MS Windows 7 (64-bit SP1): Computerabstürze und Beschädigung der Windows-Firewall

Keksklauer · 05.11.2014, 19:14

Liebe Community,

ich bin alles andere als ein Fachmann und freue ich mich deshalb umso mehr, dass es eine Community wie Euch gibt. Danke für jegliche Mühe und Zeit im Voraus!

Ich habe nun schon seit mehreren Wochen vergeblich versucht, mein Computer wieder fit zu bekommen. Allerdings weiß ich auch gar nicht, ob er überhaupt noch so einfach zu retten ist.

Angefangen hat alles mit häufigen Computerabstürzen und auffällig niedriger Computerleistung, sodass ich meinen Computer schließlich in "Reparatur" gab. Dort hieß es, dass mein Computer mit zahlreichen Viren befallen war. Ich musste für die Reinigung ein Haufen Geld bezahlen, was allerdings das Problem nicht wirklich löste. Die Computerabstürze waren - wenn auch nicht mehr so häufig - noch da.

Mir ist zudem aufgefallen, dass sich die Microsoft-Firewall nicht mehr aktivieren lässt (Fehlercode: 0x80070424). Ich habe es aber nicht hinbekommen, das Problem zu lösen. Ich bin nun die letzten Wochen damit beschäftigt gewesen, mit mehreren Antiviren-Programmen (Avira & Panda Free Antivirus), Anti-Malware (SpyBot & AdwCleaner) und sogar mit "www.bitdefender.de" über mein System zu gehen. Die Suche blieb erfolglos.

Ich denke, dass mein System einfach ruiniert ist, auch wenn ich das natürlich nicht hoffe. Ich hoffe, dass Ihr mir noch helfen könnt. Ich weiß Eure Mühe sehr zu schätzen.

Viele Grüße!

Ps.: Es tut mir leid, dass ich die "Gmer.txt"-Datei hochladen musste, der Platz reichte nicht. Ansonsten hoffe ich natürlich, dass die Files auswertbar sind. Ich habe wirklich keine Ahnung davon, bin aber natürlich bereit mich zu engagieren.

--------------

"defogger_disable.log"

Code:

ATTFilter

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 17:43 on 05/11/2014 (User)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

"Addition.txt"

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-11-2014
Ran by User at 2014-11-05 17:46:34
Running from C:\Users\User\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
A Game of Thrones - Genesis (HKLM-x32\...\Steam App 58550) (Version:  - Cyanide)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.0.19530 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 1.4.0 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe InDesign CS5.5 (HKLM-x32\...\{857CC5F0-040E-1016-A173-D55ADD80C260}) (Version: 7.5 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
Adobe Photoshop Elements 7.0 (HKLM-x32\...\Adobe Photoshop Elements 7) (Version: 7.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
aerosoft's - Antalya X (HKLM-x32\...\{E6E332E8-9BFA-48CC-B03C-F181C1F06DC0}) (Version: 1.02 - aerosoft)
aerosoft's - Approaching Innsbruck X (HKLM-x32\...\{70864384-DD19-44CB-A999-A917F32F623D}) (Version: 1.10 - aerosoft)
aerosoft's - German Airports 1 - Stuttgart (HKLM-x32\...\{D1D50FD9-9867-4139-858E-0C0448CECBA9}) (Version: 1.02 - aerosoft)
aerosoft's - Mega Airport Frankfurt X (HKLM-x32\...\{BAEE0C24-C8C2-4820-9DF4-887909F1A286}) (Version: 1.01 - aerosoft)
Aerosoft's - MyTraffic 2010 (HKLM-x32\...\{37F50C53-EDED-4FFE-9877-532A335C5C18}) (Version: 6.01 - Aerosoft)
Aerosoft's - VFR Germany 3 (HKLM-x32\...\{61C6337D-EDF5-43F0-9E50-541A389070BD}) (Version: 1.01 - Aerosoft)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ARMA 2 Operation Arrowhead Uninstall (HKLM-x32\...\ARMA 2 Operation Arrowhead) (Version:  - )
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version:  - )
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version:  - AVM Berlin)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version:  - AVM Berlin)
Bamboo (HKLM\...\Pen Tablet Driver) (Version: 5.2.4-5 - Wacom Technology Corp.)
Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 3.9 - Wacom Co., Ltd.)
Bamboo Dock (x32 Version: 3.9.0 - Wacom Europe GmbH) Hidden
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.0.0.1 - Electronic Arts)
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BullGuard Backup (HKLM\...\BullGuard) (Version: 10 - BullGuard Ltd.)
Camtasia Studio 7 (HKLM-x32\...\{DE042823-C359-4B87-B66B-308057E8B6AF}) (Version: 7.0.1 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.22 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
Duden Home (HKLM-x32\...\{288A423E-D6CA-47C3-B480-D1203EB08949}) (Version: 10.1.0 - Bibliographisches Institut GmbH)
EA SPORTS Game Face Browser Plugin 1.8.0.0 (HKCU\...\EA SPORTS Game Face Browser Plugin) (Version: 1.8.0.0 - Electronic Arts)
Emergency 2 (HKLM-x32\...\{874F0C23-7CA8-4639-9D77-E032E272A3FD}) (Version: 2.00.000 - )
Eraser 6.0.10.2620 (HKLM\...\{6E5159B4-A519-41EF-80EF-AD58371515DF}) (Version: 6.0.2620 - The Eraser Project)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
FDC Accumulative Update (3.13) (HKLM-x32\...\FDC Accumulative Update (3.13)) (Version:  - )
FDC Live Cockpit 2011 (HKLM-x32\...\{56C595BA-E2EC-4319-863B-3D8787D49FBF}) (Version: 3.14.0 - aerosoft)
FILEminimizer Pictures (HKLM-x32\...\FILEminimizer Pictures_is1) (Version:  - balesio AG)
FILSHtray (HKLM-x32\...\{5928359F-BF46-4646-BF19-B64E55171EB5}) (Version: 0.12 - FILSH Media GmbH)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)
FlyTampa's - Mega Airport Vienna X - FSX (HKLM-x32\...\{400BAAA2-F9AC-469F-9772-8DF9CF5C1273}) (Version: 1.00 - FlyTampa)
Formelrechner (HKLM-x32\...\{69F0CEA4-43E2-4CBB-92DF-41860A40A631}) (Version: 1.00.0000 - Cornelsen Verlag)
FSacars (HKLM-x32\...\{FFC78FC9-2FE6-4648-BFEB-446C61C2D61E}) (Version: 4.0 - Jose Oliveira/FSacars team)
FUSSBALL MANAGER 12 (HKLM-x32\...\FUSSBALL MANAGER 12) (Version: 1.0.0.3 - Electronic Arts)
G DATA Logox 4 Speechengine (HKLM-x32\...\lgx4.lgx.server) (Version:  - G DATA Software AG)
G DATA WebSpeech 4 (HKLM-x32\...\ws4.webspeech) (Version:  - G DATA Software AG)
GameShadow (HKLM-x32\...\{5A2F371F-8B5D-46B4-833C-0612B065BEC7}) (Version: 2.02.0000 - GameShadow Ltd)
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Google Chrome (HKCU\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk (remove only) (HKCU\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Google+ Auto Backup (HKCU\...\Google+ Auto Backup) (Version: 1.0.26.151 - Google, Inc.)
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
grafstat4 (HKLM-x32\...\{58AEE3E0-8746-11DD-81B6-000AE67E2618}_is1) (Version: 4.295 - DrSoft)
Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Hogrefe TestSystem Player   1.15 (HKLM-x32\...\{64DA6582-1D0E-405C-992F-382FAC9198BD}) (Version: 4.5.1434 - Hogrefe Verlag GmbH & Co. KG Göttingen)
HP Foto und Bildbearbeitung 2.0 - hp psc 1200 series (HKLM-x32\...\HP PSC 1200 Series) (Version:  - )
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.11502 - HP)
HP Photosmart 5510 series - Grundlegende Software für das Gerät (HKLM\...\{AB6268C0-EDA4-46C3-8A1C-11D86A5A8E93}) (Version: 24.0.342.0 - Hewlett-Packard Co.)
HP Photosmart 5510 series Hilfe (HKLM-x32\...\{E02964EA-0E1B-4620-A26E-CBAB0341B1BB}) (Version: 140.0.2.2 - Hewlett Packard)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Speicher-Disc (HKLM-x32\...\{B376402D-58EA-45EA-BD50-DD924EB67A70}) (Version: 1.0.4.805 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
iCloud (HKLM\...\{6096C0CC-7E19-4355-87F0-627EC5AA146D}) (Version: 4.0.3.56 - Apple Inc.)
Indeo® software (HKLM-x32\...\Indeo® software) (Version:  - )
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Internet-TV für Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 2 Runtime Environment, SE v1.4.1 (HKLM-x32\...\{CD0159C9-17FB-11D6-A76A-00B0D079AF64}) (Version:  - )
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java SE Development Kit 7 Update 21 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170210}) (Version: 1.7.0.210 - Oracle)
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
Java(TM) 6 Update 32 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216032FF}) (Version: 6.0.320 - Oracle)
Java-Editor 11.39, 2013.05.18 (HKLM-x32\...\{65FBA21B-7F80-4E4E-B275-0958D2648F94}_is1) (Version:  - Gerhard Röhner)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LibreOffice 4.2.1.1 (HKLM-x32\...\{C83C3B4C-1AFF-4CEA-8078-74E7A3FE8F03}) (Version: 4.2.1.1 - The Document Foundation)
Logitech GamePanel Software 3.05.151 (HKLM\...\{BF9FD124-1112-4C8D-8F79-779A11C6287D}) (Version: 3.05.151 - Logitech Inc.)
MAGIX Fotos auf DVD MX Deluxe Download-Version (HKLM-x32\...\MAGIX_MSI_Fotos_auf_CD_DVD_MX_Dlx) (Version: 11.0.0.61 - MAGIX AG)
MAGIX Fotos auf DVD MX Deluxe Download-Version (x32 Version: 11.0.0.61 - MAGIX AG) Hidden
MAGIX Music Maker 17 (Demosongs) (HKLM-x32\...\{20AE2890-0B3E-4B1C-BC6C-AE79AD448C84}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Music Maker 17 (Soundpaket) (HKLM-x32\...\{3590488B-0095-42D6-9725-A058CAFF9D4A}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Music Maker 17 (Synthesizer und Effekte) (HKLM-x32\...\{F87CDA94-0CDE-4406-AE19-7A54A4EB3048}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Music Maker 17 Download-Version (HKLM-x32\...\MAGIX_MSI_mm17) (Version: 17.0.2.6 - MAGIX AG)
MAGIX Music Maker 17 Download-Version (x32 Version: 17.0.2.6 - MAGIX AG) Hidden
MAGIX Screenshare (HKLM-x32\...\{518AD85A-EBCB-4F26-8A45-86DC5449AC1E}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (MSI) (HKLM-x32\...\{D4ABBDE0-0F0E-40D7-9296-4227F2722B91}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Video deluxe MX Premium (HKLM-x32\...\MAGIX_MSI_Videodeluxe18_premium) (Version: 11.0.1.4 - MAGIX AG)
MAGIX Video deluxe MX Premium (Video Plugins) (HKLM-x32\...\{B8CB4CBE-FD0E-4061-BEE2-24333A28C9CA}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe MX Premium (x32 Version: 11.0.1.4 - MAGIX AG) Hidden
MailStore Home 8.2.0.9316 (HKLM-x32\...\MailStore Home_universal1) (Version: 8.2.0.9316 - MailStore Software GmbH)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Flight Simulator X Service Pack 2 (HKLM-x32\...\{E7CC4B85-DC2F-463F-8FEB-E7398E25C19A}) (Version: 10.0.61472.0 - Microsoft Game Studios)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4659.1001 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Mozilla Thunderbird (5.0) (HKLM-x32\...\Mozilla Thunderbird (5.0)) (Version: 5.0 (de) - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKCU\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NewBlueFX Light Blends (HKLM-x32\...\NewBlueFX Light Blends) (Version: 1.4 - NewBlue)
Nokia Connectivity Cable Driver (HKLM-x32\...\{6FE12C01-2FBC-42E2-AEB9-4CA2238C462F}) (Version: 7.1.101.0 - Nokia)
Nokia Ovi Player (HKLM-x32\...\{A528306A-C5EC-481C-A619-6106334E6800}) (Version: 2.0.1106 - Nokia Ovi Player)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.7.22.0 - Nokia)
Nokia Suite (x32 Version: 3.7.22.0 - Nokia) Hidden
Nokia_Multimedia_Common_Components_2_5 (HKLM-x32\...\{3762698E-E9DF-4DD8-99F1-8192D0F8EE06}) (Version: 2.5.197 - Nokia)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.1.6 - )
NVIDIA 3D Vision Controller-Treiber 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.11 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.11 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.11 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4659.1001 - Microsoft Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.6.4639 - Electronic Arts, Inc.)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
PMDG 747-400/400F for FSX (HKLM-x32\...\{EDCEE320-0FB3-4197-9F86-8C1CCF2278FB}) (Version: 2.10.0000 - Precision Manuals Development Group)
PMDG744X_GE_AC (HKLM-x32\...\{8A3D1E45-8D8C-4FC6-A769-DF1232776190}) (Version: 1.10.0000 - Precision Manuals Development Group)
PMDG744X_GE_AF (HKLM-x32\...\{70D78DCD-8369-4857-BFEF-021C9899DA75}) (Version: 1.10.0000 - Precision Manuals Development Group)
PMDG744X_GE_LH (HKLM-x32\...\{20372FAA-3AF4-4B3D-9B1D-564CDEA5957C}) (Version: 1.00.0000 - Precision Manuals Development Group)
PMDG744X_GE_NH (HKLM-x32\...\{A1D97ADB-EFF4-4F31-B286-873F06AC6496}) (Version: 1.00.0000 - Precision Manuals Development Group)
PMDG744X_PW_UA3 (HKLM-x32\...\{EAB979F7-84A6-47B6-AB39-CA73A6EEAE69}) (Version: 1.00.0000 - Precision Manuals Development Group)
proDAD Vitascene 2.0 (HKLM-x32\...\proDAD-Vitascene-2.0) (Version: 2.0.113 - proDAD GmbH)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\QuickTime) (Version:  - )
Rome - Total War (HKLM-x32\...\{2E97F7E8-ABDE-4E0D-B0AD-B6B4BAD89E24}) (Version: 1.5 - The Creative Assembly)
Saitek SST Programming Software (HKLM-x32\...\{967FB80D-56BD-42EF-A942-9E8C78F984A4}) (Version: 1.00.0000 - Saitek)
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden
SmartSound Quicktracks Plugin (HKLM-x32\...\InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}) (Version: 3.0.2.6 - SmartSound Software Inc)
SmartSound Quicktracks Plugin (x32 Version: 3.0.2.6 - SmartSound Software Inc) Hidden
Spec Ops: The Line Demo (HKLM-x32\...\Steam App 204980) (Version:  - YAGER)
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.14 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 2.4.5.2 - Splashtop Inc.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold 2 Deluxe (HKLM-x32\...\{16D2C649-CBA8-44EE-B730-12584667D487}) (Version: 1.40.100 - Firefly Studios)
Stronghold Legends (HKLM-x32\...\{66A405D2-BA14-4594-BF36-B3B544F0754E}) (Version: 1.20.0000 - Firefly Studios)
Studie zur Verbesserung von HP Photosmart 5510 series Produkten (HKLM\...\{A25B75A1-D9B5-43FC-86F7-6E85DC5AB37E}) (Version: 24.0.342.0 - Hewlett-Packard Co.)
SuperTrafficBoard (HKLM-x32\...\{9E7AC723-F54E-4D13-A888-0EAE66586FF8}) (Version: 3.1 - FlyingWSimulation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version:  - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.26038 - TeamViewer)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
teXXas (HKLM-x32\...\{F3DCD04C-BE9C-408C-BC8C-B77AF972DBC2}) (Version: 1 - metaspinner net GmbH)
Total Video Converter 3.60 100204 (HKLM-x32\...\Total Video Converter 3.61_is1) (Version:  - EffectMatrix Inc.)
Transfer Utility (HKLM-x32\...\{0ECE15AC-CB68-40EC-B70D-1B220717844C}) (Version: 2.05.251 - PIXELA)
Tropico 5 (HKCU\...\Tropico5) (Version: 1.03 - Kalypso Media)
Ulead VideoStudio 9.0 (HKLM-x32\...\{88F92798-59AB-474F-B40D-1EC5F782F7EE}) (Version: 9.0 - Ulead System)
VAcars (HKLM-x32\...\{A8CF0EBC-DEFC-40B2-8707-08A428C3CC12}) (Version: 1.1.3 - VAcars)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.7 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.5 - Wacom Technology Corp.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - Atheros (L1C) Net  (09/27/2010 1.0.0.36) (HKLM\...\2E85B24B7EDF495B57D81136F09567FA79E17482) (Version: 09/27/2010 1.0.0.36 - Atheros)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
World of Logs Client (4.2) (HKCU\...\World of Logs Client (4.2)) (Version:  - Digibites Technology)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: 5.2.0.16826 - Blizzard Entertainment)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2771076119-1783207638-1657993630-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2771076119-1783207638-1657993630-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2771076119-1783207638-1657993630-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2771076119-1783207638-1657993630-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2771076119-1783207638-1657993630-1000_Classes\CLSID\{AFD6BFDC-F329-41BB-9C53-764B965DD483}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2771076119-1783207638-1657993630-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2771076119-1783207638-1657993630-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2771076119-1783207638-1657993630-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2771076119-1783207638-1657993630-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2771076119-1783207638-1657993630-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2771076119-1783207638-1657993630-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2771076119-1783207638-1657993630-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2771076119-1783207638-1657993630-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2771076119-1783207638-1657993630-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2771076119-1783207638-1657993630-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2771076119-1783207638-1657993630-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2771076119-1783207638-1657993630-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2771076119-1783207638-1657993630-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

04-11-2014 00:40:22 PC Connectivity Solution wird entfernt
04-11-2014 00:42:35 Removed Hogrefe TestSystem Player   1.15
04-11-2014 00:43:46 Removed GameShadow
04-11-2014 18:30:39 Gerätetreiber-Paketinstallation: COMODO Netzwerkdienst

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-01-15 19:38 - 2010-05-13 17:53 - 00001204 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1 activate.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com 


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0170117B-28EF-4273-8151-5CAA4095DD54} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {267B4E23-F3EE-41D9-94F1-E27A554B458D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2771076119-1783207638-1657993630-1000UA => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-02] (Google Inc.)
Task: {2CD5F049-55B5-4EB1-A3D6-D45B4C26AAF7} - System32\Tasks\RunAsStdUser Task for VeohWebPlayer => C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
Task: {2E742F63-556B-4A63-B533-F21870FD85B1} - System32\Tasks\{5AEB02E0-B4AE-422B-B009-40A31682C4E4} => J:\SETUP.EXE
Task: {32AE6473-7F1F-464B-9C40-9A108D24143F} - System32\Tasks\HPCustParticipation HP Photosmart 5510 series => C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe [2011-05-25] (Hewlett-Packard Co.)
Task: {3603EA61-9EB7-46E1-B4DF-64A19F9AE687} - System32\Tasks\{74CF0E03-FB98-49E3-89BD-2EC9BF9935C0} => C:\Program Files (x86)\Aerosoft\FDC\Fdc.exe [2006-11-20] (CSC)
Task: {36326BE6-D79F-4EC1-BEFE-744384BBDDD6} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-09-25] (Microsoft Corporation)
Task: {45934EBE-B1CD-421A-BA86-EB8C80544979} - System32\Tasks\{B589DA5D-624D-4CF9-A81B-E952B9919323} => C:\Program Files (x86)\Aerosoft\FDC\Fdc.exe [2006-11-20] (CSC)
Task: {470BD097-0F77-44C1-8C88-42235E40660F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-02] (Google Inc.)
Task: {52DF3BFB-E77C-4771-BB70-A3EC3C7466FA} - System32\Tasks\{DC4C9E4D-9E81-446B-989E-91CB33E9BB4F} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.9.0.115.259/en/abandoninstall?page=tsMain
Task: {54AAAD1E-F574-486B-A1B6-544B074D99A0} - System32\Tasks\{0A791C13-988F-4697-84D6-46C7F7436222} => C:\Program Files (x86)\Flight One Software\Audio Environment\AudioEnvironment.exe [2010-02-10] (Microsoft)
Task: {580CD3E8-209E-4A1E-B607-4076E510CE6B} - System32\Tasks\{EAFE2A0E-5DF1-42D1-BF18-3B5F3A05A018} => J:\SETUP.EXE
Task: {5AB5C634-6F8A-45EB-8BDE-8B8DA1C343FD} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {5B35D928-3CE5-4719-9772-F922478E9B14} - System32\Tasks\{DAF8D6FD-3002-462D-B402-2293A84C55D0} => C:\Program Files (x86)\Aerosoft\FDC\FDC.exe [2006-11-20] (CSC)
Task: {630A310C-AB7E-4964-AC46-2A67AF414F6C} - System32\Tasks\{857B175B-6B52-48B1-949E-51F5A41EE471} => D:\Program Files (x86)\FSacars\fsacars.exe [2011-07-23] (Jose Oliveira)
Task: {75138E62-E209-432E-9F55-9448D1E4D522} - System32\Tasks\{AF901C69-48DF-422A-A6F0-328D5678BA5D} => J:\SETUP.EXE
Task: {7966CEF3-8484-46F3-A606-BF3695BBDC37} - System32\Tasks\{83503FF1-00CD-453D-A042-47D15F82D5C9} => J:\Setup.exe
Task: {79875432-69F7-44B3-AC6C-60976A8DA15C} - System32\Tasks\AdobeAAMUpdater-1.0-User-PC-User => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15] (Adobe Systems Incorporated)
Task: {7F5CBFA1-5220-43F9-BC5B-E0D5B0044B0A} - System32\Tasks\{62C2B61F-6B8C-4D10-AA72-36C7DBFE7938} => Chrome.exe hxxp://ui.skype.com/ui/0/6.11.59.102/de/abandoninstall?page=tsMain
Task: {854BA480-0642-4E28-ACBB-DDA45889A27B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-05] (Adobe Systems Incorporated)
Task: {8CBB936B-F3B9-4ACC-AB00-3ED96F00BEA3} - System32\Tasks\{076B59DE-D1C9-4735-B036-375082F5EE4D} => D:\Program Files (x86)\FSacars\fsacars.exe [2011-07-23] (Jose Oliveira)
Task: {8E3B4F17-6EE7-4A80-8310-0F08B25E879B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-02] (Google Inc.)
Task: {9B5985D0-40B9-4E8E-B08E-F682054C0C12} - System32\Tasks\{51E33F82-667E-4DD0-A188-EFEE233A01B1} => J:\SETUP.EXE
Task: {AF005699-A5BA-44D2-8D1D-E6A1D8E83395} - System32\Tasks\CCleanerSkipUAC => D:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {B1C7BA39-9482-45FE-AC63-B99F6CFF429F} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21] (Adobe Systems Incorporated)
Task: {B21A0DEE-CAAB-4FC0-8D18-66D939B6DE16} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: {B2608FA9-CD6F-4302-B04F-90C91F0EE0D4} - System32\Tasks\{1E9EA941-BB99-4C45-9DC2-A60DCF14845C} => C:\Program Files (x86)\Skype\\Phone\Skype.exe
Task: {BA914ADF-3746-4EF7-9F6F-CA8109EC1E43} - System32\Tasks\{EB0E8BB5-0D65-44F6-8B16-12BA4E371407} => D:\Program Files (x86)\Mobipocket.com\Mobipocket Reader\reader.exe
Task: {BDFD0501-B20D-4198-BB29-2FB49096DD35} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C0A26EE5-D0F1-4C88-8271-C85D7362B6CC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2771076119-1783207638-1657993630-1000Core => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-02] (Google Inc.)
Task: {C1051578-CC73-4B93-9823-B6F577907F8D} - System32\Tasks\{44A781C8-DA87-4D56-9831-C74D03B98588} => D:\Program Files (x86)\FSacars\fsacars.exe [2011-07-23] (Jose Oliveira)
Task: {C33A6704-C4BA-423B-81A7-BA43D37087A9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {C41CF894-AC0E-4685-8BBF-EB5ABB3859D1} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-09-25] (Microsoft Corporation)
Task: {CA3818B8-11E7-4E18-9FFF-84AA04FF0D63} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2012-07-25] ()
Task: {CBD15674-739B-499B-9593-D8056CA5079E} - System32\Tasks\{1DB0575A-6F32-46E6-9C8A-256339187528} => E:\World of Warcraft\World of Warcraft Launcher.exe [2013-03-07] (Blizzard Entertainment)
Task: {CC501072-7E18-4694-8632-93A538B6A65E} - System32\Tasks\{B9097010-4E09-4622-8788-3258916CD339} => D:\Program Files (x86)\MAGIX\Video_deluxe_17_Premium_Sonderedition_Download-Version\Videodeluxe.exe
Task: {D1C8D56F-5237-4417-A28F-8E083F59A79A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {D897CA9E-2456-4001-9655-6AAC286942B2} - System32\Tasks\{8DC5B7F6-CE0C-4695-9990-603F76A07C40} => C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\fsx.exe [2007-12-10] (Microsoft Corp.)
Task: {D8CE62AB-396D-4A36-A9A5-832C2387C5F6} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-USER-PC => C:\Windows\ehome\McxTask.exe [2009-07-14] (Microsoft Corporation)
Task: {D9E72648-40AE-41AD-98D9-3B3865E8CE82} - System32\Tasks\{01BD3E78-BA7C-4E51-A99C-B485D232E0AF} => J:\SETUP.EXE
Task: {DF70B19A-BE83-429C-B846-DEDB4F22B561} - System32\Tasks\{8F8FBB52-3EFE-4D37-B1F3-B3C634D73517} => D:\Program Files (x86)\Ulead Systems\Ulead VideoStudio 9.0\vstudio.exe [2005-03-24] (Ulead Systems, Inc.)
Task: {E07525BE-512B-4E3C-9ADE-F8989F3F1FC4} - System32\Tasks\{45DDD10E-1AA0-4806-8D2B-360002D94486} => C:\Program Files (x86)\avmwlanstick\WLanGUI.exe [2010-10-22] (AVM Berlin)
Task: {E5BE1D6B-FFA0-45AC-A44E-21903698A091} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {F758F7A1-DF66-4E60-A8EB-7D57745D0665} - System32\Tasks\{1506E452-BE8B-46F7-B57E-6BD9A970E8B7} => J:\SETUP.EXE
Task: {FAD18B70-853C-4D16-8B98-DE43F460A13D} - System32\Tasks\{7701AA64-4600-4117-86E6-B14D807BC5A1} => D:\Program Files (x86)\MAGIX\Video_deluxe_17_Premium_Sonderedition_Download-Version\Videodeluxe.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2771076119-1783207638-1657993630-1000Core.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2771076119-1783207638-1657993630-1000UA.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe

==================== Loaded Modules (whitelisted) =============

2012-05-31 14:48 - 2014-09-13 22:53 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-19 16:11 - 2014-05-19 16:11 - 00601432 _____ () c:\program files\bullguard ltd\bullguard backup\libxml2.dll
2014-05-19 16:11 - 2014-05-19 16:11 - 00086360 _____ () C:\Program Files\BullGuard Ltd\BullGuard Backup\zlib1.dll
2014-05-19 16:11 - 2014-05-19 16:11 - 00601432 _____ () C:\Program Files\BullGuard Ltd\BullGuard Backup\libxml2.dll
2014-05-19 16:11 - 2014-05-19 16:11 - 00065368 _____ () C:\Program Files\BullGuard Ltd\BullGuard Backup\LIBBZ2.dll
2014-03-15 16:58 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2011-09-26 15:25 - 2014-01-03 00:34 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2011-07-24 00:42 - 2010-10-13 10:41 - 01182576 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2010-10-21 12:45 - 2010-10-21 12:45 - 00092048 _____ () C:\Program Files\BullGuard Ltd\BullGuard Backup\res\de\BackupShellNamespaceRes.dll
2011-07-23 16:45 - 2011-05-28 21:05 - 00164864 _____ () D:\Program Files\WinRAR\rarext.dll
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () D:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-02-08 11:34 - 2012-08-16 18:04 - 00078480 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-02-08 11:34 - 2012-08-16 18:04 - 00386192 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-09-01 17:12 - 2014-05-13 11:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-09-01 17:12 - 2014-05-13 11:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-09-01 17:12 - 2014-05-13 11:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-09-01 17:12 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-09-01 17:12 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-11-05 17:19 - 2014-11-05 17:19 - 00043008 _____ () c:\users\user\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp9dtq2j.dll
2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\libcef.dll
2014-09-23 08:37 - 2014-09-23 19:27 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2014-09-23 08:39 - 2014-09-09 14:12 - 01032352 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\ADDINS\UmOutlookAddin.dll
2013-11-13 19:40 - 2014-08-19 09:46 - 00125096 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\OUTLCTL.DLL
2014-11-02 11:14 - 2014-10-22 05:04 - 01042760 _____ () C:\Users\User\AppData\Local\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-11-02 11:14 - 2014-10-22 05:04 - 00211272 _____ () C:\Users\User\AppData\Local\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-11-02 11:14 - 2014-10-22 05:04 - 08910664 _____ () C:\Users\User\AppData\Local\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-11-02 11:14 - 2014-10-22 05:04 - 01681224 _____ () C:\Users\User\AppData\Local\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
2014-11-02 10:24 - 2014-11-02 10:24 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\93182e9779b8be0f688fd0784df6d7fb\IsdiInterop.ni.dll
2011-07-20 12:00 - 2010-11-05 22:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsUpdate => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FILSHtray.lnk => C:\Windows\pss\FILSHtray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^hp psc 1000 series.lnk => C:\Windows\pss\hp psc 1000 series.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^hpoddt01.exe.lnk => C:\Windows\pss\hpoddt01.exe.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Transfer Utility Camera Monitor.lnk => C:\Windows\pss\Transfer Utility Camera Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tintenwarnungen überwachen - .lnk => C:\Windows\pss\Tintenwarnungen überwachen - .lnk.Startup
MSCONFIG\startupfolder: C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tintenwarnungen überwachen - HP Photosmart 5510 series (Netzwerk).lnk => C:\Windows\pss\Tintenwarnungen überwachen - HP Photosmart 5510 series (Netzwerk).lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AudialsNotifier => E:\Program Files (x86)\RapidSolution\Audials 10\AudialsNotifier.exe
MSCONFIG\startupreg: BullGuard => "C:\Program Files\BullGuard Ltd\BullGuard Backup\bullguard.exe" -boot
MSCONFIG\startupreg: Google Update => "C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: iTunesHelper => "E:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Launch LCDMon => "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
MSCONFIG\startupreg: Launch LgDeviceAgent => "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe"
MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
MSCONFIG\startupreg: Ocs_SM => C:\Users\User\AppData\Roaming\OCS\SM\SearchAnonymizer.exe
MSCONFIG\startupreg: PDFPrint => D:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: SaiMfd => C:\Program Files (x86)\Saitek\Software\SaiMfd.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-2771076119-1783207638-1657993630-500 - Administrator - Disabled)
Gast (S-1-5-21-2771076119-1783207638-1657993630-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2771076119-1783207638-1657993630-1003 - Limited - Enabled)
Mcx1-USER-PC (S-1-5-21-2771076119-1783207638-1657993630-1007 - Limited - Enabled) => C:\Users\Mcx1-USER-PC
User (S-1-5-21-2771076119-1783207638-1657993630-1000 - Administrator - Enabled) => C:\Users\User

==================== Faulty Device Manager Devices =============

Name: Photosmart 5510 series
Description: Photosmart 5510 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/05/2014 05:19:34 PM) (Source: Microsoft Office 15) (EventID: 2001) (User: )
Description: Microsoft Outlook: Rejected Safe Mode action : Outlook konnte beim letzten Mal nicht gestartet werden. Der abgesicherte Modus kann Ihnen bei der Problembehandlung behilflich sein. Einige Features sind aber in diesem Modus möglicherweise nicht verfügbar.

Möchten Sie im abgesicherten Modus starten?.
Rejected Safe Mode action : Microsoft Outlook.

Error: (11/05/2014 05:15:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.OE.Systray.exe, Version: 1.1.22.50000, Zeitstempel: 0x54216bb2
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x7cc
Startzeit der fehlerhaften Anwendung: 0xAvira.OE.Systray.exe0
Pfad der fehlerhaften Anwendung: Avira.OE.Systray.exe1
Pfad des fehlerhaften Moduls: Avira.OE.Systray.exe2
Berichtskennung: Avira.OE.Systray.exe3

Error: (11/05/2014 05:15:11 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.Systray.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Net.Sockets.SocketException
Stapel:
   bei System.Net.SafeCloseSocketAndEvent.CreateWSASocketWithEvent(System.Net.Sockets.AddressFamily, System.Net.Sockets.SocketType, System.Net.Sockets.ProtocolType, Boolean, Boolean)
   bei System.Net.NetworkInformation.NetworkChange+AddressChangeListener.StartHelper(System.Net.NetworkInformation.NetworkAddressChangedEventHandler, Boolean, System.Net.NetworkInformation.StartIPOptions)
   bei Avira.OE.WinCore.NetworkStatusListener..ctor()
   bei Avira.OE.WinCore.InternetConnectionMonitor..ctor()
   bei Avira.OE.Systray.SystrayIcon..ctor(Avira.OE.WinCore.Interface.IServiceStatusMonitor, Avira.OE.Communicator.Interface.ICommunicatorClientProxy, Avira.OE.MiniGui.IMiniGuiWindow)
   bei Avira.OE.Systray.SystrayIcon..ctor()
   bei Avira.OE.Systray.Program.Main(System.String[])

Error: (11/05/2014 05:07:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.OE.Systray.exe, Version: 1.1.22.50000, Zeitstempel: 0x54216bb2
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x634
Startzeit der fehlerhaften Anwendung: 0xAvira.OE.Systray.exe0
Pfad der fehlerhaften Anwendung: Avira.OE.Systray.exe1
Pfad des fehlerhaften Moduls: Avira.OE.Systray.exe2
Berichtskennung: Avira.OE.Systray.exe3

Error: (11/05/2014 05:06:55 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.Systray.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Net.Sockets.SocketException
Stapel:
   bei System.Net.SafeCloseSocketAndEvent.CreateWSASocketWithEvent(System.Net.Sockets.AddressFamily, System.Net.Sockets.SocketType, System.Net.Sockets.ProtocolType, Boolean, Boolean)
   bei System.Net.NetworkInformation.NetworkChange+AddressChangeListener.StartHelper(System.Net.NetworkInformation.NetworkAddressChangedEventHandler, Boolean, System.Net.NetworkInformation.StartIPOptions)
   bei Avira.OE.WinCore.NetworkStatusListener..ctor()
   bei Avira.OE.WinCore.InternetConnectionMonitor..ctor()
   bei Avira.OE.Systray.SystrayIcon..ctor(Avira.OE.WinCore.Interface.IServiceStatusMonitor, Avira.OE.Communicator.Interface.ICommunicatorClientProxy, Avira.OE.MiniGui.IMiniGuiWindow)
   bei Avira.OE.Systray.SystrayIcon..ctor()
   bei Avira.OE.Systray.Program.Main(System.String[])

Error: (11/05/2014 04:53:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wmpnetwk.exe, Version: 12.0.7601.17514, Zeitstempel: 0x4ce7ae7f
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x5315a05a
Ausnahmecode: 0x0000046b
Fehleroffset: 0x000000000000940d
ID des fehlerhaften Prozesses: 0x260
Startzeit der fehlerhaften Anwendung: 0xwmpnetwk.exe0
Pfad der fehlerhaften Anwendung: wmpnetwk.exe1
Pfad des fehlerhaften Moduls: wmpnetwk.exe2
Berichtskennung: wmpnetwk.exe3

Error: (11/05/2014 03:08:16 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (11/05/2014 03:08:16 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (11/05/2014 03:08:16 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (11/05/2014 01:19:45 PM) (Source: SDUpdateService) (EventID: 0) (User: )
Description: Service failed on shutdown: Access violation at address 30447444 in module 'SDUpdSvc.exe'. Write of address 00000062


System errors:
=============
Error: (11/05/2014 05:18:15 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
AFS

Error: (11/05/2014 05:18:01 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "Spybot-S&D 2 Security Center Service" ist von folgendem Dienst abhängig: wscsvc. Dieser Dienst ist eventuell nicht installiert.

Error: (11/05/2014 05:17:39 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "IPsec-Richtlinien-Agent" ist von folgendem Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.

Error: (11/05/2014 05:17:37 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "IKE- und AuthIP IPsec-Schlüsselerstellungsmodule" ist von folgendem Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.

Error: (11/05/2014 05:17:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (11/05/2014 05:17:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Echtzeit-Scanner erreicht.

Error: (11/05/2014 05:17:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet: 
%%1060

Error: (11/05/2014 05:17:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avira Planer" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (11/05/2014 05:17:16 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Planer erreicht.

Error: (11/05/2014 05:15:21 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {84F66100-FF7C-4FB4-B0C0-02CD7FB668FE}


Microsoft Office Sessions:
=========================
Error: (11/05/2014 05:19:34 PM) (Source: Microsoft Office 15) (EventID: 2001) (User: )
Description: Microsoft OutlookOutlook konnte beim letzten Mal nicht gestartet werden. Der abgesicherte Modus kann Ihnen bei der Problembehandlung behilflich sein. Einige Features sind aber in diesem Modus möglicherweise nicht verfügbar.

Möchten Sie im abgesicherten Modus starten?

Error: (11/05/2014 05:15:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Avira.OE.Systray.exe1.1.22.5000054216bb2KERNELBASE.dll6.1.7601.1840953159a86e04343520000c42d7cc01cff913acb38a7cC:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exeC:\Windows\syswow64\KERNELBASE.dllf37f3b49-6506-11e4-8dc5-d3893530ec3f

Error: (11/05/2014 05:15:11 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.Systray.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Net.Sockets.SocketException
Stapel:
   bei System.Net.SafeCloseSocketAndEvent.CreateWSASocketWithEvent(System.Net.Sockets.AddressFamily, System.Net.Sockets.SocketType, System.Net.Sockets.ProtocolType, Boolean, Boolean)
   bei System.Net.NetworkInformation.NetworkChange+AddressChangeListener.StartHelper(System.Net.NetworkInformation.NetworkAddressChangedEventHandler, Boolean, System.Net.NetworkInformation.StartIPOptions)
   bei Avira.OE.WinCore.NetworkStatusListener..ctor()
   bei Avira.OE.WinCore.InternetConnectionMonitor..ctor()
   bei Avira.OE.Systray.SystrayIcon..ctor(Avira.OE.WinCore.Interface.IServiceStatusMonitor, Avira.OE.Communicator.Interface.ICommunicatorClientProxy, Avira.OE.MiniGui.IMiniGuiWindow)
   bei Avira.OE.Systray.SystrayIcon..ctor()
   bei Avira.OE.Systray.Program.Main(System.String[])

Error: (11/05/2014 05:07:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Avira.OE.Systray.exe1.1.22.5000054216bb2KERNELBASE.dll6.1.7601.1840953159a86e04343520000c42d63401cff9127fe9a8e3C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exeC:\Windows\syswow64\KERNELBASE.dllcbd67060-6505-11e4-8dc5-d3893530ec3f

Error: (11/05/2014 05:06:55 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.Systray.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Net.Sockets.SocketException
Stapel:
   bei System.Net.SafeCloseSocketAndEvent.CreateWSASocketWithEvent(System.Net.Sockets.AddressFamily, System.Net.Sockets.SocketType, System.Net.Sockets.ProtocolType, Boolean, Boolean)
   bei System.Net.NetworkInformation.NetworkChange+AddressChangeListener.StartHelper(System.Net.NetworkInformation.NetworkAddressChangedEventHandler, Boolean, System.Net.NetworkInformation.StartIPOptions)
   bei Avira.OE.WinCore.NetworkStatusListener..ctor()
   bei Avira.OE.WinCore.InternetConnectionMonitor..ctor()
   bei Avira.OE.Systray.SystrayIcon..ctor(Avira.OE.WinCore.Interface.IServiceStatusMonitor, Avira.OE.Communicator.Interface.ICommunicatorClientProxy, Avira.OE.MiniGui.IMiniGuiWindow)
   bei Avira.OE.Systray.SystrayIcon..ctor()
   bei Avira.OE.Systray.Program.Main(System.String[])

Error: (11/05/2014 04:53:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: wmpnetwk.exe12.0.7601.175144ce7ae7fKERNELBASE.dll6.1.7601.184095315a05a0000046b000000000000940d26001cff910977a17b8C:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\KERNELBASE.dllf1d2108b-6503-11e4-98f4-001c4afba29d

Error: (11/05/2014 03:08:16 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (11/05/2014 03:08:16 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (11/05/2014 03:08:16 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (11/05/2014 01:19:45 PM) (Source: SDUpdateService) (EventID: 0) (User: )
Description: Service failed on shutdown: Access violation at address 30447444 in module 'SDUpdSvc.exe'. Write of address 00000062


CodeIntegrity Errors:
===================================
  Date: 2014-08-17 19:02:14.119
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-17 19:02:13.999
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-17 19:02:13.872
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-17 19:02:13.752
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-17 19:02:13.639
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-17 19:02:13.522
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-17 19:02:13.406
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-17 19:02:13.291
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-17 19:02:13.177
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BullGuard Ltd\BullGuard Backup\Spamfilter\LittleHook.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-17 19:01:01.300
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2500 CPU @ 3.30GHz
Percentage of memory in use: 35%
Total physical RAM: 8174.63 MB
Available physical RAM: 5242.63 MB
Total Pagefile: 16347.43 MB
Available Pagefile: 12722.38 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (Wichtiges) (Fixed) (Total:934.7 GB) (Free:324.48 GB) NTFS
Drive d: (Sonstiges) (Fixed) (Total:439.45 GB) (Free:384.55 GB) NTFS
Drive e: (Spiele) (Fixed) (Total:488.77 GB) (Free:318.87 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 62E70C02)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=934.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=439.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=488.8 GB) - (Type=OF Extended)

==================== End Of Log ============================

"FRST.txt"

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-11-2014
Ran by User (administrator) on USER-PC on 05-11-2014 17:45:41
Running from C:\Users\User\Downloads
Loaded Profile: User (Available profiles: User & Mcx1-USER-PC)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Adobe Systems Incorporated) D:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard Backup\BullGuardUpdate.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
(The Eraser Project) C:\Program Files\Eraser\Eraser.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Dropbox, Inc.) C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\outlook.exe
(Apple Inc.) E:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5264016 2012-08-16] (VIA)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [iTunesHelper] => E:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] C:\$Recycle.Bin\S-1-5-18\$2dba11519d2d2773c1a02a0a15f84fb5\n. ATTENTION! ====> ZeroAccess?
HKU\S-1-5-21-2771076119-1783207638-1657993630-1000\...\Run: [HP Photosmart 5510 series (NET)] => C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2672488 2011-05-25] (Hewlett-Packard Co.)
HKU\S-1-5-21-2771076119-1783207638-1657993630-1000\...\Run: [] => [X]
HKU\S-1-5-21-2771076119-1783207638-1657993630-1000\...\Run: [Duden Korrektor SysTray] => H:\Duden\Duden Korrektor\DKTray.exe
HKU\S-1-5-21-2771076119-1783207638-1657993630-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-08-07] (Apple Inc.)
HKU\S-1-5-21-2771076119-1783207638-1657993630-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-08-15] (Apple Inc.)
HKU\S-1-5-21-2771076119-1783207638-1657993630-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2771076119-1783207638-1657993630-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2771076119-1783207638-1657993630-1000\...\MountPoints2: {4764f2b2-b2bd-11e0-bba5-806e6f6e6963} - F:\Autorun.EXE
HKU\S-1-5-21-2771076119-1783207638-1657993630-1000\...\MountPoints2: {efe9023c-b471-11e0-a1d0-1078d2d0165d} - H:\pushinst.exe
HKU\S-1-5-21-2771076119-1783207638-1657993630-1000\...409d6c4515e9\InprocServer32: [Default-shell32]  <==== ATTENTION!
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Outlook 2013.lnk
ShortcutTarget: Outlook 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\outlook.exe (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: 196.201.217.49:4009
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7FFB65557947CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKLM-x32 - {22F825A7-7BEF-4E56-BD39-D50C6C41813B} URL = hxxp://startsear.ch/?aff=1&q={searchTerms}
SearchScopes: HKCU - DefaultScope {2FE3ECC2-A0D0-496F-8C0F-FE851CC3773F} URL = hxxp://startsear.ch/?aff=1&src=sp&cf=f141b75c-cb47-11e0-a93c-001c4afba29d&q={searchTerms}
SearchScopes: HKCU - {1C5D3042-D942-47C6-A3AE-D4EFA31121D6} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=d8de9cbb-d5cf-47cd-9011-257a2e4445b0&pid=murb&mode=bounce&k=0
SearchScopes: HKCU - {22F825A7-7BEF-4E56-BD39-D50C6C41813B} URL = hxxp://startsear.ch/?aff=1&q={searchTerms}
SearchScopes: HKCU - {2FE3ECC2-A0D0-496F-8C0F-FE851CC3773F} URL = hxxp://startsear.ch/?aff=1&src=sp&cf=f141b75c-cb47-11e0-a93c-001c4afba29d&q={searchTerms}
SearchScopes: HKCU - {4423E8D1-AF5C-446A-813F-DE1734A4CB1D} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=d8de9cbb-d5cf-47cd-9011-257a2e4445b0&pid=murb&mode=bounce&k=0
SearchScopes: HKCU - {633FF6FE-FCB9-4D58-B1A1-284F2D649A6A} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=d8de9cbb-d5cf-47cd-9011-257a2e4445b0&pid=murb&mode=bounce&k=0
SearchScopes: HKCU - {95389EF9-FD35-4128-BA79-4FE66D83DD4B} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=d8de9cbb-d5cf-47cd-9011-257a2e4445b0&pid=murb&mode=bounce&k=0
SearchScopes: HKCU - {9D6E6DE5-4A21-4740-B9B2-2EE47B3FC80F} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=d8de9cbb-d5cf-47cd-9011-257a2e4445b0&pid=murb&mode=bounce&k=0
SearchScopes: HKCU - {BEAD097E-82B4-406F-87BF-F04ED59E4CEE} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=d8de9cbb-d5cf-47cd-9011-257a2e4445b0&pid=murb&mode=bounce&k=0
SearchScopes: HKCU - {D705FD54-9538-4E3F-AC16-F1D423778352} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=MYC-ST&o=102869&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=5J&apn_dtid=YYYYYYYYDE&apn_uid=ba260eef-dcd6-4dac-a4c5-d9e9bb2293b6&apn_sauid=0C7BD111-DF94-403D-BC35-6A422C38F3BD
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> H:\Java\bin\ssv.dll No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> H:\Java\bin\jp2ssv.dll No File
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: WebSpeechBHO Class -> {83A30C59-3A50-49E6-9DAF-4923C4EA3C23} -> C:\Program Files (x86)\Common Files\WebSpeech.4.0\LgxIEBar.dll (G DATA Software AG)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} -  No File
Toolbar: HKLM-x32 - No Name - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} -  No File
DPF: HKLM {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/sites/production/ieawsdc64.cab
DPF: HKLM {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex64-2.2.6.0.cab
DPF: HKLM {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: HKLM-x32 {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} file:///J:/components/hidinputmonitorx.ocx
DPF: HKLM-x32 {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} file:///J:/components/A9.ocx
DPF: HKLM-x32 {7030CC6C-1A88-4591-BB5A-651B9F7F0C30} file:///J:/components/wmvhdrating.ocx
Handler: htap - {83EC570E-9FFA-11D2-9559-006008594011} -  No File
Handler: htsportal - {08C89E55-0655-4442-AFD5-4E526D52CEB9} -  No File
Handler-x32: htap - {83EC570E-9FFA-11D2-9559-006008594011} -  No File
Handler-x32: htsportal - {08C89E55-0655-4442-AFD5-4E526D52CEB9} -  No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{2BD76A31-CBAD-4DC9-9160-8857EA0FA56B}: [NameServer] 192.168.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> H:\Java\bin\dtplugin\npDeployJava1.dll No File
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> H:\Java\bin\plugin2\npjp2.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> E:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @hogrefe.de/nphtspse,version=1.15 -> C:\Program Files (x86)\Hogrefe\Player\4\Bin\nphtspse.dll No File
FF Plugin-x32: @hogrefe.de/nphtspst,version=1.15 -> C:\Program Files (x86)\Hogrefe\Player\4\Bin\nphtspst.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.5 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\User\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\User\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll (Amazon.com, Inc.)
FF Plugin HKCU: electronicarts.com/GameFacePlugin -> C:\Users\User\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-12-26]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: No Name - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-01-29]
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - D:\Program Files (x86)\Steganos Password Manager 12\spmplugin3
FF HKCU\...\Firefox\Extensions: [finder@meingutscheincode.de] - C:\Program Files (x86)\Mein Gutscheincode Finder\Firefox
FF HKCU\...\Thunderbird\Extensions: [{380AE6CB-09B9-4373-B360-D01C2462A6E7}] - C:\Program Files\BullGuard Ltd\BullGuard Backup\files32\backup\thunderbirdbkplugin
FF Extension: BullGuard Backup - C:\Program Files\BullGuard Ltd\BullGuard Backup\files32\backup\thunderbirdbkplugin [2014-02-20]

Chrome: 
=======
CHR HomePage: Default -> 
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-31]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-31]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-06]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-31]
CHR Extension: (Google-Suche) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-31]
CHR Extension: (Avira Browser Safety) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-07]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Bitdefender QuickScan) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2014-11-05]
CHR Extension: (Google Mail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-31]
CHR HKLM-x32\...\Chrome\Extension: [jgfpelakfkbbkkdchaaaknckhoadkcbo] - C:\Program Files (x86)\Mein Gutscheincode Finder\Chrome\chrome-extension.crx []
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx []

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor7.0; D:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [169312 2008-09-16] (Adobe Systems Incorporated)
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-18] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-18] (Avira Operations GmbH & Co. KG)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
S3 BgRaSvc; C:\Program Files\BullGuard Ltd\BullGuard Backup\Support\BgRaSvc.exe [161112 2014-05-19] (BullGuard Ltd.)
R2 BsMain; C:\Program Files\BullGuard Ltd\BullGuard Backup\BsMain.dll [269656 2014-05-19] (BullGuard Ltd.)
R2 BsUpdate; C:\Program Files\BullGuard Ltd\BullGuard Backup\BullGuardUpdate.exe [409944 2014-02-20] (BullGuard Ltd.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2436280 2014-09-25] (Microsoft Corporation)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2011-07-24] (Macrovision Europe Ltd.) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
R2 HPSLPSVC; C:\Users\User\AppData\Local\Temp\7zS59A8\hpslpsvc64.dll [1039360 2011-08-23] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-01-03] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2005-01-31] (Ulead Systems, Inc.) [File not signed]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-14] (VIA Technologies, Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S0 AFS; C:\Windows\SysWow64\Drivers\AFS.sys [77004 2011-12-05] (Oak Technology Inc.) [File not signed]
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-18] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S3 SaiH075C; C:\Windows\System32\DRIVERS\SaiH075C.sys [326784 2006-07-27] (Saitek)
S3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [54016 2006-07-27] (Saitek) [File not signed]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-05 17:45 - 2014-11-05 17:46 - 00029301 _____ () C:\Users\User\Downloads\FRST.txt
2014-11-05 17:45 - 2014-11-05 17:45 - 00000000 ____D () C:\FRST
2014-11-05 17:44 - 2014-11-05 17:44 - 02114560 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-11-05 17:43 - 2014-11-05 17:43 - 00000470 _____ () C:\Users\User\Desktop\defogger_disable.log
2014-11-05 17:39 - 2014-11-05 17:41 - 00000470 _____ () C:\Users\User\Downloads\defogger_disable.log
2014-11-05 17:39 - 2014-11-05 17:39 - 00000000 _____ () C:\Users\User\defogger_reenable
2014-11-05 17:38 - 2014-11-05 17:38 - 00050477 _____ () C:\Users\User\Desktop\Defogger.exe
2014-11-05 17:33 - 2014-11-05 17:33 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-11-05 17:31 - 2014-11-05 17:33 - 00000000 ____D () C:\Users\User\AppData\Roaming\QuickScan
2014-11-05 17:28 - 2014-11-05 17:32 - 131078000 _____ (AVAST Software) C:\Users\User\Downloads\avast_free_antivirus_setup.exe
2014-11-05 17:21 - 2014-11-05 17:21 - 00003124 _____ () C:\Windows\System32\Tasks\{04D0D7CE-7872-481F-860B-7FF6FA53280D}
2014-11-05 15:30 - 2014-11-05 16:22 - 00000000 ____D () C:\ProgramData\Panda Security URL Filtering
2014-11-05 15:30 - 2014-11-05 16:22 - 00000000 ____D () C:\Program Files (x86)\pandasecuritytb
2014-11-05 15:30 - 2014-11-05 16:12 - 00000000 ____D () C:\ProgramData\panda_url_filtering
2014-11-05 15:30 - 2014-11-05 15:30 - 00000000 ____D () C:\Users\User\AppData\Roaming\Panda Security
2014-11-05 15:29 - 2014-11-05 16:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus
2014-11-05 15:29 - 2014-11-05 16:22 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-11-05 15:29 - 2014-11-05 15:30 - 00000000 ____D () C:\ProgramData\Panda Security
2014-11-05 14:39 - 2014-11-05 14:41 - 00000000 ____D () C:\Program Files (x86)\CheckPoint
2014-11-05 14:39 - 2014-11-05 14:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-05 14:38 - 2014-11-05 14:38 - 00000000 ____D () C:\ProgramData\CheckPoint
2014-11-05 12:45 - 2014-11-05 12:45 - 00000000 ___HD () C:\VTRoot
2014-11-05 12:38 - 2014-11-05 16:25 - 00201448 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-04 23:11 - 2014-11-04 23:11 - 00000000 ____D () C:\Users\User\AppData\Roaming\Comodo
2014-11-04 19:29 - 2014-11-04 19:30 - 00000000 ____D () C:\Program Files\COMODO
2014-11-04 19:29 - 2014-11-04 19:29 - 00000000 ____D () C:\Users\User\AppData\Local\Comodo
2014-11-04 19:29 - 2014-11-04 19:29 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2014-11-04 19:29 - 2014-11-04 19:29 - 00000000 ____D () C:\ProgramData\Adtrustmedia
2014-11-04 19:28 - 2014-11-04 23:11 - 00000000 ____D () C:\ProgramData\Comodo
2014-11-04 13:42 - 2014-11-04 13:43 - 00000000 ____D () C:\ProgramData\Kaspersky Lab Setup Files
2014-11-04 13:30 - 2014-11-05 13:29 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-11-04 13:24 - 2014-11-05 13:29 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-11-04 01:40 - 2014-11-04 01:40 - 00010460 _____ () C:\Windows\DPINST.LOG
2014-11-04 01:39 - 2011-07-05 13:38 - 00851400 _____ (proDAD GmbH) C:\uninstall.exe
2014-11-04 01:02 - 2014-11-04 01:05 - 121159424 _____ (Microsoft Corporation) C:\Users\User\Downloads\msert.exe
2014-11-03 23:25 - 2014-11-03 23:25 - 00000000 ____D () C:\Users\User\AppData\Roaming\Mozilla
2014-11-02 11:44 - 2014-11-03 15:40 - 00008452 _____ () C:\Windows\PFRO.log
2014-11-02 11:23 - 2014-11-02 11:23 - 00001574 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-11-02 11:23 - 2014-11-02 11:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-11-02 11:22 - 2014-11-02 11:23 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-11-02 11:22 - 2014-11-02 11:23 - 00000000 ____D () C:\Program Files\iTunes
2014-11-02 11:22 - 2014-11-02 11:22 - 00000000 ____D () C:\Program Files\iPod
2014-11-02 11:20 - 2014-11-02 11:41 - 00000000 ____D () C:\Users\User\Desktop\US INTERN (PICS)
2014-10-18 21:14 - 2014-10-18 21:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2014-10-18 20:45 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-18 20:45 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-18 20:45 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-18 20:45 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-18 20:45 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-18 20:45 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-18 20:45 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-18 20:44 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-18 20:44 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-18 20:44 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-18 20:44 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-18 20:44 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-18 20:44 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-18 20:44 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-18 20:44 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-18 20:44 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-18 20:44 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-18 20:44 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-18 20:44 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-18 20:44 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-18 20:44 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-18 20:44 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-18 20:44 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-18 20:44 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-18 20:44 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-18 20:44 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-18 20:44 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-18 20:44 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-18 20:44 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-18 20:44 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-18 20:44 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-18 20:44 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-18 20:44 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-18 20:44 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-18 20:44 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-18 20:44 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-18 20:44 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-18 20:44 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-18 20:44 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-18 20:44 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-18 20:44 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-18 20:44 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-18 20:44 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-18 20:44 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-18 20:44 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-18 20:44 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-18 20:44 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-18 20:44 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-18 20:44 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-18 20:44 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-18 20:44 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-18 20:44 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-18 20:44 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-18 20:44 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-18 20:44 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-18 20:44 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-18 20:44 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-18 20:44 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-18 20:44 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-18 20:44 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-18 20:44 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-18 20:44 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-18 20:44 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-18 20:44 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-18 20:44 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-18 20:44 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-18 20:40 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-18 20:40 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-18 20:40 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-18 20:40 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-18 20:40 - 2014-07-17 03:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-18 20:40 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-18 20:40 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-18 20:40 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-18 20:40 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-18 20:40 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-18 20:40 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-18 20:40 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-18 20:40 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-18 20:40 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-18 20:40 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-18 20:40 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-18 20:40 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-18 20:40 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-18 20:40 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-18 20:40 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-18 20:39 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-18 20:39 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-18 20:28 - 2014-10-18 20:28 - 00001146 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-10-10 12:50 - 2014-11-05 17:17 - 00002825 _____ () C:\Windows\setupact.log
2014-10-10 12:50 - 2014-10-10 12:50 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-10 12:49 - 2014-11-02 10:18 - 05235032 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-08 21:06 - 2014-10-08 21:06 - 01375089 _____ () C:\Users\User\Downloads\adwcleaner_3.311.exe
2014-10-08 20:51 - 2010-05-13 17:53 - 00001204 _____ () C:\Windows\system32\Drivers\etc\hosts.20141008-215141.backup
2014-10-08 14:55 - 2014-10-08 14:55 - 00000000 ____D () C:\Users\User\AppData\Roaming\Hogrefe Verlag GmbH & Co. KG Göttingen
2014-10-08 14:54 - 2014-10-08 17:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hogrefe TestSystem Player   1.15
2014-10-08 14:54 - 2014-10-08 14:56 - 00000000 ____D () C:\Users\Public\Documents\Hogrefe
2014-10-08 14:54 - 2014-10-08 14:54 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-10-08 14:54 - 2014-10-08 14:54 - 00000000 ____D () C:\ProgramData\Hogrefe
2014-10-08 14:53 - 2014-10-08 14:56 - 00000000 ____D () C:\Users\User\AppData\Roaming\Hogrefe
2014-10-08 14:52 - 2014-10-08 14:53 - 28105480 _____ (Hogrefe Verlag Göttingen) C:\Users\User\Downloads\hts4player4.5.1434.exe
2014-10-06 16:22 - 2014-10-06 16:38 - 00000000 ____D () C:\Users\User\AppData\Roaming\EncryptStick

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-05 17:27 - 2011-07-23 23:04 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-05 17:26 - 2009-07-14 05:45 - 00026304 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-05 17:26 - 2009-07-14 05:45 - 00026304 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-05 17:24 - 2009-07-14 18:58 - 00725976 _____ () C:\Windows\system32\perfh007.dat
2014-11-05 17:24 - 2009-07-14 18:58 - 00158600 _____ () C:\Windows\system32\perfc007.dat
2014-11-05 17:24 - 2009-07-14 06:13 - 01681550 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-05 17:22 - 2014-01-19 23:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-11-05 17:22 - 2014-01-19 23:15 - 00000000 ____D () C:\ProgramData\Avira
2014-11-05 17:22 - 2014-01-19 23:15 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-11-05 17:22 - 2013-12-09 17:50 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-05 17:22 - 2011-07-20 11:49 - 01431455 _____ () C:\Windows\WindowsUpdate.log
2014-11-05 17:19 - 2014-09-19 22:01 - 00000000 ___RD () C:\Users\User\iCloudDrive
2014-11-05 17:19 - 2014-03-03 14:31 - 00000000 ____D () C:\Users\User\Documents\Outlook-Dateien
2014-11-05 17:19 - 2011-08-08 19:28 - 00000000 ___RD () C:\Users\User\Dropbox
2014-11-05 17:19 - 2011-08-08 19:26 - 00000000 ____D () C:\Users\User\AppData\Roaming\Dropbox
2014-11-05 17:19 - 2011-07-23 23:04 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-05 17:17 - 2012-07-25 15:21 - 00000336 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job
2014-11-05 17:16 - 2011-07-20 12:04 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-05 17:16 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-05 17:15 - 2013-10-23 18:52 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps
2014-11-05 17:01 - 2009-07-14 05:45 - 00021504 _____ () C:\Windows\system32\umstartup.etl
2014-11-05 16:51 - 2012-04-03 08:45 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-05 16:32 - 2012-04-03 08:45 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-05 16:32 - 2012-04-03 08:45 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-05 16:32 - 2011-07-22 19:15 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-05 16:31 - 2011-07-22 19:13 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe
2014-11-05 16:22 - 2014-09-01 17:12 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-11-05 16:22 - 2014-03-12 20:43 - 00000000 ____D () C:\ProgramData\Duden
2014-11-05 16:22 - 2014-02-20 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FILEminimizer Pictures 3.0
2014-11-05 16:22 - 2012-07-08 20:50 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameShadow
2014-11-05 16:22 - 2012-06-26 12:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zattoo4
2014-11-05 16:22 - 2012-01-29 13:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
2014-11-05 16:22 - 2012-01-08 16:40 - 00000000 ____D () C:\Users\Mcx1-USER-PC
2014-11-05 16:22 - 2011-08-07 14:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SopCast
2014-11-05 16:22 - 2011-07-20 15:17 - 00000000 ____D () C:\Users\User\AppData\Roaming\vlc
2014-11-05 16:22 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-05 16:22 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-11-05 16:21 - 2014-03-12 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duden
2014-11-05 16:21 - 2012-05-29 06:03 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-11-05 16:21 - 2012-01-29 13:50 - 00000000 ____D () C:\Program Files\DivX
2014-11-05 16:21 - 2012-01-29 13:49 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-11-05 16:21 - 2012-01-29 13:48 - 00000000 ____D () C:\ProgramData\DivX
2014-11-04 23:36 - 2014-09-01 17:02 - 00000000 ____D () C:\AdwCleaner
2014-11-04 01:45 - 2012-12-29 21:15 - 00000000 ____D () C:\Users\User\AppData\Roaming\DivX
2014-11-04 01:39 - 2013-05-26 14:42 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-04 01:39 - 2011-07-20 15:16 - 00000000 ____D () C:\Users\User\AppData\Local\Google
2014-11-04 01:39 - 2011-07-20 15:16 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-04 01:34 - 2014-09-01 09:56 - 00000000 ____D () C:\Windows\pss
2014-11-04 01:23 - 2012-01-14 23:29 - 00000000 ____D () C:\Users\User\AppData\Roaming\Apple Computer
2014-11-04 01:23 - 2012-01-14 23:29 - 00000000 ____D () C:\Users\User\AppData\Local\Apple Computer
2014-11-04 01:11 - 2013-01-02 23:44 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2771076119-1783207638-1657993630-1000UA.job
2014-11-02 13:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-02 11:52 - 2013-01-02 16:23 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F5380F5B-14A5-4785-BB60-BD2CC61FFFEF}
2014-11-02 11:49 - 2013-02-14 12:22 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-11-02 11:23 - 2013-09-20 16:41 - 00054156 ____H () C:\Windows\QTFont.qfn
2014-11-02 11:22 - 2014-09-19 18:31 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-11-02 11:22 - 2012-01-14 23:27 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-11-02 11:11 - 2013-01-02 23:44 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2771076119-1783207638-1657993630-1000Core.job
2014-11-02 11:06 - 2013-01-02 23:44 - 00004084 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2771076119-1783207638-1657993630-1000UA
2014-11-02 11:06 - 2013-01-02 23:44 - 00003688 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2771076119-1783207638-1657993630-1000Core
2014-11-02 10:22 - 2011-07-23 23:04 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-02 10:21 - 2011-07-23 23:04 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-02 10:15 - 2014-05-06 13:49 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-18 21:14 - 2013-08-15 02:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-18 21:07 - 2011-07-20 12:55 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-18 20:23 - 2014-02-18 20:19 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-10-18 20:23 - 2014-01-19 23:15 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-18 20:23 - 2014-01-19 23:15 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-10-09 17:04 - 2012-05-29 01:01 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-10-09 16:19 - 2011-07-24 18:50 - 00001456 _____ () C:\Users\User\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2014-10-08 16:26 - 2014-07-21 19:43 - 07551668 _____ () C:\Users\User\Desktop\Projekt China.MVP
2014-10-07 22:23 - 2011-08-03 12:59 - 00000000 ____D () C:\Users\User\AppData\Roaming\TS3Client
2014-10-06 17:12 - 2011-07-23 16:13 - 00000000 ____D () C:\Users\User\Pascal

ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-2771076119-1783207638-1657993630-1000\$2dba11519d2d2773c1a02a0a15f84fb5

ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$2dba11519d2d2773c1a02a0a15f84fb5

Files to move or delete:
====================
C:\ProgramData\dsgsdgdsgdsgw.pad
C:\Users\User\hpothb07.dat


Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\avgnt.exe
C:\Users\User\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp9dtq2j.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-05 14:11

==================== End Of Log ============================

schrauber · 05.11.2014, 19:15

hi,

Zitat:

ProxyServer: 196.201.217.49:4009

Der Proxy is mit Absicht drin?

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Keksklauer · 05.11.2014, 19:25

Vielen Dank für die rasche Antwort, schrauber,

ein Object hat das Tool gefunden. Der Inhalt des generierten Files ist angehangen.

Viele Grüße!

Ps.: Ich hatte mal einen Proxy-Server ausprobiert. Der Versuch ist auch erst ein paar Wochen her. Ich weiß aber nicht, ob das nun derselbe Proxy-Server ist (ich habe den Proxy-Server nämlich eigentlich vor ein paar Tagen wieder aus den Optionen gelöscht).

TDSS rootkit removing tool

Code:

ATTFilter

19:17:42.0253 0x0a9c  TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
19:18:00.0021 0x0a9c  ============================================================
19:18:00.0022 0x0a9c  Current date / time: 2014/11/05 19:18:00.0021
19:18:00.0022 0x0a9c  SystemInfo:
19:18:00.0022 0x0a9c  
19:18:00.0022 0x0a9c  OS Version: 6.1.7601 ServicePack: 1.0
19:18:00.0022 0x0a9c  Product type: Workstation
19:18:00.0022 0x0a9c  ComputerName: USER-PC
19:18:00.0022 0x0a9c  UserName: User
19:18:00.0022 0x0a9c  Windows directory: C:\Windows
19:18:00.0022 0x0a9c  System windows directory: C:\Windows
19:18:00.0022 0x0a9c  Running under WOW64
19:18:00.0022 0x0a9c  Processor architecture: Intel x64
19:18:00.0022 0x0a9c  Number of processors: 4
19:18:00.0022 0x0a9c  Page size: 0x1000
19:18:00.0022 0x0a9c  Boot type: Normal boot
19:18:00.0022 0x0a9c  ============================================================
19:18:00.0689 0x0a9c  KLMD registered as C:\Windows\system32\drivers\42283759.sys
19:18:01.0290 0x0a9c  System UUID: {B75622DA-788B-C1DA-3375-697E0A177AC4}
19:18:01.0903 0x0a9c  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:18:01.0916 0x0a9c  ============================================================
19:18:01.0916 0x0a9c  \Device\Harddisk0\DR0:
19:18:01.0937 0x0a9c  MBR partitions:
19:18:01.0937 0x0a9c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:18:01.0937 0x0a9c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x74D64800
19:18:01.0937 0x0a9c  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x74D97000, BlocksNum 0x36EE8000
19:18:01.0969 0x0a9c  \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0xABC7F800, BlocksNum 0x3D188800
19:18:01.0969 0x0a9c  ============================================================
19:18:02.0065 0x0a9c  C: <-> \Device\Harddisk0\DR0\Partition2
19:18:02.0249 0x0a9c  E: <-> \Device\Harddisk0\DR0\Partition4
19:18:02.0396 0x0a9c  D: <-> \Device\Harddisk0\DR0\Partition3
19:18:02.0396 0x0a9c  ============================================================
19:18:02.0396 0x0a9c  Initialize success
19:18:02.0396 0x0a9c  ============================================================
19:19:21.0656 0x2250  ============================================================
19:19:21.0656 0x2250  Scan started
19:19:21.0656 0x2250  Mode: Manual; SigCheck; TDLFS; 
19:19:21.0656 0x2250  ============================================================
19:19:21.0656 0x2250  KSN ping started
19:19:35.0309 0x2250  KSN ping finished: true
19:19:37.0340 0x2250  ================ Scan system memory ========================
19:19:37.0340 0x2250  System memory - ok
19:19:37.0340 0x2250  ================ Scan services =============================
19:19:37.0526 0x2250  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
19:19:37.0559 0x2250  1394ohci - ok
19:19:37.0604 0x2250  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:19:37.0616 0x2250  ACPI - ok
19:19:37.0640 0x2250  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
19:19:37.0650 0x2250  AcpiPmi - ok
19:19:37.0951 0x2250  [ 3FD8DC2C9735C2AA70155102CFB93EDA, 92C066ECF295C757EB51DC42336329950A1920865051ABF47A6CFF8CC96E152E ] AdobeActiveFileMonitor7.0 D:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
19:19:37.0960 0x2250  AdobeActiveFileMonitor7.0 - ok
19:19:38.0149 0x2250  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:19:38.0158 0x2250  AdobeARMservice - ok
19:19:38.0431 0x2250  [ 2637233632CCD1837A1A57A43CAF00A4, 848026C6C9B38FD9F70BC7B2306BF4F5DD395726D4FDD6A18B29354921191DC5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:19:38.0440 0x2250  AdobeFlashPlayerUpdateSvc - ok
19:19:38.0535 0x2250  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
19:19:38.0550 0x2250  adp94xx - ok
19:19:38.0614 0x2250  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
19:19:38.0626 0x2250  adpahci - ok
19:19:38.0689 0x2250  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
19:19:38.0699 0x2250  adpu320 - ok
19:19:38.0735 0x2250  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:19:38.0760 0x2250  AeLookupSvc - ok
19:19:38.0902 0x2250  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
19:19:38.0919 0x2250  AFD - ok
19:19:38.0921 0x2250  AFS - ok
19:19:38.0968 0x2250  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
19:19:38.0975 0x2250  agp440 - ok
19:19:39.0001 0x2250  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
19:19:39.0010 0x2250  ALG - ok
19:19:39.0038 0x2250  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:19:39.0044 0x2250  aliide - ok
19:19:39.0100 0x2250  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
19:19:39.0106 0x2250  amdide - ok
19:19:39.0146 0x2250  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
19:19:39.0154 0x2250  AmdK8 - ok
19:19:39.0160 0x2250  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
19:19:39.0167 0x2250  AmdPPM - ok
19:19:39.0182 0x2250  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:19:39.0189 0x2250  amdsata - ok
19:19:39.0205 0x2250  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
19:19:39.0214 0x2250  amdsbs - ok
19:19:39.0229 0x2250  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:19:39.0235 0x2250  amdxata - ok
19:19:39.0412 0x2250  [ FCFCD84A3F84375CF2EADA10650C3289, A5AC6E167C60451B2EC9561FA83C9DA5ADDF4152E1AD01A38C80D00B3118EE9A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
19:19:39.0425 0x2250  AntiVirSchedulerService - ok
19:19:39.0568 0x2250  [ FCFCD84A3F84375CF2EADA10650C3289, A5AC6E167C60451B2EC9561FA83C9DA5ADDF4152E1AD01A38C80D00B3118EE9A ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
19:19:39.0580 0x2250  AntiVirService - ok
19:19:39.0642 0x2250  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
19:19:39.0664 0x2250  AppID - ok
19:19:39.0676 0x2250  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:19:39.0699 0x2250  AppIDSvc - ok
19:19:39.0740 0x2250  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
19:19:39.0749 0x2250  Appinfo - ok
19:19:39.0824 0x2250  [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:19:39.0830 0x2250  Apple Mobile Device - ok
19:19:39.0842 0x2250  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
19:19:39.0853 0x2250  AppMgmt - ok
19:19:39.0876 0x2250  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
19:19:39.0884 0x2250  arc - ok
19:19:39.0916 0x2250  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
19:19:39.0923 0x2250  arcsas - ok
19:19:40.0042 0x2250  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:19:40.0050 0x2250  aspnet_state - ok
19:19:40.0065 0x2250  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:19:40.0087 0x2250  AsyncMac - ok
19:19:40.0123 0x2250  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
19:19:40.0129 0x2250  atapi - ok
19:19:40.0187 0x2250  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:19:40.0222 0x2250  AudioEndpointBuilder - ok
19:19:40.0237 0x2250  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
19:19:40.0270 0x2250  AudioSrv - ok
19:19:40.0329 0x2250  [ 1B87A1F2FA5B91AC1A7D171B8D952441, 4CB21F6567021DAE6B2E35B9BA84D015580E2DDFEBEB1AA9637BD93F42883DD2 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
19:19:40.0338 0x2250  avgntflt - ok
19:19:40.0390 0x2250  [ AF61774060F277FE45CBD3A9A8E7D45A, 2F96DC9735BAF017603D72A258BF7A772BF8C4AFECB5AA0CAD8F8E3CCAA0F2B5 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
19:19:40.0398 0x2250  avipbb - ok
19:19:40.0409 0x2250  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
19:19:40.0416 0x2250  avkmgr - ok
19:19:40.0468 0x2250  [ C6F4C466B654C1BE98AF31418BB5AC30, 62AA4456F8E22A6E508EB44DE4309615057117AAF923C13BBED15AA39630E76B ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
19:19:40.0478 0x2250  AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic ( 1 )
19:19:42.0799 0x2250  Detect skipped due to KSN trusted
19:19:42.0800 0x2250  AVM WLAN Connection Service - ok
19:19:42.0816 0x2250  [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject        C:\Windows\system32\drivers\avmeject.sys
19:19:42.0822 0x2250  avmeject - ok
19:19:42.0842 0x2250  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:19:42.0855 0x2250  AxInstSV - ok
19:19:42.0889 0x2250  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
19:19:42.0905 0x2250  b06bdrv - ok
19:19:42.0918 0x2250  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
19:19:42.0930 0x2250  b57nd60a - ok
19:19:42.0958 0x2250  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:19:42.0968 0x2250  BDESVC - ok
19:19:42.0972 0x2250  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:19:42.0995 0x2250  Beep - ok
19:19:43.0121 0x2250  [ D4315CD51A8B24519F20D31B0E611602, 362475CABD485255FE42D7A3BB44DE5774D750DD13806EA99847F8631AF6F2AC ] BgRaSvc         C:\Program Files\BullGuard Ltd\BullGuard Backup\Support\BgRaSvc.exe
19:19:43.0130 0x2250  BgRaSvc - ok
19:19:43.0189 0x2250  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
19:19:43.0227 0x2250  BITS - ok
19:19:43.0237 0x2250  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
19:19:43.0245 0x2250  blbdrive - ok
19:19:43.0272 0x2250  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:19:43.0284 0x2250  Bonjour Service - ok
19:19:43.0306 0x2250  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:19:43.0314 0x2250  bowser - ok
19:19:43.0336 0x2250  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:19:43.0345 0x2250  BrFiltLo - ok
19:19:43.0358 0x2250  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:19:43.0367 0x2250  BrFiltUp - ok
19:19:43.0386 0x2250  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] Bridge          C:\Windows\system32\DRIVERS\bridge.sys
19:19:43.0409 0x2250  Bridge - ok
19:19:43.0412 0x2250  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
19:19:43.0435 0x2250  BridgeMP - ok
19:19:43.0455 0x2250  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
19:19:43.0465 0x2250  Browser - ok
19:19:43.0478 0x2250  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
19:19:43.0490 0x2250  Brserid - ok
19:19:43.0501 0x2250  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:19:43.0510 0x2250  BrSerWdm - ok
19:19:43.0515 0x2250  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:19:43.0524 0x2250  BrUsbMdm - ok
19:19:43.0526 0x2250  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:19:43.0533 0x2250  BrUsbSer - ok
19:19:43.0590 0x2250  [ 530F7F7E12F53CAFBB89069CA3438B58, F147D9C90E807E88E1AFC701FD29FCFD5EC6A8BDB370C716C3223D1171C9B7C8 ] BsMain          C:\Program Files\BullGuard Ltd\BullGuard Backup\BsMain.dll
19:19:43.0600 0x2250  BsMain - ok
19:19:43.0659 0x2250  [ 27D6348DCC371225902E0509A868B31A, D8A6EB52138E087D0A259EC8EE7EB96E1F3DCBF6129AD8E9FB2ACC7B0C4D2C4A ] BsUpdate        C:\Program Files\BullGuard Ltd\BullGuard Backup\BullGuardUpdate.exe
19:19:43.0671 0x2250  BsUpdate - ok
19:19:43.0685 0x2250  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
19:19:43.0696 0x2250  BTHMODEM - ok
19:19:43.0724 0x2250  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
19:19:43.0748 0x2250  bthserv - ok
19:19:43.0761 0x2250  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:19:43.0784 0x2250  cdfs - ok
19:19:43.0796 0x2250  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
19:19:43.0805 0x2250  cdrom - ok
19:19:43.0817 0x2250  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
19:19:43.0839 0x2250  CertPropSvc - ok
19:19:43.0848 0x2250  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
19:19:43.0857 0x2250  circlass - ok
19:19:43.0872 0x2250  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
19:19:43.0884 0x2250  CLFS - ok
19:19:44.0039 0x2250  [ 871EEE78F98D6E31C80FD39433A8FE2F, 67602F597FADA1E7102BC373287A4A78339E057D37FCEAD0B2502F70450EC7CE ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
19:19:44.0086 0x2250  ClickToRunSvc - ok
19:19:44.0153 0x2250  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:19:44.0160 0x2250  clr_optimization_v2.0.50727_32 - ok
19:19:44.0197 0x2250  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:19:44.0204 0x2250  clr_optimization_v2.0.50727_64 - ok
19:19:44.0296 0x2250  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:19:44.0305 0x2250  clr_optimization_v4.0.30319_32 - ok
19:19:44.0330 0x2250  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:19:44.0339 0x2250  clr_optimization_v4.0.30319_64 - ok
19:19:44.0367 0x2250  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
19:19:44.0375 0x2250  CmBatt - ok
19:19:44.0397 0x2250  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:19:44.0404 0x2250  cmdide - ok
19:19:44.0436 0x2250  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
19:19:44.0454 0x2250  CNG - ok
19:19:44.0473 0x2250  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
19:19:44.0480 0x2250  Compbatt - ok
19:19:44.0504 0x2250  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
19:19:44.0514 0x2250  CompositeBus - ok
19:19:44.0516 0x2250  COMSysApp - ok
19:19:44.0519 0x2250  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
19:19:44.0525 0x2250  crcdisk - ok
19:19:44.0572 0x2250  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:19:44.0583 0x2250  CryptSvc - ok
19:19:44.0633 0x2250  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
19:19:44.0650 0x2250  CSC - ok
19:19:44.0680 0x2250  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
19:19:44.0700 0x2250  CscService - ok
19:19:44.0726 0x2250  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:19:44.0758 0x2250  DcomLaunch - ok
19:19:44.0775 0x2250  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
19:19:44.0802 0x2250  defragsvc - ok
19:19:44.0815 0x2250  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:19:44.0837 0x2250  DfsC - ok
19:19:44.0872 0x2250  [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
19:19:44.0879 0x2250  dg_ssudbus - ok
19:19:44.0895 0x2250  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:19:44.0909 0x2250  Dhcp - ok
19:19:44.0924 0x2250  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
19:19:44.0946 0x2250  discache - ok
19:19:44.0949 0x2250  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
19:19:44.0956 0x2250  Disk - ok
19:19:44.0976 0x2250  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:19:44.0986 0x2250  Dnscache - ok
19:19:45.0005 0x2250  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:19:45.0031 0x2250  dot3svc - ok
19:19:45.0051 0x2250  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
19:19:45.0074 0x2250  DPS - ok
19:19:45.0125 0x2250  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:19:45.0132 0x2250  drmkaud - ok
19:19:45.0191 0x2250  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:19:45.0213 0x2250  DXGKrnl - ok
19:19:45.0237 0x2250  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
19:19:45.0260 0x2250  EapHost - ok
19:19:45.0361 0x2250  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
19:19:45.0432 0x2250  ebdrv - ok
19:19:45.0467 0x2250  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
19:19:45.0475 0x2250  EFS - ok
19:19:45.0521 0x2250  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
19:19:45.0543 0x2250  ehRecvr - ok
19:19:45.0560 0x2250  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
19:19:45.0570 0x2250  ehSched - ok
19:19:45.0638 0x2250  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
19:19:45.0653 0x2250  elxstor - ok
19:19:45.0677 0x2250  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:19:45.0684 0x2250  ErrDev - ok
19:19:45.0729 0x2250  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
19:19:45.0758 0x2250  EventSystem - ok
19:19:45.0777 0x2250  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
19:19:45.0802 0x2250  exfat - ok
19:19:45.0824 0x2250  Fabs - ok
19:19:45.0853 0x2250  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:19:45.0879 0x2250  fastfat - ok
19:19:45.0918 0x2250  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
19:19:45.0939 0x2250  Fax - ok
19:19:45.0947 0x2250  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
19:19:45.0955 0x2250  fdc - ok
19:19:45.0977 0x2250  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
19:19:45.0999 0x2250  fdPHost - ok
19:19:46.0013 0x2250  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:19:46.0035 0x2250  FDResPub - ok
19:19:46.0054 0x2250  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:19:46.0061 0x2250  FileInfo - ok
19:19:46.0071 0x2250  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:19:46.0093 0x2250  Filetrace - ok
19:19:46.0211 0x2250  [ 5BD96D8C5411ACE71A7EAACAF0EF2903, 2AF58E6060C7DEC44B4CA30E14E164473CD4089AE475DAFFC61DFE56990C1147 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
19:19:46.0267 0x2250  FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic ( 1 )
19:19:48.0596 0x2250  Detect skipped due to KSN trusted
19:19:48.0596 0x2250  FirebirdServerMAGIXInstance - ok
19:19:48.0638 0x2250  [ F76D04F7413B07DAA029F6520B64B4E8, 3EB13C0EFE737880853FB8952381E7A57723F9472E0E4ED7CDA8A0D7DE8DC90D ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:19:48.0657 0x2250  FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
19:19:51.0239 0x2250  Detect skipped due to KSN trusted
19:19:51.0239 0x2250  FLEXnet Licensing Service - ok
19:19:51.0267 0x2250  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
19:19:51.0275 0x2250  flpydisk - ok
19:19:51.0297 0x2250  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:19:51.0308 0x2250  FltMgr - ok
19:19:51.0362 0x2250  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
19:19:51.0393 0x2250  FontCache - ok
19:19:51.0434 0x2250  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:19:51.0441 0x2250  FontCache3.0.0.0 - ok
19:19:51.0461 0x2250  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:19:51.0468 0x2250  FsDepends - ok
19:19:51.0488 0x2250  [ 07DA62C960DDCCC2D35836AEAB4FC578, C67A29E928AF59BF7FB573FAC2176C5598F595406AA90DDB4A364A15BC89A6C4 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
19:19:51.0494 0x2250  fssfltr - ok
19:19:51.0594 0x2250  [ 28DDEEEC44E988657B732CF404D504CB, 47F83018E5449CDCED3DD447991788EBAAC92C418D4513FBA9408C45E9AB8E7E ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
19:19:51.0624 0x2250  fsssvc - ok
19:19:51.0660 0x2250  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:19:51.0666 0x2250  Fs_Rec - ok
19:19:51.0702 0x2250  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:19:51.0714 0x2250  fvevol - ok
19:19:51.0737 0x2250  [ 444534CBA693DD23C1CC589681E01656, DF8ED7FFA66E0A88EBB58A491A177D8CEB35B08B0911D7A1F4B8865755DC27CE ] FWLANUSB        C:\Windows\system32\DRIVERS\fwlanusb.sys
19:19:51.0752 0x2250  FWLANUSB - ok
19:19:51.0774 0x2250  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
19:19:51.0781 0x2250  gagp30kx - ok
19:19:51.0803 0x2250  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:19:51.0809 0x2250  GEARAspiWDM - ok
19:19:51.0902 0x2250  [ A27A06D8359BC5202F2F8E3240DE205F, C2BB64106D6894E6CF45121FE3ECCDE2A00CAE9268CF5ECA11F436C10DBFC6F0 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
19:19:51.0927 0x2250  GfExperienceService - ok
19:19:51.0960 0x2250  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
19:19:51.0998 0x2250  gpsvc - ok
19:19:52.0041 0x2250  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:19:52.0048 0x2250  gupdatem - ok
19:19:52.0070 0x2250  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:19:52.0077 0x2250  hcw85cir - ok
19:19:52.0113 0x2250  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:19:52.0129 0x2250  HdAudAddService - ok
19:19:52.0138 0x2250  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
19:19:52.0149 0x2250  HDAudBus - ok
19:19:52.0163 0x2250  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
19:19:52.0170 0x2250  HidBatt - ok
19:19:52.0187 0x2250  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
19:19:52.0198 0x2250  HidBth - ok
19:19:52.0214 0x2250  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
19:19:52.0223 0x2250  HidIr - ok
19:19:52.0242 0x2250  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
19:19:52.0264 0x2250  hidserv - ok
19:19:52.0298 0x2250  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
19:19:52.0305 0x2250  HidUsb - ok
19:19:52.0328 0x2250  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:19:52.0351 0x2250  hkmsvc - ok
19:19:52.0376 0x2250  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:19:52.0387 0x2250  HomeGroupListener - ok
19:19:52.0410 0x2250  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:19:52.0422 0x2250  HomeGroupProvider - ok
19:19:52.0446 0x2250  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:19:52.0453 0x2250  HpSAMD - ok
19:19:52.0589 0x2250  [ F37882F128EFACEFE353E0BAE2766909, 2F9D21613500F092DFC0DB879180B549EE615D9B07408A5CC1A7F84663B2F47A ] HPSLPSVC        C:\Users\User\AppData\Local\Temp\7zS59A8\hpslpsvc64.dll
19:19:52.0612 0x2250  HPSLPSVC - detected UnsignedFile.Multi.Generic ( 1 )
19:19:55.0343 0x2250  Detect skipped due to KSN trusted
19:19:55.0343 0x2250  HPSLPSVC - ok
19:19:55.0398 0x2250  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:19:55.0434 0x2250  HTTP - ok
19:19:55.0459 0x2250  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:19:55.0465 0x2250  hwpolicy - ok
19:19:55.0510 0x2250  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
19:19:55.0519 0x2250  i8042prt - ok
19:19:55.0542 0x2250  [ D7921D5A870B11CC1ADAB198A519D50A, 5DF99EB5D5504E9D9EB21658E8B4A58DEE2AD143A1875DB7F9B7BF4877FCB57F ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
19:19:55.0554 0x2250  iaStor - ok
19:19:55.0654 0x2250  [ 8FFF9083252C16FE3960173722605E9E, 6546FDA34B9AF94C5E86E5269BBC2F02F1E78D6D4BE5B5EC01F4B284CC934994 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
19:19:55.0660 0x2250  IAStorDataMgrSvc - ok
19:19:55.0678 0x2250  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:19:55.0691 0x2250  iaStorV - ok
19:19:55.0750 0x2250  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
19:19:55.0754 0x2250  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
19:19:58.0078 0x2250  Detect skipped due to KSN trusted
19:19:58.0078 0x2250  IDriverT - ok
19:19:58.0136 0x2250  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:19:58.0157 0x2250  idsvc - ok
19:19:58.0207 0x2250  IEEtwCollectorService - ok
19:19:58.0245 0x2250  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
19:19:58.0252 0x2250  iirsp - ok
19:19:58.0287 0x2250  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
19:19:58.0310 0x2250  IKEEXT - ok
19:19:58.0342 0x2250  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
19:19:58.0348 0x2250  intelide - ok
19:19:58.0366 0x2250  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:19:58.0374 0x2250  intelppm - ok
19:19:58.0398 0x2250  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:19:58.0421 0x2250  IPBusEnum - ok
19:19:58.0445 0x2250  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:19:58.0467 0x2250  IpFilterDriver - ok
19:19:58.0484 0x2250  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
19:19:58.0493 0x2250  IPMIDRV - ok
19:19:58.0515 0x2250  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:19:58.0539 0x2250  IPNAT - ok
19:19:58.0633 0x2250  [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:19:58.0649 0x2250  iPod Service - ok
19:19:58.0655 0x2250  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:19:58.0665 0x2250  IRENUM - ok
19:19:58.0674 0x2250  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:19:58.0681 0x2250  isapnp - ok
19:19:58.0721 0x2250  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:19:58.0732 0x2250  iScsiPrt - ok
19:19:58.0762 0x2250  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:19:58.0769 0x2250  kbdclass - ok
19:19:58.0781 0x2250  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
19:19:58.0789 0x2250  kbdhid - ok
19:19:58.0800 0x2250  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
19:19:58.0807 0x2250  KeyIso - ok
19:19:58.0845 0x2250  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:19:58.0852 0x2250  KSecDD - ok
19:19:58.0869 0x2250  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:19:58.0877 0x2250  KSecPkg - ok
19:19:58.0898 0x2250  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
19:19:58.0920 0x2250  ksthunk - ok
19:19:58.0953 0x2250  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:19:58.0981 0x2250  KtmRm - ok
19:19:59.0000 0x2250  [ 0E154DA6CA9105354A07D0C576804037, 10A7F6E2A031C2D96B362411DCA2C347E7D7B6ADED9021674E0E633AB9F45D7B ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
19:19:59.0006 0x2250  L1C - ok
19:19:59.0059 0x2250  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:19:59.0085 0x2250  LanmanServer - ok
19:19:59.0111 0x2250  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:19:59.0135 0x2250  LanmanWorkstation - ok
19:19:59.0147 0x2250  [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
19:19:59.0152 0x2250  LGBusEnum - ok
19:19:59.0173 0x2250  [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
19:19:59.0178 0x2250  LGVirHid - ok
19:19:59.0181 0x2250  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:19:59.0204 0x2250  lltdio - ok
19:19:59.0228 0x2250  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:19:59.0256 0x2250  lltdsvc - ok
19:19:59.0272 0x2250  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:19:59.0294 0x2250  lmhosts - ok
19:19:59.0325 0x2250  [ 2ED1786B7542CDA261029F6B526EDF44, C6131B65B045EF5B4F62CF6CF089DF0921BA6A8EFC83BCBA45D5DDE78E9D78E2 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:19:59.0335 0x2250  LMS - ok
19:19:59.0361 0x2250  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
19:19:59.0369 0x2250  LSI_FC - ok
19:19:59.0384 0x2250  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
19:19:59.0392 0x2250  LSI_SAS - ok
19:19:59.0402 0x2250  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:19:59.0409 0x2250  LSI_SAS2 - ok
19:19:59.0427 0x2250  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:19:59.0435 0x2250  LSI_SCSI - ok
19:19:59.0454 0x2250  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
19:19:59.0477 0x2250  luafv - ok
19:19:59.0495 0x2250  [ 6562FCEE704F14C05F5338B147D67A16, 20DCE7B08C745FFE455327E05CC489858ACB89814DA66618D2B554283908D3D8 ] LVUSBS64        C:\Windows\system32\drivers\LVUSBS64.sys
19:19:59.0500 0x2250  LVUSBS64 - ok
19:19:59.0528 0x2250  [ D33E2B74CF8B3A652BF0A9FBD068E87A, 46465387D04C2E5648D1CBD415E5D8757944A3C987A2497450F82D153BF7E868 ] ManyCam         C:\Windows\system32\DRIVERS\ManyCam_x64.sys
19:19:59.0534 0x2250  ManyCam - ok
19:19:59.0561 0x2250  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
19:19:59.0570 0x2250  Mcx2Svc - ok
19:19:59.0649 0x2250  [ 7CF1B716372B89568AE4C0FE769F5869, 0D70A7A594BCFBB26D7249C0F4B0AF9EF874F2318B3FDCE44648CC61279594ED ] MDM             C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
19:19:59.0658 0x2250  MDM - detected UnsignedFile.Multi.Generic ( 1 )
19:20:01.0993 0x2250  Detect skipped due to KSN trusted
19:20:01.0993 0x2250  MDM - ok
19:20:02.0029 0x2250  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
19:20:02.0036 0x2250  megasas - ok
19:20:02.0051 0x2250  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
19:20:02.0062 0x2250  MegaSR - ok
19:20:02.0087 0x2250  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
19:20:02.0092 0x2250  MEIx64 - ok
19:20:02.0119 0x2250  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
19:20:02.0142 0x2250  MMCSS - ok
19:20:02.0151 0x2250  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
19:20:02.0174 0x2250  Modem - ok
19:20:02.0185 0x2250  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:20:02.0194 0x2250  monitor - ok
19:20:02.0212 0x2250  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:20:02.0219 0x2250  mouclass - ok
19:20:02.0222 0x2250  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:20:02.0230 0x2250  mouhid - ok
19:20:02.0242 0x2250  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:20:02.0249 0x2250  mountmgr - ok
19:20:02.0264 0x2250  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:20:02.0272 0x2250  mpio - ok
19:20:02.0297 0x2250  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:20:02.0320 0x2250  mpsdrv - ok
19:20:02.0354 0x2250  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:20:02.0363 0x2250  MRxDAV - ok
19:20:02.0378 0x2250  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:20:02.0388 0x2250  mrxsmb - ok
19:20:02.0413 0x2250  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:20:02.0426 0x2250  mrxsmb10 - ok
19:20:02.0431 0x2250  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:20:02.0440 0x2250  mrxsmb20 - ok
19:20:02.0481 0x2250  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
19:20:02.0488 0x2250  msahci - ok
19:20:02.0504 0x2250  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:20:02.0513 0x2250  msdsm - ok
19:20:02.0526 0x2250  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
19:20:02.0537 0x2250  MSDTC - ok
19:20:02.0554 0x2250  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:20:02.0576 0x2250  Msfs - ok
19:20:02.0614 0x2250  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:20:02.0635 0x2250  mshidkmdf - ok
19:20:02.0659 0x2250  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:20:02.0665 0x2250  msisadrv - ok
19:20:02.0693 0x2250  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:20:02.0718 0x2250  MSiSCSI - ok
19:20:02.0720 0x2250  msiserver - ok
19:20:02.0735 0x2250  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:20:02.0756 0x2250  MSKSSRV - ok
19:20:02.0766 0x2250  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:20:02.0787 0x2250  MSPCLOCK - ok
19:20:02.0798 0x2250  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:20:02.0820 0x2250  MSPQM - ok
19:20:02.0852 0x2250  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:20:02.0864 0x2250  MsRPC - ok
19:20:02.0891 0x2250  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
19:20:02.0897 0x2250  mssmbios - ok
19:20:02.0915 0x2250  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:20:02.0936 0x2250  MSTEE - ok
19:20:02.0942 0x2250  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
19:20:02.0949 0x2250  MTConfig - ok
19:20:02.0965 0x2250  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
19:20:02.0972 0x2250  Mup - ok
19:20:03.0003 0x2250  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
19:20:03.0033 0x2250  napagent - ok
19:20:03.0054 0x2250  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:20:03.0069 0x2250  NativeWifiP - ok
19:20:03.0107 0x2250  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:20:03.0128 0x2250  NDIS - ok
19:20:03.0145 0x2250  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:20:03.0167 0x2250  NdisCap - ok
19:20:03.0191 0x2250  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:20:03.0213 0x2250  NdisTapi - ok
19:20:03.0232 0x2250  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:20:03.0254 0x2250  Ndisuio - ok
19:20:03.0272 0x2250  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:20:03.0296 0x2250  NdisWan - ok
19:20:03.0323 0x2250  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:20:03.0344 0x2250  NDProxy - ok
19:20:03.0353 0x2250  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:20:03.0375 0x2250  NetBIOS - ok
19:20:03.0404 0x2250  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:20:03.0429 0x2250  NetBT - ok
19:20:03.0435 0x2250  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
19:20:03.0443 0x2250  Netlogon - ok
19:20:03.0470 0x2250  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
19:20:03.0498 0x2250  Netman - ok
19:20:03.0551 0x2250  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:20:03.0561 0x2250  NetMsmqActivator - ok
19:20:03.0566 0x2250  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:20:03.0575 0x2250  NetPipeActivator - ok
19:20:03.0620 0x2250  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
19:20:03.0651 0x2250  netprofm - ok
19:20:03.0656 0x2250  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:20:03.0665 0x2250  NetTcpActivator - ok
19:20:03.0670 0x2250  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:20:03.0679 0x2250  NetTcpPortSharing - ok
19:20:03.0703 0x2250  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
19:20:03.0710 0x2250  nfrd960 - ok
19:20:03.0743 0x2250  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:20:03.0757 0x2250  NlaSvc - ok
19:20:03.0810 0x2250  [ 4903177FC90E77ABEB19021451E9475E, D37E0D4F145822DE9AB74F9669D7C6D07EA026B40235DDB73720C09070A245FE ] nmwcd           C:\Windows\system32\drivers\ccdcmbx64.sys
19:20:03.0825 0x2250  nmwcd - ok
19:20:03.0884 0x2250  [ E6844A4C97E5409BBE24BB4ED000320D, F12CEE6C88B379C00AA47F20F433288F5F3E902A8050E7DAF2D40EBBF4D16AFF ] nmwcdc          C:\Windows\system32\drivers\ccdcmbox64.sys
19:20:03.0898 0x2250  nmwcdc - ok
19:20:03.0962 0x2250  [ A0E7F80157AF77B1CEAA8ADD3A3E7D85, E69FBB3480B4A0921DE0EA6C0EDAB50F46A7EDCBAAE433F8404A2FE9D9AF92C9 ] nmwcdnsux64     C:\Windows\system32\drivers\nmwcdnsux64.sys
19:20:03.0979 0x2250  nmwcdnsux64 - ok
19:20:04.0020 0x2250  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:20:04.0042 0x2250  Npfs - ok
19:20:04.0053 0x2250  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
19:20:04.0076 0x2250  nsi - ok
19:20:04.0079 0x2250  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:20:04.0101 0x2250  nsiproxy - ok
19:20:04.0176 0x2250  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:20:04.0211 0x2250  Ntfs - ok
19:20:04.0224 0x2250  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
19:20:04.0245 0x2250  Null - ok
19:20:04.0269 0x2250  [ C87B11EB78428853F9E8495C47E53C10, FAE479DB0812967B3FF968773BA998591B4F50BE4329B8349BCA7E6EAB1B0474 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
19:20:04.0278 0x2250  NVHDA - ok
19:20:04.0565 0x2250  [ A6975E0E4BE34667933846DE2F28AEFC, DFCF194C457A80C8222821001626D089FB1D97A37CA4D50D92144CE324911A78 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:20:04.0790 0x2250  nvlddmkm - ok
19:20:04.0917 0x2250  [ 507E699BD36530491BA0F95251B22F06, BDE6EB91FADBCB8CE16C31EF43A97DC6CC5D0F4EBAEA7903810556D0D70F54BC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
19:20:04.0952 0x2250  NvNetworkService - ok
19:20:04.0973 0x2250  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:20:04.0981 0x2250  nvraid - ok
19:20:04.0991 0x2250  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:20:05.0000 0x2250  nvstor - ok
19:20:05.0077 0x2250  [ 7E4C1879248629A2C9CC9ADF52CBB9B7, 856FF60FD111C3C80B137BC62B7EF92D3B95FBA462A29F97D65457A5A507506E ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
19:20:05.0083 0x2250  NvStreamKms - ok
19:20:05.0561 0x2250  [ C3EB27E4BC00283CA166A9FC42B90FC7, FED7F68D1C6EB442292E40DCFAEE7339AE21D5EF726A9DC9BCB6AB5C5873B3E0 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
19:20:05.0903 0x2250  NvStreamSvc - ok
19:20:06.0026 0x2250  [ 9AEDEFFFE581D775E70C1C228CCD495E, F31C6DED1292A9392B83F9F557070543984AAB73718785B1C189752B34D4805B ] nvsvc           C:\Windows\system32\nvvsvc.exe
19:20:06.0048 0x2250  nvsvc - ok
19:20:06.0093 0x2250  [ 1AF619620613869C07F9C147BC37520F, 0AD4E100354E201D5E72BA236C1464F5083A7E3B58C4AC6BA712489D258955F5 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
19:20:06.0099 0x2250  nvvad_WaveExtensible - ok
19:20:06.0127 0x2250  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:20:06.0135 0x2250  nv_agp - ok
19:20:06.0147 0x2250  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:20:06.0155 0x2250  ohci1394 - ok
19:20:06.0233 0x2250  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:20:06.0242 0x2250  ose - ok
19:20:06.0426 0x2250  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:20:06.0517 0x2250  osppsvc - ok
19:20:06.0548 0x2250  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:20:06.0561 0x2250  p2pimsvc - ok
19:20:06.0583 0x2250  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
19:20:06.0599 0x2250  p2psvc - ok
19:20:06.0629 0x2250  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
19:20:06.0638 0x2250  Parport - ok
19:20:06.0657 0x2250  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:20:06.0664 0x2250  partmgr - ok
19:20:06.0685 0x2250  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:20:06.0698 0x2250  PcaSvc - ok
19:20:06.0701 0x2250  pccsmcfd - ok
19:20:06.0711 0x2250  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
19:20:06.0720 0x2250  pci - ok
19:20:06.0739 0x2250  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
19:20:06.0745 0x2250  pciide - ok
19:20:06.0758 0x2250  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
19:20:06.0767 0x2250  pcmcia - ok
19:20:06.0771 0x2250  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
19:20:06.0777 0x2250  pcw - ok
19:20:06.0802 0x2250  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:20:06.0836 0x2250  PEAUTH - ok
19:20:06.0879 0x2250  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
19:20:06.0913 0x2250  PeerDistSvc - ok
19:20:06.0972 0x2250  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:20:06.0980 0x2250  PerfHost - ok
19:20:07.0028 0x2250  [ DB5C32A4130E6B36CD6ED7A5A6C7751E, 225FF2DB15CDE9D06A8FEDFB2CBDB4675CB50FA2021AA5769A5C8BD297C3E9B6 ] PID_0928        C:\Windows\system32\DRIVERS\LV561V64.SYS
19:20:07.0043 0x2250  PID_0928 - ok
19:20:07.0098 0x2250  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
19:20:07.0146 0x2250  pla - ok
19:20:07.0201 0x2250  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:20:07.0216 0x2250  PlugPlay - ok
19:20:07.0237 0x2250  PnkBstrA - ok
19:20:07.0272 0x2250  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:20:07.0280 0x2250  PNRPAutoReg - ok
19:20:07.0295 0x2250  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:20:07.0309 0x2250  PNRPsvc - ok
19:20:07.0341 0x2250  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:20:07.0371 0x2250  PolicyAgent - ok
19:20:07.0403 0x2250  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
19:20:07.0428 0x2250  Power - ok
19:20:07.0443 0x2250  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:20:07.0465 0x2250  PptpMiniport - ok
19:20:07.0474 0x2250  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
19:20:07.0482 0x2250  Processor - ok
19:20:07.0509 0x2250  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
19:20:07.0521 0x2250  ProfSvc - ok
19:20:07.0525 0x2250  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:20:07.0533 0x2250  ProtectedStorage - ok
19:20:07.0552 0x2250  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:20:07.0575 0x2250  Psched - ok
19:20:07.0588 0x2250  [ A6BF0A9B5A30D743623CA0D3BE35DF05, 0AA2DAE7ADC38F4197548DE174D551A0CF9281D2680B07E6C84914CA199C0661 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
19:20:07.0594 0x2250  PxHlpa64 - ok
19:20:07.0648 0x2250  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
19:20:07.0679 0x2250  ql2300 - ok
19:20:07.0697 0x2250  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
19:20:07.0705 0x2250  ql40xx - ok
19:20:07.0732 0x2250  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
19:20:07.0747 0x2250  QWAVE - ok
19:20:07.0756 0x2250  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:20:07.0767 0x2250  QWAVEdrv - ok
19:20:07.0784 0x2250  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:20:07.0805 0x2250  RasAcd - ok
19:20:07.0819 0x2250  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
19:20:07.0841 0x2250  RasAgileVpn - ok
19:20:07.0846 0x2250  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
19:20:07.0869 0x2250  RasAuto - ok
19:20:07.0884 0x2250  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:20:07.0907 0x2250  Rasl2tp - ok
19:20:07.0921 0x2250  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
19:20:07.0948 0x2250  RasMan - ok
19:20:07.0958 0x2250  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:20:07.0981 0x2250  RasPppoe - ok
19:20:07.0995 0x2250  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:20:08.0018 0x2250  RasSstp - ok
19:20:08.0066 0x2250  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:20:08.0092 0x2250  rdbss - ok
19:20:08.0157 0x2250  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
19:20:08.0166 0x2250  rdpbus - ok
19:20:08.0192 0x2250  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:20:08.0214 0x2250  RDPCDD - ok
19:20:08.0242 0x2250  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
19:20:08.0252 0x2250  RDPDR - ok
19:20:08.0255 0x2250  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:20:08.0278 0x2250  RDPENCDD - ok
19:20:08.0283 0x2250  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:20:08.0305 0x2250  RDPREFMP - ok
19:20:08.0367 0x2250  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:20:08.0378 0x2250  RDPWD - ok
19:20:08.0410 0x2250  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:20:08.0419 0x2250  rdyboost - ok
19:20:08.0433 0x2250  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:20:08.0458 0x2250  RemoteAccess - ok
19:20:08.0473 0x2250  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:20:08.0498 0x2250  RemoteRegistry - ok
19:20:08.0514 0x2250  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:20:08.0537 0x2250  RpcEptMapper - ok
19:20:08.0550 0x2250  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
19:20:08.0558 0x2250  RpcLocator - ok
19:20:08.0583 0x2250  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
19:20:08.0613 0x2250  RpcSs - ok
19:20:08.0634 0x2250  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:20:08.0657 0x2250  rspndr - ok
19:20:08.0678 0x2250  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
19:20:08.0685 0x2250  s3cap - ok
19:20:08.0715 0x2250  [ 3C4E95831AA254F09FF92E9314DBCF91, 578E1180F260BCAE5EE9126B12370777804495E0A27CE5F5FC8659340CDEA700 ] SaiH075C        C:\Windows\system32\DRIVERS\SaiH075C.sys
19:20:08.0728 0x2250  SaiH075C - ok
19:20:08.0750 0x2250  [ 770B1CA6A2058DB900952DF10344B951, 9684144F3092B9B7B5B95A73EB62E4A5682F9C00E5C37AD1429DC00ADD1AC503 ] SaiNtBus        C:\Windows\system32\drivers\SaiBus.sys
19:20:08.0754 0x2250  SaiNtBus - detected UnsignedFile.Multi.Generic ( 1 )
19:20:11.0125 0x2250  SaiNtBus ( UnsignedFile.Multi.Generic ) - warning
19:20:13.0526 0x2250  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
19:20:13.0534 0x2250  SamSs - ok
19:20:13.0550 0x2250  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:20:13.0558 0x2250  sbp2port - ok
19:20:13.0583 0x2250  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:20:13.0609 0x2250  SCardSvr - ok
19:20:13.0628 0x2250  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:20:13.0649 0x2250  scfilter - ok
19:20:13.0698 0x2250  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
19:20:13.0741 0x2250  Schedule - ok
19:20:13.0759 0x2250  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:20:13.0781 0x2250  SCPolicySvc - ok
19:20:13.0841 0x2250  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:20:13.0851 0x2250  SDRSVC - ok
19:20:13.0970 0x2250  [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
19:20:14.0003 0x2250  SDScannerService - ok
19:20:14.0119 0x2250  [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
19:20:14.0158 0x2250  SDUpdateService - ok
19:20:14.0205 0x2250  [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
19:20:14.0213 0x2250  SDWSCService - ok
19:20:14.0239 0x2250  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:20:14.0261 0x2250  secdrv - ok
19:20:14.0274 0x2250  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
19:20:14.0295 0x2250  seclogon - ok
19:20:14.0338 0x2250  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
19:20:14.0362 0x2250  SENS - ok
19:20:14.0373 0x2250  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:20:14.0382 0x2250  SensrSvc - ok
19:20:14.0395 0x2250  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
19:20:14.0403 0x2250  Serenum - ok
19:20:14.0414 0x2250  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
19:20:14.0423 0x2250  Serial - ok
19:20:14.0444 0x2250  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
19:20:14.0452 0x2250  sermouse - ok
19:20:14.0474 0x2250  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
19:20:14.0498 0x2250  SessionEnv - ok
19:20:14.0514 0x2250  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:20:14.0521 0x2250  sffdisk - ok
19:20:14.0525 0x2250  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:20:14.0531 0x2250  sffp_mmc - ok
19:20:14.0535 0x2250  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:20:14.0543 0x2250  sffp_sd - ok
19:20:14.0560 0x2250  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
19:20:14.0567 0x2250  sfloppy - ok
19:20:14.0634 0x2250  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:20:14.0662 0x2250  ShellHWDetection - ok
19:20:14.0677 0x2250  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:20:14.0684 0x2250  SiSRaid2 - ok
19:20:14.0694 0x2250  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
19:20:14.0702 0x2250  SiSRaid4 - ok
19:20:14.0720 0x2250  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:20:14.0744 0x2250  Smb - ok
19:20:14.0768 0x2250  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:20:14.0777 0x2250  SNMPTRAP - ok
19:20:14.0873 0x2250  [ 4FF0CCEDF038EDA199FB416F41FC2F93, 5FC3D8D4A16E2D34BBA385D319A597C4E7E3E8EA5DD936909CD2607E3FC511C2 ] SplashtopRemoteService C:\Program Files (x86)\Splashtop\Splashtop Remote\SERVER\SRService.exe
19:20:14.0891 0x2250  SplashtopRemoteService - ok
19:20:14.0931 0x2250  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:20:14.0938 0x2250  spldr - ok
19:20:15.0000 0x2250  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
19:20:15.0018 0x2250  Spooler - ok
19:20:15.0113 0x2250  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
19:20:15.0202 0x2250  sppsvc - ok
19:20:15.0254 0x2250  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
19:20:15.0277 0x2250  sppuinotify - ok
19:20:15.0306 0x2250  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:20:15.0321 0x2250  srv - ok
19:20:15.0332 0x2250  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:20:15.0346 0x2250  srv2 - ok
19:20:15.0353 0x2250  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:20:15.0362 0x2250  srvnet - ok
19:20:15.0375 0x2250  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:20:15.0400 0x2250  SSDPSRV - ok
19:20:15.0414 0x2250  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:20:15.0437 0x2250  SstpSvc - ok
19:20:15.0477 0x2250  [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
19:20:15.0485 0x2250  ssudmdm - ok
19:20:15.0568 0x2250  [ 2AC95C47E4A05A8188D506A80FD05EE5, EC6ECA96D936F8F63759DA5821B7403D6735F024EAE94EC55ADB3B0AA7752B49 ] SSUService      C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
19:20:15.0583 0x2250  SSUService - ok
19:20:15.0659 0x2250  [ 2F3B5A3567FFB343D8867C3D34C687F1, D01971412506746B2EA1CBB0ACF9472889ABBC23318C1332BEC9C8256011183E ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
19:20:15.0673 0x2250  Steam Client Service - ok
19:20:15.0772 0x2250  [ AD5CE4DBBBAFB82B728BA0548876C5B6, 09022AE357FFBD9F3DF7807BF57704AA8E71767E043E92DA06DB5FE828B3F26F ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:20:15.0784 0x2250  Stereo Service - ok
19:20:15.0809 0x2250  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
19:20:15.0815 0x2250  stexstor - ok
19:20:15.0861 0x2250  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\drivers\serscan.sys
19:20:15.0868 0x2250  StillCam - ok
19:20:15.0928 0x2250  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
19:20:15.0951 0x2250  stisvc - ok
19:20:15.0963 0x2250  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
19:20:15.0969 0x2250  storflt - ok
19:20:15.0993 0x2250  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
19:20:16.0001 0x2250  StorSvc - ok
19:20:16.0012 0x2250  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
19:20:16.0019 0x2250  storvsc - ok
19:20:16.0042 0x2250  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
19:20:16.0048 0x2250  swenum - ok
19:20:16.0103 0x2250  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
19:20:16.0119 0x2250  SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
19:20:18.0571 0x2250  Detect skipped due to KSN trusted
19:20:18.0571 0x2250  SwitchBoard - ok
19:20:18.0625 0x2250  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
19:20:18.0658 0x2250  swprv - ok
19:20:18.0751 0x2250  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
19:20:18.0797 0x2250  SysMain - ok
19:20:18.0820 0x2250  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:20:18.0833 0x2250  TabletInputService - ok
19:20:18.0989 0x2250  [ 45C9720E43ADF60E31A018FBC3321608, CC6514934B288D7AB492F7DF83FCAEF54B147893CF967BBCF0C8B97888751F80 ] TabletServicePen C:\Program Files\Tablet\Pen\Pen_Tablet.exe
19:20:19.0090 0x2250  TabletServicePen - ok
19:20:19.0149 0x2250  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:20:19.0176 0x2250  TapiSrv - ok
19:20:19.0197 0x2250  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
19:20:19.0220 0x2250  TBS - ok
19:20:19.0302 0x2250  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:20:19.0339 0x2250  Tcpip - ok
19:20:19.0379 0x2250  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:20:19.0416 0x2250  TCPIP6 - ok
19:20:19.0441 0x2250  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:20:19.0449 0x2250  tcpipreg - ok
19:20:19.0469 0x2250  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:20:19.0476 0x2250  TDPIPE - ok
19:20:19.0490 0x2250  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:20:19.0497 0x2250  TDTCP - ok
19:20:19.0516 0x2250  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:20:19.0539 0x2250  tdx - ok
19:20:19.0712 0x2250  [ 775A7C4B689C0F112A12AD62064E57D1, C9E9B0F89AEA660CA80F8CC1C9E7116E199B267700265BB47640B0A9341C52FF ] TeamViewer8     C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
19:20:19.0802 0x2250  TeamViewer8 - ok
19:20:19.0830 0x2250  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
19:20:19.0837 0x2250  TermDD - ok
19:20:19.0884 0x2250  [ 4FC4C50985E5B840F4D72E57286887B8, 0BCBB4A938803AE3A3532B6D8FFC85594AA9AEF5D8F9792684841BEA8780AE9E ] TermService     C:\Windows\System32\termsrv.dll
19:20:19.0905 0x2250  TermService - ok
19:20:19.0919 0x2250  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
19:20:19.0930 0x2250  Themes - ok
19:20:19.0943 0x2250  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
19:20:19.0967 0x2250  THREADORDER - ok
19:20:19.0999 0x2250  [ B623380AA85A84C836C395B873D6D20C, 6FC00586D3BBBC7683F8A03804FD56F9F5339D63CCAF6C9FE3B5583F51F87FCC ] TouchServicePen C:\Program Files\Tablet\Pen\Pen_TouchService.exe
19:20:20.0011 0x2250  TouchServicePen - ok
19:20:20.0027 0x2250  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
19:20:20.0052 0x2250  TrkWks - ok
19:20:20.0103 0x2250  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:20:20.0128 0x2250  TrustedInstaller - ok
19:20:20.0174 0x2250  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:20:20.0182 0x2250  tssecsrv - ok
19:20:20.0199 0x2250  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:20:20.0207 0x2250  TsUsbFlt - ok
19:20:20.0235 0x2250  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:20:20.0258 0x2250  tunnel - ok
19:20:20.0279 0x2250  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
19:20:20.0287 0x2250  uagp35 - ok
19:20:20.0309 0x2250  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:20:20.0336 0x2250  udfs - ok
19:20:20.0365 0x2250  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:20:20.0374 0x2250  UI0Detect - ok
19:20:20.0407 0x2250  [ 332D341D92B933600D41953B08360DFB, 213A5C84ABB0D627C05B355084A26A5081645D4EC398FF19EF6BBCB690B10055 ] UleadBurningHelper C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
19:20:20.0410 0x2250  UleadBurningHelper - detected UnsignedFile.Multi.Generic ( 1 )
19:20:22.0966 0x2250  Detect skipped due to KSN trusted
19:20:22.0966 0x2250  UleadBurningHelper - ok
19:20:23.0056 0x2250  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:20:23.0063 0x2250  uliagpkx - ok
19:20:23.0086 0x2250  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
19:20:23.0094 0x2250  umbus - ok
19:20:23.0123 0x2250  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
19:20:23.0130 0x2250  UmPass - ok
19:20:23.0160 0x2250  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
19:20:23.0172 0x2250  UmRdpService - ok
19:20:23.0266 0x2250  [ 7E5E1603D0FF2D240AE70295C5C3FEFC, 1E5F8E415ACE3C6DFBE636473DBE051329174F2A085516B6FC1515A54014D02B ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:20:23.0315 0x2250  UNS - ok
19:20:23.0337 0x2250  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
19:20:23.0365 0x2250  upnphost - ok
19:20:23.0415 0x2250  [ 907F50B8695DAA65A9445D27AD306E65, 9E11846A3E9AA052890AFF8B6C8089227397DA5B8906B80ACD4C52D332B254E9 ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
19:20:23.0429 0x2250  upperdev - ok
19:20:23.0471 0x2250  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
19:20:23.0480 0x2250  USBAAPL64 - ok
19:20:23.0530 0x2250  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
19:20:23.0539 0x2250  usbaudio - ok
19:20:23.0560 0x2250  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:20:23.0569 0x2250  usbccgp - ok
19:20:23.0581 0x2250  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:20:23.0590 0x2250  usbcir - ok
19:20:23.0614 0x2250  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
19:20:23.0622 0x2250  usbehci - ok
19:20:23.0634 0x2250  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:20:23.0648 0x2250  usbhub - ok
19:20:23.0660 0x2250  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
19:20:23.0668 0x2250  usbohci - ok
19:20:23.0697 0x2250  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
19:20:23.0707 0x2250  usbprint - ok
19:20:23.0740 0x2250  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
19:20:23.0748 0x2250  usbscan - ok
19:20:23.0758 0x2250  [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser          C:\Windows\system32\drivers\usbser.sys
19:20:23.0766 0x2250  usbser - ok
19:20:23.0814 0x2250  [ 3F7498527B48657091C355F683BEB0DD, 1CB73E6383F2D80741FC83122D1C971100E1DDAD5CBA8DB382C4A6CAF15B5E88 ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
19:20:23.0829 0x2250  UsbserFilt - ok
19:20:23.0849 0x2250  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:20:23.0858 0x2250  USBSTOR - ok
19:20:23.0876 0x2250  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
19:20:23.0883 0x2250  usbuhci - ok
19:20:23.0903 0x2250  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
19:20:23.0926 0x2250  UxSms - ok
19:20:23.0938 0x2250  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
19:20:23.0946 0x2250  VaultSvc - ok
19:20:23.0960 0x2250  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:20:23.0967 0x2250  vdrvroot - ok
19:20:23.0999 0x2250  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
19:20:24.0031 0x2250  vds - ok
19:20:24.0048 0x2250  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:20:24.0056 0x2250  vga - ok
19:20:24.0073 0x2250  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:20:24.0095 0x2250  VgaSave - ok
19:20:24.0126 0x2250  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
19:20:24.0136 0x2250  vhdmp - ok
19:20:24.0325 0x2250  [ B4875CA0A3718CDAF0E9F5FD2ED3D3D5, 95089CAC02636FDDC3C8A9AF91C66F1739F46C111EC87B7947B6C23D16B20F6C ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
19:20:24.0366 0x2250  VIAHdAudAddService - ok
19:20:24.0409 0x2250  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:20:24.0415 0x2250  viaide - ok
19:20:24.0473 0x2250  [ 5910D09B09520F5C89D247F862EEFBA7, A080ACCF5737C48167A4276CAF0E6A43A669230EB6FD98F5F8B758BEFF2BE6D5 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
19:20:24.0479 0x2250  VIAKaraokeService - ok
19:20:24.0509 0x2250  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
19:20:24.0518 0x2250  vmbus - ok
19:20:24.0537 0x2250  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
19:20:24.0544 0x2250  VMBusHID - ok
19:20:24.0549 0x2250  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:20:24.0556 0x2250  volmgr - ok
19:20:24.0574 0x2250  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:20:24.0585 0x2250  volmgrx - ok
19:20:24.0595 0x2250  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:20:24.0606 0x2250  volsnap - ok
19:20:24.0632 0x2250  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
19:20:24.0641 0x2250  vsmraid - ok
19:20:24.0702 0x2250  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
19:20:24.0754 0x2250  VSS - ok
19:20:24.0762 0x2250  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
19:20:24.0771 0x2250  vwifibus - ok
19:20:24.0792 0x2250  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
19:20:24.0821 0x2250  W32Time - ok
19:20:24.0847 0x2250  [ 43CE14E1E17DA81EA71DFE686805ED07, 5AAB31DC1AA628BC709CF66DF3FB5DFCC447F763804C50509D99544F4665E6E6 ] wacmoumonitor   C:\Windows\system32\DRIVERS\wacmoumonitor.sys
19:20:24.0852 0x2250  wacmoumonitor - ok
19:20:24.0871 0x2250  [ E04D43C7D1641E95D35CAE6086C7E350, BF08ED680EC835D70C522B91560B8987F206793E8E2987117C1D7B77DEFF8556 ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
19:20:24.0876 0x2250  wacommousefilter - ok
19:20:24.0900 0x2250  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
19:20:24.0907 0x2250  WacomPen - ok
19:20:24.0915 0x2250  [ EC1CEB237E365330C1FCFC4876AA0AC0, 9BFF9062AC5E4B9D0C6502D8DE7E59B887903ED29F26157A5F82966932F1EBD0 ] wacomvhid       C:\Windows\system32\DRIVERS\wacomvhid.sys
19:20:24.0920 0x2250  wacomvhid - ok
19:20:24.0936 0x2250  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:20:24.0958 0x2250  WANARP - ok
19:20:24.0963 0x2250  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:20:24.0984 0x2250  Wanarpv6 - ok
19:20:25.0036 0x2250  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
19:20:25.0073 0x2250  wbengine - ok
19:20:25.0094 0x2250  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:20:25.0108 0x2250  WbioSrvc - ok
19:20:25.0131 0x2250  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:20:25.0148 0x2250  wcncsvc - ok
19:20:25.0155 0x2250  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:20:25.0162 0x2250  WcsPlugInService - ok
19:20:25.0180 0x2250  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
19:20:25.0186 0x2250  Wd - ok
19:20:25.0237 0x2250  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:20:25.0258 0x2250  Wdf01000 - ok
19:20:25.0273 0x2250  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:20:25.0286 0x2250  WdiServiceHost - ok
19:20:25.0291 0x2250  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:20:25.0304 0x2250  WdiSystemHost - ok
19:20:25.0344 0x2250  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
19:20:25.0357 0x2250  WebClient - ok
19:20:25.0367 0x2250  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:20:25.0394 0x2250  Wecsvc - ok
19:20:25.0407 0x2250  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:20:25.0430 0x2250  wercplsupport - ok
19:20:25.0443 0x2250  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:20:25.0466 0x2250  WerSvc - ok
19:20:25.0483 0x2250  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:20:25.0504 0x2250  WfpLwf - ok
19:20:25.0520 0x2250  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:20:25.0526 0x2250  WIMMount - ok
19:20:25.0555 0x2250  WinHttpAutoProxySvc - ok
19:20:25.0609 0x2250  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:20:25.0635 0x2250  Winmgmt - ok
19:20:25.0727 0x2250  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
19:20:25.0787 0x2250  WinRM - ok
19:20:25.0810 0x2250  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
19:20:25.0820 0x2250  WinUsb - ok
19:20:25.0876 0x2250  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:20:25.0904 0x2250  Wlansvc - ok
19:20:25.0943 0x2250  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:20:25.0949 0x2250  wlcrasvc - ok
19:20:26.0035 0x2250  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:20:26.0078 0x2250  wlidsvc - ok
19:20:26.0095 0x2250  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
19:20:26.0102 0x2250  WmiAcpi - ok
19:20:26.0125 0x2250  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:20:26.0136 0x2250  wmiApSrv - ok
19:20:26.0155 0x2250  WMPNetworkSvc - ok
19:20:26.0187 0x2250  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:20:26.0195 0x2250  WPCSvc - ok
19:20:26.0252 0x2250  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:20:26.0263 0x2250  WPDBusEnum - ok
19:20:26.0300 0x2250  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:20:26.0322 0x2250  ws2ifsl - ok
19:20:26.0326 0x2250  WSearch - ok
19:20:26.0414 0x2250  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:20:26.0462 0x2250  wuauserv - ok
19:20:26.0482 0x2250  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:20:26.0490 0x2250  WudfPf - ok
19:20:26.0500 0x2250  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:20:26.0510 0x2250  WUDFRd - ok
19:20:26.0536 0x2250  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:20:26.0545 0x2250  wudfsvc - ok
19:20:26.0588 0x2250  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:20:26.0601 0x2250  WwanSvc - ok
19:20:26.0630 0x2250  ================ Scan global ===============================
19:20:26.0680 0x2250  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
19:20:26.0722 0x2250  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
19:20:26.0731 0x2250  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
19:20:26.0754 0x2250  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
19:20:26.0783 0x2250  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
19:20:26.0789 0x2250  [ Global ] - ok
19:20:26.0789 0x2250  ================ Scan MBR ==================================
19:20:26.0800 0x2250  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:20:27.0148 0x2250  \Device\Harddisk0\DR0 - ok
19:20:27.0148 0x2250  ================ Scan VBR ==================================
19:20:27.0150 0x2250  [ 56D18FC61475186C6FD2118838C0E426 ] \Device\Harddisk0\DR0\Partition1
19:20:27.0243 0x2250  \Device\Harddisk0\DR0\Partition1 - ok
19:20:27.0248 0x2250  [ FA41545538595F5F3E3D9E1F6E161FE9 ] \Device\Harddisk0\DR0\Partition2
19:20:27.0327 0x2250  \Device\Harddisk0\DR0\Partition2 - ok
19:20:27.0329 0x2250  [ 6225D6EB26B71E434B251C5E89E7C52B ] \Device\Harddisk0\DR0\Partition3
19:20:27.0406 0x2250  \Device\Harddisk0\DR0\Partition3 - ok
19:20:27.0424 0x2250  [ FF4A9D3FB4B97C3D7971B14489A44879 ] \Device\Harddisk0\DR0\Partition4
19:20:27.0425 0x2250  \Device\Harddisk0\DR0\Partition4 - ok
19:20:27.0425 0x2250  ================ Scan generic autorun ======================
19:20:27.0492 0x2250  [ 0F77770991308CA1F58F18EED7EBE7B7, 3CB77C6ADAC58EE7F85BD3EA1F7C8218A95BE84B15DB38E39E66BF5CD32B4CE0 ] C:\PROGRA~1\Eraser\Eraser.exe
19:20:27.0513 0x2250  Eraser - ok
19:20:27.0537 0x2250  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
19:20:27.0546 0x2250  ShadowPlay - ok
19:20:27.0625 0x2250  [ 4F011F572DAC7057DF9D6E9064AA77E8, CC05441572740A9996525C3B9382191022E4F918C45C09EC0DE4C11215F81008 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
19:20:27.0670 0x2250  NvBackend - ok
19:20:27.0745 0x2250  [ 504C916D52ABA407FD4DC1E709AEA71E, 8F279620247481F28DF7D9FD4A81173396E39EB807E24587E89CAF1172CC846C ] C:\Program Files (x86)\avmwlanstick\wlangui.exe
19:20:27.0788 0x2250  AVMWlanClient - detected UnsignedFile.Multi.Generic ( 1 )
19:20:30.0114 0x2250  Detect skipped due to KSN trusted
19:20:30.0114 0x2250  AVMWlanClient - ok
19:20:30.0256 0x2250  [ 3C2C39789A96ACADCF6760E5FFC8BEF9, 761D80BE2E7524DBE74728B944B8B094C8A6C898526F5C64560A043D586C2E07 ] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
19:20:30.0346 0x2250  HDAudDeck - ok
19:20:30.0396 0x2250  [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
19:20:30.0416 0x2250  Adobe ARM - ok
19:20:30.0522 0x2250  [ DAA21DC0AA2E688370D356757892816D, 97EBF3B8A4B8544B6C1379A391AA4079F38EB4D507931249BC1427D961F58F8C ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
19:20:30.0538 0x2250  avgnt - ok
19:20:30.0593 0x2250  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
19:20:30.0599 0x2250  HP Software Update - ok
19:20:30.0663 0x2250  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:20:30.0698 0x2250  Sidebar - ok
19:20:30.0719 0x2250  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:20:30.0755 0x2250  mctadmin - ok
19:20:30.0779 0x2250  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:20:30.0809 0x2250  Sidebar - ok
19:20:30.0813 0x2250  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:20:30.0825 0x2250  mctadmin - ok
19:20:30.0894 0x2250  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
19:20:30.0929 0x2250  Sidebar - ok
19:20:31.0024 0x2250  [ EB585444AA1AF4C8E29AD0ABAA64E871, 929C3E359060E274CB43E40414E66FCE6933AC16BD5930399619AFFAF1E0BE93 ] C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
19:20:31.0074 0x2250  HP Photosmart 5510 series (NET) - ok
19:20:31.0076 0x2250  Waiting for KSN requests completion. In queue: 158
19:20:32.0076 0x2250  Waiting for KSN requests completion. In queue: 158
19:20:33.0076 0x2250  Waiting for KSN requests completion. In queue: 158
19:20:34.0104 0x2250  AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.7.266 ), 0x41000 ( enabled : updated )
19:20:34.0108 0x2250  Win FW state via NFP2: enabled
19:20:47.0453 0x2250  ============================================================
19:20:47.0453 0x2250  Scan finished
19:20:47.0453 0x2250  ============================================================
19:20:47.0459 0x097c  Detected object count: 1
19:20:47.0459 0x097c  Actual detected object count: 1
19:21:19.0059 0x097c  SaiNtBus ( UnsignedFile.Multi.Generic ) - skipped by user
19:21:19.0059 0x097c  SaiNtBus ( UnsignedFile.Multi.Generic ) - User select action: Skip

schrauber · 06.11.2014, 11:40

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

ProxyServer: 196.201.217.49:4009

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Keksklauer · 06.11.2014, 12:37

Vielen Dank für die Nachricht!

Das Tool FRST64 lies sich ohne Probleme und wie beschrieben starten. Das Tool erzeugte schließlich:

"Fixlog.txt"

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-11-2014
Ran by User at 2014-11-06 11:51:35 Run:1
Running from C:\Users\User\Desktop
Loaded Profile: User (Available profiles: User & Mcx1-USER-PC)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
ProxyServer: 196.201.217.49:4009
*****************

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.

==== End of Fixlog ====

Das Tool ComboFix beschwerte sich im Vorfeld, dass "die [...] Real-Time-Scanner [...] noch aktiv (wären)", obwohl ich Avira Desktop geschlossen hatte und im Task-Manager auch kein entsprechender Prozess zu finden war.

Code:

ATTFilter

antivirus: Avira Desktop
antispyware: Avira Desktop

Auffällig ist, dass das Programm trotzdem angezeigt wird, obwohl ich vorgestern versucht habe, es im Abgesicherten Modus zu entfernen. Das funktionierte allerdings nicht wirklich, denn beim Start erhalte ich nun die Fehlermeldung, dass die Datei "ccplg.xml" für den Start von Avira fehlen würde (eigentlich hatte ich das Programm auch gelöscht, da ich der Meinung war, dass es nicht die beste Alternative ist).

Schließlich erzeugte ComboFix dann:

"log.txt"

Code:

ATTFilter

ComboFix 14-10-29.01 - User 06.11.2014  11:59:15.1.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.8175.6105 [GMT 1:00]
ausgeführt von:: c:\users\User\Desktop\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
C:\prefs.js
c:\program files (x86)\INSTALL.LOG
c:\programdata\dsgsdgdsgdsgw.pad
C:\uninstall.exe
c:\users\User\AppData\Local\Temp\7zS59A8\HPSLPSVC64.DLL
c:\users\User\AppData\Roaming\Microsoft\Windows\Recent\hpothb07.tif
c:\users\User\AppData\Roaming\Microsoft\Windows\Recent\Scan0001.tif
c:\windows\msdownld.tmp
c:\windows\SysWow64\DEBUG.log
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_HPSLPSVC
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-10-06 bis 2014-11-06  ))))))))))))))))))))))))))))))
.
.
2014-11-05 18:41 . 2014-11-05 21:49	--------	d-----w-	c:\users\User\AppData\Local\Battle.net
2014-11-05 18:41 . 2014-11-05 18:45	--------	d-----w-	c:\users\User\AppData\Roaming\Battle.net
2014-11-05 18:41 . 2014-11-05 18:41	--------	d-----w-	c:\users\User\AppData\Local\Blizzard Entertainment
2014-11-05 16:45 . 2014-11-06 10:51	--------	d-----w-	C:\FRST
2014-11-05 16:33 . 2014-11-05 16:33	--------	d-----w-	c:\programdata\AVAST Software
2014-11-05 16:31 . 2014-11-05 16:33	--------	d-----w-	c:\users\User\AppData\Roaming\QuickScan
2014-11-05 16:15 . 2014-11-05 16:15	--------	d-----w-	c:\users\User\AppData\Local\ElevatedDiagnostics
2014-11-05 14:30 . 2014-11-05 15:12	--------	d-----w-	c:\programdata\panda_url_filtering
2014-11-05 14:30 . 2014-11-05 15:22	--------	d-----w-	c:\programdata\Panda Security URL Filtering
2014-11-05 14:30 . 2014-11-05 15:22	--------	d-----w-	c:\program files (x86)\pandasecuritytb
2014-11-05 14:30 . 2014-11-05 14:30	--------	d-----w-	c:\users\User\AppData\Roaming\Panda Security
2014-11-05 14:29 . 2014-11-05 15:22	--------	d-----w-	c:\program files (x86)\Panda Security
2014-11-05 14:29 . 2014-11-05 14:30	--------	d-----w-	c:\programdata\Panda Security
2014-11-05 13:39 . 2014-11-05 13:41	--------	d-----w-	c:\program files (x86)\CheckPoint
2014-11-05 13:38 . 2014-11-05 13:38	--------	d-----w-	c:\programdata\CheckPoint
2014-11-05 11:45 . 2014-11-05 11:45	--------	d-----w-	C:\VTRoot
2014-11-04 22:11 . 2014-11-04 22:11	--------	d-----w-	c:\users\User\AppData\Roaming\Comodo
2014-11-04 18:29 . 2014-11-04 18:29	--------	d-----w-	c:\programdata\Adtrustmedia
2014-11-04 18:29 . 2014-11-04 18:30	--------	d-----w-	c:\program files\COMODO
2014-11-04 18:29 . 2014-11-04 18:29	--------	d-----w-	c:\users\User\AppData\Local\Comodo
2014-11-04 18:29 . 2014-11-04 18:29	--------	d-----w-	c:\programdata\Comodo Downloader
2014-11-04 18:28 . 2014-11-04 22:11	--------	d-----w-	c:\programdata\Comodo
2014-11-04 12:42 . 2014-11-04 12:43	--------	d-----w-	c:\programdata\Kaspersky Lab Setup Files
2014-11-04 12:30 . 2014-11-05 12:29	--------	d-----w-	c:\program files\McAfee Security Scan
2014-11-04 12:24 . 2014-11-05 12:29	--------	d-----w-	c:\programdata\McAfee Security Scan
2014-11-02 10:22 . 2014-11-02 10:22	--------	d-----w-	c:\program files\iPod
2014-11-02 10:22 . 2014-11-02 10:23	--------	d-----w-	c:\programdata\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-11-02 10:22 . 2014-11-02 10:23	--------	d-----w-	c:\program files\iTunes
2014-10-18 20:14 . 2014-10-18 20:14	--------	d-----w-	c:\program files (x86)\Microsoft ASP.NET
2014-10-18 19:45 . 2014-09-29 00:58	3198976	----a-w-	c:\windows\system32\win32k.sys
2014-10-18 19:45 . 2014-06-18 22:23	156312	----a-w-	c:\windows\system32\mscorier.dll
2014-10-18 19:45 . 2014-06-18 22:23	156824	----a-w-	c:\windows\SysWow64\mscorier.dll
2014-10-18 19:45 . 2014-06-18 22:23	1131664	----a-w-	c:\windows\SysWow64\dfshim.dll
2014-10-18 19:45 . 2014-06-18 22:23	73880	----a-w-	c:\windows\system32\mscories.dll
2014-10-18 19:45 . 2014-06-18 22:23	1943696	----a-w-	c:\windows\system32\dfshim.dll
2014-10-18 19:45 . 2014-06-18 22:23	81560	----a-w-	c:\windows\SysWow64\mscories.dll
2014-10-18 19:40 . 2014-09-18 02:00	3241472	----a-w-	c:\windows\system32\msi.dll
2014-10-18 19:39 . 2014-09-13 01:58	77312	----a-w-	c:\windows\system32\packager.dll
2014-10-18 19:39 . 2014-09-13 01:40	67072	----a-w-	c:\windows\SysWow64\packager.dll
2014-10-08 13:55 . 2014-10-08 13:55	--------	d-----w-	c:\users\User\AppData\Roaming\Hogrefe Verlag GmbH & Co. KG Göttingen
2014-10-08 13:54 . 2014-10-08 13:54	--------	d-sh--w-	c:\windows\SysWow64\AI_RecycleBin
2014-10-08 13:54 . 2014-10-08 13:54	--------	d-----w-	c:\program files (x86)\Common Files\Binaries
2014-10-08 13:54 . 2014-10-08 13:54	--------	d-----w-	c:\programdata\Hogrefe
2014-10-08 13:53 . 2014-10-08 13:56	--------	d-----w-	c:\users\User\AppData\Roaming\Hogrefe
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-05 15:32 . 2012-04-03 07:45	701104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-11-05 15:32 . 2011-07-22 18:15	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-10-18 20:07 . 2011-07-20 11:55	103265616	----a-w-	c:\windows\system32\MRT.exe
2014-10-18 19:23 . 2014-02-18 19:19	43064	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2014-10-18 19:23 . 2014-01-19 22:15	131608	----a-w-	c:\windows\system32\drivers\avipbb.sys
2014-10-18 19:23 . 2014-01-19 22:15	119272	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2014-09-25 02:08 . 2014-10-01 16:32	371712	----a-w-	c:\windows\system32\qdvd.dll
2014-09-25 01:40 . 2014-10-01 16:32	519680	----a-w-	c:\windows\SysWow64\qdvd.dll
2014-09-23 19:01 . 2013-02-14 11:43	590536	----a-w-	c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2014-09-17 04:51 . 2014-09-20 18:23	31520	----a-w-	c:\windows\system32\nvhdap64.dll
2014-09-17 04:51 . 2014-09-20 18:23	197408	----a-w-	c:\windows\system32\drivers\nvhda64v.sys
2014-09-17 04:51 . 2014-01-08 23:14	1538880	----a-w-	c:\windows\system32\nvhdagenco6420103.dll
2014-09-17 02:13 . 2014-09-20 18:20	1291280	----a-w-	c:\windows\SysWow64\nvspbridge.dll
2014-09-17 02:13 . 2013-12-11 17:58	2193560	----a-w-	c:\windows\SysWow64\nvspcap.dll
2014-09-17 02:12 . 2013-12-11 17:58	2799784	----a-w-	c:\windows\system32\nvspcap64.dll
2014-09-17 02:12 . 2014-09-20 18:20	1715224	----a-w-	c:\windows\system32\nvspbridge64.dll
2014-09-13 23:48 . 2014-09-20 18:23	957584	----a-w-	c:\windows\system32\NvIFR64.dll
2014-09-13 23:48 . 2014-09-20 18:23	925896	----a-w-	c:\windows\system32\NvFBC64.dll
2014-09-13 23:48 . 2014-09-20 18:23	919240	----a-w-	c:\windows\SysWow64\NvIFR.dll
2014-09-13 23:48 . 2014-09-20 18:23	894096	----a-w-	c:\windows\SysWow64\NvFBC.dll
2014-09-13 23:48 . 2014-09-20 18:23	867528	----a-w-	c:\windows\SysWow64\nvumdshim.dll
2014-09-13 23:48 . 2014-09-20 18:23	4287296	----a-w-	c:\windows\system32\nvcuvid.dll
2014-09-13 23:48 . 2014-09-20 18:23	4008592	----a-w-	c:\windows\SysWow64\nvcuvid.dll
2014-09-13 23:48 . 2014-09-20 18:23	352016	----a-w-	c:\windows\system32\nvoglshim64.dll
2014-09-13 23:48 . 2014-09-20 18:23	31887680	----a-w-	c:\windows\system32\nvoglv64.dll
2014-09-13 23:48 . 2014-09-20 18:23	303600	----a-w-	c:\windows\SysWow64\nvoglshim32.dll
2014-09-13 23:48 . 2014-09-20 18:23	24552592	----a-w-	c:\windows\SysWow64\nvoglv32.dll
2014-09-13 23:48 . 2014-09-20 18:23	20922512	----a-w-	c:\windows\system32\nvcompiler.dll
2014-09-13 23:48 . 2014-09-20 18:23	19954520	----a-w-	c:\windows\system32\nvd3dumx.dll
2014-09-13 23:48 . 2014-09-20 18:23	1876296	----a-w-	c:\windows\system32\nvdispco6434411.dll
2014-09-13 23:48 . 2014-09-20 18:23	18106152	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2014-09-13 23:48 . 2014-09-20 18:23	174856	----a-w-	c:\windows\system32\nvinitx.dll
2014-09-13 23:48 . 2014-09-20 18:23	17259664	----a-w-	c:\windows\SysWow64\nvcompiler.dll
2014-09-13 23:48 . 2014-09-20 18:23	156840	----a-w-	c:\windows\SysWow64\nvinit.dll
2014-09-13 23:48 . 2014-09-20 18:23	1539272	----a-w-	c:\windows\system32\nvdispgenco6434411.dll
2014-09-13 23:48 . 2014-09-20 18:23	14026304	----a-w-	c:\windows\system32\nvopencl.dll
2014-09-13 23:48 . 2014-09-20 18:23	13939272	----a-w-	c:\windows\system32\nvcuda.dll
2014-09-13 23:48 . 2014-09-20 18:23	13157696	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys
2014-09-13 23:48 . 2014-09-20 18:23	11392576	----a-w-	c:\windows\SysWow64\nvopencl.dll
2014-09-13 23:48 . 2014-09-20 18:23	11330776	----a-w-	c:\windows\SysWow64\nvcuda.dll
2014-09-13 23:48 . 2013-02-25 22:32	2838424	----a-w-	c:\windows\SysWow64\nvapi.dll
2014-09-13 23:48 . 2013-02-25 22:32	16875856	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2014-09-13 23:48 . 2013-02-25 22:32	3223120	----a-w-	c:\windows\system32\nvapi64.dll
2014-09-13 23:48 . 2013-02-25 22:32	984424	----a-w-	c:\windows\system32\nvumdshimx.dll
2014-09-13 23:48 . 2013-02-25 22:32	20589536	----a-w-	c:\windows\system32\nvwgf2umx.dll
2014-09-13 21:53 . 2011-07-20 11:04	6890696	----a-w-	c:\windows\system32\nvcpl.dll
2014-09-13 21:53 . 2011-07-20 11:04	3529872	----a-w-	c:\windows\system32\nvsvc64.dll
2014-09-13 21:53 . 2011-07-20 11:04	934216	----a-w-	c:\windows\system32\nvvsvc.exe
2014-09-13 21:53 . 2011-07-20 11:04	62608	----a-w-	c:\windows\system32\nvshext.dll
2014-09-13 21:53 . 2011-07-20 11:04	385168	----a-w-	c:\windows\system32\nvmctray.dll
2014-09-13 21:53 . 2011-07-20 11:04	2557640	----a-w-	c:\windows\system32\nvsvcr.dll
2014-09-13 20:13 . 2014-09-20 18:25	613696	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2014-09-11 15:37 . 2012-05-31 13:48	3961833	----a-w-	c:\windows\system32\nvcoproc.bin
2014-09-09 22:11 . 2014-09-23 18:21	2048	----a-w-	c:\windows\system32\tzres.dll
2014-09-09 21:47 . 2014-09-23 18:21	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2014-09-04 19:14 . 2014-09-20 18:20	38048	----a-w-	c:\windows\system32\drivers\nvvad64v.sys
2014-09-04 19:14 . 2014-09-20 18:20	32416	----a-w-	c:\windows\SysWow64\nvaudcap32v.dll
2014-09-04 19:14 . 2013-12-11 17:54	34976	----a-w-	c:\windows\system32\nvaudcap64v.dll
2014-08-28 13:21 . 2011-03-28 16:36	23256	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-08-23 02:07 . 2014-08-28 13:27	404480	----a-w-	c:\windows\system32\gdi32.dll
2014-08-23 01:45 . 2014-08-28 13:27	311808	----a-w-	c:\windows\SysWow64\gdi32.dll
2014-08-14 20:28 . 2014-08-14 20:28	829264	----a-w-	c:\windows\system32\msvcr100.dll
2014-08-14 20:28 . 2014-08-14 20:28	608080	----a-w-	c:\windows\system32\msvcp100.dll
2014-08-14 19:15 . 2014-08-14 19:15	773968	----a-w-	c:\windows\SysWow64\msvcr100.dll
2014-08-14 19:15 . 2014-08-14 19:15	421200	----a-w-	c:\windows\SysWow64\msvcp100.dll
1998-09-25 11:16 . 2011-07-22 22:02	270848	----a-w-	c:\program files (x86)\UNWISE.EXE
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-02-14 12:17	222712	----a-w-	c:\users\User\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-02-14 12:17	222712	----a-w-	c:\users\User\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-02-14 12:17	222712	----a-w-	c:\users\User\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	131480	----a-w-	c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	131480	----a-w-	c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	131480	----a-w-	c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"HP Photosmart 5510 series (NET)"="c:\program files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe" [2011-05-25 2672488]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2014-08-07 43816]
"iCloudDrive"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe" [2014-08-15 43816]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVMWlanClient"="c:\program files (x86)\avmwlanstick\wlangui.exe" [2010-10-22 2105344]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-08-16 5264016]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-10-18 703736]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2013-05-30 96056]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2014-06-24 4101576]
"iTunesHelper"="e:\program files (x86)\iTunes\iTunesHelper.exe" [2014-10-15 157480]
.
c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-9-13 36414624]
Outlook 2013.lnk - c:\program files\Microsoft Office 15\root\office15\outlook.exe [2014-9-23 18945704]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Profiler"=c:\program files (x86)\Saitek\Software\ProfilerU.exe
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
"SwitchBoard"=c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
"BambooCore"=d:\program files (x86)\Bamboo Dock\BambooCore.exe
"QuickTime Task"="c:\program files (x86)\QuickTime\qttask.exe" -atboottime
"HP Software Update"=c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe
"iTunesHelper"="e:\program files (x86)\iTunes\iTunesHelper.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"DivXMediaServer"=c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"IAStorIcon"=c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
"NokiaMusic FastStart"="c:\program files (x86)\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
"NokiaMServer"=c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
"TrayServer"=c:\progra~2\MAGIX\VIDEO_~1\TrayServer_de.exe
.
R0 AFS;AFS; [x]
R2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys;c:\windows\SYSNATIVE\drivers\avmeject.sys [x]
R3 BgRaSvc;BgRaSvc;c:\program files\BullGuard Ltd\BullGuard Backup\Support\BgRaSvc.exe;c:\program files\BullGuard Ltd\BullGuard Backup\Support\BgRaSvc.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam_x64.sys;c:\windows\SYSNATIVE\DRIVERS\ManyCam_x64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 SaiH075C;SaiH075C;c:\windows\system32\DRIVERS\SaiH075C.sys;c:\windows\SYSNATIVE\DRIVERS\SaiH075C.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;d:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe;d:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [x]
S2 BsMain;BullGuard main service;c:\windows\System32\SvcHost.exe;c:\windows\SYSNATIVE\SvcHost.exe [x]
S2 BsUpdate;BullGuard update service;c:\program files\BullGuard Ltd\BullGuard Backup\BullGuardUpdate.exe;c:\program files\BullGuard Ltd\BullGuard Backup\BullGuardUpdate.exe [x]
S2 ClickToRunSvc;Microsoft Office-Klick-und-Los-Dienst;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
S2 SplashtopRemoteService;Splashtop® Remote Service;c:\program files (x86)\Splashtop\Splashtop Remote\SERVER\SRService.exe;c:\program files (x86)\Splashtop\Splashtop Remote\SERVER\SRService.exe [x]
S2 SSUService;Splashtop Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe;c:\program files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TabletServicePen;TabletServicePen;c:\program files\Tablet\Pen\Pen_Tablet.exe;c:\program files\Tablet\Pen\Pen_Tablet.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\Tablet\Pen\Pen_TouchService.exe;c:\program files\Tablet\Pen\Pen_TouchService.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\system32\DRIVERS\fwlanusb.sys;c:\windows\SYSNATIVE\DRIVERS\fwlanusb.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys;c:\windows\SYSNATIVE\drivers\LVUSBS64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
S3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys;c:\windows\SYSNATIVE\DRIVERS\wacmoumonitor.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\Duden dktray on]
2013-09-01 22:05	242720	----a-w-	c:\programdata\Duden\DKReg.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-11-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 15:32]
.
2014-11-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-23 09:21]
.
2014-11-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-23 09:21]
.
2014-11-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2771076119-1783207638-1657993630-1000Core.job
- c:\users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-02 22:44]
.
2014-11-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2771076119-1783207638-1657993630-1000UA.job
- c:\users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-02 22:44]
.
2014-11-05 c:\windows\Tasks\HP Photo Creations Communicator.job
- c:\programdata\HP Photo Creations\Communicator.exe [2012-07-25 14:22]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-02-14 12:17	261624	----a-w-	c:\users\User\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-02-14 12:17	261624	----a-w-	c:\users\User\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-02-14 12:17	261624	----a-w-	c:\users\User\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-09-25 10:10	2334416	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-09-25 10:10	2334416	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-09-25 10:10	2334416	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	164760	----a-w-	c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	164760	----a-w-	c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	164760	----a-w-	c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	164760	----a-w-	c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Eraser"="c:\progra~1\Eraser\Eraser.exe" [2012-05-22 980920]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-09-17 2799784]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-09-17 2460488]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = fritz.box;*.local;<local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: An OneNote s&enden - d:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Nach Microsoft &Excel exportieren - e:\progra~1\MICROS~1\Office10\EXCEL.EXE/3000
IE: Nach Microsoft E&xcel exportieren - d:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - e:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {{1CE4DE72-7FCC-4eb8-8F66-AE6A56A0A54D} - {0854DA01-5BF8-4E9D-A0E9-3CD5500AFB8C} - c:\program files (x86)\Common Files\WebSpeech.4.0\LgxIEBar.dll
Trusted Zone: hts-admin.net\www
Trusted Zone: hts-eval.net\www
Trusted Zone: hts-online.net\www
TCP: DhcpNameServer = 192.168.178.1
TCP: Interfaces\{2BD76A31-CBAD-4DC9-9160-8857EA0FA56B}: NameServer = 192.168.0.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-Duden Korrektor SysTray - h:\duden\Duden Korrektor\DKTray.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Notify-SDWinLogon - SDWinLogon.dll
HKLM_Wow6432Node-ActiveSetup-Duden ADXRegistrator on - h:\duden\Duden Korrektor\adxregistrator.exe
HKLM_Wow6432Node-ActiveSetup-Duden csapi on - h:\duden\Duden Korrektor\DKReg.exe
HKLM_Wow6432Node-ActiveSetup-Duden dkClean install - h:\duden\Duden Korrektor\DKClean.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-World of Warcraft - c:\program files (x86)\Common Files\Blizzard Entertainment\WORLD OF WARCRAFT\Uninstall.exe
AddRemove-{58AEE3E0-8746-11DD-81B6-000AE67E2618}_is1 - f:\grafstat\grafstat4\unins000.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_189_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_189_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_189_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_189_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_189.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_189.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_189.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_189.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\avmwlanstick\WlanNetService.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Splashtop\Splashtop Remote\SERVER\SRServer.exe
c:\program files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files (x86)\Windows Media Player\wmplayer.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-11-06  12:15:00 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-11-06 11:14
.
Vor Suchlauf: 13 Verzeichnis(se), 346.313.412.608 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 345.497.149.440 Bytes frei
.
- - End Of File - - 0F4EDB14A32A8D66F5F7C050F4A30BC5

Vielen Dank und beste Grüße!

/Edit: Mir ist gerade beim Neustart aufgefallen, dass die Windows-Firewall wieder aktiv ist - vielen Dank schon für diesen Erfolg!

schrauber · 07.11.2014, 07:48

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Keksklauer · 07.11.2014, 13:29

Alle Installationen und Ausführungen bzw. Suchdurchläufe verliefen ohne Probleme.

Ergebnis:

"mbam.txt"

Zitat:

Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 07.11.2014
Suchlauf-Zeit: 12:48:59
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.3.1025
Malware Datenbank: v2014.11.07.02
Rootkit Datenbank: v2014.11.01.02
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: User

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 404605
Verstrichene Zeit: 15 Min, 6 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 11
PUP.Optional.OpenCandy, C:\Users\User\Downloads\FreemakeVideoConverterSetup.exe, In Quarantäne, [03eb0632681469cd913944e12dd45ba5],
PUP.Optional.Softonic.A, C:\Users\User\Downloads\SoftonicDownloader_fuer_scp-087-b.exe, In Quarantäne, [5698da5ed3a9f244fc33be7a13eef808],
PUP.OfferBundler.ST, C:\Users\User\Downloads\SoftonicDownloader_fuer_text-to-speech-pro.exe, In Quarantäne, [3ab47eba04788fa714d5a3ff2bd5f10f],
PUP.Optional.Conduit.A, C:\Users\User\Downloads\VeohWebPlayer (1).exe, In Quarantäne, [6f7fa692d3a9a591e8a30f53010045bb],
PUP.Optional.Conduit.A, C:\Users\User\Downloads\VeohWebPlayer (2).exe, In Quarantäne, [7b73e256651780b67c0f2e34778aa65a],
PUP.Optional.Conduit.A, C:\Users\User\Downloads\VeohWebPlayer.exe, In Quarantäne, [fef0dc5cb1cb989ec4c710529c65a65a],
PUP.Optional.DomaIQ, C:\Users\User\Downloads\Player Setup (1).exe, In Quarantäne, [0be3cc6c4e2e94a2df412334639d40c0],
PUP.Optional.DomaIQ, C:\Users\User\Downloads\Player Setup.exe, In Quarantäne, [0de1a98f5e1e092daa2c296da958837d],
PUP.Optional.DomaIQ, C:\Users\User\Downloads\Player.exe, In Quarantäne, [26c89b9d4c30e74f8f91afa8c13fa060],
Adware.DomaIQ, C:\Users\User\Downloads\Java (1).exe, In Quarantäne, [5a9466d21c6062d44849494539c8fe02],
PUP.Optional.DomalQ, C:\Users\User\Downloads\Java.exe, In Quarantäne, [7777c474e597d3631aa9fefd897bed13],

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)

(end)

"AdwCleaner[S2].txt"

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.308 - Bericht erstellt am 04/11/2014 um 23:36:10
# Aktualisiert 20/08/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : User - USER-PC
# Gestartet von : H:\Sonstiges\adwcleaner_3.308.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gelöscht : C:\Uninstall.exe

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17344


-\\ Google Chrome v

[ Datei : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [9134 octets] - [01/09/2014 17:03:46]
AdwCleaner[R1].txt - [934 octets] - [08/10/2014 21:07:46]
AdwCleaner[R2].txt - [1299 octets] - [04/11/2014 23:33:45]
AdwCleaner[S0].txt - [8880 octets] - [01/09/2014 17:07:54]
AdwCleaner[S1].txt - [994 octets] - [08/10/2014 21:18:27]
AdwCleaner[S2].txt - [1220 octets] - [04/11/2014 23:36:10]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1280 octets] ##########

--- --- ---
AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v4.002 - Bericht erstellt am 07/11/2014 um 13:18:04
# DB v2014-11-02.1
# Aktualisiert 27/10/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : User - USER-PC
# Gestartet von : C:\Users\User\Desktop\AdwCleaner_4.002.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\User\AppData\Local\CrashRpt

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe]
Wert Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe]
Wert Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe]
Wert Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe]
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17344


-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [9134 octets] - [01/09/2014 17:03:46]
AdwCleaner[R1].txt - [934 octets] - [08/10/2014 21:07:46]
AdwCleaner[R2].txt - [3343 octets] - [04/11/2014 23:33:45]
AdwCleaner[S0].txt - [8880 octets] - [01/09/2014 17:07:54]
AdwCleaner[S1].txt - [994 octets] - [08/10/2014 21:18:27]
AdwCleaner[S2].txt - [3257 octets] - [04/11/2014 23:36:10]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [3317 octets] ##########

--- --- ---

"JRT.txt"

Zitat:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.6 (11.05.2014:1)
OS: Windows 7 Professional x64
Ran by User on 07.11.2014 at 13:22:39,63
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{1C5D3042-D942-47C6-A3AE-D4EFA31121D6}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{22F825A7-7BEF-4E56-BD39-D50C6C41813B}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2FE3ECC2-A0D0-496F-8C0F-FE851CC3773F}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{4423E8D1-AF5C-446A-813F-DE1734A4CB1D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{633FF6FE-FCB9-4D58-B1A1-284F2D649A6A}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95389EF9-FD35-4128-BA79-4FE66D83DD4B}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9D6E6DE5-4A21-4740-B9B2-2EE47B3FC80F}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BEAD097E-82B4-406F-87BF-F04ED59E4CEE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{D705FD54-9538-4E3F-AC16-F1D423778352}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{22F825A7-7BEF-4E56-BD39-D50C6C41813B}

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\adtrustmedia"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{00A44A92-CE56-4513-A15A-013F1EE86D62}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{00B12310-3139-4742-AACB-3836E37C9082}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{00FAA9A4-D1AB-46EF-9A79-3EA8764CB1B9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0103338E-8A5B-4B3C-9FED-4B8F612D035B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{017E2B65-A95C-4529-806E-66F62D5AAA00}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{01DB77C2-0062-408C-A7D4-03D697A80C17}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{025837B8-C380-4208-A872-0EADC0BF31D8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{02E6BB39-A673-4799-B01D-0CD7A122BF25}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{02F53C92-9E59-4539-8461-BD2009ABFFFA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0346B207-CA01-46A1-A471-E1A6AEFAF9DA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{036B2FDF-BBC4-41EB-AF8F-6D80C3CE03C4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{03C95388-9312-434C-82AB-6312F81798CF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{04BC6775-AC7F-4AEE-A639-6B3792ABA1B9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{05D3ED69-639E-4C7C-BC05-7FF020E53090}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{05DA946A-527E-4CB9-8A95-EB534BD6A221}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0624B564-0316-4C63-B900-4AD16E71DD6B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0634B736-1761-4A0D-8A54-AF97DBB7ECF6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{06805C47-83EC-4658-8718-19EFD6C18F1A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{073E5322-C68B-4DE3-9E49-53B7E479E5BF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{07465482-FB33-481D-9584-3B7B069FC781}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{077D7AAD-E791-4283-A64F-7EE237D61BA2}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{08BDA9FE-FCE7-4C2F-A343-38F55FCB32FE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0A0D60A6-CD5E-449B-B81B-3520BB992D2C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0A83163C-B3D1-4AC2-967B-3F6F258306E1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0A87684D-B6F2-4754-9AAE-B70736A063F2}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0B3D2944-858B-4951-A110-E2AE4F7B00C9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0BC10CD5-515A-412A-BD45-E8EA51EFBFF5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0C78EC05-07BA-4EC7-B7BF-89DB451184C0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0C7D4766-2ADA-4F44-ADF1-2D0D7B562FD8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0CC71B0F-C944-4038-924B-1C83090DE269}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0D0B585B-5A92-4C45-8192-82F64F30DAD3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0E02E1D2-5E1C-4195-9BB6-81B778891A77}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0E26D686-A965-4825-8219-0F6FA7A34DD4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0E55767E-A83C-4F48-AC43-FB00F34D9128}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0F7207D0-0C4F-41C0-B041-65DEEE5DEB13}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0F7A5C3B-043B-40AD-9922-3AE210C38CED}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{10C25D94-9D15-4DBC-A813-0138B38DB86F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{117A6B2D-122E-43BC-B916-4E75B0F86208}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{11988785-D3E6-4541-9BAD-D8CCF3BC6240}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{120C00D9-D493-48C3-B29B-533098E41350}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{12267C1A-1CDD-4B21-9E41-56C02DBFCD04}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{12576AE6-CC9A-4798-B7AA-C329E10FEE9A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1266C06A-4999-415D-A817-515D13243EE5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{131D73A7-772C-4EC9-8391-0C628EF3258E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{14B9BF89-A33E-448E-B4F2-5970A008DF1F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{14D751A3-30EA-4625-84EA-14AE056CDF0B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1508E2AB-72C9-45A0-BF33-1A846E84BC18}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1682DC92-E373-46BA-9ED6-594297527F87}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{17D1028C-A16A-4226-975B-F599368B220F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{17E96FE1-73E1-4180-9C6F-371C3CD0AC9A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{181D21ED-6BDD-48BE-A08F-8F1FFE6F707D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{18922911-1851-460E-B6D6-2C1D1574AD2B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{189A25E8-CBE6-44CA-9F34-F9C5AD706BF3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{18F9650C-5D3B-4397-9EB3-E871AFF8D719}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{19345047-0057-48AB-9219-8FD9ECC9F04D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{19798758-4484-4E71-8B0D-1FA956BAE6C9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1A40670C-12ED-4585-947F-1B51458ABFCA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1BD7B790-2100-46B1-9EB0-9DA1FAFFC72B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1BE2D4BE-6D47-4CF4-B4A7-559BCE4E3EF0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1DD307C9-B692-415E-8178-ED9BA72CA24F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1F9F8D31-37B1-4894-B583-C70E2A60FE32}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1FF1BCE8-FC26-42C5-9B94-7631072F76DE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{20BBB04F-D6B5-4242-BBD2-B02F31CB4B69}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{20FAF237-4378-4743-A5EA-0120FF8A8FD0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2199C6D4-075B-4848-848D-21248E54509B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{221BD07C-2D6C-4D51-944B-EE9106E9596F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{224FF905-E4CE-4AA1-8FDE-B5E772D8A2F9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{229E0DA0-CD41-472A-9671-116D3F44C21D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{235C9C6E-7978-4E58-87CE-F4F96BF740D0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{23DA7A84-0CB1-4FEF-9049-AF52939759A0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{240BBB9C-9984-4130-8AE6-EDF08A9092E2}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{24593649-67A0-4D77-95F6-5EF2E5FD70FF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2479AB52-6331-4207-B478-3848F1B28F39}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{24B4F22E-875F-4AA1-B288-CC94AFC789C4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{24B8719B-7B4F-4DEB-AA91-987AAB8B8EA3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{24C7D809-5667-48FE-B1BC-4516DC80AFF8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{253CC778-D9DF-4C81-957D-72B6E2A7163D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{260ACADC-EABF-4CBA-963F-17A00750E139}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2656FBA3-9591-4969-9A7B-ECD9B327393F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{26B0F191-4897-43A4-9029-C097CC0CB279}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{26F97A4A-4389-4B18-B5AD-31A93B5468A1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2736261A-7C24-46FE-BEE7-B1C83579E725}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{29033B97-DD8A-465B-AB5E-27C32EC889F2}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{29423DA4-9079-4C38-AF0C-56B36A2C298D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{299A371D-A5DC-4BB8-B7BC-2E79EFCD6CE7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2AC0DFF4-0642-42C9-B818-359AB52ACAB9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2B351FFD-A3B6-425D-9A1F-D68BF1264231}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2C37E5D7-9C3B-44CC-BB8D-83A72C6B57E3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2C4D89A6-DA91-48A6-80B8-12279F658FBD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2D6B482F-75E0-4F40-BFA2-64CE7CAEDB3B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2D90AEE2-6869-4755-BF1B-42DC133C1873}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2DC1D18F-BE8D-4261-8EAD-339DC1FB6436}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2DDE04A1-5C7C-4D51-A38D-4E27039BC306}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2E8E2610-B5FC-4001-8C98-84432F412542}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2F20B920-133A-4016-9A39-90D81410727A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3256609E-86E3-472F-ADF6-E95CEC6A3F8B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{325FA917-85D9-4148-8DEC-099158C69A80}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{33482D7C-928A-4D5C-A964-F9D0484E2BEA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{337EEB05-209A-4F25-962E-B43365486F3F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3413D44C-218F-4890-BAE7-DB1CA2B5AD9C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{34979D8A-C082-410A-90C1-F2719C095DC6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{35385C80-FC30-49AD-80CE-7DD1C3D9043D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{360D82C6-520C-4292-A33A-2D31502AF5C5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{36515722-8923-415E-BEB9-5E4A1F3FB2AD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3667FF8D-4293-4479-B84D-EB62E34128DF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{368305D0-6D49-405E-86E2-703D9CAAEA3F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{376638B3-1C7A-41CE-98B4-4CB7255F9258}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3868B44B-AACB-4D80-B4AA-8E0E0EFCAA9B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{387E08C0-2CB6-4FD4-A927-59DB1E804756}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{38D39425-388E-4BBE-B509-573C01800A32}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{392B3DF0-7220-43A7-BD7D-100D579C0FFE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3A27FC33-70A8-4756-B923-75959DD44EFF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3B066368-346B-47CE-AD08-0EB4502679CA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3B65FB5A-0EE7-4D05-9760-00332FCBF0CD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3BDF62D1-8570-434E-AF95-DB8535CE61C2}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3C05BEFE-D196-48F5-A117-527693BAEBFD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3C5D38FB-0BD3-452D-9506-A5AFA73ACD34}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3D51E6C8-A67F-425C-BB33-992499854E85}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3D583B90-81E5-4BF8-B2F4-8AFFB88D0441}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3F7D4090-C7C0-4652-8311-829192C54B92}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{40AE0F76-F321-4C95-94B9-CFACFF9BF3C6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{40CCC7C1-581E-4B3D-85DC-D825C46148A1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4164C770-419D-4DBB-A6FC-F5866E43900F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{41738905-7948-4FEB-B696-B1FBFFD6C376}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{41869E3E-E7A5-4152-8BE4-9560E41C0D91}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{41B8A09E-E4B2-468F-8DBC-55585E2D0713}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{428A3CC0-400F-49E4-8F0E-86635521B65F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{42A018A6-3057-4E50-AB08-AF90372CD433}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{42C7E21B-CE26-46D4-AC83-1D5F2056DD77}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{42DF539D-8581-48AB-A5E2-E773E38D23A8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{430EBE1A-098A-4479-8E9A-D3133E0DF1EC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4349766A-BAF4-42A2-98CF-A93C77C3D683}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{435B7A7B-3232-470A-9935-49C0077ABB2C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{43D2FD0E-8823-4CAD-9A43-192E68DC9A0B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{44355EBA-201F-48A7-9444-DBE5D5A2647A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4491048D-6521-4804-9AB3-4BA29B5BC719}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{45AB2C9F-F89D-4DD6-88B7-5EB7DDB47CCE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{466FEE5D-2934-4112-9511-EE378FBDD49C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{46930E56-DF23-4BAF-807F-F72533543047}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{46B585DC-6A38-4B36-95A3-7D4D84FFDFD4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{46DA59C1-0365-4A1C-B6F4-D007944D046B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{46E9AB21-487F-4A81-868D-BE218EA878E6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{46EDDEA6-F8B1-4E19-94F5-422AEB6CBE80}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{472F9FCD-A51F-46A0-B9BA-13B30AE5F701}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{47918BC3-2E4A-409B-A251-F59E1128B107}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{47A1D88F-B046-46A3-ACE8-B7CE5C0BFC34}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{47CA05CC-9AF0-4C34-B7D5-45361A84BBBC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{48AEDE61-C254-47E8-9A39-2FD1E79BD831}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{48D7AC5E-76B6-457F-8A58-3D5ACFEEF783}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4957CBC9-28E7-4C60-9B62-A63FF40F4FE0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{497DD585-5650-40FE-BC9F-65C11835899A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{49801D92-CDD1-449D-8A04-51B44953F866}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4A6F0030-AFFE-4AFB-9493-59B1E4A4C2B2}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4A900EBC-7642-482F-B2A5-9073B87EE8A8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4B7A96C5-4A77-4DBD-BE7D-CEC800DD433F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4C6E8EF1-F48C-4C49-9870-54BB9B233DE7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4CA42812-7649-4ED2-85BD-D2F3660E8492}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4E05F036-FA96-4F40-AFB2-D8714549A340}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4E8E07E6-4079-4A5B-8E83-93D7C1E1306A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4ECA577E-541F-485C-AEFF-572D99842904}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4EE83A82-7852-4138-8836-2990D083EE89}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{500BD54D-7C17-45CD-9BE5-DC6DBD308BD6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{51C58AC9-B3A5-47AA-BE79-615A5B8D5263}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{51D9FF01-31A5-4903-80E5-3631DDC286E1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5227E36D-2B25-4100-B7E6-7F752609D184}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{522F061D-40CB-45B0-ADE3-43F6E7C9BF7A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{52720120-8B30-4BF2-A71F-1242C72DBB9F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{535980BF-464D-4C5E-80AA-DA3BE8FF020F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{53B36700-E17E-478E-B378-A70CBF7C8094}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5414D2ED-31D1-4C8E-AF4E-4A6B17FD92C9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5419D35C-95D1-4C6D-9E59-E75FE9ED93FC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{55291BEA-E556-47C0-871F-E60E99A2F4AE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{554C8631-B333-4BAB-AA4D-7AC59FCFF983}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5637DBBF-70F7-4E2F-9D46-257AE932A1E9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5783C1CC-DF52-480C-9447-6B1D0673C7A1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5790DA8F-5087-4AE3-8264-CD784261C4EE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{57CFA8D7-C5D2-49F4-AAB6-39793B43F143}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5883A55A-0EC8-4592-B0ED-5AB87672F209}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{58A5BDC3-037F-4F21-AF67-1C571F5A0DED}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{58D13AAD-6B85-4DCE-BAA2-0A82D507CECE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{591B40DE-A72C-4F0D-AFF5-8A1F863DFBAB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{59A87325-D373-470D-90EC-5DCA219ACEE6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5A11B445-1540-42D1-B3C8-C1D811A95E35}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5A5066D3-E9C1-4446-988E-EF3A8DF9A947}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5A5D2459-1B46-49E5-8A0A-E92F0DD2AD3A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5A99767A-E0DE-40BA-9CBF-E845A979F917}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5B3E20ED-BB7B-4336-9D73-7CF105E91EB4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5BB93DFF-635E-427D-A8FE-B67CAFDE703E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5C96577B-7E4F-408F-90E6-6038099A3387}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5EB00950-204A-44DC-B6F8-0E0B144C0A9F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5FE1B903-05A4-468C-8BEA-B228C3C8F259}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5FE575F0-1CAE-4669-BDF2-62E8C47A3E73}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5FF077D9-B0A1-4959-89E8-C24774EE621F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{61268926-D2F8-491C-BD34-37211E70599B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{630725F0-6D88-49A8-87A9-3B3782F22A39}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{63470623-9D61-4A9D-A78E-BDEFAB64483F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{65D6575A-1977-425E-9009-4ABA01B78EAD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6608E0B4-888B-4132-A05B-3859F507091D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{666CE8BA-7BD1-4D30-9873-B201E75A828A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{66B1408D-D279-4054-8A89-95DA585C0A78}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{66FAB09B-1785-42DD-AEC5-BB51E391DACD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6756AAA6-14A3-4CD9-B896-1CB015587B51}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{683F458B-A30A-4B17-B95C-972AFBC3D384}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{68468191-5A20-4844-8072-092AF9990C21}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{687DA2CB-4111-4D25-957B-DCA1F4736586}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{68DB8AB9-056F-407C-AE4C-79BB4144307D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{694B7854-DC36-4735-8D46-FFA199FD4547}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{698DCF0B-9389-4411-B514-74C847FEDB04}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{69A9C776-82C6-42A1-9982-D760BED8E29A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6A1F48DA-9D5F-47BB-A1A1-37B6AD19CC16}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6A7B9304-F289-4A3C-8E57-F12F9321E22A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6BA8B986-09A7-4136-99DD-B1A989B2DA60}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6D3A16F4-9B4D-4F11-8567-3EB35FB0ED48}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6F39A6C2-E9C1-490A-AA96-96A0DBD3810B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6FBDD449-11BD-4A5C-A8D1-5431F9B1C838}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{70106186-DEE1-4B12-B533-A6FE22392A22}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{701861E0-8720-4756-9AC1-246914862C84}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{709BC1AB-AEAD-474D-8E07-FF223710C090}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{721A1E4A-282E-49A0-841B-D900638913C0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{72F86647-983C-4267-9271-FA0244E11A36}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{73C8A8CB-8606-4880-826A-71B4F4FC677F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7546A5CE-FB9C-4E8C-88CD-C0C426D9EB0C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{757CA5F9-945B-4F92-B587-081DB6F762DD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7596FA13-93EB-4943-9A9A-AB0BA68A5CF3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{75DDCD82-DB9E-4192-A9D6-B2202525E4E4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{77265403-0BC2-4D9C-B368-F89913ABF92B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{779916D8-0C0B-4118-A4A7-14A03C6FC5CC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{77F1CCF2-5291-45B3-BCD1-46FA282A9C8A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7814DAB3-5CE4-442D-A82B-F055BFD98099}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{785FC79A-10FF-42C4-BE89-FA7A0A502923}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7875827F-42B4-4B0A-83FE-F50A23C50EF0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{78A21FFD-2D95-45A4-8DA2-E66B33B59E4A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{78AD9E54-A7D8-42D6-9A65-AA46E635FC7E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{78C976B1-2F37-41BF-98FB-A6DDCB5A5368}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{78CF3678-A4CC-4AFA-894C-97B06325AB6B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{791E31BC-AF94-4884-AC4C-272630BDA2E6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{791F771B-190B-4D0F-8848-7ADFEC14D4FE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{792AB529-DD62-4E9F-8E67-DB588E610715}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7BE34C04-A7DE-4B51-93DF-B8EBF41AC50D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7BF0D56A-2764-4BA6-B1DA-FE6BEA00A42B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7C51C937-4817-47CB-8272-1F74FB921747}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7D808E9B-A3D2-41DD-994A-0D1D58A9A370}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7E87315C-BBBF-4A6D-B9DB-49B34FB67388}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7E961790-0F4E-4C35-90F6-5211D10F1B05}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7ED14C8E-BDB3-435D-B1D5-FB94E2784D3F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7ED184AE-259A-4913-A2BC-FDB90BBAF41C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7EF5B953-8F0C-48C7-8CF3-D7C6E5DB9335}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7F7F356C-BDFA-44F2-9A6F-50D6735BFED6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{80997611-62D9-4BB6-9164-6BB45BDD95E8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{80E98D60-D5E9-47F6-95DA-DBEB7426B849}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{812FEA6E-08BE-458D-AB90-83E1A9D9DCF0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{81C9A06E-B12B-483F-AD75-B162362DE5F6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{81D702FF-94EF-4557-8102-2F8F6435EA45}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{82537E20-3F47-46F4-ADAC-C76D2BEC1A24}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{82960E19-31C0-46EA-9529-55A51D56089D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{83F53823-0A43-436B-98CA-9E0DC7E4CC4E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{84210D0A-E662-45F7-8B33-D457740E1D7C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{842E6384-9E24-4483-9836-218337C0A24E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{848965E9-2499-4219-ADC3-E39D22402C5F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{84B1F99B-82F3-41D4-8DFB-90B649B53266}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{84FB7BBD-DE5C-4588-9BD7-38E646E5EA6F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{865870BF-05A2-4683-8B82-A06F14A0005A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8688FAE1-83C1-4B59-BEA7-A82C4E12A7AA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{87507FCE-B73F-47DF-9066-16F6BEA171CC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{87BADA6D-307F-4429-AE79-B16E998AC181}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{883A3538-1710-4283-96A3-5850369282B9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8847DB62-56F3-4322-B2F0-E7CB00330833}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{88B38940-F5B4-4EAB-B01C-5E20C6D6891A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{88DE4B8C-683A-494B-A271-5471C812F348}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{89181726-9620-4314-9F8B-169C1EC03409}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{89E13B2B-58FA-4135-A209-44999A942F75}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8A4BB175-7703-45AC-852D-51CD580934EE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8A99C3FA-B331-4F8E-B343-D3D9A1CF1631}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8AA8DBD3-F811-4A52-AE08-EE7836883464}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8AB22146-CE9F-48C8-AAB2-20E7A2E9C3AB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8B2595A7-2C4D-4C1E-8CD9-6ED515213542}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8B2C8853-AA89-454D-9D7B-403B6D544E5C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8B43AB6B-DA88-4C46-A116-107372EC781C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8D0B2AE2-656B-4CFA-AA2B-5D5AF4EC81E0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8DAB7FE9-0D9B-479B-B81E-B5FD2C68766E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8DFED3B8-95A5-47F8-A48B-FF53C537E7E1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8E2CC43C-D29E-4CC2-B437-B3775C17E227}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8E43BFC5-4FFA-41F6-8820-6CB9901A48C2}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8F290870-1434-4A83-B6B5-08FB47F25A07}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8F662CC7-2AC6-4AAB-98C5-9D8B8DB34600}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8F7A0DCB-B1A1-4560-93AC-39384DC755F2}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8FC44329-1166-4C5D-8CCB-D2C480D05535}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{900E8122-6E04-4D78-9C95-3179886154E8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{901010BC-E865-4472-9D7C-CF5EF9F2E771}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{908A999A-961B-4486-A9EE-C82DC9C5903F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{90AF58DA-F1D0-4954-BF09-E2DDBE310548}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{911E2016-734A-4E6C-B559-C5A3A00DFD0E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{913B482A-41F4-444E-B593-52E33D45573A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{91B28479-8477-4088-AF5A-694A6D676CB1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{926C8353-8025-416C-B049-C57CAD037556}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{92D9C1B6-374A-4BA2-B467-5576691A1AB8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{92E840E1-025D-47ED-9A8E-1E6A251ED568}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{946B0EF6-7DDE-4FC8-B8EB-04AF2269DFDA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{953AF79C-D316-4B8A-8BEE-FE69E38EEE33}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{95768B5C-BEC5-4FBD-AB6A-B2519C712BE7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9767EB86-7BD0-4203-BA54-83AD1B51476F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{97911B9C-AEE2-4172-806D-C962ECE3374E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{97B4D6CF-E667-4CAC-B1BD-5279BE493CCA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9839AC6A-0072-4A9C-960F-A3BFF16B6EDE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{988ACCC1-4F6A-4D72-BFE4-5861FDD2EE33}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9906D233-C427-456F-8596-E7335F4BAF76}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{99169217-523E-4D67-993F-2B3BC5A04F46}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{991737C4-D422-4119-B9E1-F9698CB7244C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{99AED1ED-BE80-4039-BA6C-4F46105326B1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9A337D03-02E7-4678-8CDD-F9D71652762B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9B25AD7A-064D-4AEB-96D6-185A727D04EA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9C2DE5F8-C35A-4DEA-92F2-2BF523C8AE5F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9C594B02-7467-4553-8137-2B516A179285}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9C70B31C-57D6-44E7-8226-69D1EC329DD4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9C7AA6ED-25CB-4A94-98B5-1659FC3299B4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9CEC5B1B-6C96-4C68-A1C7-94F8DA415F3F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9D52C7F7-3AB1-44B4-83A8-4DE55BDD4016}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9DB74918-5FF3-45B2-832B-5AC29B74A719}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9DF2AE86-3241-4800-95EF-8D2B978DEA6C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9E5CA6BE-8490-4897-B51F-2C0D5267B4CD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9F7997AF-1399-4D87-8FC0-F14983D390E0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9FDD3EE4-BE57-4701-B308-6E14D9F2DEDA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9FEADF9D-964A-4829-B314-B5CA851CC53A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9FF2841E-3731-4F37-A203-77CAF2F9D90D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A1BFAFAA-42E9-4384-84FA-DC1677331632}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A2130241-F554-44F2-A0FD-E6C8DF140507}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A23D99F7-E96C-4DBA-B1A4-717B9201CF80}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A2D38CF3-F3F5-4D00-93CD-C177F4630E87}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A33C8904-768D-4FC1-8650-D65CFFB21405}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A371B6B0-4AFE-41AD-816A-16260D2EB8D0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A447AE70-03D7-47A7-9405-A1C459FCB453}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A46EA75D-1424-455A-A895-A4D28778C388}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A530EF22-B328-49AA-8A9B-0D393736D6B0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A626143B-0C0E-4F55-B983-BBDE4D6DC5F5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A6B2BE7D-8D65-4DBA-8E64-26F78A612BE7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A88D4355-0875-4803-8245-E6E99D8A160E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A9DE6BAF-6E6D-40E7-B4DC-67BF9D4970D9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AAC5DE4D-3F1F-496C-8E9B-E97B6DFE1D4B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AB66C3C2-0B60-4ACE-A495-B7439FB25C85}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{ABCEA836-6A0F-4669-90B8-ED762B24A556}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{ABD97DB4-8974-4A75-B2A6-C35561A35592}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AC4B7371-06CF-422C-910B-EE535B796F2B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AC9CCDBA-7173-4636-9FE1-BF5A6596B403}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AD85907C-6A1D-4F88-B2CA-EA5E0B9CB002}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{ADDC79A8-A8DF-4DB9-97A1-BB22E6B4C219}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AE021212-BBFB-456C-B6AE-A0BA6004E496}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AE4D506E-6A28-4005-85FD-EBE763056CB4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AE723406-E6F9-4039-B7D5-09D5FA7DCCE9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AEED5606-7F8D-4457-B9DD-4CB8F019EA31}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B02C5A23-F67B-45FF-9033-F0556710FC8B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B0959061-490F-4C66-BAA4-403FA26A40BE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B10CF434-E945-4178-AB39-FC85931FAFE9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B18557A9-44A4-4066-A953-FF68179EEFFF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B28F3F9D-CD54-4025-A179-7030D5758FAB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B480391B-107B-4C4A-88F4-6898D1B0615D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B4917244-F1A4-4550-B45A-2D6D0F968785}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B4C85D08-ABB8-4DD7-8E8D-99AA49299A28}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B5066A71-729E-4925-8334-588703F71B5F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B617D17E-4080-4024-87C0-61456E785A2B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B6790538-4105-4B67-97E4-6384548AB4F0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B7386870-0D8D-4D1C-80B6-AA1AD8F2B373}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B78A77C5-AAAB-4F53-BC95-056B67161CAF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B7AA14E1-69E7-4572-9144-E075C6E60059}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B81B0B31-449E-4682-A651-56BE5AFC7496}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B997DC3F-E1D3-4E38-8B40-E3BAEA97B95E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BA1EA2F6-7A20-4659-AC56-841BB6D65442}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BA41D070-BF27-452E-9A69-42EEB0B0818D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BC07D896-D3FF-4DA3-8DD8-8CC44712DDE8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BD17773F-E22A-4A14-BA8C-B59869088C2E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BEB0F170-9F58-4E26-8F76-31661BADDAB4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BEFD3029-B8E8-4A1B-ABA4-1E5BC7D30EED}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BF034255-8ACC-47EE-9C3B-906DC25AD44D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BFB7CAD3-954A-4241-9962-8682290BE709}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BFC10B12-D4D9-4ACB-8FA5-976EB4280E92}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C0577381-DBE4-4F1B-8BE6-B0B1A4352ACB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C05BF01F-30D6-4F0E-8F70-9D0F6842F81C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C074E793-7BCC-4414-AB60-FCD4501753F6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C0BE78FF-333F-4E29-861C-1AF25EF8D87E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C11D9DB8-36E8-4242-A2B8-A27616030BDC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C1C4D696-1782-44D8-93D0-18F9E6A3ECE2}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C3A3C6CC-6990-4CE3-9377-A7CC1CFDC37C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C3BE863E-7C7E-4413-90F0-02546B6C7469}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C3E87821-6BEA-4255-B66F-8498559C2341}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C409EC2C-46F6-4A24-9E43-614CEAA17DFB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C46348BE-0B5E-464E-9EFE-BB45F00944FD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C494771B-8D24-44CC-A3CE-3D251E51EF6B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C4E11F05-2503-4071-846D-0B236773FF49}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C4F6D9B1-3984-45F2-A154-F56168668046}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C53245F1-AAAB-463E-8F65-AACBC91F08C8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C579B7D5-56C5-4F81-B80D-490B796EB3E7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C591CB45-1C46-4EB7-9CD5-5237E47F7074}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C5F55B33-610C-4F4D-A4EA-7CB59A0E683A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C64CD08D-AC0D-4880-B520-85B04383A799}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C7606715-C14C-4B36-9CC8-D68F301396FD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C7CC364E-9478-487E-A93A-6EDE1039EBD1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C7E3B302-C68E-4146-88BE-FF257A2193E3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C7E80B5B-E2ED-46F9-912A-D64B96FB67BF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C88DCE16-0B89-4963-AF1A-712524694633}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C8DA4D5D-AF42-4B31-8105-5BCF67BFBB9E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C9A9021F-BB1C-4C7F-9DFB-6345834A1914}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CA299E97-DE76-42AE-A0C8-1DAE7F17AD37}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CAA288CF-6546-46E6-A0E7-4008B2D16061}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CAFC2A74-684E-431A-A830-3A0AFE10AF55}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CB186A59-23D9-4C42-8DF6-1EB7072EBBFB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CB5805AF-16EB-4284-8209-939DF977A7DE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CB61781B-BB56-48C0-83F8-F9CCBFB0910E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CB9718C8-3DBB-4C4A-AAEB-2CA77B9F5285}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CCB1BBCC-2465-4CEA-BACA-22DF9EA417E0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CD5395ED-7BB4-4830-8934-B245AF39EB2D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CE2A358F-3E60-4ED8-9DE1-AADEC1B1CC29}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CEA3DAE0-CC29-447E-AE4B-700D904816EC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CF1A5BA4-9612-4A53-A33D-BD6EC8BDA8B6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CF836F22-D4A9-4BE8-BC48-B6991DB07AD5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D11D42B2-D5C4-454B-AA30-B91F26247F6B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D150327E-95DE-41F2-84FC-2557B07811E1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D3259124-C7A1-4A51-8BF9-B6C0480D1982}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D479D8AC-7063-41E9-8173-16374CD59C07}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D4849032-9EC2-4181-A7A7-5BBBB96F736F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D4F850ED-7D8E-4B58-867B-7BAF4F427DE1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D5C441F2-5F2E-4E9D-97C2-1D9782428D5E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D62B9D54-6D27-4CF2-BFE7-3A0734733678}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D64A5428-0A19-48F5-A354-079185944B42}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D65038BA-CC98-400E-9B83-DD4351F0C87B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D6A6DBC9-3E64-4B1D-BD76-26E11C6BB1E1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D6C1BA5E-4C85-4A9B-89C8-8CE98033EFB4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D81D668E-06E6-43D6-84A6-4DDA30130122}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DAF9A2CB-E192-4BBE-94F4-70B4E981A6E6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DB382E0F-D16D-4C43-A043-AEFE06533448}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DB3F48B3-FB3A-4715-A76B-7A88A0761F3B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DBE91494-8B89-4B88-87A2-8A4F6DB5787F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DC95FD4F-37F0-418D-9845-C72A010EE722}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DD014C35-4296-4D50-9EF5-A9BD1ABC921D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DD534C04-CDF8-44B1-B272-11A01AA0B6AF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DE511E26-3E0E-477B-B39B-F4B4AC2739E9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DEC228EC-42EC-434F-B57F-8405C894A8DB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DECC201B-4C35-4C9C-8381-F9EAE4F1BF78}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E086D04D-DBB3-4F90-86B5-565F0B6140DE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E0CCF1BE-3E13-4A86-A562-000DC28E1E35}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E156399C-DF62-465A-94B2-32CBFAAA2514}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E1C54AD0-612E-410B-92E6-6A2ED40FBBD4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E2533FA1-5F39-48BB-B3A7-40DE66B33395}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E32A8097-E1BE-4B72-BD89-F78761F0F36E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E352A626-069F-4882-88EE-3010680CC10A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E382F791-DF7E-4202-960A-D5705D219DC7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E66869D1-63C1-4970-8A0C-5B6B8CAB8C4D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E6FD346B-A122-4C1C-96E3-1B00F31160E8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E7B72E3C-03B2-47A0-86AD-9A0C077C72B8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E7D6D0BA-3B01-442B-81EC-205477EBF6BD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E820A76E-FDC7-464A-9FAD-60777437EBC9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E8D035D9-26F0-4C7F-BA08-80CF4976FCF2}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E955CE85-37E4-409C-9831-4F8C4EF276BB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E95B64B6-CF70-4768-A487-2869C64F05BE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E97871C3-D5A5-4D74-963A-8C4ABD9B2941}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E9C37A61-F895-495F-85F0-F23AB28A2AAC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E9D6C791-4967-4F83-A187-B5C88294C8A9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{EA15F219-E7E9-47F4-AD22-52B235A4E603}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{EA4B77DC-9B9F-4708-852A-2696CD3A6412}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{EA640674-5EB1-423B-96E9-B74D13901911}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{EC31B6D8-7F30-497B-804B-B4D58B02C5D5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{EC86AE93-7024-48D6-A51B-517D1FF8E57D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{EE6FF6F3-47CF-4F39-AF90-E8C093C3FAD8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{EEAC9572-C04C-44E9-8A0E-3C5DC712EF0B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{EF500CB8-175B-4134-A257-9D6EE47E9A4C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{EFB27ADD-0358-40A9-88B4-F0577953CAC8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F0437E9F-F124-4E0D-A59C-1A273D8C13C4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F0C3A699-8714-4946-9930-93BB1332073E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F1231CFA-A56B-4DFF-B7DC-FC53B611B45D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F25CE0F9-3403-4FC8-B2D3-6436C07D8404}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F26E6837-5B03-437D-ADBB-C70209213ED7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F2CDF032-DD26-4FAE-A8B7-1B0ECEA59B3B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F4222CE7-BECC-423D-A5C8-B6FBCB3D3F0C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F44969E1-8464-4E7E-B242-2093A1FC2D05}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F4C9BC11-C74B-4BD7-9BC0-8699CBA0296B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F5DF0E5B-80AF-483B-A7BF-8E1C7ADE76B9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F6C383F7-6AC6-47B3-9BAF-7EC5F5D4C1A4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F74AE634-5D95-4D9B-8FB0-45D37E7FE198}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F8335E30-E7FA-4AF0-9ECF-D1960516F6DE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F83DE6F8-7AC2-424B-8F3F-EDB70503CF7D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F8AE791A-8BE8-420A-896F-844C9316C889}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F9CE91C2-F670-4BEF-B9DD-4BD91FDD17FF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FA0F12A8-F8BB-4DE3-9AF9-F5392AFF6999}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FA12701C-CB26-4C90-BBDF-C7476E598370}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FB42A77A-B6F3-4D6D-997C-A4F43206EF34}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FBA41E94-0267-47CE-8109-144A0C012980}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FD95381F-CB59-4689-932C-24D569E199B4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FD9ECBA6-B427-4F60-9FD5-CB3CEC4CC292}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FE65BAD0-C328-4DC6-89FB-3AF1FE9F76DC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FF1654A3-CB9D-482B-BF25-6F01FC83DD33}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FF68F126-6CCE-4805-BD13-35B7767E0E19}

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.11.2014 at 13:24:49,21
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

/Edit: "FRST.txt"

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-11-2014
Ran by User (administrator) on USER-PC on 07-11-2014 13:36:54
Running from C:\Users\User\Desktop
Loaded Profile: User (Available profiles: User & Mcx1-USER-PC)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(The Eraser Project) C:\Program Files\Eraser\Eraser.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Dropbox, Inc.) C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Adobe Systems Incorporated) D:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) E:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard Backup\BullGuardUpdate.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5264016 2012-08-16] (VIA)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [iTunesHelper] => E:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2771076119-1783207638-1657993630-1000\...\Run: [HP Photosmart 5510 series (NET)] => C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2672488 2011-05-25] (Hewlett-Packard Co.)
HKU\S-1-5-21-2771076119-1783207638-1657993630-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-2771076119-1783207638-1657993630-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-10-20] (Apple Inc.)
HKU\S-1-5-21-2771076119-1783207638-1657993630-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2771076119-1783207638-1657993630-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Outlook 2013.lnk
ShortcutTarget: Outlook 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\outlook.exe (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7FFB65557947CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2771076119-1783207638-1657993630-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> H:\Java\bin\ssv.dll No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> H:\Java\bin\jp2ssv.dll No File
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: WebSpeechBHO Class -> {83A30C59-3A50-49E6-9DAF-4923C4EA3C23} -> C:\Program Files (x86)\Common Files\WebSpeech.4.0\LgxIEBar.dll (G DATA Software AG)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} -  No File
Toolbar: HKLM-x32 - No Name - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} -  No File
DPF: HKLM {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/sites/production/ieawsdc64.cab
DPF: HKLM {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex64-2.2.6.0.cab
DPF: HKLM {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: HKLM-x32 {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} file:///J:/components/hidinputmonitorx.ocx
DPF: HKLM-x32 {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} file:///J:/components/A9.ocx
DPF: HKLM-x32 {7030CC6C-1A88-4591-BB5A-651B9F7F0C30} file:///J:/components/wmvhdrating.ocx
Handler: htap - {83EC570E-9FFA-11D2-9559-006008594011} -  No File
Handler: htsportal - {08C89E55-0655-4442-AFD5-4E526D52CEB9} -  No File
Handler-x32: htap - {83EC570E-9FFA-11D2-9559-006008594011} -  No File
Handler-x32: htsportal - {08C89E55-0655-4442-AFD5-4E526D52CEB9} -  No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{2BD76A31-CBAD-4DC9-9160-8857EA0FA56B}: [NameServer] 192.168.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> H:\Java\bin\dtplugin\npDeployJava1.dll No File
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> H:\Java\bin\plugin2\npjp2.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> E:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @hogrefe.de/nphtspse,version=1.15 -> C:\Program Files (x86)\Hogrefe\Player\4\Bin\nphtspse.dll No File
FF Plugin-x32: @hogrefe.de/nphtspst,version=1.15 -> C:\Program Files (x86)\Hogrefe\Player\4\Bin\nphtspst.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.5 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\User\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\User\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll (Amazon.com, Inc.)
FF Plugin HKCU: electronicarts.com/GameFacePlugin -> C:\Users\User\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-12-26]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: No Name - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-01-29]
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - D:\Program Files (x86)\Steganos Password Manager 12\spmplugin3
FF HKCU\...\Firefox\Extensions: [finder@meingutscheincode.de] - C:\Program Files (x86)\Mein Gutscheincode Finder\Firefox
FF HKCU\...\Thunderbird\Extensions: [{380AE6CB-09B9-4373-B360-D01C2462A6E7}] - C:\Program Files\BullGuard Ltd\BullGuard Backup\files32\backup\thunderbirdbkplugin
FF Extension: BullGuard Backup - C:\Program Files\BullGuard Ltd\BullGuard Backup\files32\backup\thunderbirdbkplugin [2014-02-20]

Chrome: 
=======
CHR HomePage: Default -> 
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-31]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-31]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-06]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-31]
CHR Extension: (Google-Suche) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-31]
CHR Extension: (Avira Browser Safety) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-07]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Bitdefender QuickScan) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2014-11-05]
CHR Extension: (Google Mail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-31]
CHR HKLM-x32\...\Chrome\Extension: [jgfpelakfkbbkkdchaaaknckhoadkcbo] - C:\Program Files (x86)\Mein Gutscheincode Finder\Chrome\chrome-extension.crx []
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx []

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor7.0; D:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [169312 2008-09-16] (Adobe Systems Incorporated)
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-18] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-18] (Avira Operations GmbH & Co. KG)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
S3 BgRaSvc; C:\Program Files\BullGuard Ltd\BullGuard Backup\Support\BgRaSvc.exe [161112 2014-05-19] (BullGuard Ltd.)
R2 BsMain; C:\Program Files\BullGuard Ltd\BullGuard Backup\BsMain.dll [269656 2014-05-19] (BullGuard Ltd.)
R2 BsUpdate; C:\Program Files\BullGuard Ltd\BullGuard Backup\BullGuardUpdate.exe [409944 2014-02-20] (BullGuard Ltd.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2436280 2014-09-25] (Microsoft Corporation)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2011-07-24] (Macrovision Europe Ltd.) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-01-03] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2005-01-31] (Ulead Systems, Inc.) [File not signed]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-14] (VIA Technologies, Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S0 AFS; C:\Windows\SysWow64\Drivers\AFS.sys [77004 2011-12-05] (Oak Technology Inc.) [File not signed]
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-18] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S3 SaiH075C; C:\Windows\System32\DRIVERS\SaiH075C.sys [326784 2006-07-27] (Saitek)
S3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [54016 2006-07-27] (Saitek) [File not signed]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-07 13:36 - 2014-11-07 13:37 - 00026387 _____ () C:\Users\User\Desktop\FRST.txt
2014-11-07 13:32 - 2014-11-07 13:32 - 00000000 ____D () C:\Windows\Sun
2014-11-07 13:24 - 2014-11-07 13:24 - 00053554 _____ () C:\Users\User\Desktop\JRT.txt
2014-11-07 13:22 - 2014-11-07 13:22 - 01706939 _____ (Thisisu) C:\Users\User\Desktop\JRT.exe
2014-11-07 13:22 - 2014-11-07 13:22 - 00000000 ____D () C:\Windows\ERUNT
2014-11-07 13:21 - 2014-11-07 13:22 - 01706939 _____ (Thisisu) C:\Users\User\Downloads\JRT.exe
2014-11-07 13:20 - 2014-11-07 13:20 - 00003397 _____ () C:\Users\User\Desktop\AdwCleaner[S2].txt
2014-11-07 13:15 - 2014-11-07 13:15 - 01998336 _____ () C:\Users\User\Downloads\AdwCleaner_4.002.exe
2014-11-07 13:15 - 2014-11-07 13:15 - 01998336 _____ () C:\Users\User\Desktop\AdwCleaner_4.002.exe
2014-11-07 13:14 - 2014-11-07 13:14 - 00002514 _____ () C:\Users\User\Desktop\mbam.txt
2014-11-07 13:12 - 2014-11-07 13:12 - 00000000 ____D () C:\Users\User\Desktop\Logfile (Alt)
2014-11-07 12:44 - 2014-11-07 13:12 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-07 12:44 - 2014-11-07 12:44 - 00001115 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-11-07 12:44 - 2014-11-07 12:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-11-07 12:44 - 2014-11-07 12:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-07 12:44 - 2014-11-07 12:44 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-11-07 12:44 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-07 12:44 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-07 12:44 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-07 12:43 - 2014-11-07 12:43 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-06 22:58 - 2014-11-06 22:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-11-06 12:15 - 2014-11-06 12:15 - 00039585 _____ () C:\ComboFix.txt
2014-11-06 11:57 - 2014-11-06 12:15 - 00000000 ____D () C:\ComboFix
2014-11-06 11:57 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-11-06 11:57 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-11-06 11:57 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-11-06 11:57 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-11-06 11:57 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-11-06 11:57 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-11-06 11:57 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-11-06 11:57 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-11-06 11:54 - 2014-11-06 12:15 - 00000000 ____D () C:\Qoobox
2014-11-06 11:54 - 2014-11-06 12:13 - 00000000 ____D () C:\Windows\erdnt
2014-11-06 11:52 - 2014-11-06 11:52 - 05591672 ____R (Swearware) C:\Users\User\Desktop\ComboFix.exe
2014-11-06 11:52 - 2014-11-06 11:52 - 05591672 _____ (Swearware) C:\Users\User\Downloads\ComboFix.exe
2014-11-06 11:28 - 2014-11-06 11:28 - 1187623621 _____ () C:\Windows\MEMORY.DMP
2014-11-06 11:28 - 2014-11-06 11:28 - 00473888 _____ () C:\Windows\Minidump\110614-19016-01.dmp
2014-11-05 22:19 - 2014-11-05 22:19 - 00274523 _____ () C:\Users\User\Documents\ts3_clientui-win64-1375773286-2014-11-05 22_19_35.265826.dmp
2014-11-05 19:41 - 2014-11-06 23:01 - 00000000 ____D () C:\Users\User\AppData\Local\Battle.net
2014-11-05 19:41 - 2014-11-05 19:45 - 00000000 ____D () C:\Users\User\AppData\Roaming\Battle.net
2014-11-05 19:41 - 2014-11-05 19:41 - 00000803 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-11-05 19:41 - 2014-11-05 19:41 - 00000000 ____D () C:\Users\User\AppData\Local\Blizzard Entertainment
2014-11-05 19:41 - 2014-11-05 19:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-11-05 19:16 - 2014-11-05 19:17 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\User\Downloads\tdsskiller.exe
2014-11-05 17:52 - 2014-11-05 17:52 - 00380416 _____ () C:\Users\User\Downloads\Gmer-19357.exe
2014-11-05 17:52 - 2014-11-05 17:52 - 00380416 _____ () C:\Users\User\Downloads\Gmer-19357 (1).exe
2014-11-05 17:52 - 2014-11-05 17:52 - 00380416 _____ () C:\Users\User\Desktop\Gmer-19357.exe
2014-11-05 17:45 - 2014-11-07 13:36 - 00000000 ____D () C:\FRST
2014-11-05 17:44 - 2014-11-05 17:44 - 02114560 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2014-11-05 17:39 - 2014-11-05 17:41 - 00000470 _____ () C:\Users\User\Downloads\defogger_disable.log
2014-11-05 17:39 - 2014-11-05 17:39 - 00000000 _____ () C:\Users\User\defogger_reenable
2014-11-05 17:38 - 2014-11-05 17:38 - 00050477 _____ () C:\Users\User\Desktop\Defogger.exe
2014-11-05 17:33 - 2014-11-05 17:33 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-11-05 17:31 - 2014-11-05 17:33 - 00000000 ____D () C:\Users\User\AppData\Roaming\QuickScan
2014-11-05 17:28 - 2014-11-05 17:32 - 131078000 _____ (AVAST Software) C:\Users\User\Downloads\avast_free_antivirus_setup.exe
2014-11-05 17:21 - 2014-11-05 17:21 - 00003124 _____ () C:\Windows\System32\Tasks\{04D0D7CE-7872-481F-860B-7FF6FA53280D}
2014-11-05 15:30 - 2014-11-05 16:22 - 00000000 ____D () C:\ProgramData\Panda Security URL Filtering
2014-11-05 15:30 - 2014-11-05 16:22 - 00000000 ____D () C:\Program Files (x86)\pandasecuritytb
2014-11-05 15:30 - 2014-11-05 16:12 - 00000000 ____D () C:\ProgramData\panda_url_filtering
2014-11-05 15:30 - 2014-11-05 15:30 - 00000000 ____D () C:\Users\User\AppData\Roaming\Panda Security
2014-11-05 15:29 - 2014-11-05 16:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus
2014-11-05 15:29 - 2014-11-05 16:22 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-11-05 15:29 - 2014-11-05 15:30 - 00000000 ____D () C:\ProgramData\Panda Security
2014-11-05 14:39 - 2014-11-05 14:41 - 00000000 ____D () C:\Program Files (x86)\CheckPoint
2014-11-05 14:39 - 2014-11-05 14:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-05 14:38 - 2014-11-05 14:38 - 00000000 ____D () C:\ProgramData\CheckPoint
2014-11-05 12:45 - 2014-11-05 12:45 - 00000000 ____D () C:\VTRoot
2014-11-05 12:38 - 2014-11-05 16:25 - 00201448 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-04 23:11 - 2014-11-04 23:11 - 00000000 ____D () C:\Users\User\AppData\Roaming\Comodo
2014-11-04 19:29 - 2014-11-04 19:30 - 00000000 ____D () C:\Program Files\COMODO
2014-11-04 19:29 - 2014-11-04 19:29 - 00000000 ____D () C:\Users\User\AppData\Local\Comodo
2014-11-04 19:29 - 2014-11-04 19:29 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2014-11-04 19:28 - 2014-11-04 23:11 - 00000000 ____D () C:\ProgramData\Comodo
2014-11-04 13:42 - 2014-11-04 13:43 - 00000000 ____D () C:\ProgramData\Kaspersky Lab Setup Files
2014-11-04 13:30 - 2014-11-05 13:29 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-11-04 13:24 - 2014-11-05 13:29 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-11-04 01:40 - 2014-11-04 01:40 - 00010460 _____ () C:\Windows\DPINST.LOG
2014-11-04 01:02 - 2014-11-04 01:05 - 121159424 _____ (Microsoft Corporation) C:\Users\User\Downloads\msert.exe
2014-11-03 23:25 - 2014-11-03 23:25 - 00000000 ____D () C:\Users\User\AppData\Roaming\Mozilla
2014-11-02 11:44 - 2014-11-07 13:18 - 00012472 _____ () C:\Windows\PFRO.log
2014-11-02 11:23 - 2014-11-02 11:23 - 00001574 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-11-02 11:23 - 2014-11-02 11:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-11-02 11:22 - 2014-11-02 11:23 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-11-02 11:22 - 2014-11-02 11:23 - 00000000 ____D () C:\Program Files\iTunes
2014-11-02 11:22 - 2014-11-02 11:22 - 00000000 ____D () C:\Program Files\iPod
2014-11-02 11:20 - 2014-11-02 11:41 - 00000000 ____D () C:\Users\User\Desktop\US INTERN (PICS)
2014-10-18 21:14 - 2014-10-18 21:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2014-10-18 20:45 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-18 20:45 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-18 20:45 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-18 20:45 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-18 20:45 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-18 20:45 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-18 20:45 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-18 20:44 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-18 20:44 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-18 20:44 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-18 20:44 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-18 20:44 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-18 20:44 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-18 20:44 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-18 20:44 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-18 20:44 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-18 20:44 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-18 20:44 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-18 20:44 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-18 20:44 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-18 20:44 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-18 20:44 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-18 20:44 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-18 20:44 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-18 20:44 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-18 20:44 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-18 20:44 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-18 20:44 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-18 20:44 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-18 20:44 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-18 20:44 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-18 20:44 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-18 20:44 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-18 20:44 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-18 20:44 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-18 20:44 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-18 20:44 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-18 20:44 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-18 20:44 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-18 20:44 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-18 20:44 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-18 20:44 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-18 20:44 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-18 20:44 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-18 20:44 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-18 20:44 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-18 20:44 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-18 20:44 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-18 20:44 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-18 20:44 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-18 20:44 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-18 20:44 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-18 20:44 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-18 20:44 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-18 20:44 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-18 20:44 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-18 20:44 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-18 20:44 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-18 20:44 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-18 20:44 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-18 20:44 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-18 20:44 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-18 20:44 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-18 20:44 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-18 20:44 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-18 20:44 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-18 20:40 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-18 20:40 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-18 20:40 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-18 20:40 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-18 20:40 - 2014-07-17 03:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-18 20:40 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-18 20:40 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-18 20:40 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-18 20:40 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-18 20:40 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-18 20:40 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-18 20:40 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-18 20:40 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-18 20:40 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-18 20:40 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-18 20:40 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-18 20:40 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-18 20:40 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-18 20:40 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-18 20:40 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-18 20:39 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-18 20:39 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-10 12:50 - 2014-11-07 13:19 - 00004001 _____ () C:\Windows\setupact.log
2014-10-10 12:50 - 2014-10-10 12:50 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-10 12:49 - 2014-11-02 10:18 - 05235032 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-08 21:06 - 2014-10-08 21:06 - 01375089 _____ () C:\Users\User\Downloads\adwcleaner_3.311.exe
2014-10-08 20:51 - 2010-05-13 17:53 - 00001204 _____ () C:\Windows\system32\Drivers\etc\hosts.20141008-215141.backup
2014-10-08 14:55 - 2014-10-08 14:55 - 00000000 ____D () C:\Users\User\AppData\Roaming\Hogrefe Verlag GmbH & Co. KG Göttingen
2014-10-08 14:54 - 2014-10-08 17:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hogrefe TestSystem Player   1.15
2014-10-08 14:54 - 2014-10-08 14:56 - 00000000 ____D () C:\Users\Public\Documents\Hogrefe
2014-10-08 14:54 - 2014-10-08 14:54 - 00000000 ____D () C:\ProgramData\Hogrefe
2014-10-08 14:53 - 2014-10-08 14:56 - 00000000 ____D () C:\Users\User\AppData\Roaming\Hogrefe
2014-10-08 14:52 - 2014-10-08 14:53 - 28105480 _____ (Hogrefe Verlag Göttingen) C:\Users\User\Downloads\hts4player4.5.1434.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-07 13:27 - 2011-07-23 23:04 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-07 13:26 - 2009-07-14 18:58 - 00725976 _____ () C:\Windows\system32\perfh007.dat
2014-11-07 13:26 - 2009-07-14 18:58 - 00158600 _____ () C:\Windows\system32\perfc007.dat
2014-11-07 13:26 - 2009-07-14 06:13 - 01681550 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-07 13:26 - 2009-07-14 05:45 - 00026304 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-07 13:26 - 2009-07-14 05:45 - 00026304 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-07 13:23 - 2011-07-20 11:49 - 01531327 _____ () C:\Windows\WindowsUpdate.log
2014-11-07 13:20 - 2014-03-03 14:31 - 00000000 ____D () C:\Users\User\Documents\Outlook-Dateien
2014-11-07 13:20 - 2011-08-08 19:28 - 00000000 ___RD () C:\Users\User\Dropbox
2014-11-07 13:20 - 2011-08-08 19:26 - 00000000 ____D () C:\Users\User\AppData\Roaming\Dropbox
2014-11-07 13:19 - 2014-09-19 22:01 - 00000000 ___RD () C:\Users\User\iCloudDrive
2014-11-07 13:19 - 2011-07-23 23:04 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-07 13:19 - 2011-07-20 12:04 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-07 13:19 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-07 13:18 - 2014-09-01 17:02 - 00000000 ____D () C:\AdwCleaner
2014-11-07 13:17 - 2012-07-25 15:21 - 00000336 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job
2014-11-07 13:12 - 2013-01-02 23:44 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2771076119-1783207638-1657993630-1000UA.job
2014-11-07 13:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Cursors
2014-11-07 13:02 - 2012-04-03 08:45 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-07 12:41 - 2013-10-23 18:52 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps
2014-11-06 23:12 - 2011-08-03 12:59 - 00000000 ____D () C:\Users\User\AppData\Roaming\TS3Client
2014-11-06 16:11 - 2013-01-02 16:23 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F5380F5B-14A5-4785-BB60-BD2CC61FFFEF}
2014-11-06 12:09 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-11-06 12:08 - 2011-11-22 23:08 - 00000410 __RSH () C:\ProgramData\ntuser.pol
2014-11-06 12:06 - 2009-07-14 03:34 - 24379392 _____ () C:\Windows\system32\config\system.bak
2014-11-06 12:06 - 2009-07-14 03:34 - 127926272 _____ () C:\Windows\system32\config\software.bak
2014-11-06 12:06 - 2009-07-14 03:34 - 04980736 _____ () C:\Windows\system32\config\default.bak
2014-11-06 12:06 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\security.bak
2014-11-06 12:06 - 2009-07-14 03:34 - 00069632 _____ () C:\Windows\system32\config\sam.bak
2014-11-06 11:57 - 2012-01-08 16:40 - 00000000 ____D () C:\Users\Mcx1-USER-PC
2014-11-06 11:28 - 2011-08-26 12:56 - 00000000 ____D () C:\Windows\Minidump
2014-11-05 17:22 - 2014-01-19 23:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-11-05 17:22 - 2014-01-19 23:15 - 00000000 ____D () C:\ProgramData\Avira
2014-11-05 17:22 - 2014-01-19 23:15 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-11-05 17:22 - 2013-12-09 17:50 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-05 17:01 - 2009-07-14 05:45 - 00021504 _____ () C:\Windows\system32\umstartup.etl
2014-11-05 16:32 - 2012-04-03 08:45 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-05 16:32 - 2012-04-03 08:45 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-05 16:32 - 2011-07-22 19:15 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-05 16:31 - 2011-07-22 19:13 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe
2014-11-05 16:22 - 2014-09-01 17:12 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-11-05 16:22 - 2014-03-12 20:43 - 00000000 ____D () C:\ProgramData\Duden
2014-11-05 16:22 - 2014-02-20 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FILEminimizer Pictures 3.0
2014-11-05 16:22 - 2012-07-08 20:50 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameShadow
2014-11-05 16:22 - 2012-06-26 12:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zattoo4
2014-11-05 16:22 - 2012-01-29 13:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
2014-11-05 16:22 - 2011-08-07 14:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SopCast
2014-11-05 16:22 - 2011-07-20 15:17 - 00000000 ____D () C:\Users\User\AppData\Roaming\vlc
2014-11-05 16:22 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-05 16:22 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-11-05 16:21 - 2014-03-12 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duden
2014-11-05 16:21 - 2012-05-29 06:03 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-11-05 16:21 - 2012-01-29 13:50 - 00000000 ____D () C:\Program Files\DivX
2014-11-05 16:21 - 2012-01-29 13:49 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-11-05 16:21 - 2012-01-29 13:48 - 00000000 ____D () C:\ProgramData\DivX
2014-11-04 01:45 - 2012-12-29 21:15 - 00000000 ____D () C:\Users\User\AppData\Roaming\DivX
2014-11-04 01:39 - 2013-05-26 14:42 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-04 01:39 - 2011-07-20 15:16 - 00000000 ____D () C:\Users\User\AppData\Local\Google
2014-11-04 01:39 - 2011-07-20 15:16 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-04 01:34 - 2014-09-01 09:56 - 00000000 ____D () C:\Windows\pss
2014-11-04 01:23 - 2012-01-14 23:29 - 00000000 ____D () C:\Users\User\AppData\Roaming\Apple Computer
2014-11-04 01:23 - 2012-01-14 23:29 - 00000000 ____D () C:\Users\User\AppData\Local\Apple Computer
2014-11-02 13:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-02 11:49 - 2013-02-14 12:22 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-11-02 11:23 - 2013-09-20 16:41 - 00054156 ____H () C:\Windows\QTFont.qfn
2014-11-02 11:22 - 2014-09-19 18:31 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-11-02 11:22 - 2012-01-14 23:27 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-11-02 11:11 - 2013-01-02 23:44 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2771076119-1783207638-1657993630-1000Core.job
2014-11-02 11:06 - 2013-01-02 23:44 - 00004084 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2771076119-1783207638-1657993630-1000UA
2014-11-02 11:06 - 2013-01-02 23:44 - 00003688 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2771076119-1783207638-1657993630-1000Core
2014-11-02 10:22 - 2011-07-23 23:04 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-02 10:21 - 2011-07-23 23:04 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-02 10:15 - 2014-05-06 13:49 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-28 05:34 - 2011-07-20 12:06 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-18 21:14 - 2013-08-15 02:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-18 21:07 - 2011-07-20 12:55 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-18 20:23 - 2014-02-18 20:19 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-10-18 20:23 - 2014-01-19 23:15 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-18 20:23 - 2014-01-19 23:15 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-10-09 17:04 - 2012-05-29 01:01 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-10-09 16:19 - 2011-07-24 18:50 - 00001456 _____ () C:\Users\User\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2014-10-08 16:26 - 2014-07-21 19:43 - 07551668 _____ () C:\Users\User\Desktop\Projekt China.MVP

Files to move or delete:
====================
C:\Users\User\hpothb07.dat


Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjc1dm6.dll
C:\Users\User\AppData\Local\Temp\Quarantine.exe
C:\Users\User\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-05 14:11

==================== End Of Log ============================

--- --- ---

Vielen Dank für die Hilfe und einen schönen restlichen Tag!

schrauber · 08.11.2014, 07:39

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Keksklauer · 10.11.2014, 00:21

Guten Abend,

alle Programme ließen sich erneut problemlos installieren und starten.

ESET Online Scanner fand bei der Suche unerwünschte Software und generierte:

"log.txt"

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=843f8893021c8a439ed354cd587afe11
# engine=20999
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-11-09 02:02:58
# local_time=2014-11-09 03:02:58 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777214 100 86 301225 28146603 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 137566 167128428 0 0
# scanned=218332
# found=1
# cleaned=0
# scan_time=2178
sh=8992F72873D09212597E582A16F8D9BC60E6A22A ft=1 fh=e21391a34e842ffc vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=843f8893021c8a439ed354cd587afe11
# engine=21005
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-11-09 10:47:47
# local_time=2014-11-09 11:47:47 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777214 100 86 375914 28221292 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 0 167203117 0 0
# scanned=708357
# found=13
# cleaned=0
# scan_time=15362
sh=8992F72873D09212597E582A16F8D9BC60E6A22A ft=1 fh=e21391a34e842ffc vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir"
sh=12B256907EBC4D0B74F69F9F8045BFD6BFEB3744 ft=1 fh=02961308b35618ac vn="Variante von Win32/DomaIQ.BF evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\Comodo\Cis\Quarantine\data\{00982F2D-3B74-4E9A-91A9-97F5D88BD303}"
sh=B1F4C0D0402450C8A03B7363D15A1F9299F86BFC ft=0 fh=0000000000000000 vn="Variante von Win32/Somoto.A evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\Comodo\Cis\Quarantine\data\{2975C303-9F5E-4459-BD6F-CEF7C60A4DA8}"
sh=A80F5F8122B45C710F3C11B3504760D4E8051479 ft=1 fh=7d7ac49d55ae5fe5 vn="Variante von Win32/SoftPulse.O evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\Comodo\Cis\Quarantine\data\{71226DFD-C48D-4CC3-B088-3127734DB954}"
sh=FAB0B9299ECB11A40F36369B86B87AD18E42F1A9 ft=1 fh=ff134ca67e44282f vn="Variante von Win32/DomaIQ.BB evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\Comodo\Cis\Quarantine\data\{9E247A6B-7AD6-4A1E-81B9-CD2685741284}"
sh=AF02605C62BE0B68C359A2202C7A67660F095CB4 ft=1 fh=b8320ad818983121 vn="Variante von Win32/SoftPulse.O evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\Comodo\Cis\Quarantine\data\{A042162E-B2A7-4AC6-B254-E081020A3EC2}"
sh=12B256907EBC4D0B74F69F9F8045BFD6BFEB3744 ft=1 fh=02961308b35618ac vn="Variante von Win32/DomaIQ.BF evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\Comodo\Cis\Quarantine\data\{00982F2D-3B74-4E9A-91A9-97F5D88BD303}"
sh=B1F4C0D0402450C8A03B7363D15A1F9299F86BFC ft=0 fh=0000000000000000 vn="Variante von Win32/Somoto.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\Comodo\Cis\Quarantine\data\{2975C303-9F5E-4459-BD6F-CEF7C60A4DA8}"
sh=A80F5F8122B45C710F3C11B3504760D4E8051479 ft=1 fh=7d7ac49d55ae5fe5 vn="Variante von Win32/SoftPulse.O evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\Comodo\Cis\Quarantine\data\{71226DFD-C48D-4CC3-B088-3127734DB954}"
sh=FAB0B9299ECB11A40F36369B86B87AD18E42F1A9 ft=1 fh=ff134ca67e44282f vn="Variante von Win32/DomaIQ.BB evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\Comodo\Cis\Quarantine\data\{9E247A6B-7AD6-4A1E-81B9-CD2685741284}"
sh=AF02605C62BE0B68C359A2202C7A67660F095CB4 ft=1 fh=b8320ad818983121 vn="Variante von Win32/SoftPulse.O evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\Comodo\Cis\Quarantine\data\{A042162E-B2A7-4AC6-B254-E081020A3EC2}"
sh=434238E15660618182F67150AA6677E0511601DA ft=1 fh=dc788dfa3665612c vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000b2"
sh=457335C7D7CF3B76BDA5156BDFC9D2E55F5EB26E ft=1 fh=733834ea60493ef0 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User\Documents\Downloads\Integrated_CT2325506.exe"

Das Tool SecurityCheck generierte anschließend:

"checkup.txt"

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.89  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Spybot - Search & Destroy 
 Java(TM) 6 Update 22  
 Java(TM) 6 Update 32  
 Java 7 Update 51  
 Java-Editor 11.39, 2013.05.18   
 Java 2 Runtime Environment, SE v1.4.1 
 Java version out of Date! 
 Adobe Flash Player 15.0.0.152  
 Adobe Reader 10.1.12 Adobe Reader out of Date!  
 Mozilla Thunderbird (5.0). Thunderbird out of Date!  
 Google Chrome 37.0.2062.124  
 Google Chrome 38.0.2125.111  
````````Process Check: objlist.exe by Laurent````````  
 Spybot Teatimer.exe is disabled! 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

Abschließend noch das frische FRST-log:

"FRST.txt"

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-11-2014 01
Ran by User (administrator) on USER-PC on 09-11-2014 23:58:23
Running from C:\Users\User\Desktop
Loaded Profile: User (Available profiles: User & Mcx1-USER-PC)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(The Eraser Project) C:\Program Files\Eraser\Eraser.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Dropbox, Inc.) C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Adobe Systems Incorporated) D:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) E:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard Backup\BullGuardUpdate.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5264016 2012-08-16] (VIA)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [iTunesHelper] => E:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2771076119-1783207638-1657993630-1000\...\Run: [HP Photosmart 5510 series (NET)] => C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2672488 2011-05-25] (Hewlett-Packard Co.)
HKU\S-1-5-21-2771076119-1783207638-1657993630-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-2771076119-1783207638-1657993630-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-10-20] (Apple Inc.)
HKU\S-1-5-21-2771076119-1783207638-1657993630-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2771076119-1783207638-1657993630-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Outlook 2013.lnk
ShortcutTarget: Outlook 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\outlook.exe (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7FFB65557947CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2771076119-1783207638-1657993630-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> H:\Java\bin\ssv.dll No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> H:\Java\bin\jp2ssv.dll No File
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: WebSpeechBHO Class -> {83A30C59-3A50-49E6-9DAF-4923C4EA3C23} -> C:\Program Files (x86)\Common Files\WebSpeech.4.0\LgxIEBar.dll (G DATA Software AG)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} -  No File
Toolbar: HKLM-x32 - No Name - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} -  No File
DPF: HKLM {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/sites/production/ieawsdc64.cab
DPF: HKLM {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex64-2.2.6.0.cab
DPF: HKLM {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: HKLM-x32 {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} file:///J:/components/hidinputmonitorx.ocx
DPF: HKLM-x32 {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} file:///J:/components/A9.ocx
DPF: HKLM-x32 {7030CC6C-1A88-4591-BB5A-651B9F7F0C30} file:///J:/components/wmvhdrating.ocx
Handler: htap - {83EC570E-9FFA-11D2-9559-006008594011} -  No File
Handler: htsportal - {08C89E55-0655-4442-AFD5-4E526D52CEB9} -  No File
Handler-x32: htap - {83EC570E-9FFA-11D2-9559-006008594011} -  No File
Handler-x32: htsportal - {08C89E55-0655-4442-AFD5-4E526D52CEB9} -  No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{2BD76A31-CBAD-4DC9-9160-8857EA0FA56B}: [NameServer] 192.168.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> H:\Java\bin\dtplugin\npDeployJava1.dll No File
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> H:\Java\bin\plugin2\npjp2.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> E:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @hogrefe.de/nphtspse,version=1.15 -> C:\Program Files (x86)\Hogrefe\Player\4\Bin\nphtspse.dll No File
FF Plugin-x32: @hogrefe.de/nphtspst,version=1.15 -> C:\Program Files (x86)\Hogrefe\Player\4\Bin\nphtspst.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.5 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2771076119-1783207638-1657993630-1000: @tools.google.com/Google Update;version=3 -> C:\Users\User\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2771076119-1783207638-1657993630-1000: @tools.google.com/Google Update;version=9 -> C:\Users\User\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2771076119-1783207638-1657993630-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-2771076119-1783207638-1657993630-1000: electronicarts.com/GameFacePlugin -> C:\Users\User\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-12-26]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: No Name - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-01-29]
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - D:\Program Files (x86)\Steganos Password Manager 12\spmplugin3

Chrome: 
=======
CHR HomePage: Default -> 
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-31]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-31]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-06]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-31]
CHR Extension: (Google-Suche) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-31]
CHR Extension: (Avira Browser Safety) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-07]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Bitdefender QuickScan) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2014-11-05]
CHR Extension: (Google Mail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-31]
CHR HKLM-x32\...\Chrome\Extension: [jgfpelakfkbbkkdchaaaknckhoadkcbo] - C:\Program Files (x86)\Mein Gutscheincode Finder\Chrome\chrome-extension.crx []
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx []

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor7.0; D:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [169312 2008-09-16] (Adobe Systems Incorporated)
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-18] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-18] (Avira Operations GmbH & Co. KG)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
S3 BgRaSvc; C:\Program Files\BullGuard Ltd\BullGuard Backup\Support\BgRaSvc.exe [161112 2014-05-19] (BullGuard Ltd.)
R2 BsMain; C:\Program Files\BullGuard Ltd\BullGuard Backup\BsMain.dll [269656 2014-05-19] (BullGuard Ltd.)
R2 BsUpdate; C:\Program Files\BullGuard Ltd\BullGuard Backup\BullGuardUpdate.exe [409944 2014-02-20] (BullGuard Ltd.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2436280 2014-09-25] (Microsoft Corporation)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2011-07-24] (Macrovision Europe Ltd.) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-01-03] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2005-01-31] (Ulead Systems, Inc.) [File not signed]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-14] (VIA Technologies, Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S0 AFS; C:\Windows\SysWow64\Drivers\AFS.sys [77004 2011-12-05] (Oak Technology Inc.) [File not signed]
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-18] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S3 SaiH075C; C:\Windows\System32\DRIVERS\SaiH075C.sys [326784 2006-07-27] (Saitek)
S3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [54016 2006-07-27] (Saitek) [File not signed]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-09 23:58 - 2014-11-09 23:58 - 00025843 _____ () C:\Users\User\Desktop\FRST.txt
2014-11-09 23:58 - 2014-11-09 23:58 - 00000000 ____D () C:\Users\User\Desktop\FRST-OlderVersion
2014-11-09 23:57 - 2014-11-09 23:57 - 00001155 _____ () C:\Users\User\Desktop\checkup.txt
2014-11-09 23:53 - 2014-11-09 23:53 - 00854448 _____ () C:\Users\User\Desktop\SecurityCheck.exe
2014-11-09 02:21 - 2014-11-09 02:21 - 02347384 _____ (ESET) C:\Users\User\Downloads\esetsmartinstaller_deu.exe
2014-11-07 13:32 - 2014-11-07 13:32 - 00000000 ____D () C:\Windows\Sun
2014-11-07 13:22 - 2014-11-07 13:22 - 01706939 _____ (Thisisu) C:\Users\User\Desktop\JRT.exe
2014-11-07 13:22 - 2014-11-07 13:22 - 00000000 ____D () C:\Windows\ERUNT
2014-11-07 13:21 - 2014-11-07 13:22 - 01706939 _____ (Thisisu) C:\Users\User\Downloads\JRT.exe
2014-11-07 13:15 - 2014-11-07 13:15 - 01998336 _____ () C:\Users\User\Downloads\AdwCleaner_4.002.exe
2014-11-07 13:15 - 2014-11-07 13:15 - 01998336 _____ () C:\Users\User\Desktop\AdwCleaner_4.002.exe
2014-11-07 13:12 - 2014-11-07 13:43 - 00000000 ____D () C:\Users\User\Desktop\Logfile (Alt)
2014-11-07 12:44 - 2014-11-07 13:12 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-07 12:44 - 2014-11-07 12:44 - 00001115 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-11-07 12:44 - 2014-11-07 12:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-11-07 12:44 - 2014-11-07 12:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-07 12:44 - 2014-11-07 12:44 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-11-07 12:44 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-07 12:44 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-07 12:44 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-07 12:43 - 2014-11-07 12:43 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-06 22:58 - 2014-11-06 22:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-11-06 12:15 - 2014-11-06 12:15 - 00039585 _____ () C:\ComboFix.txt
2014-11-06 11:57 - 2014-11-06 12:15 - 00000000 ____D () C:\ComboFix
2014-11-06 11:57 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-11-06 11:57 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-11-06 11:57 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-11-06 11:57 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-11-06 11:57 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-11-06 11:57 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-11-06 11:57 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-11-06 11:57 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-11-06 11:54 - 2014-11-06 12:15 - 00000000 ____D () C:\Qoobox
2014-11-06 11:54 - 2014-11-06 12:13 - 00000000 ____D () C:\Windows\erdnt
2014-11-06 11:52 - 2014-11-06 11:52 - 05591672 ____R (Swearware) C:\Users\User\Desktop\ComboFix.exe
2014-11-06 11:52 - 2014-11-06 11:52 - 05591672 _____ (Swearware) C:\Users\User\Downloads\ComboFix.exe
2014-11-06 11:28 - 2014-11-06 11:28 - 1187623621 _____ () C:\Windows\MEMORY.DMP
2014-11-06 11:28 - 2014-11-06 11:28 - 00473888 _____ () C:\Windows\Minidump\110614-19016-01.dmp
2014-11-05 22:19 - 2014-11-05 22:19 - 00274523 _____ () C:\Users\User\Documents\ts3_clientui-win64-1375773286-2014-11-05 22_19_35.265826.dmp
2014-11-05 19:41 - 2014-11-09 22:54 - 00000000 ____D () C:\Users\User\AppData\Local\Battle.net
2014-11-05 19:41 - 2014-11-05 19:45 - 00000000 ____D () C:\Users\User\AppData\Roaming\Battle.net
2014-11-05 19:41 - 2014-11-05 19:41 - 00000803 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-11-05 19:41 - 2014-11-05 19:41 - 00000000 ____D () C:\Users\User\AppData\Local\Blizzard Entertainment
2014-11-05 19:41 - 2014-11-05 19:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-11-05 19:16 - 2014-11-05 19:17 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\User\Downloads\tdsskiller.exe
2014-11-05 17:52 - 2014-11-05 17:52 - 00380416 _____ () C:\Users\User\Downloads\Gmer-19357.exe
2014-11-05 17:52 - 2014-11-05 17:52 - 00380416 _____ () C:\Users\User\Downloads\Gmer-19357 (1).exe
2014-11-05 17:52 - 2014-11-05 17:52 - 00380416 _____ () C:\Users\User\Desktop\Gmer-19357.exe
2014-11-05 17:45 - 2014-11-09 23:58 - 00000000 ____D () C:\FRST
2014-11-05 17:44 - 2014-11-09 23:58 - 02116096 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2014-11-05 17:39 - 2014-11-05 17:41 - 00000470 _____ () C:\Users\User\Downloads\defogger_disable.log
2014-11-05 17:39 - 2014-11-05 17:39 - 00000000 _____ () C:\Users\User\defogger_reenable
2014-11-05 17:38 - 2014-11-05 17:38 - 00050477 _____ () C:\Users\User\Desktop\Defogger.exe
2014-11-05 17:33 - 2014-11-05 17:33 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-11-05 17:31 - 2014-11-05 17:33 - 00000000 ____D () C:\Users\User\AppData\Roaming\QuickScan
2014-11-05 17:28 - 2014-11-05 17:32 - 131078000 _____ (AVAST Software) C:\Users\User\Downloads\avast_free_antivirus_setup.exe
2014-11-05 17:21 - 2014-11-05 17:21 - 00003124 _____ () C:\Windows\System32\Tasks\{04D0D7CE-7872-481F-860B-7FF6FA53280D}
2014-11-05 15:30 - 2014-11-05 16:22 - 00000000 ____D () C:\ProgramData\Panda Security URL Filtering
2014-11-05 15:30 - 2014-11-05 16:22 - 00000000 ____D () C:\Program Files (x86)\pandasecuritytb
2014-11-05 15:30 - 2014-11-05 16:12 - 00000000 ____D () C:\ProgramData\panda_url_filtering
2014-11-05 15:30 - 2014-11-05 15:30 - 00000000 ____D () C:\Users\User\AppData\Roaming\Panda Security
2014-11-05 15:29 - 2014-11-05 16:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus
2014-11-05 15:29 - 2014-11-05 16:22 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-11-05 15:29 - 2014-11-05 15:30 - 00000000 ____D () C:\ProgramData\Panda Security
2014-11-05 14:39 - 2014-11-05 14:41 - 00000000 ____D () C:\Program Files (x86)\CheckPoint
2014-11-05 14:39 - 2014-11-05 14:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-05 14:38 - 2014-11-05 14:38 - 00000000 ____D () C:\ProgramData\CheckPoint
2014-11-05 12:45 - 2014-11-05 12:45 - 00000000 ____D () C:\VTRoot
2014-11-05 12:38 - 2014-11-05 16:25 - 00201448 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-04 23:11 - 2014-11-04 23:11 - 00000000 ____D () C:\Users\User\AppData\Roaming\Comodo
2014-11-04 19:29 - 2014-11-04 19:30 - 00000000 ____D () C:\Program Files\COMODO
2014-11-04 19:29 - 2014-11-04 19:29 - 00000000 ____D () C:\Users\User\AppData\Local\Comodo
2014-11-04 19:29 - 2014-11-04 19:29 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2014-11-04 19:28 - 2014-11-04 23:11 - 00000000 ____D () C:\ProgramData\Comodo
2014-11-04 13:42 - 2014-11-04 13:43 - 00000000 ____D () C:\ProgramData\Kaspersky Lab Setup Files
2014-11-04 13:30 - 2014-11-05 13:29 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-11-04 13:24 - 2014-11-05 13:29 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-11-04 01:40 - 2014-11-04 01:40 - 00010460 _____ () C:\Windows\DPINST.LOG
2014-11-04 01:02 - 2014-11-04 01:05 - 121159424 _____ (Microsoft Corporation) C:\Users\User\Downloads\msert.exe
2014-11-03 23:25 - 2014-11-03 23:25 - 00000000 ____D () C:\Users\User\AppData\Roaming\Mozilla
2014-11-02 11:44 - 2014-11-07 13:18 - 00012472 _____ () C:\Windows\PFRO.log
2014-11-02 11:23 - 2014-11-02 11:23 - 00001574 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-11-02 11:23 - 2014-11-02 11:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-11-02 11:22 - 2014-11-02 11:23 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-11-02 11:22 - 2014-11-02 11:23 - 00000000 ____D () C:\Program Files\iTunes
2014-11-02 11:22 - 2014-11-02 11:22 - 00000000 ____D () C:\Program Files\iPod
2014-11-02 11:20 - 2014-11-02 11:41 - 00000000 ____D () C:\Users\User\Desktop\US INTERN (PICS)
2014-10-18 21:14 - 2014-10-18 21:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2014-10-18 20:45 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-18 20:45 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-18 20:45 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-18 20:45 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-18 20:45 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-18 20:45 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-18 20:45 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-18 20:44 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-18 20:44 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-18 20:44 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-18 20:44 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-18 20:44 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-18 20:44 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-18 20:44 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-18 20:44 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-18 20:44 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-18 20:44 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-18 20:44 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-18 20:44 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-18 20:44 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-18 20:44 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-18 20:44 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-18 20:44 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-18 20:44 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-18 20:44 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-18 20:44 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-18 20:44 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-18 20:44 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-18 20:44 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-18 20:44 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-18 20:44 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-18 20:44 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-18 20:44 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-18 20:44 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-18 20:44 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-18 20:44 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-18 20:44 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-18 20:44 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-18 20:44 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-18 20:44 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-18 20:44 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-18 20:44 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-18 20:44 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-18 20:44 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-18 20:44 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-18 20:44 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-18 20:44 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-18 20:44 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-18 20:44 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-18 20:44 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-18 20:44 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-18 20:44 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-18 20:44 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-18 20:44 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-18 20:44 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-18 20:44 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-18 20:44 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-18 20:44 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-18 20:44 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-18 20:44 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-18 20:44 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-18 20:44 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-18 20:44 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-18 20:44 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-18 20:44 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-18 20:44 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-18 20:40 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-18 20:40 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-18 20:40 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-18 20:40 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-18 20:40 - 2014-07-17 03:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-18 20:40 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-18 20:40 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-18 20:40 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-18 20:40 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-18 20:40 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-18 20:40 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-18 20:40 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-18 20:40 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-18 20:40 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-18 20:40 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-18 20:40 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-18 20:40 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-18 20:40 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-18 20:40 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-18 20:40 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-18 20:39 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-18 20:39 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-10 12:50 - 2014-11-09 19:27 - 00004337 _____ () C:\Windows\setupact.log
2014-10-10 12:50 - 2014-10-10 12:50 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-10 12:49 - 2014-11-02 10:18 - 05235032 _____ () C:\Windows\system32\FNTCACHE.DAT

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-09 23:27 - 2011-07-23 23:04 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-09 23:17 - 2012-07-25 15:21 - 00000336 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job
2014-11-09 23:11 - 2013-01-02 23:44 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2771076119-1783207638-1657993630-1000UA.job
2014-11-09 23:02 - 2012-04-03 08:45 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-09 20:42 - 2009-07-14 05:45 - 00026304 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-09 20:42 - 2009-07-14 05:45 - 00026304 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-09 20:37 - 2011-07-20 11:49 - 01572360 _____ () C:\Windows\WindowsUpdate.log
2014-11-09 19:34 - 2009-07-14 18:58 - 00725976 _____ () C:\Windows\system32\perfh007.dat
2014-11-09 19:34 - 2009-07-14 18:58 - 00158600 _____ () C:\Windows\system32\perfc007.dat
2014-11-09 19:34 - 2009-07-14 06:13 - 01681550 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-09 19:29 - 2014-03-03 14:31 - 00000000 ____D () C:\Users\User\Documents\Outlook-Dateien
2014-11-09 19:29 - 2011-08-08 19:28 - 00000000 ___RD () C:\Users\User\Dropbox
2014-11-09 19:28 - 2011-08-08 19:26 - 00000000 ____D () C:\Users\User\AppData\Roaming\Dropbox
2014-11-09 19:27 - 2014-09-19 22:01 - 00000000 ___RD () C:\Users\User\iCloudDrive
2014-11-09 19:26 - 2011-07-23 23:04 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-09 19:26 - 2011-07-20 12:04 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-09 19:26 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-09 02:54 - 2013-10-23 18:52 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps
2014-11-09 02:21 - 2013-01-02 16:23 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F5380F5B-14A5-4785-BB60-BD2CC61FFFEF}
2014-11-07 13:18 - 2014-09-01 17:02 - 00000000 ____D () C:\AdwCleaner
2014-11-07 13:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Cursors
2014-11-06 23:12 - 2011-08-03 12:59 - 00000000 ____D () C:\Users\User\AppData\Roaming\TS3Client
2014-11-06 12:09 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-11-06 12:08 - 2011-11-22 23:08 - 00000410 __RSH () C:\ProgramData\ntuser.pol
2014-11-06 12:06 - 2009-07-14 03:34 - 24379392 _____ () C:\Windows\system32\config\system.bak
2014-11-06 12:06 - 2009-07-14 03:34 - 127926272 _____ () C:\Windows\system32\config\software.bak
2014-11-06 12:06 - 2009-07-14 03:34 - 04980736 _____ () C:\Windows\system32\config\default.bak
2014-11-06 12:06 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\security.bak
2014-11-06 12:06 - 2009-07-14 03:34 - 00069632 _____ () C:\Windows\system32\config\sam.bak
2014-11-06 11:57 - 2012-01-08 16:40 - 00000000 ____D () C:\Users\Mcx1-USER-PC
2014-11-06 11:28 - 2011-08-26 12:56 - 00000000 ____D () C:\Windows\Minidump
2014-11-05 17:22 - 2014-01-19 23:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-11-05 17:22 - 2014-01-19 23:15 - 00000000 ____D () C:\ProgramData\Avira
2014-11-05 17:22 - 2014-01-19 23:15 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-11-05 17:22 - 2013-12-09 17:50 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-05 17:01 - 2009-07-14 05:45 - 00021504 _____ () C:\Windows\system32\umstartup.etl
2014-11-05 16:32 - 2012-04-03 08:45 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-05 16:32 - 2012-04-03 08:45 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-05 16:32 - 2011-07-22 19:15 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-05 16:31 - 2011-07-22 19:13 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe
2014-11-05 16:22 - 2014-09-01 17:12 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-11-05 16:22 - 2014-03-12 20:43 - 00000000 ____D () C:\ProgramData\Duden
2014-11-05 16:22 - 2014-02-20 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FILEminimizer Pictures 3.0
2014-11-05 16:22 - 2012-07-08 20:50 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameShadow
2014-11-05 16:22 - 2012-06-26 12:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zattoo4
2014-11-05 16:22 - 2012-01-29 13:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
2014-11-05 16:22 - 2011-08-07 14:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SopCast
2014-11-05 16:22 - 2011-07-20 15:17 - 00000000 ____D () C:\Users\User\AppData\Roaming\vlc
2014-11-05 16:22 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-05 16:22 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-11-05 16:21 - 2014-03-12 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duden
2014-11-05 16:21 - 2012-05-29 06:03 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-11-05 16:21 - 2012-01-29 13:50 - 00000000 ____D () C:\Program Files\DivX
2014-11-05 16:21 - 2012-01-29 13:49 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-11-05 16:21 - 2012-01-29 13:48 - 00000000 ____D () C:\ProgramData\DivX
2014-11-04 01:45 - 2012-12-29 21:15 - 00000000 ____D () C:\Users\User\AppData\Roaming\DivX
2014-11-04 01:39 - 2013-05-26 14:42 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-04 01:39 - 2011-07-20 15:16 - 00000000 ____D () C:\Users\User\AppData\Local\Google
2014-11-04 01:39 - 2011-07-20 15:16 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-04 01:34 - 2014-09-01 09:56 - 00000000 ____D () C:\Windows\pss
2014-11-04 01:23 - 2012-01-14 23:29 - 00000000 ____D () C:\Users\User\AppData\Roaming\Apple Computer
2014-11-04 01:23 - 2012-01-14 23:29 - 00000000 ____D () C:\Users\User\AppData\Local\Apple Computer
2014-11-02 13:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-02 11:49 - 2013-02-14 12:22 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-11-02 11:23 - 2013-09-20 16:41 - 00054156 ____H () C:\Windows\QTFont.qfn
2014-11-02 11:22 - 2014-09-19 18:31 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-11-02 11:22 - 2012-01-14 23:27 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-11-02 11:11 - 2013-01-02 23:44 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2771076119-1783207638-1657993630-1000Core.job
2014-11-02 11:06 - 2013-01-02 23:44 - 00004084 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2771076119-1783207638-1657993630-1000UA
2014-11-02 11:06 - 2013-01-02 23:44 - 00003688 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2771076119-1783207638-1657993630-1000Core
2014-11-02 10:22 - 2011-07-23 23:04 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-02 10:21 - 2011-07-23 23:04 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-02 10:15 - 2014-05-06 13:49 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-28 05:34 - 2011-07-20 12:06 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-18 21:14 - 2013-08-15 02:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-18 21:07 - 2011-07-20 12:55 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-18 20:23 - 2014-02-18 20:19 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-10-18 20:23 - 2014-01-19 23:15 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-18 20:23 - 2014-01-19 23:15 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys

Files to move or delete:
====================
C:\Users\User\hpothb07.dat


Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbbmi2k.dll
C:\Users\User\AppData\Local\Temp\Quarantine.exe
C:\Users\User\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-05 14:11

==================== End Of Log ============================

--- --- ---

Das Problem mit der Firewall ist scheinbar gelöst. Allerdings weiß ich nun als Laie natürlich nicht, inwieweit mein System belastet war oder vielleicht sogar noch belastet ist bzw. inwiefern mein System (Windows) durch den Befall Schaden genommen hatte. Der Online Scanner hatte schließlich noch zahlreiche Meldungen generiert.

Ich werde mir nun nach der Reinigung in jedem Fall das neue Kaspersky besorgen, um in Zukunft hoffentlich besser geschützt zu sein. Oder ist vielleicht in Zukunft für mich etwas anderes zu empfehlen - was kann und sollte ich noch tun? Kann ich vielleicht irgendwo überprüfen, ob eine Neuinstallation von Windows notwendig ist? Ich hoffe natürlich, dass dieser Schritt nicht notwendig sein wird, aber dafür fehlt mir das Fachwissen.

Vielen Dank erneut für jegliche Mühe und Hilfe!

schrauber · 10.11.2014, 17:08

Zitat:

Der Online Scanner hatte schließlich noch zahlreiche Meldungen generiert.

Die sind aber alle schon in Quarantäne

Adobe und Thunderbird updaten. Alles an Java deinstallieren, aktuelle Java Version installieren.

Eine Neuinstallation ist nicht nötig, sonst hätten wir uns die Arbeit auch sparen können

.
Ich empfehle als Schutz immer Emsisoft.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2771076119-1783207638-1657993630-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Fertig

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Keksklauer · 10.11.2014, 22:05

Hallo schrauber,

vielen Dank für die gesamte Hilfe! Die Firewall funktioniert wieder und meinem System scheint es besser zu gehen.

Ich habe die letzten Schritte nun auch problemlos ausführen können. Allerdings kann ich die Fixlog.txt-Datei hier nicht mehr posten. Die Datei wurde vom Tool DelFix mit gelöscht. Es müsste aber funktioniert haben - besten Dank dafür!

Ich habe mir auch die genannten Programme heruntergeladen. Ich hoffe, dass ich in Zukunft den Überblick behalte und mein System sicher bleibt.

Ich kann mich an dieser Stelle nicht genug bedanken.

Viele Grüße und alles Gute für die Zukunft!

schrauber · 11.11.2014, 16:54

Gern Geschehen

11.11.2014, 16:54	#12
schrauber /// the machine /// TB-Ausbilder	MS Windows 7 (64-bit SP1): Computerabstürze und Beschädigung der Windows-Firewall Gern Geschehen __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

MS Windows 7 (64-bit SP1): Computerabstürze und Beschädigung der Windows-Firewall

Log-Analyse und Auswertung: MS Windows 7 (64-bit SP1): Computerabstürze und Beschädigung der Windows-Firewall