 0x22dc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
14:15:51.0065 0x22dc  \Device\Harddisk1\DR1 - ok
14:15:51.0066 0x22dc  ================ Scan VBR ==================================
14:15:51.0086 0x22dc  [ 521BA6E06CF73128BB0825C3637A31E0 ] \Device\Harddisk0\DR0\Partition1
14:15:51.0093 0x22dc  \Device\Harddisk0\DR0\Partition1 - ok
14:15:51.0120 0x22dc  [ A92C9D97972FA72550918592FD9F4190 ] \Device\Harddisk0\DR0\Partition2
14:15:51.0125 0x22dc  \Device\Harddisk0\DR0\Partition2 - ok
14:15:51.0160 0x22dc  [ 121166EE9892762636D0A33CEB381717 ] \Device\Harddisk0\DR0\Partition3
14:15:51.0165 0x22dc  \Device\Harddisk0\DR0\Partition3 - ok
14:15:51.0169 0x22dc  [ ED606336DA49BB42EAC5386DE5CEBD49 ] \Device\Harddisk1\DR1\Partition1
14:15:51.0172 0x22dc  \Device\Harddisk1\DR1\Partition1 - ok
14:15:51.0173 0x22dc  ================ Scan generic autorun ======================
14:15:51.0173 0x22dc  ETDCtrl - ok
14:15:52.0115 0x22dc  [ 28088AA5192A3EF0BEE6BE4497AE52CC, 10521683582416B37C3B90CED0AACE33C8FA7DB9FCF8C5FC7856704BE098EECA ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
14:15:52.0492 0x22dc  RTHDVCPL - ok
14:15:52.0723 0x22dc  [ 2F1CDD465E74E123A29C5C7CF0CF8E6F, CC29CD38095CBDEE4298BADBF6A6A20B6D485D3B0CEC76BFC0C61090B0EEA12A ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
14:15:52.0780 0x22dc  RtHDVBg_Dolby - ok
14:15:52.0783 0x22dc  BTMTrayAgent - ok
14:15:52.0927 0x22dc  [ 2BC796293D7591AFA9DF3ABFF6D51875, DE22B212E27999BBFA0997E9C70966B4F36652DACE492FBFADDB554D3B612E73 ] C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
14:15:52.0953 0x22dc  Dolby Home Theater v4 - ok
14:15:53.0039 0x22dc  [ 4D1DA8CE5E364D22B4FF00F163194514, 165DE474309206A0F51266F19EDB4AF3D7BAD19FDA61B636AEE7A04278DBBC2C ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
14:15:53.0062 0x22dc  USB3MON - ok
14:15:53.0321 0x22dc  [ A592C5D62F7CE1115D273A1ECFE9DADB, 4AEA61FB2D3072A1B2D377F3C543E1C761777F8B2C201E7498DE7438CD1A9228 ] C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
14:15:53.0432 0x22dc  MGSysCtrl - detected UnsignedFile.Multi.Generic ( 1 )
14:15:56.0205 0x22dc  Detect skipped due to KSN trusted
14:15:56.0205 0x22dc  MGSysCtrl - ok
14:15:56.0598 0x22dc  [ AE8B2BF59CCC82391B0988DBCDB9B2BF, C0C0A43E67153686533395E532A42AD8B32CDA746DE361647A8BFFB75FC3F65B ] C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe
14:15:56.0741 0x22dc  Hercules DJ Series - ok
14:15:56.0916 0x22dc  [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
14:15:56.0937 0x22dc  BCSSync - ok
14:15:57.0063 0x22dc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:15:57.0140 0x22dc  Sidebar - ok
14:15:57.0174 0x22dc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:15:57.0218 0x22dc  mctadmin - ok
14:15:57.0274 0x22dc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:15:57.0305 0x22dc  Sidebar - ok
14:15:57.0309 0x22dc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:15:57.0322 0x22dc  mctadmin - ok
14:15:57.0323 0x22dc  Waiting for KSN requests completion. In queue: 10
14:15:58.0323 0x22dc  Waiting for KSN requests completion. In queue: 10
14:15:59.0323 0x22dc  Waiting for KSN requests completion. In queue: 6
14:16:00.0340 0x22dc  AV detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\WSCStub.exe ( 21.5.0.0 ), 0x51000 ( enabled : updated )
14:16:00.0341 0x22dc  FW detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\WSCStub.exe ( 21.5.0.0 ), 0x51010 ( enabled )
14:16:03.0037 0x22dc  ============================================================
14:16:03.0037 0x22dc  Scan finished
14:16:03.0037 0x22dc  ============================================================
14:16:03.0050 0x22d4  Detected object count: 1
14:16:03.0050 0x22d4  Actual detected object count: 1
14:16:37.0747 0x22d4  Micro Star SCM ( UnsignedFile.Multi.Generic ) - skipped by user
14:16:37.0747 0x22d4  Micro Star SCM ( UnsignedFile.Multi.Generic ) - User select action: Skip

schrauber · 20.09.2014, 07:03

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

chrissi32123 · 20.09.2014, 10:00

Combofix hat nochmal gemeckert obwohl ich Norton Internet Security Deaktiviert hatte.

Log:

Code:

ATTFilter

ComboFix 14-09-18.01 - Christian 20.09.2014  10:45:57.1.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.16281.13333 [GMT 2:00]
ausgeführt von:: c:\users\Christian\Desktop\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
FW: Norton Internet Security *Disabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
SP: Norton Internet Security *Enabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\Christian\20130624065516396_0001.jpg
c:\users\Christian\20130624065545297_0001.jpg
c:\users\Christian\Favorites\keylogger.exe
c:\windows\SysWow64\AF15BDAEX.dll
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-08-20 bis 2014-09-20  ))))))))))))))))))))))))))))))
.
.
2014-09-20 08:54 . 2014-09-20 08:54	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-09-16 15:00 . 2014-09-16 15:02	--------	d-----w-	C:\FRST
2014-09-15 15:57 . 2014-09-15 15:59	--------	d-----w-	c:\users\Christian\AppData\Local\ftblauncher
2014-09-15 15:57 . 2014-09-15 15:58	--------	d-----w-	c:\users\Christian\AppData\Roaming\ftblauncher
2014-09-14 21:24 . 2014-09-14 21:26	--------	d-----w-	C:\NPE
2014-09-14 21:21 . 2014-09-14 21:44	--------	d-----w-	c:\users\Christian\AppData\Local\NPE
2014-09-14 15:59 . 2014-06-27 02:08	2777088	----a-w-	c:\windows\system32\msmpeg2vdec.dll
2014-09-14 15:59 . 2014-06-27 01:45	2285056	----a-w-	c:\windows\SysWow64\msmpeg2vdec.dll
2014-09-14 15:57 . 2014-08-01 11:53	1031168	----a-w-	c:\windows\system32\TSWorkspace.dll
2014-09-14 15:57 . 2014-08-01 11:35	793600	----a-w-	c:\windows\SysWow64\TSWorkspace.dll
2014-09-14 15:57 . 2014-09-05 02:10	578048	----a-w-	c:\windows\system32\aepdu.dll
2014-09-14 15:57 . 2014-09-05 02:05	424448	----a-w-	c:\windows\system32\aeinv.dll
2014-09-14 15:56 . 2014-06-24 03:29	2565120	----a-w-	c:\windows\system32\d3d10warp.dll
2014-09-14 15:56 . 2014-06-24 02:59	1987584	----a-w-	c:\windows\SysWow64\d3d10warp.dll
2014-09-14 15:56 . 2014-07-07 02:06	728064	----a-w-	c:\windows\system32\kerberos.dll
2014-09-14 15:56 . 2014-07-07 01:40	550912	----a-w-	c:\windows\SysWow64\kerberos.dll
2014-09-14 15:56 . 2014-07-07 02:06	1460736	----a-w-	c:\windows\system32\lsasrv.dll
2014-09-14 15:56 . 2014-07-07 01:40	22016	----a-w-	c:\windows\SysWow64\secur32.dll
2014-09-14 15:56 . 2014-07-07 01:39	96768	----a-w-	c:\windows\SysWow64\sspicli.dll
2014-09-04 21:07 . 2014-09-04 21:07	--------	d-----w-	c:\users\Christian\AppData\Local\1BN_(www.1bn.in)
2014-09-04 21:07 . 2014-09-04 21:07	--------	d-----w-	c:\program files (x86)\mHotspot
2014-09-04 18:48 . 2014-09-04 18:48	--------	d-----w-	c:\users\Christian\AppData\Local\mHotspot_Inc
2014-08-28 23:16 . 2014-08-23 02:07	404480	----a-w-	c:\windows\system32\gdi32.dll
2014-08-28 23:16 . 2014-08-23 01:45	311808	----a-w-	c:\windows\SysWow64\gdi32.dll
2014-08-28 23:16 . 2014-08-23 00:59	3163648	----a-w-	c:\windows\system32\win32k.sys
2014-08-28 20:47 . 2014-08-28 20:47	--------	d-----w-	c:\program files (x86)\IVONA
2014-08-28 13:24 . 2014-09-05 18:58	--------	d-----w-	c:\users\Christian\AppData\Roaming\vlc
2014-08-22 18:02 . 2014-08-24 18:20	--------	d-----w-	c:\users\Christian\AppData\Local\Adobe
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-14 16:49 . 2012-12-24 20:01	701104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-09-14 16:49 . 2011-12-01 21:26	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-14 16:48 . 2013-02-09 16:49	10036224	----a-w-	c:\windows\SysWow64\FlashPlayerInstaller.exe
2014-09-14 16:00 . 2011-07-18 20:31	101694776	----a-w-	c:\windows\system32\MRT.exe
2014-09-04 16:31 . 2011-03-29 01:36	23256	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-08-20 20:49 . 2013-11-07 21:53	297088	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2014-08-20 20:49 . 2013-02-23 16:46	297088	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2014-08-20 20:49 . 2013-02-23 13:53	280904	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2014-08-19 16:44 . 2013-02-23 13:53	76152	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2014-07-25 13:50 . 2014-06-27 13:15	1291280	----a-w-	c:\windows\SysWow64\nvspbridge.dll
2014-07-25 13:50 . 2014-06-27 13:15	1126480	----a-w-	c:\windows\SysWow64\nvspcap.dll
2014-07-25 13:50 . 2014-06-27 13:15	1715224	----a-w-	c:\windows\system32\nvspbridge64.dll
2014-07-25 13:50 . 2014-06-27 13:15	1283136	----a-w-	c:\windows\system32\nvspcap64.dll
2014-07-25 00:35 . 2014-07-25 00:35	875688	----a-w-	c:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 21:47 . 2014-07-24 21:47	869544	----a-w-	c:\windows\system32\msvcr120_clr0400.dll
2014-07-16 03:23 . 2014-08-16 12:18	2048	----a-w-	c:\windows\system32\tzres.dll
2014-07-16 02:46 . 2014-08-16 12:18	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2014-07-14 02:02 . 2014-08-16 12:16	1216000	----a-w-	c:\windows\system32\rpcrt4.dll
2014-07-14 01:40 . 2014-08-16 12:16	664064	----a-w-	c:\windows\SysWow64\rpcrt4.dll
2014-07-09 02:03 . 2014-08-16 12:17	7168	----a-w-	c:\windows\system32\KBDYAK.DLL
2014-07-09 02:03 . 2014-08-16 12:17	7168	----a-w-	c:\windows\system32\KBDTAT.DLL
2014-07-09 02:03 . 2014-08-16 12:17	7168	----a-w-	c:\windows\system32\KBDRU1.DLL
2014-07-09 02:03 . 2014-08-16 12:17	6656	----a-w-	c:\windows\system32\KBDRU.DLL
2014-07-09 02:03 . 2014-08-16 12:17	7168	----a-w-	c:\windows\system32\KBDBASH.DLL
2014-07-09 01:31 . 2014-08-16 12:17	7168	----a-w-	c:\windows\SysWow64\KBDYAK.DLL
2014-07-09 01:31 . 2014-08-16 12:17	6656	----a-w-	c:\windows\SysWow64\KBDBASH.DLL
2014-07-02 20:48 . 2014-08-17 19:37	944928	----a-w-	c:\windows\system32\NvIFR64.dll
2014-07-02 20:48 . 2014-08-17 19:37	907096	----a-w-	c:\windows\SysWow64\NvIFR.dll
2014-07-02 20:48 . 2014-08-17 19:37	903624	----a-w-	c:\windows\system32\NvFBC64.dll
2014-07-02 20:48 . 2014-08-17 19:37	869152	----a-w-	c:\windows\SysWow64\NvFBC.dll
2014-07-02 20:48 . 2014-08-17 19:37	354016	----a-w-	c:\windows\system32\nvoglshim64.dll
2014-07-02 20:48 . 2014-08-17 19:37	32544	----a-w-	c:\windows\system32\drivers\nvpciflt.sys
2014-07-02 20:48 . 2014-08-17 19:37	31512520	----a-w-	c:\windows\system32\nvoglv64.dll
2014-07-02 20:48 . 2014-08-17 19:37	305600	----a-w-	c:\windows\SysWow64\nvoglshim32.dll
2014-07-02 20:48 . 2014-08-17 19:37	24196896	----a-w-	c:\windows\SysWow64\nvoglv32.dll
2014-07-02 20:48 . 2014-08-17 19:37	1890080	----a-w-	c:\windows\system32\nvdispco6434052.dll
2014-07-02 20:48 . 2014-08-17 19:37	18626304	----a-w-	c:\windows\system32\nvwgf2umx.dll
2014-07-02 20:48 . 2014-08-17 19:37	16122344	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2014-07-02 20:48 . 2014-08-17 19:37	1539928	----a-w-	c:\windows\system32\nvdispgenco6434052.dll
2014-07-02 20:48 . 2014-08-17 19:37	13922752	----a-w-	c:\windows\system32\nvopencl.dll
2014-07-02 20:48 . 2014-08-17 19:37	12866008	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys
2014-07-02 20:48 . 2014-08-17 19:37	11283344	----a-w-	c:\windows\SysWow64\nvopencl.dll
2014-07-02 20:48 . 2014-08-17 19:37	4247000	----a-w-	c:\windows\system32\nvcuvid.dll
2014-07-02 20:48 . 2014-08-17 19:37	3989960	----a-w-	c:\windows\SysWow64\nvcuvid.dll
2014-07-02 20:48 . 2014-08-17 19:37	22994208	----a-w-	c:\windows\system32\nvcompiler.dll
2014-07-02 20:48 . 2014-08-17 19:37	17555104	----a-w-	c:\windows\system32\nvd3dumx.dll
2014-07-02 20:48 . 2014-08-17 19:37	15294296	----a-w-	c:\windows\SysWow64\nvcompiler.dll
2014-07-02 20:48 . 2014-08-17 19:37	13835208	----a-w-	c:\windows\system32\nvcuda.dll
2014-07-02 20:48 . 2014-08-17 19:37	11222048	----a-w-	c:\windows\SysWow64\nvcuda.dll
2014-07-02 20:48 . 2014-03-30 04:43	14498552	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2014-07-02 20:48 . 2013-12-22 23:28	965312	----a-w-	c:\windows\system32\nvumdshimx.dll
2014-07-02 20:48 . 2013-12-22 23:28	846832	----a-w-	c:\windows\SysWow64\nvumdshim.dll
2014-07-02 20:48 . 2013-12-22 23:28	3196816	----a-w-	c:\windows\system32\nvapi64.dll
2014-07-02 20:48 . 2013-12-22 23:28	2814656	----a-w-	c:\windows\SysWow64\nvapi.dll
2014-07-02 20:48 . 2013-12-22 23:28	166568	----a-w-	c:\windows\system32\nvinitx.dll
2014-07-02 20:48 . 2013-12-22 23:28	146480	----a-w-	c:\windows\SysWow64\nvinit.dll
2014-07-02 18:55 . 2014-03-30 04:11	6783776	----a-w-	c:\windows\system32\nvcpl.dll
2014-07-02 18:55 . 2014-03-30 04:11	3522392	----a-w-	c:\windows\system32\nvsvc64.dll
2014-07-02 18:55 . 2014-03-30 04:11	935368	----a-w-	c:\windows\system32\nvvsvc.exe
2014-07-02 18:55 . 2014-03-30 04:11	67072	----a-w-	c:\windows\system32\nv3dappshextr.dll
2014-07-02 18:55 . 2014-03-30 04:11	62808	----a-w-	c:\windows\system32\nvshext.dll
2014-07-02 18:55 . 2014-03-30 04:11	386520	----a-w-	c:\windows\system32\nvmctray.dll
2014-07-02 18:55 . 2014-03-30 04:11	2559960	----a-w-	c:\windows\system32\nvsvcr.dll
2014-07-02 18:55 . 2014-03-30 04:11	1084704	----a-w-	c:\windows\system32\nv3dappshext.dll
2014-07-02 10:14 . 2014-03-30 04:11	3826628	----a-w-	c:\windows\system32\nvcoproc.bin
2014-06-30 22:24 . 2014-08-15 20:18	8856	----a-w-	c:\windows\system32\icardres.dll
2014-06-30 22:14 . 2014-08-15 20:18	8856	----a-w-	c:\windows\SysWow64\icardres.dll
2014-06-25 02:05 . 2014-08-16 12:18	14175744	----a-w-	c:\windows\system32\shell32.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08	131480	----a-w-	c:\users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08	131480	----a-w-	c:\users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08	131480	----a-w-	c:\users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2011-12-21 507744]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-27 291608]
"MGSysCtrl"="c:\program files (x86)\System Control Manager\MGSysCtrl.exe" [2011-06-29 2482176]
"Hercules DJ Series"="c:\program files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe" [2011-12-29 3399240]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux9"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"IAStorIcon"=c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Wondershare Helper Compact"="c:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
"Wondershare Helper Compact.exe"=c:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 iPodDrv;iPodDrv;c:\windows\system32\drivers\iPodDrv.sys;c:\windows\SYSNATIVE\drivers\iPodDrv.sys [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys;c:\windows\SYSNATIVE\drivers\btmaud.sys [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 Bulk;HDJBulk;c:\windows\system32\Drivers\HDJBulk.sys;c:\windows\SYSNATIVE\Drivers\HDJBulk.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\drivers\ETD.sys;c:\windows\SYSNATIVE\drivers\ETD.sys [x]
R3 HDJAsioK;HDJAsioK;c:\windows\system32\Drivers\HDJAsioK.sys;c:\windows\SYSNATIVE\Drivers\HDJAsioK.sys [x]
R3 HDJMidi;Hercules DJ Console Rmx MIDI;c:\windows\system32\DRIVERS\HDJMidi.sys;c:\windows\SYSNATIVE\DRIVERS\HDJMidi.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 HtcVCom32;HTC Diagnostic Port;c:\windows\system32\DRIVERS\HtcVComV64.sys;c:\windows\SYSNATIVE\DRIVERS\HtcVComV64.sys [x]
R3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\Drivers\IT9135BDA.sys;c:\windows\SYSNATIVE\Drivers\IT9135BDA.sys [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]
R3 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R3 X6va011;X6va011;c:\windows\SysWOW64\Drivers\X6va011;c:\windows\SysWOW64\Drivers\X6va011 [x]
R4 MSSQLServerADHelper100;SQL Server Hilfsdienst für Active Directory;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvkflt.sys [x]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0103.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server-Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1505000.013\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1505000.013\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1505000.013\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1505000.013\SYMEFA64.SYS [x]
S1 BfLwf;Bigfoot Networks Bandwidth Control;c:\windows\system32\DRIVERS\bflwfx64.sys;c:\windows\SYSNATIVE\DRIVERS\bflwfx64.sys [x]
S1 BHDrvx64;BHDrvx64;c:\program files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140912.003\BHDrvx64.sys;c:\program files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140912.003\BHDrvx64.sys [x]
S1 ccSet_NIS;NIS Settings Manager;c:\windows\system32\drivers\NISx64\1505000.013\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NISx64\1505000.013\ccSetx64.sys [x]
S1 IDSVia64;IDSVia64;c:\program files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140919.001\IDSvia64.sys;c:\program files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140919.001\IDSvia64.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1505000.013\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1505000.013\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1505000.013\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NISx64\1505000.013\SYMNETS.SYS [x]
S1 Uim_DEVIM;UIM Direct Device Image Plugin;c:\windows\system32\DRIVERS\uim_devim.sys;c:\windows\SYSNATIVE\DRIVERS\uim_devim.sys [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 HerculesDJControlMP3;Hercules DJ Control MP3;c:\program files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE;c:\program files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [x]
S2 HTCMonitorService;HTCMonitorService;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\System Control Manager\MSIService.exe;c:\program files (x86)\System Control Manager\MSIService.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\21.5.0.19\NIS.exe;c:\program files (x86)\Norton Internet Security\Engine\21.5.0.19\NIS.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 Qualcomm Atheros Killer Service;Qualcomm Atheros Killer Service;c:\program files\Qualcomm Atheros\Killer Network Manager\BFNService.exe;c:\program files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [x]
S2 Samsung Network Fax Server;Samsung Network Fax Server;c:\windows\system32\spool\drivers\x64\3\NetFaxServer64.exe;c:\windows\SYSNATIVE\spool\drivers\x64\3\NetFaxServer64.exe [x]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\drivers\iusb3hub.sys;c:\windows\SYSNATIVE\drivers\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\drivers\iusb3xhc.sys;c:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for the Killer e2200 PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\e22w7x64.sys;c:\windows\SYSNATIVE\DRIVERS\e22w7x64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-14 20:28	1096520	----a-w-	c:\program files (x86)\Google\Chrome\Application\37.0.2062.120\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-09-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-24 16:49]
.
2014-09-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-24 14:15]
.
2014-09-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-24 14:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2014-02-11 02:21	644464	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2014-02-11 02:21	644464	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2014-02-11 02:21	644464	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08	164760	----a-w-	c:\users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08	164760	----a-w-	c:\users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08	164760	----a-w-	c:\users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08	164760	----a-w-	c:\users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-20 13374568]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 2277992]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-12-20 11406608]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2009-01-21 123400]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-14 172144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-14 399984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-14 441968]
"CDAServer"="c:\program files\Common Files\Common Desktop Agent\CDASrv.exe" [2012-02-20 456704]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-07-25 2403104]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-07-25 1283136]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=20.3.1.22
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = localhost;127.0.0.1
IE: An OneNote s&enden - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4
LSP: %SYSTEMROOT%\system32\BfLLR.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.73.254
FF - ProfilePath - c:\users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\zbih5gha.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\21.5.0.19\NIS.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\21.5.0.19\diMaster.dll\" /prefetch:1"
"ImagePath"="\SystemRoot\System32\Drivers\NISx64\1505000.013\SYMNETS.SYS"
"TrustedImagePaths"="c:\program files (x86)\Norton Internet Security\Engine\21.5.0.19;c:\program files (x86)\Norton Internet Security\Engine64\21.5.0.19"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va011]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va011"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_152.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_152.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_152.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_152.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-09-20  10:57:03
ComboFix-quarantined-files.txt  2014-09-20 08:57
.
Vor Suchlauf: 14 Verzeichnis(se), 39.880.609.792 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 39.693.701.120 Bytes frei
.
- - End Of File - - 02B8769DA99967CBD00D526720CF7FE6

schrauber · 20.09.2014, 17:42

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

chrissi32123 · 21.09.2014, 12:08

mbam.txt

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 21.09.2014
Suchlauf-Zeit: 12:16:22
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.09.21.02
Rootkit Datenbank: v2014.09.19.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Christian

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 374767
Verstrichene Zeit: 12 Min, 1 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 11
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, In Quarantäne, [96b03bb598e3e155b07e7f44b949758b], 
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, In Quarantäne, [96b03bb598e3e155b07e7f44b949758b], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, In Quarantäne, [32148d635427e452ef85853e4db54fb1], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, In Quarantäne, [44028d632a517bbb6510efd4c042847c], 
PUP.Optional.EasyLife.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{01bd49d7-c76b-4310-8beb-14d7e5f322c6}, In Quarantäne, [41057f71bebdaf8703fa7a48cc3654ac], 
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\DataMngr, In Quarantäne, [9da90ee24833dc5a3a9a4ad2e023a55b], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, In Quarantäne, [242225cb89f231051b6b05357a890000], 
PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-3181025288-2607898056-3576324558-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, In Quarantäne, [1e28965a7902c274cc76c1903bc92ad6], 
PUP.Optional.BabylonToolBar.A, HKU\S-1-5-21-3181025288-2607898056-3576324558-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BabylonToolbar, In Quarantäne, [fd49b040e09b69cd8611292a7b892fd1], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-3181025288-2607898056-3576324558-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Iminent, In Quarantäne, [2c1a658ba9d2b87ec7c0ed4dc43fce32], 
PUP.Optional.Softonic.A, HKU\S-1-5-21-3181025288-2607898056-3576324558-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, In Quarantäne, [8bbb27c97cff3501962b0c1c83809a66], 

Registrierungswerte: 2
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{D4027C7F-154A-4066-A1AD-4243D8127440}, In Quarantäne, [8abc35bb1c5f1224dfbe14b2b54d3ec2], 
PUP.Optional.FrostwireTB.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{D4027C7F-154A-4066-A1AD-4243D8127440}, In Quarantäne, [8abc35bb1c5f1224dfbe14b2b54d3ec2], 

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 1
PUP.Optional.Iminent.A, C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage, In Quarantäne, [fa4c7080ed8ef04654ffd251c34001ff], 

Physische Sektoren: 0
(No malicious items detected)


(end)

ADWcleanerLog:

Code:

ATTFilter

# AdwCleaner v3.310 - Bericht erstellt am 21/09/2014 um 12:36:47
# Aktualisiert 12/09/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Christian - CHRISTIANS-PC
# Gestartet von : C:\Users\Christian\Desktop\AdwCleaner_3.310.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\Program Files (x86)\EasyLife
Ordner Gelöscht : C:\Users\Christian\AppData\Local\apn
Ordner Gelöscht : C:\Users\Christian\AppData\LocalLow\Delta
Ordner Gelöscht : C:\Users\Christian\AppData\Roaming\B1Toolbar
Ordner Gelöscht : C:\Users\Christian\AppData\Roaming\simplitec
Datei Gelöscht : C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\zbih5gha.default\invalidprefs.js
Datei Gelöscht : C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\zbih5gha.default\user.js

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\APN_ATU3__RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\APN_ATU3__RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASMANCS
Schlüssel Gelöscht : HKCU\Software\596da8ab76fbf41
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_secunia-psi_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_secunia-psi_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_visual-basic-2010-express_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_visual-basic-2010-express_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKCU\Software\anchorfree
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\BI
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\PIP
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\SOFTWARE\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\PIP
Schlüssel Gelöscht : HKLM\SOFTWARE\SProtector
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Mozilla Firefox v31.0 (x86 de)

[ Datei : C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\zbih5gha.default\prefs.js ]

Zeile gelöscht : user_pref("browser.search.order.1", "Ask.com");

-\\ Google Chrome v37.0.2062.120

[ Datei : C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [15032 octets] - [21/09/2014 12:33:17]
AdwCleaner[S0].txt - [14327 octets] - [21/09/2014 12:36:47]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [14388 octets] ##########

JRT Logfile:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.9 (09.20.2014:1)
OS: Windows 7 Home Premium x64
Ran by Christian on 21.09.2014 at 12:46:28,86
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-3181025288-2607898056-3576324558-1001\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3181025288-2607898056-3576324558-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2BB00D0C-ADF8-404B-8752-9D064DF8699E}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\Christian\appdata\local\{06C457F9-B4C2-4008-94DE-13A8EB80C1AE}
Successfully deleted: [Empty Folder] C:\Users\Christian\appdata\local\{3C357FA9-5808-4429-AD1A-CC19BCA053F4}
Successfully deleted: [Empty Folder] C:\Users\Christian\appdata\local\{463DB898-7D4F-46DF-9E3D-0506BC8EAF20}
Successfully deleted: [Empty Folder] C:\Users\Christian\appdata\local\{80047C0A-B123-4AFD-AD8C-EB5D24AB74FE}
Successfully deleted: [Empty Folder] C:\Users\Christian\appdata\local\{E7A6CC6A-E619-4D33-A11E-87D3218437F3}
Successfully deleted: [Empty Folder] C:\Users\Christian\appdata\local\{F0FC4E10-87C2-4A4C-B4B0-750B859A3C63}
Successfully deleted: [Empty Folder] C:\Users\Christian\appdata\local\{F55A8DBA-745D-461A-9557-E211C49CE1C2}



~~~ FireFox

Emptied folder: C:\Users\Christian\AppData\Roaming\mozilla\firefox\profiles\zbih5gha.default\minidumps [5 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21.09.2014 at 12:59:33,60
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Christian (administrator) on CHRISTIANS-PC on 21-09-2014 13:05:57
Running from C:\Users\Christian\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Hercules®) C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\System Control Manager\MSIService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\nis.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(ITE Tech. Inc.) C:\Windows\System32\IRMonitor.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
(Hercules®) C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\nis.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2598696 2012-02-29] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-12-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [123400 2009-01-21] (Logitech Inc.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [456704 2012-02-20] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [507744 2011-12-21] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [MGSysCtrl] => C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe [2482176 2011-06-29] (Micro-Star International Co., Ltd.)
HKLM-x32\...\Run: [Hercules DJ Series] => C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe [3399240 2011-12-29] (Hercules®)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs:  C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs: , C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32:  C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=20.3.1.22
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchURL = hxxp://home.microsoft.com/access/autosearch.asp?p=%s
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.73.254

FireFox:
========
FF ProfilePath: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\zbih5gha.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll No File
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Scriptish - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\zbih5gha.default\Extensions\scriptish@erikvold.com.xpi [2013-04-19]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn [2014-09-21]

Chrome: 
=======
CHR Profile: C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-08-27]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (AdBlock) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-27]
CHR Extension: (Ghostery) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-08-27]
CHR Extension: (Google Wallet) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 HerculesDJControlMP3; C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [18944 2011-12-01] (Hercules®) [File not signed]
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-10] (Nero AG)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [162648 2012-03-15] (Intel Corporation)
R2 Micro Star SCM; C:\Program Files (x86)\System Control Manager\MSIService.exe [160768 2009-07-10] (Micro-Star International Co., Ltd.) [File not signed]
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\NIS.exe [276376 2014-07-31] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-08-19] ()
R2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [492032 2012-02-23] () [File not signed]
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [239616 2012-09-18] (Samsung Electronics Co., Ltd.) [File not signed]
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1225312 2012-11-26] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [659040 2012-11-26] (Secunia)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2412344 2014-01-28] (TuneUp Software)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [75880 2012-02-23] (Bigfoot Networks, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140912.003\BHDrvx64.sys [1586904 2014-09-13] (Symantec Corporation)
S3 Bulk; C:\Windows\System32\Drivers\HDJBulk.sys [229200 2011-12-27] (© Guillemot R&D, 2010. All rights reserved.)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1505000.013\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-14] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-14] (Symantec Corporation)
S3 HDJAsioK; C:\Windows\System32\Drivers\HDJAsioK.sys [297808 2011-12-27] (© Guillemot R&D, 2010. All rights reserved.)
S3 HDJMidi; C:\Windows\System32\DRIVERS\HDJMidi.sys [251728 2011-12-27] (© Guillemot R&D, 2011. All rights reserved.)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140919.001\IDSvia64.sys [633560 2014-08-27] (Symantec Corporation)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [165504 2013-01-29] (ITE                      )
R3 L1C; C:\Windows\System32\DRIVERS\e22w7x64.sys [159848 2012-02-23] (Qualcomm Atheros, Inc.)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140920.001\ENG64.SYS [129752 2014-09-18] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140920.001\EX64.SYS [2137304 2014-09-18] (Symantec Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1505000.013\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1505000.013\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1505000.013\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1505000.013\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-09] (Symantec Corporation)
R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [78936 2013-09-10] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1505000.013\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1505000.013\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-10-16] (Anchorfree Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-07-19] (TuneUp Software)
R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102664 2014-01-23] ()
R1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25992 2014-01-23] ()
R1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [700680 2014-01-23] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S2 iPodDrv; \??\C:\Windows\system32\drivers\iPodDrv.sys [X]
S4 nvkflt; system32\DRIVERS\nvkflt.sys [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-21 13:05 - 2014-09-21 13:05 - 00000000 ____D () C:\Users\Christian\Desktop\FRST Alt
2014-09-21 12:59 - 2014-09-21 12:59 - 00002836 _____ () C:\Users\Christian\Desktop\JRT.txt
2014-09-21 12:46 - 2014-09-21 12:46 - 00000000 ____D () C:\Windows\ERUNT
2014-09-21 12:33 - 2014-09-21 12:36 - 00000000 ____D () C:\AdwCleaner
2014-09-21 12:29 - 2014-09-21 12:29 - 00003563 _____ () C:\Users\Christian\Desktop\mbam.txt
2014-09-21 12:06 - 2014-09-21 12:06 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-21 12:05 - 2014-09-21 12:05 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-21 12:05 - 2014-09-21 12:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-21 12:05 - 2014-09-21 12:05 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-21 12:05 - 2014-09-21 12:05 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-21 12:05 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-21 12:05 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-21 12:05 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-21 12:01 - 2014-09-21 12:02 - 01027006 _____ (Thisisu) C:\Users\Christian\Desktop\JRT.exe
2014-09-21 12:01 - 2014-09-21 12:01 - 01373475 _____ () C:\Users\Christian\Desktop\AdwCleaner_3.310.exe
2014-09-21 12:00 - 2014-09-21 12:02 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Christian\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-21 00:31 - 2014-09-21 00:35 - 00000000 ____D () C:\Program Files (x86)\WinMX
2014-09-21 00:31 - 2014-09-21 00:31 - 00000913 _____ () C:\Users\Public\Desktop\WinMX.lnk
2014-09-21 00:31 - 2014-09-21 00:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinMX
2014-09-20 17:17 - 2014-09-20 17:17 - 00038882 _____ () C:\ComboFix.txt
2014-09-20 10:43 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-09-20 10:43 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-09-20 10:43 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-09-20 10:43 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-09-20 10:43 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-09-20 10:43 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-09-20 10:43 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-09-20 10:41 - 2014-09-20 17:17 - 00000000 ____D () C:\Qoobox
2014-09-20 10:41 - 2014-09-20 10:55 - 00000000 ____D () C:\Windows\erdnt
2014-09-20 10:35 - 2014-09-20 10:35 - 05578824 ____R (Swearware) C:\Users\Christian\Desktop\ComboFix.exe
2014-09-19 14:08 - 2014-09-19 14:08 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Christian\Desktop\tdsskiller.exe
2014-09-17 17:57 - 2014-09-21 13:05 - 00026268 _____ () C:\Users\Christian\Downloads\FRST.txt
2014-09-17 17:56 - 2014-09-17 17:57 - 00067653 _____ () C:\Users\Christian\Downloads\Addition.txt
2014-09-16 19:34 - 2014-09-16 19:35 - 00291088 _____ () C:\Windows\Minidump\091614-81385-01.dmp
2014-09-16 17:00 - 2014-09-21 13:05 - 00000000 ____D () C:\FRST
2014-09-16 16:59 - 2014-09-16 16:59 - 02105856 _____ (Farbar) C:\Users\Christian\Downloads\FRST64.exe
2014-09-16 16:51 - 2014-09-16 16:51 - 00347816 _____ (Microsoft Corporation) C:\Users\Christian\Downloads\MicrosoftFixit.maintenance.FISC.1334309823228445.1.1.Run.exe
2014-09-15 17:58 - 2014-09-15 18:07 - 00000000 ____D () C:\Users\Christian\Desktop\FTB
2014-09-15 17:57 - 2014-09-15 17:59 - 00000000 ____D () C:\Users\Christian\AppData\Local\ftblauncher
2014-09-15 17:57 - 2014-09-15 17:58 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\ftblauncher
2014-09-15 17:56 - 2014-09-15 17:56 - 04980105 _____ () C:\Users\Christian\Desktop\launcher^FTB_Launcher.exe
2014-09-14 23:24 - 2014-09-14 23:26 - 00000000 ____D () C:\NPE
2014-09-14 23:21 - 2014-09-14 23:44 - 00000000 ____D () C:\Users\Christian\AppData\Local\NPE
2014-09-14 18:13 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-14 18:13 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-14 18:13 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-14 18:13 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-14 18:13 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-14 18:13 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-14 18:13 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-14 18:13 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-14 18:13 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-14 18:13 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-14 18:13 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-14 18:13 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-14 18:13 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-14 18:13 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-14 18:13 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-14 18:13 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-14 18:13 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-14 18:13 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-14 18:13 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-14 18:13 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-14 18:13 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-14 18:13 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-14 18:13 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-14 18:13 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-14 18:13 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-14 18:13 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-14 18:13 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-14 18:13 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-14 18:13 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-14 18:13 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-14 18:13 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-14 18:13 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-14 18:13 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-14 18:13 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-14 18:13 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-14 18:13 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-14 18:13 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-14 18:13 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-14 18:13 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-14 18:13 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-14 18:13 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-14 18:13 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-14 18:13 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-14 18:13 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-14 18:13 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-14 18:13 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-14 18:13 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-14 18:13 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-14 18:13 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-14 18:13 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-14 18:13 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-14 18:13 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-14 18:13 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-14 18:13 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-14 18:13 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-14 18:13 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-14 17:59 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-14 17:59 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-14 17:57 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-14 17:57 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-14 17:57 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-14 17:57 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-14 17:56 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-14 17:56 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-14 17:56 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-14 17:56 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-14 17:56 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-14 17:56 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-14 17:56 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-05 21:04 - 2014-09-05 21:04 - 00000000 ____D () C:\Users\Christian\Desktop\08 - 2014 - German TOP100 Single Charts 18.08.2014
2014-09-04 23:07 - 2014-09-04 23:07 - 00001015 _____ () C:\Users\Public\Desktop\mHotspot.lnk
2014-09-04 23:07 - 2014-09-04 23:07 - 00000000 ____D () C:\Users\Christian\AppData\Local\1BN_(www.1bn.in)
2014-09-04 23:07 - 2014-09-04 23:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mHotspot
2014-09-04 23:07 - 2014-09-04 23:07 - 00000000 ____D () C:\Program Files (x86)\mHotspot
2014-09-04 23:05 - 2014-09-04 23:05 - 00832581 _____ (1BN Software Pvt. Ltd. ) C:\Users\Christian\Downloads\mHotspot_setup_7.6.0.0.exe
2014-09-04 20:48 - 2014-09-04 20:48 - 00000000 ____D () C:\Users\Christian\AppData\Local\mHotspot_Inc
2014-08-29 01:16 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-29 01:16 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-29 01:16 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-28 22:47 - 2014-08-28 22:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IVONA
2014-08-28 22:47 - 2014-08-28 22:47 - 00000000 ____D () C:\Program Files (x86)\IVONA
2014-08-28 22:34 - 2014-08-28 22:34 - 00184573 _____ () C:\Users\Christian\Documents\Unbenannt.wma
2014-08-28 18:34 - 2014-08-28 18:34 - 00000965 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Speech Recognition Macros.lnk
2014-08-28 15:24 - 2014-09-05 20:58 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\vlc
2014-08-28 15:23 - 2014-08-28 15:23 - 00001074 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-28 15:23 - 2014-08-28 15:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-08-28 15:19 - 2014-08-28 15:21 - 24743106 _____ () C:\Users\Christian\Downloads\vlc-2.1.5-win32.exe
2014-08-27 11:42 - 2014-08-27 11:42 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-08-26 19:38 - 2014-08-26 19:38 - 00363041 _____ () C:\Users\Christian\Documents\Deckblatt_ Ausbildung_Sowi.pptx
2014-08-25 18:36 - 2014-08-25 18:36 - 00000000 ____D () C:\Users\Christian\Documents\Respawn
2014-08-25 18:35 - 2014-09-05 21:49 - 00001186 _____ () C:\Users\Public\Desktop\Titanfall.lnk
2014-08-25 03:47 - 2014-08-25 03:47 - 00001202 _____ () C:\Users\Public\Desktop\Battlefield 4.lnk
2014-08-24 21:40 - 2014-08-24 21:40 - 00000000 ____D () C:\Users\Christian\Documents\My Cheat Tables
2014-08-24 21:36 - 2014-08-24 21:38 - 09052192 _____ (Cheat Engine ) C:\Users\Christian\Downloads\CheatEngine64.exe
2014-08-24 20:32 - 2014-08-24 20:33 - 00000058 _____ () C:\Users\Christian\Desktop\Youtube Account.txt
2014-08-24 11:27 - 2014-08-24 11:27 - 00000000 ____D () C:\Users\Christian\Desktop\Bewerbung
2014-08-22 20:02 - 2014-08-24 20:20 - 00000000 ____D () C:\Users\Christian\AppData\Local\Adobe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-21 13:06 - 2014-09-17 17:57 - 00026268 _____ () C:\Users\Christian\Downloads\FRST.txt
2014-09-21 13:05 - 2014-09-21 13:05 - 00000000 ____D () C:\Users\Christian\Desktop\FRST Alt
2014-09-21 13:05 - 2014-09-16 17:00 - 00000000 ____D () C:\FRST
2014-09-21 12:59 - 2014-09-21 12:59 - 00002836 _____ () C:\Users\Christian\Desktop\JRT.txt
2014-09-21 12:48 - 2012-12-24 22:01 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-21 12:47 - 2009-07-14 06:45 - 00024800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-21 12:47 - 2009-07-14 06:45 - 00024800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-21 12:46 - 2014-09-21 12:46 - 00000000 ____D () C:\Windows\ERUNT
2014-09-21 12:42 - 2012-12-24 16:20 - 00000000 ____D () C:\Users\Christian\Documents\Youcam
2014-09-21 12:41 - 2013-12-24 23:09 - 00000000 ____D () C:\Users\Christian\AppData\Local\HTC MediaHub
2014-09-21 12:40 - 2013-01-29 15:13 - 00000098 _____ () C:\monitor.log
2014-09-21 12:40 - 2012-12-24 16:16 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-21 12:39 - 2014-04-04 16:56 - 00045969 _____ () C:\Windows\setupact.log
2014-09-21 12:39 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-21 12:38 - 2014-04-04 16:55 - 00108438 _____ () C:\Windows\PFRO.log
2014-09-21 12:37 - 2013-06-08 21:01 - 02060954 _____ () C:\Windows\WindowsUpdate.log
2014-09-21 12:36 - 2014-09-21 12:33 - 00000000 ____D () C:\AdwCleaner
2014-09-21 12:29 - 2014-09-21 12:29 - 00003563 _____ () C:\Users\Christian\Desktop\mbam.txt
2014-09-21 12:27 - 2012-12-24 16:16 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-21 12:06 - 2014-09-21 12:06 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-21 12:05 - 2014-09-21 12:05 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-21 12:05 - 2014-09-21 12:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-21 12:05 - 2014-09-21 12:05 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-21 12:05 - 2014-09-21 12:05 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-21 12:02 - 2014-09-21 12:01 - 01027006 _____ (Thisisu) C:\Users\Christian\Desktop\JRT.exe
2014-09-21 12:02 - 2014-09-21 12:00 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Christian\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-21 12:01 - 2014-09-21 12:01 - 01373475 _____ () C:\Users\Christian\Desktop\AdwCleaner_3.310.exe
2014-09-21 00:35 - 2014-09-21 00:31 - 00000000 ____D () C:\Program Files (x86)\WinMX
2014-09-21 00:31 - 2014-09-21 00:31 - 00000913 _____ () C:\Users\Public\Desktop\WinMX.lnk
2014-09-21 00:31 - 2014-09-21 00:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinMX
2014-09-21 00:03 - 2012-12-24 17:11 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\Skype
2014-09-20 23:54 - 2013-03-04 22:13 - 00000000 ____D () C:\Users\Christian\Documents\Outlook-Dateien
2014-09-20 23:52 - 2013-01-08 18:56 - 01836580 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-20 23:52 - 2011-05-16 16:04 - 00769402 _____ () C:\Windows\system32\perfh007.dat
2014-09-20 23:52 - 2011-05-16 16:04 - 00176100 _____ () C:\Windows\system32\perfc007.dat
2014-09-20 23:50 - 2013-02-27 19:30 - 00000000 ____D () C:\Users\Christian\AppData\Local\CrashDumps
2014-09-20 17:17 - 2014-09-20 17:17 - 00038882 _____ () C:\ComboFix.txt
2014-09-20 17:17 - 2014-09-20 10:41 - 00000000 ____D () C:\Qoobox
2014-09-20 17:16 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-09-20 10:57 - 2014-04-22 20:59 - 00000000 ____D () C:\Users\dub_cm_auto
2014-09-20 10:57 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-09-20 10:55 - 2014-09-20 10:41 - 00000000 ____D () C:\Windows\erdnt
2014-09-20 10:53 - 2012-12-24 16:19 - 00000000 ____D () C:\Users\Christian
2014-09-20 10:35 - 2014-09-20 10:35 - 05578824 ____R (Swearware) C:\Users\Christian\Desktop\ComboFix.exe
2014-09-19 16:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-19 14:08 - 2014-09-19 14:08 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Christian\Desktop\tdsskiller.exe
2014-09-18 23:21 - 2012-12-27 20:57 - 00000000 ____D () C:\ProgramData\Origin
2014-09-18 16:03 - 2012-12-27 20:57 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-17 20:21 - 2013-10-22 18:34 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-09-17 17:57 - 2014-09-17 17:56 - 00067653 _____ () C:\Users\Christian\Downloads\Addition.txt
2014-09-16 19:35 - 2014-09-16 19:34 - 00291088 _____ () C:\Windows\Minidump\091614-81385-01.dmp
2014-09-16 19:34 - 2013-05-23 15:37 - 00000000 ____D () C:\Windows\Minidump
2014-09-16 16:59 - 2014-09-16 16:59 - 02105856 _____ (Farbar) C:\Users\Christian\Downloads\FRST64.exe
2014-09-16 16:51 - 2014-09-16 16:51 - 00347816 _____ (Microsoft Corporation) C:\Users\Christian\Downloads\MicrosoftFixit.maintenance.FISC.1334309823228445.1.1.Run.exe
2014-09-15 18:10 - 2013-03-29 22:40 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\.minecraft
2014-09-15 18:07 - 2014-09-15 17:58 - 00000000 ____D () C:\Users\Christian\Desktop\FTB
2014-09-15 17:59 - 2014-09-15 17:57 - 00000000 ____D () C:\Users\Christian\AppData\Local\ftblauncher
2014-09-15 17:58 - 2014-09-15 17:57 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\ftblauncher
2014-09-15 17:56 - 2014-09-15 17:56 - 04980105 _____ () C:\Users\Christian\Desktop\launcher^FTB_Launcher.exe
2014-09-15 16:25 - 2009-07-14 07:13 - 01807410 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-14 23:44 - 2014-09-14 23:21 - 00000000 ____D () C:\Users\Christian\AppData\Local\NPE
2014-09-14 23:26 - 2014-09-14 23:24 - 00000000 ____D () C:\NPE
2014-09-14 23:22 - 2012-12-24 16:38 - 00000000 ____D () C:\ProgramData\Norton
2014-09-14 18:49 - 2012-12-24 22:01 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-14 18:49 - 2012-12-24 22:01 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-14 18:49 - 2011-12-01 23:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-14 18:48 - 2013-02-09 18:49 - 10036224 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-09-14 18:12 - 2012-12-24 19:49 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-14 18:09 - 2013-07-14 20:20 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-14 18:00 - 2011-07-18 22:31 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-14 17:59 - 2014-05-01 15:25 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-14 17:46 - 2013-01-27 19:35 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\TS3Client
2014-09-14 17:44 - 2013-01-27 19:34 - 00000000 ____D () C:\Users\Christian\AppData\Local\TeamSpeak 3 Client
2014-09-05 21:49 - 2014-08-25 18:35 - 00001186 _____ () C:\Users\Public\Desktop\Titanfall.lnk
2014-09-05 21:48 - 2014-05-23 14:40 - 00092897 _____ () C:\Windows\DirectX.log
2014-09-05 21:17 - 2013-11-28 22:03 - 00000520 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-09-05 21:04 - 2014-09-05 21:04 - 00000000 ____D () C:\Users\Christian\Desktop\08 - 2014 - German TOP100 Single Charts 18.08.2014
2014-09-05 20:58 - 2014-08-28 15:24 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\vlc
2014-09-05 04:10 - 2014-09-14 17:57 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 04:05 - 2014-09-14 17:57 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-04 23:07 - 2014-09-04 23:07 - 00001015 _____ () C:\Users\Public\Desktop\mHotspot.lnk
2014-09-04 23:07 - 2014-09-04 23:07 - 00000000 ____D () C:\Users\Christian\AppData\Local\1BN_(www.1bn.in)
2014-09-04 23:07 - 2014-09-04 23:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mHotspot
2014-09-04 23:07 - 2014-09-04 23:07 - 00000000 ____D () C:\Program Files (x86)\mHotspot
2014-09-04 23:05 - 2014-09-04 23:05 - 00832581 _____ (1BN Software Pvt. Ltd. ) C:\Users\Christian\Downloads\mHotspot_setup_7.6.0.0.exe
2014-09-04 23:04 - 2013-11-28 22:52 - 00000000 ____D () C:\Program Files (x86)\Virtual Router
2014-09-04 20:48 - 2014-09-04 20:48 - 00000000 ____D () C:\Users\Christian\AppData\Local\mHotspot_Inc
2014-09-04 18:50 - 2012-12-24 19:59 - 00000000 ___RD () C:\Users\Christian\Desktop\Nicht benutzte Desktop Symbole
2014-08-30 15:59 - 2013-12-16 22:27 - 00000000 ____D () C:\Users\Christian\Documents\Speech Macros
2014-08-29 03:20 - 2013-07-30 12:16 - 05260432 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-28 22:47 - 2014-08-28 22:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IVONA
2014-08-28 22:47 - 2014-08-28 22:47 - 00000000 ____D () C:\Program Files (x86)\IVONA
2014-08-28 22:34 - 2014-08-28 22:34 - 00184573 _____ () C:\Users\Christian\Documents\Unbenannt.wma
2014-08-28 18:56 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-08-28 18:34 - 2014-08-28 18:34 - 00000965 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Speech Recognition Macros.lnk
2014-08-28 18:34 - 2013-12-16 22:27 - 00000000 ____D () C:\Program Files (x86)\WSRMacros
2014-08-28 18:27 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-28 15:23 - 2014-08-28 15:23 - 00001074 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-28 15:23 - 2014-08-28 15:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-08-28 15:22 - 2013-07-02 11:42 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-28 15:21 - 2014-08-28 15:19 - 24743106 _____ () C:\Users\Christian\Downloads\vlc-2.1.5-win32.exe
2014-08-27 11:42 - 2014-08-27 11:42 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-08-27 11:42 - 2013-11-09 12:10 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-08-27 11:42 - 2012-12-24 16:39 - 00003234 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-08-27 11:42 - 2012-12-24 16:38 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64
2014-08-27 00:03 - 2013-06-16 17:12 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2014-08-26 19:43 - 2013-08-31 14:20 - 00000000 ___RD () C:\Users\Christian\Dropbox
2014-08-26 19:38 - 2014-08-26 19:38 - 00363041 _____ () C:\Users\Christian\Documents\Deckblatt_ Ausbildung_Sowi.pptx
2014-08-26 19:30 - 2013-08-31 14:18 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-26 19:30 - 2013-08-31 14:17 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\Dropbox
2014-08-25 18:36 - 2014-08-25 18:36 - 00000000 ____D () C:\Users\Christian\Documents\Respawn
2014-08-25 18:35 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-25 15:52 - 2013-01-07 21:01 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\Audacity
2014-08-25 15:37 - 2014-06-02 22:14 - 00000023 _____ () C:\Users\Christian\Desktop\DJ Name.txt
2014-08-25 03:47 - 2014-08-25 03:47 - 00001202 _____ () C:\Users\Public\Desktop\Battlefield 4.lnk
2014-08-25 03:47 - 2013-11-06 18:53 - 00001178 _____ () C:\Users\Public\Desktop\Battlefield 4(64 bit).lnk
2014-08-24 21:40 - 2014-08-24 21:40 - 00000000 ____D () C:\Users\Christian\Documents\My Cheat Tables
2014-08-24 21:38 - 2014-08-24 21:36 - 09052192 _____ (Cheat Engine ) C:\Users\Christian\Downloads\CheatEngine64.exe
2014-08-24 20:33 - 2014-08-24 20:32 - 00000058 _____ () C:\Users\Christian\Desktop\Youtube Account.txt
2014-08-24 20:20 - 2014-08-22 20:02 - 00000000 ____D () C:\Users\Christian\AppData\Local\Adobe
2014-08-24 18:33 - 2012-12-25 00:37 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-08-24 16:05 - 2013-11-18 19:15 - 00093696 ___SH () C:\Users\Christian\Thumbs.db
2014-08-24 14:57 - 2012-12-27 21:01 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-08-24 14:17 - 2013-07-30 00:13 - 00184168 _____ () C:\Users\Christian\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-24 14:03 - 2013-10-22 19:12 - 00000000 ____D () C:\Users\Christian\Documents\Scan
2014-08-24 11:49 - 2013-01-13 22:54 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-08-24 11:27 - 2014-08-24 11:27 - 00000000 ____D () C:\Users\Christian\Desktop\Bewerbung
2014-08-23 04:07 - 2014-08-29 01:16 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-29 01:16 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-29 01:16 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 19:35 - 2013-04-19 18:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

Some content of TEMP:
====================
C:\Users\Christian\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-19 16:50

==================== End Of Log ============================

--- --- ---

--- --- ---

schrauber · 22.09.2014, 07:54

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

chrissi32123 · 23.09.2014, 19:25

ESSETlog

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=abb1b86050243549b4e99914d2150c72
# engine=20262
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-09-23 05:02:31
# local_time=2014-09-23 07:02:31 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Norton Internet Security'
# compatibility_mode=3597 16777213 100 100 700789 174088336 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 37922507 163121601 0 0
# scanned=406168
# found=2
# cleaned=0
# scan_time=11035
sh=B39F759D6E88D7A5EDEC91218F16A4A598580D96 ft=1 fh=41f20f0360c70ec7 vn="Variante von MSIL/Spy.Agent.JG Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Christian\Favorites\keylogger.exe.vir"
sh=80C4EF1A890F33191E6E01290D2FD7BDB03D54AB ft=0 fh=0000000000000000 vn="MSIL/HackTool.Inject.A Trojaner" ac=I fn="D:\WinMX\Programme\BF3 Aimbot.rar"

Checkup.txt

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.87  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Norton Internet Security   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Secunia PSI (3.0.0.6001)   
 TuneUp Utilities 2013   
 TuneUp Utilities Language Pack (de-DE) 
 Java 7 Update 55  
 Java version out of Date! 
 Adobe Flash Player 15.0.0.152  
 Adobe Reader XI  
 Mozilla Firefox (31.0) 
 Google Chrome 37.0.2062.103  
 Google Chrome 37.0.2062.120  
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

FRST Logfile

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-09-2014
Ran by Christian (administrator) on CHRISTIANS-PC on 23-09-2014 20:17:46
Running from C:\Users\Christian\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Hercules®) C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\System Control Manager\MSIService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\nis.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\nis.exe
(ITE Tech. Inc.) C:\Windows\System32\IRMonitor.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
(Hercules®) C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2598696 2012-02-29] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-12-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [123400 2009-01-21] (Logitech Inc.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [456704 2012-02-20] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [507744 2011-12-21] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [MGSysCtrl] => C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe [2482176 2011-06-29] (Micro-Star International Co., Ltd.)
HKLM-x32\...\Run: [Hercules DJ Series] => C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe [3399240 2011-12-29] (Hercules®)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs:  C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs: , C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32:  C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=20.3.1.22
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchURL = hxxp://home.microsoft.com/access/autosearch.asp?p=%s
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.73.254

FireFox:
========
FF ProfilePath: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\zbih5gha.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll No File
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Scriptish - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\zbih5gha.default\Extensions\scriptish@erikvold.com.xpi [2013-04-19]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn [2014-09-23]

Chrome: 
=======
CHR Profile: C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-08-27]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (AdBlock) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-27]
CHR Extension: (Ghostery) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-08-27]
CHR Extension: (Google Wallet) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 HerculesDJControlMP3; C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [18944 2011-12-01] (Hercules®) [File not signed]
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-10] (Nero AG)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [162648 2012-03-15] (Intel Corporation)
R2 Micro Star SCM; C:\Program Files (x86)\System Control Manager\MSIService.exe [160768 2009-07-10] (Micro-Star International Co., Ltd.) [File not signed]
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\NIS.exe [276376 2014-07-31] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-08-19] ()
R2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [492032 2012-02-23] () [File not signed]
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [239616 2012-09-18] (Samsung Electronics Co., Ltd.) [File not signed]
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1225312 2012-11-26] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [659040 2012-11-26] (Secunia)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2412344 2014-01-28] (TuneUp Software)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [75880 2012-02-23] (Bigfoot Networks, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140912.003\BHDrvx64.sys [1586904 2014-09-13] (Symantec Corporation)
S3 Bulk; C:\Windows\System32\Drivers\HDJBulk.sys [229200 2011-12-27] (© Guillemot R&D, 2010. All rights reserved.)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1505000.013\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-14] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-14] (Symantec Corporation)
S3 HDJAsioK; C:\Windows\System32\Drivers\HDJAsioK.sys [297808 2011-12-27] (© Guillemot R&D, 2010. All rights reserved.)
S3 HDJMidi; C:\Windows\System32\DRIVERS\HDJMidi.sys [251728 2011-12-27] (© Guillemot R&D, 2011. All rights reserved.)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140922.001\IDSvia64.sys [633560 2014-08-27] (Symantec Corporation)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [165504 2013-01-29] (ITE                      )
R3 L1C; C:\Windows\System32\DRIVERS\e22w7x64.sys [159848 2012-02-23] (Qualcomm Atheros, Inc.)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140922.033\ENG64.SYS [129752 2014-09-18] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140922.033\EX64.SYS [2137304 2014-09-18] (Symantec Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1505000.013\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1505000.013\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1505000.013\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1505000.013\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-09] (Symantec Corporation)
R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [78936 2013-09-10] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1505000.013\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1505000.013\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-10-16] (Anchorfree Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-07-19] (TuneUp Software)
R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102664 2014-01-23] ()
R1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25992 2014-01-23] ()
R1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [700680 2014-01-23] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S2 iPodDrv; \??\C:\Windows\system32\drivers\iPodDrv.sys [X]
S4 nvkflt; system32\DRIVERS\nvkflt.sys [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-23 20:17 - 2014-09-23 20:17 - 00025819 _____ () C:\Users\Christian\Downloads\FRST.txt
2014-09-23 20:17 - 2014-09-23 20:17 - 00000953 _____ () C:\Users\Christian\Desktop\checkup.txt
2014-09-23 20:17 - 2014-09-23 20:17 - 00000000 ____D () C:\Users\Christian\Downloads\FRST-OlderVersion
2014-09-22 22:54 - 2014-09-09 12:31 - 00000000 ____D () C:\Users\Christian\Desktop\German TOP 100 Single Charts 15.09.2014
2014-09-22 20:50 - 2014-09-22 20:50 - 00854417 _____ () C:\Users\Christian\Desktop\SecurityCheck.exe
2014-09-21 13:32 - 2014-09-21 13:32 - 00064373 _____ () C:\Users\Christian\Downloads\X-RayMod_v038.zip
2014-09-21 13:05 - 2014-09-21 13:05 - 00000000 ____D () C:\Users\Christian\Desktop\FRST Alt
2014-09-21 12:59 - 2014-09-21 12:59 - 00002836 _____ () C:\Users\Christian\Desktop\JRT.txt
2014-09-21 12:46 - 2014-09-21 12:46 - 00000000 ____D () C:\Windows\ERUNT
2014-09-21 12:33 - 2014-09-21 12:36 - 00000000 ____D () C:\AdwCleaner
2014-09-21 12:29 - 2014-09-21 12:29 - 00003563 _____ () C:\Users\Christian\Desktop\mbam.txt
2014-09-21 12:06 - 2014-09-21 12:06 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-21 12:05 - 2014-09-21 12:05 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-21 12:05 - 2014-09-21 12:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-21 12:05 - 2014-09-21 12:05 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-21 12:05 - 2014-09-21 12:05 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-21 12:05 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-21 12:05 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-21 12:05 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-21 12:01 - 2014-09-21 12:02 - 01027006 _____ (Thisisu) C:\Users\Christian\Desktop\JRT.exe
2014-09-21 12:01 - 2014-09-21 12:01 - 01373475 _____ () C:\Users\Christian\Desktop\AdwCleaner_3.310.exe
2014-09-21 12:00 - 2014-09-21 12:02 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Christian\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-21 00:31 - 2014-09-21 00:35 - 00000000 ____D () C:\Program Files (x86)\WinMX
2014-09-21 00:31 - 2014-09-21 00:31 - 00000913 _____ () C:\Users\Public\Desktop\WinMX.lnk
2014-09-21 00:31 - 2014-09-21 00:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinMX
2014-09-20 17:17 - 2014-09-20 17:17 - 00038882 _____ () C:\ComboFix.txt
2014-09-20 10:43 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-09-20 10:43 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-09-20 10:43 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-09-20 10:43 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-09-20 10:43 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-09-20 10:43 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-09-20 10:43 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-09-20 10:41 - 2014-09-20 17:17 - 00000000 ____D () C:\Qoobox
2014-09-20 10:41 - 2014-09-20 10:55 - 00000000 ____D () C:\Windows\erdnt
2014-09-20 10:35 - 2014-09-20 10:35 - 05578824 ____R (Swearware) C:\Users\Christian\Desktop\ComboFix.exe
2014-09-19 14:08 - 2014-09-19 14:08 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Christian\Desktop\tdsskiller.exe
2014-09-16 19:34 - 2014-09-16 19:35 - 00291088 _____ () C:\Windows\Minidump\091614-81385-01.dmp
2014-09-16 17:00 - 2014-09-23 20:17 - 00000000 ____D () C:\FRST
2014-09-16 16:59 - 2014-09-23 20:17 - 02106368 _____ (Farbar) C:\Users\Christian\Downloads\FRST64.exe
2014-09-16 16:51 - 2014-09-16 16:51 - 00347816 _____ (Microsoft Corporation) C:\Users\Christian\Downloads\MicrosoftFixit.maintenance.FISC.1334309823228445.1.1.Run.exe
2014-09-15 17:58 - 2014-09-15 18:07 - 00000000 ____D () C:\Users\Christian\Desktop\FTB
2014-09-15 17:57 - 2014-09-15 17:59 - 00000000 ____D () C:\Users\Christian\AppData\Local\ftblauncher
2014-09-15 17:57 - 2014-09-15 17:58 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\ftblauncher
2014-09-15 17:56 - 2014-09-15 17:56 - 04980105 _____ () C:\Users\Christian\Desktop\launcher^FTB_Launcher.exe
2014-09-14 23:24 - 2014-09-14 23:26 - 00000000 ____D () C:\NPE
2014-09-14 23:21 - 2014-09-14 23:44 - 00000000 ____D () C:\Users\Christian\AppData\Local\NPE
2014-09-14 18:13 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-14 18:13 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-14 18:13 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-14 18:13 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-14 18:13 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-14 18:13 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-14 18:13 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-14 18:13 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-14 18:13 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-14 18:13 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-14 18:13 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-14 18:13 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-14 18:13 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-14 18:13 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-14 18:13 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-14 18:13 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-14 18:13 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-14 18:13 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-14 18:13 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-14 18:13 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-14 18:13 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-14 18:13 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-14 18:13 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-14 18:13 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-14 18:13 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-14 18:13 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-14 18:13 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-14 18:13 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-14 18:13 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-14 18:13 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-14 18:13 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-14 18:13 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-14 18:13 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-14 18:13 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-14 18:13 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-14 18:13 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-14 18:13 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-14 18:13 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-14 18:13 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-14 18:13 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-14 18:13 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-14 18:13 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-14 18:13 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-14 18:13 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-14 18:13 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-14 18:13 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-14 18:13 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-14 18:13 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-14 18:13 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-14 18:13 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-14 18:13 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-14 18:13 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-14 18:13 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-14 18:13 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-14 18:13 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-14 18:13 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-14 17:59 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-14 17:59 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-14 17:57 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-14 17:57 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-14 17:57 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-14 17:57 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-14 17:56 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-14 17:56 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-14 17:56 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-14 17:56 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-14 17:56 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-14 17:56 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-14 17:56 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-05 21:04 - 2014-09-05 21:04 - 00000000 ____D () C:\Users\Christian\Desktop\08 - 2014 - German TOP100 Single Charts 18.08.2014
2014-09-04 23:07 - 2014-09-04 23:07 - 00001015 _____ () C:\Users\Public\Desktop\mHotspot.lnk
2014-09-04 23:07 - 2014-09-04 23:07 - 00000000 ____D () C:\Users\Christian\AppData\Local\1BN_(www.1bn.in)
2014-09-04 23:07 - 2014-09-04 23:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mHotspot
2014-09-04 23:07 - 2014-09-04 23:07 - 00000000 ____D () C:\Program Files (x86)\mHotspot
2014-09-04 23:05 - 2014-09-04 23:05 - 00832581 _____ (1BN Software Pvt. Ltd. ) C:\Users\Christian\Downloads\mHotspot_setup_7.6.0.0.exe
2014-09-04 20:48 - 2014-09-04 20:48 - 00000000 ____D () C:\Users\Christian\AppData\Local\mHotspot_Inc
2014-08-29 01:16 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-29 01:16 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-29 01:16 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-28 22:47 - 2014-08-28 22:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IVONA
2014-08-28 22:47 - 2014-08-28 22:47 - 00000000 ____D () C:\Program Files (x86)\IVONA
2014-08-28 22:34 - 2014-08-28 22:34 - 00184573 _____ () C:\Users\Christian\Documents\Unbenannt.wma
2014-08-28 18:34 - 2014-08-28 18:34 - 00000965 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Speech Recognition Macros.lnk
2014-08-28 15:24 - 2014-09-05 20:58 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\vlc
2014-08-28 15:23 - 2014-08-28 15:23 - 00001074 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-28 15:23 - 2014-08-28 15:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-08-28 15:19 - 2014-08-28 15:21 - 24743106 _____ () C:\Users\Christian\Downloads\vlc-2.1.5-win32.exe
2014-08-27 11:42 - 2014-08-27 11:42 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-08-26 19:38 - 2014-08-26 19:38 - 00363041 _____ () C:\Users\Christian\Documents\Deckblatt_ Ausbildung_Sowi.pptx
2014-08-25 18:36 - 2014-08-25 18:36 - 00000000 ____D () C:\Users\Christian\Documents\Respawn
2014-08-25 18:35 - 2014-09-05 21:49 - 00001186 _____ () C:\Users\Public\Desktop\Titanfall.lnk
2014-08-25 03:47 - 2014-08-25 03:47 - 00001202 _____ () C:\Users\Public\Desktop\Battlefield 4.lnk
2014-08-24 21:40 - 2014-08-24 21:40 - 00000000 ____D () C:\Users\Christian\Documents\My Cheat Tables
2014-08-24 21:36 - 2014-08-24 21:38 - 09052192 _____ (Cheat Engine ) C:\Users\Christian\Downloads\CheatEngine64.exe
2014-08-24 20:32 - 2014-08-24 20:33 - 00000058 _____ () C:\Users\Christian\Desktop\Youtube Account.txt
2014-08-24 11:27 - 2014-08-24 11:27 - 00000000 ____D () C:\Users\Christian\Desktop\Bewerbung

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-23 20:18 - 2014-09-23 20:17 - 00025819 _____ () C:\Users\Christian\Downloads\FRST.txt
2014-09-23 20:17 - 2014-09-23 20:17 - 00000953 _____ () C:\Users\Christian\Desktop\checkup.txt
2014-09-23 20:17 - 2014-09-23 20:17 - 00000000 ____D () C:\Users\Christian\Downloads\FRST-OlderVersion
2014-09-23 20:17 - 2014-09-16 17:00 - 00000000 ____D () C:\FRST
2014-09-23 20:17 - 2014-09-16 16:59 - 02106368 _____ (Farbar) C:\Users\Christian\Downloads\FRST64.exe
2014-09-23 20:13 - 2009-07-14 06:45 - 00024800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-23 20:13 - 2009-07-14 06:45 - 00024800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-23 20:12 - 2013-06-08 21:01 - 01061720 _____ () C:\Windows\WindowsUpdate.log
2014-09-23 20:09 - 2012-12-24 16:20 - 00000000 ____D () C:\Users\Christian\Documents\Youcam
2014-09-23 20:06 - 2013-12-24 23:09 - 00000000 ____D () C:\Users\Christian\AppData\Local\HTC MediaHub
2014-09-23 20:05 - 2014-04-04 16:56 - 00046473 _____ () C:\Windows\setupact.log
2014-09-23 20:05 - 2013-01-29 15:13 - 00000098 _____ () C:\monitor.log
2014-09-23 20:05 - 2012-12-24 16:16 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-23 20:05 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-23 20:05 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-23 19:48 - 2012-12-24 22:01 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-23 19:27 - 2012-12-24 16:16 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-23 15:55 - 2011-05-16 16:04 - 00769402 _____ () C:\Windows\system32\perfh007.dat
2014-09-23 15:55 - 2011-05-16 16:04 - 00176100 _____ () C:\Windows\system32\perfc007.dat
2014-09-23 15:55 - 2009-07-14 07:13 - 01816170 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-22 20:50 - 2014-09-22 20:50 - 00854417 _____ () C:\Users\Christian\Desktop\SecurityCheck.exe
2014-09-22 20:48 - 2012-12-24 17:11 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\Skype
2014-09-22 20:44 - 2013-03-29 22:40 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\.minecraft
2014-09-21 19:04 - 2013-03-04 22:13 - 00000000 ____D () C:\Users\Christian\Documents\Outlook-Dateien
2014-09-21 13:32 - 2014-09-21 13:32 - 00064373 _____ () C:\Users\Christian\Downloads\X-RayMod_v038.zip
2014-09-21 13:05 - 2014-09-21 13:05 - 00000000 ____D () C:\Users\Christian\Desktop\FRST Alt
2014-09-21 12:59 - 2014-09-21 12:59 - 00002836 _____ () C:\Users\Christian\Desktop\JRT.txt
2014-09-21 12:46 - 2014-09-21 12:46 - 00000000 ____D () C:\Windows\ERUNT
2014-09-21 12:38 - 2014-04-04 16:55 - 00108438 _____ () C:\Windows\PFRO.log
2014-09-21 12:36 - 2014-09-21 12:33 - 00000000 ____D () C:\AdwCleaner
2014-09-21 12:29 - 2014-09-21 12:29 - 00003563 _____ () C:\Users\Christian\Desktop\mbam.txt
2014-09-21 12:06 - 2014-09-21 12:06 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-21 12:05 - 2014-09-21 12:05 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-21 12:05 - 2014-09-21 12:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-21 12:05 - 2014-09-21 12:05 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-21 12:05 - 2014-09-21 12:05 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-21 12:02 - 2014-09-21 12:01 - 01027006 _____ (Thisisu) C:\Users\Christian\Desktop\JRT.exe
2014-09-21 12:02 - 2014-09-21 12:00 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Christian\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-21 12:01 - 2014-09-21 12:01 - 01373475 _____ () C:\Users\Christian\Desktop\AdwCleaner_3.310.exe
2014-09-21 00:35 - 2014-09-21 00:31 - 00000000 ____D () C:\Program Files (x86)\WinMX
2014-09-21 00:31 - 2014-09-21 00:31 - 00000913 _____ () C:\Users\Public\Desktop\WinMX.lnk
2014-09-21 00:31 - 2014-09-21 00:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinMX
2014-09-20 23:52 - 2013-01-08 18:56 - 01836580 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-20 23:50 - 2013-02-27 19:30 - 00000000 ____D () C:\Users\Christian\AppData\Local\CrashDumps
2014-09-20 17:17 - 2014-09-20 17:17 - 00038882 _____ () C:\ComboFix.txt
2014-09-20 17:17 - 2014-09-20 10:41 - 00000000 ____D () C:\Qoobox
2014-09-20 17:16 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-09-20 10:57 - 2014-04-22 20:59 - 00000000 ____D () C:\Users\dub_cm_auto
2014-09-20 10:57 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-09-20 10:55 - 2014-09-20 10:41 - 00000000 ____D () C:\Windows\erdnt
2014-09-20 10:53 - 2012-12-24 16:19 - 00000000 ____D () C:\Users\Christian
2014-09-20 10:35 - 2014-09-20 10:35 - 05578824 ____R (Swearware) C:\Users\Christian\Desktop\ComboFix.exe
2014-09-19 16:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-19 14:08 - 2014-09-19 14:08 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Christian\Desktop\tdsskiller.exe
2014-09-18 23:21 - 2012-12-27 20:57 - 00000000 ____D () C:\ProgramData\Origin
2014-09-18 16:03 - 2012-12-27 20:57 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-17 20:21 - 2013-10-22 18:34 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-09-16 19:35 - 2014-09-16 19:34 - 00291088 _____ () C:\Windows\Minidump\091614-81385-01.dmp
2014-09-16 19:34 - 2013-05-23 15:37 - 00000000 ____D () C:\Windows\Minidump
2014-09-16 16:51 - 2014-09-16 16:51 - 00347816 _____ (Microsoft Corporation) C:\Users\Christian\Downloads\MicrosoftFixit.maintenance.FISC.1334309823228445.1.1.Run.exe
2014-09-15 18:07 - 2014-09-15 17:58 - 00000000 ____D () C:\Users\Christian\Desktop\FTB
2014-09-15 17:59 - 2014-09-15 17:57 - 00000000 ____D () C:\Users\Christian\AppData\Local\ftblauncher
2014-09-15 17:58 - 2014-09-15 17:57 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\ftblauncher
2014-09-15 17:56 - 2014-09-15 17:56 - 04980105 _____ () C:\Users\Christian\Desktop\launcher^FTB_Launcher.exe
2014-09-14 23:44 - 2014-09-14 23:21 - 00000000 ____D () C:\Users\Christian\AppData\Local\NPE
2014-09-14 23:26 - 2014-09-14 23:24 - 00000000 ____D () C:\NPE
2014-09-14 23:22 - 2012-12-24 16:38 - 00000000 ____D () C:\ProgramData\Norton
2014-09-14 18:49 - 2012-12-24 22:01 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-14 18:49 - 2012-12-24 22:01 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-14 18:49 - 2011-12-01 23:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-14 18:48 - 2013-02-09 18:49 - 10036224 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-09-14 18:12 - 2012-12-24 19:49 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-14 18:09 - 2013-07-14 20:20 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-14 18:00 - 2011-07-18 22:31 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-14 17:59 - 2014-05-01 15:25 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-14 17:46 - 2013-01-27 19:35 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\TS3Client
2014-09-14 17:44 - 2013-01-27 19:34 - 00000000 ____D () C:\Users\Christian\AppData\Local\TeamSpeak 3 Client
2014-09-09 12:31 - 2014-09-22 22:54 - 00000000 ____D () C:\Users\Christian\Desktop\German TOP 100 Single Charts 15.09.2014
2014-09-05 21:49 - 2014-08-25 18:35 - 00001186 _____ () C:\Users\Public\Desktop\Titanfall.lnk
2014-09-05 21:48 - 2014-05-23 14:40 - 00092897 _____ () C:\Windows\DirectX.log
2014-09-05 21:17 - 2013-11-28 22:03 - 00000520 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-09-05 21:04 - 2014-09-05 21:04 - 00000000 ____D () C:\Users\Christian\Desktop\08 - 2014 - German TOP100 Single Charts 18.08.2014
2014-09-05 20:58 - 2014-08-28 15:24 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\vlc
2014-09-05 04:10 - 2014-09-14 17:57 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 04:05 - 2014-09-14 17:57 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-04 23:07 - 2014-09-04 23:07 - 00001015 _____ () C:\Users\Public\Desktop\mHotspot.lnk
2014-09-04 23:07 - 2014-09-04 23:07 - 00000000 ____D () C:\Users\Christian\AppData\Local\1BN_(www.1bn.in)
2014-09-04 23:07 - 2014-09-04 23:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mHotspot
2014-09-04 23:07 - 2014-09-04 23:07 - 00000000 ____D () C:\Program Files (x86)\mHotspot
2014-09-04 23:05 - 2014-09-04 23:05 - 00832581 _____ (1BN Software Pvt. Ltd. ) C:\Users\Christian\Downloads\mHotspot_setup_7.6.0.0.exe
2014-09-04 23:04 - 2013-11-28 22:52 - 00000000 ____D () C:\Program Files (x86)\Virtual Router
2014-09-04 20:48 - 2014-09-04 20:48 - 00000000 ____D () C:\Users\Christian\AppData\Local\mHotspot_Inc
2014-09-04 18:50 - 2012-12-24 19:59 - 00000000 ___RD () C:\Users\Christian\Desktop\Nicht benutzte Desktop Symbole
2014-08-30 15:59 - 2013-12-16 22:27 - 00000000 ____D () C:\Users\Christian\Documents\Speech Macros
2014-08-29 03:20 - 2013-07-30 12:16 - 05260432 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-28 22:47 - 2014-08-28 22:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IVONA
2014-08-28 22:47 - 2014-08-28 22:47 - 00000000 ____D () C:\Program Files (x86)\IVONA
2014-08-28 22:34 - 2014-08-28 22:34 - 00184573 _____ () C:\Users\Christian\Documents\Unbenannt.wma
2014-08-28 18:56 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-08-28 18:34 - 2014-08-28 18:34 - 00000965 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Speech Recognition Macros.lnk
2014-08-28 18:34 - 2013-12-16 22:27 - 00000000 ____D () C:\Program Files (x86)\WSRMacros
2014-08-28 18:27 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-28 15:23 - 2014-08-28 15:23 - 00001074 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-28 15:23 - 2014-08-28 15:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-08-28 15:22 - 2013-07-02 11:42 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-28 15:21 - 2014-08-28 15:19 - 24743106 _____ () C:\Users\Christian\Downloads\vlc-2.1.5-win32.exe
2014-08-27 11:42 - 2014-08-27 11:42 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-08-27 11:42 - 2013-11-09 12:10 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-08-27 11:42 - 2012-12-24 16:39 - 00003234 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-08-27 11:42 - 2012-12-24 16:38 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64
2014-08-27 00:03 - 2013-06-16 17:12 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2014-08-26 19:43 - 2013-08-31 14:20 - 00000000 ___RD () C:\Users\Christian\Dropbox
2014-08-26 19:38 - 2014-08-26 19:38 - 00363041 _____ () C:\Users\Christian\Documents\Deckblatt_ Ausbildung_Sowi.pptx
2014-08-26 19:30 - 2013-08-31 14:18 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-26 19:30 - 2013-08-31 14:17 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\Dropbox
2014-08-25 18:36 - 2014-08-25 18:36 - 00000000 ____D () C:\Users\Christian\Documents\Respawn
2014-08-25 18:35 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-25 15:52 - 2013-01-07 21:01 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\Audacity
2014-08-25 15:37 - 2014-06-02 22:14 - 00000023 _____ () C:\Users\Christian\Desktop\DJ Name.txt
2014-08-25 03:47 - 2014-08-25 03:47 - 00001202 _____ () C:\Users\Public\Desktop\Battlefield 4.lnk
2014-08-25 03:47 - 2013-11-06 18:53 - 00001178 _____ () C:\Users\Public\Desktop\Battlefield 4(64 bit).lnk
2014-08-24 21:40 - 2014-08-24 21:40 - 00000000 ____D () C:\Users\Christian\Documents\My Cheat Tables
2014-08-24 21:38 - 2014-08-24 21:36 - 09052192 _____ (Cheat Engine ) C:\Users\Christian\Downloads\CheatEngine64.exe
2014-08-24 20:33 - 2014-08-24 20:32 - 00000058 _____ () C:\Users\Christian\Desktop\Youtube Account.txt
2014-08-24 20:20 - 2014-08-22 20:02 - 00000000 ____D () C:\Users\Christian\AppData\Local\Adobe
2014-08-24 18:33 - 2012-12-25 00:37 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-08-24 16:05 - 2013-11-18 19:15 - 00093696 ___SH () C:\Users\Christian\Thumbs.db
2014-08-24 14:57 - 2012-12-27 21:01 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-08-24 14:17 - 2013-07-30 00:13 - 00184168 _____ () C:\Users\Christian\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-24 14:03 - 2013-10-22 19:12 - 00000000 ____D () C:\Users\Christian\Documents\Scan
2014-08-24 11:49 - 2013-01-13 22:54 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-08-24 11:27 - 2014-08-24 11:27 - 00000000 ____D () C:\Users\Christian\Desktop\Bewerbung

Some content of TEMP:
====================
C:\Users\Christian\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-19 16:50

==================== End Of Log ============================

--- --- ---

--- --- ---

Habe keine weiteren Probleme bemerkt

schrauber · 24.09.2014, 11:18

Zitat:

D:\WinMX\Programme\BF3 Aimbot.rar

Fail

Java updaten.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Fertig

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

chrissi32123 · 24.09.2014, 14:18

Fixlog.txt :

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-09-2014
Ran by Christian at 2014-09-24 14:54:57 Run:1
Running from C:\Users\Christian\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
         
*****************

"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.

==== End of Fixlog ====

Vielen Danke für deine Hilfe, ich habe die Letzten schritte durchgeführt und hoffe auf eine lange Virenfreie Zeit es wäre cool wenn du mir noch ein Programm Empfehlen könntest mit dem ich meine Daten auf einer Festplatte sichern kann und zur not den Computer auf diese Stelle zurücksetzen kann.

für deine Mühe und die damit verbrachte Zeit.