Achtung, Ihre Java-Version ist veraltet!

hallohallo1 · 09.11.2014, 18:01

Hallo und schönen Sonntag euch!

Ich habe seit geraumer Zeit (vlt. 1 Woche) das Problem, dass ich beim Öffnen vieler Internetseiten eine Warnmeldung erhalte, die mir folgenden Text anzeigt: "Seite xyz meldet, dass ihre Java-Version veraltet ist".

Wenn ich dann auf "ok", "abbrechen" oder das "x" (rechts oben) klicke, werde ich automatisch auf eine angebliche Java-Seite weitergeleitet, die mir nach 3-4 Sekunden des Besuchs - ohne mein Zustimmen - eine Datei zum Installieren herunterlädt.
Selbstverständlich habe ich die nicht geöffnet/installiert, da ich davon ausgehe, dass es sich um schädliche Software handelt.

Einige dieser Seiten, die ich leider ab und an brauche, kann ich mittlerweile gar nicht mehr benutzen, da einfach JEDES mal die Meldung erscheint und ich weitergeleitet werde.
Ich hoffe, ihr könnt mir bei meinem Problem weiterhelfen.

Liebe Grüße
Fabian

schrauber · 09.11.2014, 18:48

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

hallohallo1 · 09.11.2014, 20:45

FRST:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-11-2014 01
Ran by Fabian (administrator) on FABIAN-PC on 09-11-2014 20:39:00
Running from C:\Users\Fabian\Downloads
Loaded Profile: Fabian (Available profiles: Fabian & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Connectify) C:\Program Files (x86)\Connectify\ConnectifyService.exe
(Connectify) C:\Program Files (x86)\Connectify\Connectifyd.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Connectify) C:\Program Files (x86)\Connectify\DispatchUI.exe
(Connectify) C:\Program Files (x86)\Connectify\Connectify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2821936 2012-03-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Power Management] => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [1829768 2012-02-07] (Acer Incorporated)
HKLM\...\Run: [Connectify Dispatch] => C:\Program Files (x86)\Connectify\DispatchUI.exe [2367224 2014-10-15] (Connectify)
HKLM\...\Run: [Connectify Hotspot] => C:\Program Files (x86)\Connectify\Connectify.exe [4305656 2014-10-15] (Connectify)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1105488 2012-03-23] (Dritek System Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2012-03-14] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKU\S-1-5-21-2369609114-863870372-693991672-1000\...\Run: [GoogleChromeAutoLaunch_7B5D7D01360FD9AF9E4D88FF49236B5A] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [854344 2014-10-22] (Google Inc.)
HKU\S-1-5-21-2369609114-863870372-693991672-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21653096 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-2369609114-863870372-693991672-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

StartMenuInternet: IEXPLORE.EXE - iexplore.exe
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: QUICKfind BHO Object -> {C08DF07A-3E49-4E25-9AB0-D3882835F153} -> C:\Program Files (x86)\IDM\QUICKfind\PlugIns\IEHelp.dll (IDM)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\ho2j0dk3.default
FF SelectedSearchEngine: ICQ Search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\ho2j0dk3.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: saferrweb - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\ho2j0dk3.default\Extensions\e8up_iiyo@fzyfwn-u.edu [2014-10-09]
FF Extension: doewnloadiotkeep - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\ho2j0dk3.default\Extensions\i5oiauu@keb-ai.com [2014-09-11]
FF Extension: CooupScannEre - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\ho2j0dk3.default\Extensions\vtqfdglz@istlzpeu.org [2014-10-09]
FF Extension: Yahoo Community Smartbar - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\ho2j0dk3.default\Extensions\{dbde54ab-2f13-2f9a-4711-1b52e0b6ad5e} [2014-08-12]
FF Extension: ICQ Sparberater - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\ho2j0dk3.default\Extensions\ciuvo-extension@icq.de.xpi [2012-08-11]
FF Extension: Firefox Old Version Update Hotfix - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\ho2j0dk3.default\Extensions\firefox-hotfix@mozilla.org.xpi [2014-11-08]

Chrome: 
=======
CHR HomePage: Default -> https://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.sweet-page.com/?type=hp&ts=1399918233&from=cor&uid=TOSHIBAXMK3259GSXP_42BICPG5TXX42BICPG5T", "https://www.google.de/"
CHR Profile: C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-24]
CHR Extension: (Google Drive) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-24]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-09]
CHR Extension: (YouTube) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-24]
CHR Extension: (Google-Suche) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-24]
CHR Extension: (iVocab: GRE, TOEFL and SAT) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddbfkngjokojcmmadaaipmjiacnnmgbl [2013-12-23]
CHR Extension: (SAT Exam: Vokabeln) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfgbfnojhclndefdagpdjnilbhggpecn [2013-12-23]
CHR Extension: (Google Wallet) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-04]
CHR Extension: (Google Mail) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-24]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [487936 2014-10-15] (Connectify) [File not signed]
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [871296 2012-02-07] (Acer Incorporated)
R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [28264 2012-02-29] (Acer Incorporated)
R2 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [255376 2012-02-07] (Acer Incorporated)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S2 892cc6a3; "C:\Windows\system32\rundll32.exe" "c:\progra~3\perfor~1\PerformanceOptimizerSvc.dll",service

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 cnnctfy3; C:\Windows\System32\DRIVERS\cnnctfy3.sys [42152 2014-11-09] (Connectify)
R3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2014-11-09] ()
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [52736 2012-04-25] (Apple, Inc.) [File not signed]
U4 WPM; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-09 20:39 - 2014-11-09 20:40 - 00015635 _____ () C:\Users\Fabian\Downloads\FRST.txt
2014-11-09 20:38 - 2014-11-09 20:39 - 00000000 ____D () C:\FRST
2014-11-09 20:38 - 2014-11-09 20:38 - 02116096 _____ (Farbar) C:\Users\Fabian\Downloads\FRST64.exe
2014-11-09 18:36 - 2014-11-09 18:36 - 00043664 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-11-09 18:33 - 2014-11-09 18:33 - 00004868 _____ () C:\Windows\system32\.crusader
2014-11-09 16:26 - 2014-11-09 16:26 - 00000412 _____ () C:\Users\Public\Desktop\Connectify Dispatch.lnk
2014-11-09 16:26 - 2014-11-09 16:26 - 00000396 _____ () C:\Users\Public\Desktop\Connectify Hotspot.lnk
2014-11-09 16:26 - 2014-11-09 16:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Connectify
2014-11-09 16:24 - 2014-11-09 16:24 - 00042152 _____ (Connectify) C:\Windows\system32\Drivers\cnnctfy3.sys
2014-11-09 16:14 - 2014-11-09 16:14 - 00001795 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-11-09 16:14 - 2014-11-09 16:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-11-09 16:14 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-11-09 16:13 - 2014-11-09 16:14 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-11-09 16:13 - 2014-11-09 16:14 - 00000000 ____D () C:\Program Files\iTunes
2014-11-09 16:13 - 2014-11-09 16:14 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-11-09 16:13 - 2014-11-09 16:13 - 00000000 ____D () C:\Program Files\iPod
2014-11-09 16:11 - 2014-11-09 16:11 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Apple Computer
2014-11-09 16:11 - 2014-11-09 16:11 - 00000000 ____D () C:\Users\Default\AppData\Local\Apple Computer
2014-11-09 16:11 - 2014-11-09 16:11 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Apple Computer
2014-11-09 16:11 - 2014-11-09 16:11 - 00000000 ____D () C:\Users\Default User\AppData\Local\Apple Computer
2014-11-09 16:09 - 2014-11-09 16:09 - 00000000 ____D () C:\Program Files\Bonjour
2014-11-09 16:09 - 2014-11-09 16:09 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-11-09 15:57 - 2014-11-09 16:15 - 00003354 _____ () C:\Windows\SecuniaPackage.log
2014-11-09 15:45 - 2014-11-09 15:45 - 00001081 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2014-11-09 15:45 - 2014-11-09 15:45 - 00000000 ____D () C:\Users\Fabian\AppData\Local\Secunia PSI
2014-11-09 15:45 - 2014-11-09 15:45 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-11-09 15:44 - 2014-11-09 15:44 - 05329480 _____ (Secunia) C:\Users\Fabian\Downloads\PSISetup_3.0.0.9016.exe
2014-11-09 15:44 - 2014-11-09 15:44 - 05329480 _____ (Secunia) C:\Users\Fabian\Downloads\PSISetup_3.0.0.9016 (1).exe
2014-11-07 21:45 - 2014-11-07 21:45 - 00000000 ____D () C:\Users\Fabian\Desktop\Biwi - Endepohls Ulpe
2014-11-05 19:56 - 2014-11-05 20:48 - 05501867 _____ () C:\Users\Fabian\Downloads\Hausarbeit - Die Bedeutung der Panathenäen für Athen.odt
2014-10-31 06:11 - 2014-11-07 21:15 - 00000000 ____D () C:\Users\Fabian\Desktop\Biwi - Dazert
2014-10-29 22:45 - 2014-11-06 20:29 - 00000000 ____D () C:\Users\Fabian\Desktop\Vorlesung Geulen
2014-10-28 13:02 - 2014-11-09 18:24 - 11222744 _____ (SurfRight B.V.) C:\Users\Fabian\Desktop\hitmanpro_x64.exe
2014-10-28 13:02 - 2014-10-28 13:20 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-10-28 13:02 - 2014-10-28 13:02 - 13485202 _____ () C:\Users\Fabian\Downloads\hitmanpro379.zip
2014-10-28 13:02 - 2014-01-31 18:01 - 09988304 _____ (SurfRight B.V.) C:\Users\Fabian\Desktop\HitmanPro.exe
2014-10-22 20:27 - 2014-09-26 17:36 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-10-22 20:26 - 2014-10-28 12:23 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-22 20:26 - 2014-10-28 12:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-22 20:26 - 2014-09-26 17:36 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-22 20:26 - 2014-09-26 17:35 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-22 20:25 - 2014-10-22 20:26 - 00004838 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_71-b14.log
2014-10-16 00:04 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-16 00:04 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-16 00:04 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-16 00:04 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 00:04 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-16 00:04 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 00:04 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 00:04 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-16 00:04 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-16 00:04 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-16 00:04 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-16 00:04 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-16 00:04 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 00:04 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 00:04 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 00:04 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-16 00:04 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-16 00:04 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 00:04 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 00:04 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-16 00:04 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-16 00:04 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 00:04 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 00:04 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 00:04 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-16 00:04 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 00:04 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-16 00:04 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-16 00:04 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 00:04 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-16 00:04 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-16 00:04 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-16 00:04 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 00:04 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 00:04 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-16 00:04 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-16 00:04 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-16 00:04 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-16 00:04 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 00:04 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-16 00:04 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 00:04 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-16 00:04 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-16 00:04 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-16 00:04 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-16 00:04 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-16 00:04 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-16 00:04 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 00:04 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 00:04 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-16 00:04 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-16 00:04 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 00:04 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-16 00:04 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-16 00:04 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-16 00:04 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 00:04 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-16 00:04 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 00:04 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-16 00:04 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-16 00:04 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 00:04 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-16 00:04 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-16 00:04 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 00:04 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-16 00:04 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 00:02 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 00:02 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-16 00:02 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 00:02 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 00:02 - 2014-07-17 03:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 00:02 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-16 00:02 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-16 00:02 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 00:02 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 00:02 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 00:02 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-16 00:02 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-16 00:02 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-16 00:02 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-16 00:02 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-16 00:02 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-16 00:02 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-16 00:02 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-16 00:02 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 00:02 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-16 00:01 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 00:01 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-11 13:05 - 2014-10-11 13:14 - 00012166 _____ () C:\Users\Fabian\Desktop\S.odt

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-09 20:37 - 2013-06-23 23:39 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-09 20:37 - 2012-03-24 18:22 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-09 20:09 - 2014-08-15 11:36 - 00000000 ____D () C:\Users\Fabian\Desktop\Hausarbeit Antike
2014-11-09 18:48 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-09 18:48 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-09 18:41 - 2012-03-24 18:21 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-11-09 18:40 - 2012-04-30 08:53 - 01531637 _____ () C:\Windows\WindowsUpdate.log
2014-11-09 18:37 - 2012-12-30 13:12 - 00000000 ____D () C:\Program Files (x86)\Connectify
2014-11-09 18:36 - 2013-06-23 23:39 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-09 18:36 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-09 18:36 - 2009-07-14 05:51 - 00104491 _____ () C:\Windows\setupact.log
2014-11-09 16:14 - 2013-06-23 23:39 - 00002259 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-09 16:13 - 2012-08-09 18:19 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-11-09 16:12 - 2013-06-23 23:39 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-09 16:12 - 2013-06-23 23:39 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-09 16:10 - 2012-03-24 18:22 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-09 16:10 - 2012-03-24 18:22 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-09 16:10 - 2012-03-24 18:22 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-09 16:05 - 2012-08-09 18:18 - 00000000 ____D () C:\ProgramData\Apple
2014-11-09 15:14 - 2013-11-23 02:22 - 00018374 _____ () C:\Users\Fabian\Desktop\Burger King - Arbeitszeiten.odt
2014-11-06 20:22 - 2013-09-15 17:35 - 00000000 ____D () C:\Users\Fabian\Desktop\Praktika
2014-11-06 16:01 - 2012-04-30 18:36 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-11-06 16:01 - 2012-04-30 18:36 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-11-06 16:01 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-05 00:29 - 2013-04-28 16:43 - 00000000 ____D () C:\Users\Fabian\Desktop\Geschichte
2014-11-01 15:35 - 2012-08-18 17:55 - 00000000 ____D () C:\Users\Fabian\AppData\Local\CrashDumps
2014-10-28 14:26 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-28 13:18 - 2014-09-02 18:11 - 00000000 ____D () C:\ProgramData\duownoloaditkoeep
2014-10-28 12:23 - 2014-05-05 21:12 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-28 12:22 - 2014-05-05 21:11 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-28 06:34 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-26 14:12 - 2012-08-10 17:13 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\Skype
2014-10-25 16:18 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-10-16 17:11 - 2013-11-10 15:00 - 00016018 _____ () C:\Users\Fabian\Desktop\Mc Fit - Zeiten.odt
2014-10-16 07:48 - 2009-07-14 05:45 - 00295376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-16 07:46 - 2014-05-06 22:03 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-16 01:29 - 2013-07-25 14:22 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 01:16 - 2013-06-19 22:49 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-11 10:50 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

Some content of TEMP:
====================
C:\Users\Fabian\AppData\Local\Temp\AskSLib.dll
C:\Users\Fabian\AppData\Local\Temp\hnzfo-u9.dll
C:\Users\Fabian\AppData\Local\Temp\IrsoDLL.dll
C:\Users\Fabian\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Fabian\AppData\Local\Temp\pwlmgtcl.dll
C:\Users\Fabian\AppData\Local\Temp\Quarantine.exe
C:\Users\Fabian\AppData\Local\Temp\SCC.dll
C:\Users\Fabian\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Gast\AppData\Local\Temp\AskSLib.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-06 20:05

==================== End Of Log ============================

--- --- ---

Addition

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-11-2014 01
Ran by Fabian at 2014-11-09 20:41:14
Running from C:\Users\Fabian\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Ableton Live 8 (HKLM-x32\...\{4941E15C-3C68-4FB7-B5A4-5061B92E9166}) (Version: 8.0.0.0 - Ableton)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.293 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\{BC8AC77D-6A6F-491F-BEED-2958F09C6CAE}) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\{AF82C1A9-56DC-4CCD-A36C-CAE56D541DFA}) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Flash Player Packages (HKU\S-1-5-21-2369609114-863870372-693991672-1000\...\Adobe Flash Player Packages) (Version:  - ) <==== ATTENTION
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{10436F01-26D3-83D0-97E1-0875A80E57D8}) (Version: 3.0.859.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Aquamarin Haushaltsbuch 2.9.2 b (HKLM-x32\...\{1E517C0C-8542-4F8C-DA23-98BCA13CD1F4}_is1) (Version:  - makasy.com)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.12.13 - Atheros Communications Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Connectify (HKLM\...\Connectify) (Version: 9.2.2.33000 - Connectify)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
duownoloaditkoeep (HKLM-x32\...\{1C52B8B6-FFA2-12F6-0A5A-E8301F96A568}) (Version:  - doowNloadeiTKeep) <==== ATTENTION
eBay Worldwide (HKLM-x32\...\{D3E5A972-9A15-427D-AE78-8181A5FD943C}) (Version: 2.2.0409 - OEM)
ETDWare PS/2-X64 10.6.9.9_WHQL (HKLM\...\Elantech) (Version: 10.6.9.9 - ELAN Microelectronic Corp.)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fooz Kids Platform (HKLM-x32\...\{8D68CE08-9A14-4B7B-9857-3C646A2F34C7}) (Version: 2.1 - FUHU, Inc.)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.3.7.807 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.1.39.1015 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.1.39.1015 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.11.26.706 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.26.706 - DVDVideoSoft Ltd.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GIMP 2.8.0 (HKLM\...\GIMP-2_is1) (Version: 2.8.0 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Packard Bell)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kobo (HKLM-x32\...\Kobo) (Version: 2.1.5 - Kobo Inc.)
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.15 - Packard Bell)
Longman Pronunciation Dictionary (HKLM-x32\...\NSIS_lpd) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.8.11100.9.100 - Nero AG)
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.4.10500.1.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.6.10700.5.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.6.10300 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{68AFA3A7-9265-4ABD-994A-ACA413E3715C}) (Version: 10.6.10400 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.6.10500.3.100 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.6.10600.4.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.10900.31.0 - Nero AG)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
OpenOffice.org 3.4 (HKLM-x32\...\{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}) (Version: 3.4.9590 - OpenOffice.org)
Packard Bell Games (HKLM-x32\...\WildTangent packardbell Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Packard Bell Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3010 - Packard Bell)
Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3507 - Packard Bell)
Packard Bell Registration (HKLM-x32\...\Packard Bell Registration) (Version: 1.04.3506 - Packard Bell)
Packard Bell ScreenSaver (HKLM-x32\...\Packard Bell Screensaver) (Version: 1.1.0915.2011 - Packard Bell )
Packard Bell Social Networks (HKLM-x32\...\InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 3.0.3106 - CyberLink Corp.)
Packard Bell Social Networks (x32 Version: 3.0.3106 - CyberLink Corp.) Hidden
Packard Bell Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3501 - Packard Bell)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QUICKfind server v1.1 (HKLM-x32\...\QUICKfind) (Version:  - IDM)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6559 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.28094 - Realtek Semiconductor Corp.)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tales of Lagoona (x32 Version: 2.2.0.98 - WildTangent) Hidden
Teachmaster 4.3 (nur Entfernen) (HKLM-x32\...\Teachmaster 4.3) (Version:  - )
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Video Web Camera (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2624.00 - CyberLink Corp.)
Video Web Camera (x32 Version: 1.5.2624.00 - CyberLink Corp.) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.02.3507 - Packard Bell)
WildTangent Games App (Packard Bell Games) (x32 Version: 4.0.5.32 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Yahoo Community Smartbar Engine (HKU\S-1-5-21-2369609114-863870372-693991672-1000\...\{729de479-32ad-4c56-87c0-d98f001860fd}) (Version: 11.63.66.17714 - Linkury Inc.) <==== ATTENTION
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

24-10-2014 14:18:49 Windows Update
28-10-2014 11:12:34 Windows Update
28-10-2014 12:10:49 Prüfpunkt von HitmanPro
28-10-2014 12:17:55 Prüfpunkt von HitmanPro
31-10-2014 11:49:45 Windows Update
04-11-2014 09:57:06 Windows Update
07-11-2014 17:31:03 Windows Update
09-11-2014 14:51:18 Gerätetreiber-Paketinstallation: Connectify Netzwerkdienst
09-11-2014 15:25:18 Gerätetreiber-Paketinstallation: Connectify Netzwerkdienst
09-11-2014 17:32:26 Prüfpunkt von HitmanPro

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1F83DA4E-B66D-479E-93F4-41C89EB4381D} - System32\Tasks\{0932E51F-E328-49BE-A8D5-9E72E0628CF4} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-07-24] (Skype Technologies S.A.)
Task: {236523C7-EA99-4366-8362-2E3982B4B388} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-09] (Adobe Systems Incorporated)
Task: {6684E134-BD88-494F-A04D-1860049DF236} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-23] (Google Inc.)
Task: {ABD49254-8760-4CB6-9648-29D6827178EA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-23] (Google Inc.)
Task: {F163A9DE-599E-440C-A9DD-BA8E8AA9EBE9} - System32\Tasks\NBAgent => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2012-01-16] (Nero AG)
Task: {FA877437-7B26-4C05-9B83-BF735C472880} - System32\Tasks\UALU notificatin => C:\Program Files\Packard Bell\Packard Bell Updater\UALU.exe [2012-02-07] (Acer Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-12-30 13:13 - 2014-10-15 20:44 - 00377080 _____ () C:\Program Files (x86)\Connectify\NativeLibrary.dll
2013-06-21 16:37 - 2014-10-15 20:44 - 00713976 _____ () C:\Program Files (x86)\Connectify\log4cplus.dll
2012-12-30 13:13 - 2014-10-15 20:44 - 03564280 _____ () C:\Program Files (x86)\Connectify\ConnectifyNAT.dll
2012-12-30 13:13 - 2014-10-15 20:44 - 00354040 _____ () C:\Program Files (x86)\Connectify\LibDispatch.dll
2014-11-09 16:13 - 2014-10-22 05:04 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-11-09 16:13 - 2014-10-22 05:04 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-11-09 16:13 - 2014-10-22 05:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-11-09 16:13 - 2014-10-22 05:04 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
2014-11-09 16:13 - 2014-10-22 05:05 - 14902600 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-2369609114-863870372-693991672-500 - Administrator - Disabled)
Fabian (S-1-5-21-2369609114-863870372-693991672-1000 - Administrator - Enabled) => C:\Users\Fabian
Gast (S-1-5-21-2369609114-863870372-693991672-501 - Limited - Enabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-2369609114-863870372-693991672-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/09/2014 06:36:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/09/2014 06:33:21 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x000001fc,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,00000000024CEB00.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.

Error: (11/09/2014 06:33:21 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x000009e8,(null),0,REG_BINARY,000000000144DF50.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.


Vorgang:
   BackupShutdown-Ereignis

Kontext:
   Ausführungskontext: Writer
   Generatorklassen-ID: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Generatorname: WMI Writer
   Generatorinstanz-ID: {f72078ac-8bd8-44e8-8643-aaa176608040}

Error: (11/09/2014 06:33:21 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x00000a5c,(null),0,REG_BINARY,000000000644DF70.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.


Vorgang:
   BackupShutdown-Ereignis

Kontext:
   Ausführungskontext: Writer
   Generatorklassen-ID: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
   Generatorname: MSSearch Service Writer
   Generatorinstanz-ID: {1d3d4878-4d11-4c48-8c7b-0bdbc2f483dc}

Error: (11/09/2014 06:33:21 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x00000310,(null),0,REG_BINARY,000000000516DE20.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.


Vorgang:
   BackupShutdown-Ereignis

Kontext:
   Ausführungskontext: Writer
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {5a2f8ec5-f98e-44d0-b99f-6c3983737b20}

Error: (11/09/2014 06:33:21 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x000001b0,SYSTEM\CurrentControlSet\Services\VSS\Diag\Registry Writer,0,REG_BINARY,00000000028CEDA0.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.


Vorgang:
   BackupShutdown-Ereignis

Kontext:
   Ausführungskontext: Writer
   Generatorklassen-ID: {afbab4a2-367d-4d15-a586-71dbb18f8485}
   Generatorname: Registry Writer
   Generatorinstanz-ID: {4457615d-688f-43d8-b2f7-035d8a1abcdc}

Error: (11/09/2014 06:33:21 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x000001ec,SYSTEM\CurrentControlSet\Services\VSS\Diag\Shadow Copy Optimization Writer,0,REG_BINARY,000000000283E930.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.


Vorgang:
   BackupShutdown-Ereignis

Kontext:
   Ausführungskontext: Writer
   Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Generatorname: Shadow Copy Optimization Writer
   Generatorinstanz-ID: {22ea694c-4b4d-424a-89dd-9fce4d9c8404}

Error: (11/09/2014 06:33:21 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x000009e8,(null),0,REG_BINARY,000000000144DF50.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.


Vorgang:
   BackupShutdown-Ereignis

Kontext:
   Ausführungskontext: Writer
   Generatorklassen-ID: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Generatorname: WMI Writer
   Generatorinstanz-ID: {f72078ac-8bd8-44e8-8643-aaa176608040}

Error: (11/09/2014 06:33:21 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x00000a5c,(null),0,REG_BINARY,000000000644DF70.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.


Vorgang:
   BackupShutdown-Ereignis

Kontext:
   Ausführungskontext: Writer
   Generatorklassen-ID: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
   Generatorname: MSSearch Service Writer
   Generatorinstanz-ID: {1d3d4878-4d11-4c48-8c7b-0bdbc2f483dc}

Error: (11/09/2014 06:33:21 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x00000310,(null),0,REG_BINARY,000000000516DE20.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.


Vorgang:
   BackupShutdown-Ereignis

Kontext:
   Ausführungskontext: Writer
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {5a2f8ec5-f98e-44d0-b99f-6c3983737b20}


System errors:
=============
Error: (11/09/2014 06:37:05 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "HitmanPro 3.7 Crusader (Boot)" wurde mit folgendem dienstspezifischem Fehler beendet: %%0.

Error: (11/09/2014 06:36:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Performance Optimizer erreicht.

Error: (11/09/2014 04:19:48 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Performance Optimizer erreicht.

Error: (11/09/2014 04:07:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/09/2014 02:44:00 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Performance Optimizer erreicht.

Error: (11/09/2014 11:46:42 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Performance Optimizer erreicht.

Error: (11/08/2014 03:39:00 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Performance Optimizer erreicht.

Error: (11/08/2014 10:56:10 AM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: 192.168.175.1192.168.173.0255.255.255.0

Error: (11/08/2014 10:30:53 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Performance Optimizer erreicht.

Error: (11/07/2014 03:39:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Performance Optimizer erreicht.


Microsoft Office Sessions:
=========================
Error: (11/09/2014 06:36:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/09/2014 06:33:21 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x000001fc,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,00000000024CEB00.72)0x80070005, Zugriff verweigert

Error: (11/09/2014 06:33:21 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x000009e8,(null),0,REG_BINARY,000000000144DF50.72)0x80070005, Zugriff verweigert


Vorgang:
   BackupShutdown-Ereignis

Kontext:
   Ausführungskontext: Writer
   Generatorklassen-ID: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Generatorname: WMI Writer
   Generatorinstanz-ID: {f72078ac-8bd8-44e8-8643-aaa176608040}

Error: (11/09/2014 06:33:21 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x00000a5c,(null),0,REG_BINARY,000000000644DF70.72)0x80070005, Zugriff verweigert


Vorgang:
   BackupShutdown-Ereignis

Kontext:
   Ausführungskontext: Writer
   Generatorklassen-ID: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
   Generatorname: MSSearch Service Writer
   Generatorinstanz-ID: {1d3d4878-4d11-4c48-8c7b-0bdbc2f483dc}

Error: (11/09/2014 06:33:21 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x00000310,(null),0,REG_BINARY,000000000516DE20.72)0x80070005, Zugriff verweigert


Vorgang:
   BackupShutdown-Ereignis

Kontext:
   Ausführungskontext: Writer
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {5a2f8ec5-f98e-44d0-b99f-6c3983737b20}

Error: (11/09/2014 06:33:21 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x000001b0,SYSTEM\CurrentControlSet\Services\VSS\Diag\Registry Writer,0,REG_BINARY,00000000028CEDA0.72)0x80070005, Zugriff verweigert


Vorgang:
   BackupShutdown-Ereignis

Kontext:
   Ausführungskontext: Writer
   Generatorklassen-ID: {afbab4a2-367d-4d15-a586-71dbb18f8485}
   Generatorname: Registry Writer
   Generatorinstanz-ID: {4457615d-688f-43d8-b2f7-035d8a1abcdc}

Error: (11/09/2014 06:33:21 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x000001ec,SYSTEM\CurrentControlSet\Services\VSS\Diag\Shadow Copy Optimization Writer,0,REG_BINARY,000000000283E930.72)0x80070005, Zugriff verweigert


Vorgang:
   BackupShutdown-Ereignis

Kontext:
   Ausführungskontext: Writer
   Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Generatorname: Shadow Copy Optimization Writer
   Generatorinstanz-ID: {22ea694c-4b4d-424a-89dd-9fce4d9c8404}

Error: (11/09/2014 06:33:21 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x000009e8,(null),0,REG_BINARY,000000000144DF50.72)0x80070005, Zugriff verweigert


Vorgang:
   BackupShutdown-Ereignis

Kontext:
   Ausführungskontext: Writer
   Generatorklassen-ID: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Generatorname: WMI Writer
   Generatorinstanz-ID: {f72078ac-8bd8-44e8-8643-aaa176608040}

Error: (11/09/2014 06:33:21 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x00000a5c,(null),0,REG_BINARY,000000000644DF70.72)0x80070005, Zugriff verweigert


Vorgang:
   BackupShutdown-Ereignis

Kontext:
   Ausführungskontext: Writer
   Generatorklassen-ID: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
   Generatorname: MSSearch Service Writer
   Generatorinstanz-ID: {1d3d4878-4d11-4c48-8c7b-0bdbc2f483dc}

Error: (11/09/2014 06:33:21 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x00000310,(null),0,REG_BINARY,000000000516DE20.72)0x80070005, Zugriff verweigert


Vorgang:
   BackupShutdown-Ereignis

Kontext:
   Ausführungskontext: Writer
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {5a2f8ec5-f98e-44d0-b99f-6c3983737b20}


==================== Memory info =========================== 

Processor: AMD E1-1200 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 49%
Total physical RAM: 3689.37 MB
Available physical RAM: 1846.89 MB
Total Pagefile: 7376.91 MB
Available Pagefile: 5159.68 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Packard Bell) (Fixed) (Total:279.99 GB) (Free:164.25 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 5BE1598A)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=280 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber · 10.11.2014, 16:42

Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:

Adobe Flash Player Packages

duownoloaditkoeep

Yahoo Community Smartbar Engine (HKU\S-1-5-21-2369609114-863870372-693991672-1000\...\{729de479-32ad-4c56-87c0-d98f001860fd}) (Version: 11.63.66.17714 - Linkury Inc.) <==== ATTENTION
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

hallohallo1 · 10.11.2014, 17:07

Ich habe beim 1. Programm beim ersten von dir markierten Fund: "Adobe Flash Player Packages" unachtsamerweise bei diesen ganzen "Verästelungen", die dort standen, nicht auf "alle markieren" und "Löschen" gedrückt, sondern nur das aller unterste gelöscht.

Ist das schlimm?

Mir wurde dann, als ich es noch mal versuchen wollte, "Adope Flash Player Packages" jedenfalls nicht mehr angezeigt.

Rootkit sagt folgendes:

Code:

ATTFilter

16:59:52.0423 0x1494  TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
16:59:57.0573 0x1494  ============================================================
16:59:57.0573 0x1494  Current date / time: 2014/11/10 16:59:57.0573
16:59:57.0573 0x1494  SystemInfo:
16:59:57.0573 0x1494  
16:59:57.0573 0x1494  OS Version: 6.1.7601 ServicePack: 1.0
16:59:57.0573 0x1494  Product type: Workstation
16:59:57.0573 0x1494  ComputerName: FABIAN-PC
16:59:57.0573 0x1494  UserName: Fabian
16:59:57.0573 0x1494  Windows directory: C:\Windows
16:59:57.0573 0x1494  System windows directory: C:\Windows
16:59:57.0573 0x1494  Running under WOW64
16:59:57.0573 0x1494  Processor architecture: Intel x64
16:59:57.0573 0x1494  Number of processors: 2
16:59:57.0573 0x1494  Page size: 0x1000
16:59:57.0573 0x1494  Boot type: Normal boot
16:59:57.0573 0x1494  ============================================================
17:00:00.0249 0x1494  KLMD registered as C:\Windows\system32\drivers\92143565.sys
17:00:00.0530 0x1494  System UUID: {1D750887-5F3C-C7B2-2745-4C71077EAF6F}
17:00:01.0467 0x1494  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:00:01.0477 0x1494  ============================================================
17:00:01.0477 0x1494  \Device\Harddisk0\DR0:
17:00:01.0477 0x1494  MBR partitions:
17:00:01.0477 0x1494  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2400800, BlocksNum 0x32000
17:00:01.0477 0x1494  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2432800, BlocksNum 0x22FFB800
17:00:01.0477 0x1494  ============================================================
17:00:01.0487 0x1494  C: <-> \Device\Harddisk0\DR0\Partition2
17:00:01.0487 0x1494  ============================================================
17:00:01.0497 0x1494  Initialize success
17:00:01.0497 0x1494  ============================================================
17:00:26.0288 0x09fc  ============================================================
17:00:26.0288 0x09fc  Scan started
17:00:26.0288 0x09fc  Mode: Manual; SigCheck; TDLFS; 
17:00:26.0288 0x09fc  ============================================================
17:00:26.0288 0x09fc  KSN ping started
17:00:28.0960 0x09fc  KSN ping finished: true
17:00:30.0964 0x09fc  ================ Scan system memory ========================
17:00:30.0964 0x09fc  System memory - ok
17:00:30.0974 0x09fc  ================ Scan services =============================
17:00:31.0332 0x09fc  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
17:00:31.0556 0x09fc  1394ohci - ok
17:00:31.0666 0x09fc  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] 892cc6a3        C:\Windows\system32\rundll32.exe
17:00:31.0776 0x09fc  892cc6a3 - ok
17:00:31.0856 0x09fc  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:00:31.0906 0x09fc  ACPI - ok
17:00:31.0956 0x09fc  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
17:00:32.0066 0x09fc  AcpiPmi - ok
17:00:32.0216 0x09fc  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:00:32.0256 0x09fc  AdobeARMservice - ok
17:00:32.0436 0x09fc  [ 2637233632CCD1837A1A57A43CAF00A4, 848026C6C9B38FD9F70BC7B2306BF4F5DD395726D4FDD6A18B29354921191DC5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:00:32.0476 0x09fc  AdobeFlashPlayerUpdateSvc - ok
17:00:32.0558 0x09fc  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
17:00:32.0608 0x09fc  adp94xx - ok
17:00:32.0668 0x09fc  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
17:00:32.0718 0x09fc  adpahci - ok
17:00:32.0778 0x09fc  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
17:00:32.0808 0x09fc  adpu320 - ok
17:00:32.0850 0x09fc  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:00:33.0030 0x09fc  AeLookupSvc - ok
17:00:33.0150 0x09fc  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
17:00:33.0220 0x09fc  AFD - ok
17:00:33.0270 0x09fc  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
17:00:33.0300 0x09fc  agp440 - ok
17:00:33.0340 0x09fc  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
17:00:33.0420 0x09fc  ALG - ok
17:00:33.0470 0x09fc  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:00:33.0490 0x09fc  aliide - ok
17:00:33.0540 0x09fc  [ 66FCF36806C3935ED8D737AA31C07F79, 5342183D016AEC16E8777A0ABFAF16816F5FCDBBA02A6B0925190273521E4A17 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:00:33.0660 0x09fc  AMD External Events Utility - ok
17:00:33.0732 0x09fc  [ 2EF1BA6D5DC79FCE5E9216C8C2D3F193, E59E79AF44878AAC09DF5DE8CEDB9088800711553C7C7E358328274C116B46F9 ] amdhub30        C:\Windows\system32\DRIVERS\amdhub30.sys
17:00:33.0792 0x09fc  amdhub30 - ok
17:00:33.0852 0x09fc  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
17:00:33.0872 0x09fc  amdide - ok
17:00:33.0922 0x09fc  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
17:00:33.0962 0x09fc  AmdK8 - ok
17:00:34.0864 0x09fc  [ C65753E40859ABCD8F365610F9A08E3A, DDECFA8798306E35B45401865DBC78AD34AD05037FF82B32C356BBC6AAE7D12E ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
17:00:35.0806 0x09fc  amdkmdag - ok
17:00:35.0906 0x09fc  [ C6552C552C10927CC4C3D508D429B245, C23E299D2472509AABDE74475F8D6B8E0C1EA8C7E45C4D812FBB90BD028BE13B ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
17:00:35.0986 0x09fc  amdkmdap - ok
17:00:36.0076 0x09fc  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
17:00:36.0126 0x09fc  AmdPPM - ok
17:00:36.0176 0x09fc  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:00:36.0206 0x09fc  amdsata - ok
17:00:36.0278 0x09fc  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
17:00:36.0326 0x09fc  amdsbs - ok
17:00:36.0360 0x09fc  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:00:36.0380 0x09fc  amdxata - ok
17:00:36.0430 0x09fc  [ 541A6C49C792ED71FB3EFF8C815CFE60, BC8D740C980CA60C06364CB75BDA323A1604C4CFAF753FD8C44D2FF312C6C7E1 ] amdxhc          C:\Windows\system32\DRIVERS\amdxhc.sys
17:00:36.0460 0x09fc  amdxhc - ok
17:00:36.0512 0x09fc  [ 4DE0D5D747A73797C95A97DCCE5018B5, 17EC669675C2E43515EFE2D8BCC9DDFFBE64F99EBFB9A6DAB429F65A2B504560 ] androidusb      C:\Windows\system32\Drivers\ssadadb.sys
17:00:36.0582 0x09fc  androidusb - ok
17:00:36.0632 0x09fc  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
17:00:36.0822 0x09fc  AppID - ok
17:00:36.0872 0x09fc  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:00:36.0962 0x09fc  AppIDSvc - ok
17:00:37.0012 0x09fc  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
17:00:37.0082 0x09fc  Appinfo - ok
17:00:37.0162 0x09fc  [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:00:37.0202 0x09fc  Apple Mobile Device - ok
17:00:37.0242 0x09fc  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
17:00:37.0272 0x09fc  arc - ok
17:00:37.0314 0x09fc  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
17:00:37.0344 0x09fc  arcsas - ok
17:00:37.0504 0x09fc  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:00:37.0534 0x09fc  aspnet_state - ok
17:00:37.0574 0x09fc  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:00:37.0664 0x09fc  AsyncMac - ok
17:00:37.0724 0x09fc  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
17:00:37.0744 0x09fc  atapi - ok
17:00:37.0993 0x09fc  [ 7D0398396727195CC73D703001D3CFF4, 5175C5061AB201F688538E1C6849F42BB987121C0FB9189BB8616E8573522969 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
17:00:38.0286 0x09fc  athr - ok
17:00:38.0346 0x09fc  [ 2B3B05C0A7768BF033217EB8F33F9C35, F7B13158440CAE46EC93F29BA47A960194A5A2AD71B5BF628AF4661CEE096402 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
17:00:38.0366 0x09fc  AtiHDAudioService - ok
17:00:38.0436 0x09fc  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:00:38.0576 0x09fc  AudioEndpointBuilder - ok
17:00:38.0626 0x09fc  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
17:00:38.0750 0x09fc  AudioSrv - ok
17:00:38.0798 0x09fc  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:00:38.0918 0x09fc  AxInstSV - ok
17:00:38.0988 0x09fc  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
17:00:39.0112 0x09fc  b06bdrv - ok
17:00:39.0152 0x09fc  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
17:00:39.0212 0x09fc  b57nd60a - ok
17:00:39.0262 0x09fc  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
17:00:39.0312 0x09fc  BDESVC - ok
17:00:39.0332 0x09fc  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:00:39.0433 0x09fc  Beep - ok
17:00:39.0516 0x09fc  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
17:00:39.0618 0x09fc  BFE - ok
17:00:39.0708 0x09fc  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
17:00:39.0871 0x09fc  BITS - ok
17:00:39.0910 0x09fc  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
17:00:39.0960 0x09fc  blbdrive - ok
17:00:40.0070 0x09fc  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:00:40.0120 0x09fc  Bonjour Service - ok
17:00:40.0150 0x09fc  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:00:40.0230 0x09fc  bowser - ok
17:00:40.0260 0x09fc  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
17:00:40.0290 0x09fc  BrFiltLo - ok
17:00:40.0320 0x09fc  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
17:00:40.0350 0x09fc  BrFiltUp - ok
17:00:40.0402 0x09fc  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
17:00:40.0442 0x09fc  Browser - ok
17:00:40.0482 0x09fc  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
17:00:40.0562 0x09fc  Brserid - ok
17:00:40.0612 0x09fc  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:00:40.0662 0x09fc  BrSerWdm - ok
17:00:40.0682 0x09fc  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:00:40.0732 0x09fc  BrUsbMdm - ok
17:00:40.0752 0x09fc  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:00:40.0792 0x09fc  BrUsbSer - ok
17:00:40.0822 0x09fc  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
17:00:40.0872 0x09fc  BTHMODEM - ok
17:00:40.0922 0x09fc  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
17:00:41.0002 0x09fc  bthserv - ok
17:00:41.0032 0x09fc  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:00:41.0132 0x09fc  cdfs - ok
17:00:41.0182 0x09fc  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
17:00:41.0232 0x09fc  cdrom - ok
17:00:41.0282 0x09fc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
17:00:41.0362 0x09fc  CertPropSvc - ok
17:00:41.0396 0x09fc  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
17:00:41.0434 0x09fc  circlass - ok
17:00:41.0474 0x09fc  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
17:00:41.0524 0x09fc  CLFS - ok
17:00:41.0624 0x09fc  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:00:41.0644 0x09fc  clr_optimization_v2.0.50727_32 - ok
17:00:41.0694 0x09fc  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:00:41.0724 0x09fc  clr_optimization_v2.0.50727_64 - ok
17:00:41.0834 0x09fc  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:00:41.0874 0x09fc  clr_optimization_v4.0.30319_32 - ok
17:00:41.0904 0x09fc  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:00:41.0934 0x09fc  clr_optimization_v4.0.30319_64 - ok
17:00:41.0986 0x09fc  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
17:00:42.0016 0x09fc  CmBatt - ok
17:00:42.0078 0x09fc  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:00:42.0098 0x09fc  cmdide - ok
17:00:42.0168 0x09fc  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
17:00:42.0248 0x09fc  CNG - ok
17:00:42.0288 0x09fc  [ 2A905777046DEB1DF122E089AA76BD0B, F91FA81E6B80146196BC044AEECB26CBDFDEC54C18E772D45D3F55B8F898B732 ] cnnctfy3        C:\Windows\system32\DRIVERS\cnnctfy3.sys
17:00:42.0318 0x09fc  cnnctfy3 - ok
17:00:42.0368 0x09fc  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
17:00:42.0388 0x09fc  Compbatt - ok
17:00:42.0422 0x09fc  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
17:00:42.0470 0x09fc  CompositeBus - ok
17:00:42.0490 0x09fc  COMSysApp - ok
17:00:42.0600 0x09fc  [ AC12BAF3215D256AE644F9EE06EBEF8B, 662616F89EDC1E0F2E5DA9543DF30836B050F4DCC9E1EABCC6A805BFE6258D03 ] Connectify      C:\Program Files (x86)\Connectify\ConnectifyService.exe
17:00:42.0670 0x09fc  Connectify - detected UnsignedFile.Multi.Generic ( 1 )
17:00:45.0342 0x09fc  Detect skipped due to KSN trusted
17:00:45.0342 0x09fc  Connectify - ok
17:00:45.0412 0x09fc  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
17:00:45.0432 0x09fc  crcdisk - ok
17:00:45.0542 0x09fc  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:00:45.0622 0x09fc  CryptSvc - ok
17:00:45.0802 0x09fc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:00:45.0952 0x09fc  DcomLaunch - ok
17:00:46.0062 0x09fc  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
17:00:46.0184 0x09fc  defragsvc - ok
17:00:46.0384 0x09fc  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:00:46.0494 0x09fc  DfsC - ok
17:00:46.0554 0x09fc  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:00:46.0654 0x09fc  Dhcp - ok
17:00:46.0704 0x09fc  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
17:00:46.0784 0x09fc  discache - ok
17:00:46.0834 0x09fc  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
17:00:46.0864 0x09fc  Disk - ok
17:00:46.0904 0x09fc  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:00:46.0984 0x09fc  Dnscache - ok
17:00:47.0014 0x09fc  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:00:47.0116 0x09fc  dot3svc - ok
17:00:47.0196 0x09fc  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
17:00:47.0336 0x09fc  DPS - ok
17:00:47.0476 0x09fc  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:00:47.0546 0x09fc  drmkaud - ok
17:00:47.0836 0x09fc  [ C02FF01B821FBB72104132E56EC5B881, 161AC96EE71C9B1F59ACE07EDC7550E1203C8DEFF6B333D298D564FAF536CF96 ] DsiWMIService   C:\Program Files (x86)\Launch Manager\dsiwmis.exe
17:00:47.0886 0x09fc  DsiWMIService - ok
17:00:48.0056 0x09fc  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:00:48.0169 0x09fc  DXGKrnl - ok
17:00:48.0218 0x09fc  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
17:00:48.0338 0x09fc  EapHost - ok
17:00:48.0880 0x09fc  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
17:00:49.0234 0x09fc  ebdrv - ok
17:00:49.0284 0x09fc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
17:00:49.0384 0x09fc  EFS - ok
17:00:49.0584 0x09fc  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:00:49.0766 0x09fc  ehRecvr - ok
17:00:49.0906 0x09fc  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
17:00:49.0966 0x09fc  ehSched - ok
17:00:50.0156 0x09fc  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
17:00:50.0206 0x09fc  elxstor - ok
17:00:50.0496 0x09fc  [ 76B978AD795A7E71C48390B000F6023F, 0A398C0FD9F72A0865343E2153F1F4CFA9EE375DC77E87FBDE38A1A8CA3061EB ] ePowerSvc       C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
17:00:50.0586 0x09fc  ePowerSvc - ok
17:00:50.0626 0x09fc  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:00:50.0686 0x09fc  ErrDev - ok
17:00:50.0816 0x09fc  [ 9FD76E7BA1D2A534B7BCF5BD5755E24B, ECC5E023CC778EDC0A9D9A6807D0457D583611B3968DEEEC4C2A34EE12391DE4 ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
17:00:50.0856 0x09fc  ETD - ok
17:00:50.0936 0x09fc  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
17:00:51.0076 0x09fc  EventSystem - ok
17:00:51.0116 0x09fc  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
17:00:51.0206 0x09fc  exfat - ok
17:00:51.0248 0x09fc  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:00:51.0388 0x09fc  fastfat - ok
17:00:51.0608 0x09fc  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
17:00:51.0740 0x09fc  Fax - ok
17:00:51.0770 0x09fc  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
17:00:51.0840 0x09fc  fdc - ok
17:00:51.0940 0x09fc  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
17:00:52.0050 0x09fc  fdPHost - ok
17:00:52.0120 0x09fc  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:00:52.0250 0x09fc  FDResPub - ok
17:00:52.0280 0x09fc  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:00:52.0310 0x09fc  FileInfo - ok
17:00:52.0350 0x09fc  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:00:52.0430 0x09fc  Filetrace - ok
17:00:52.0530 0x09fc  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
17:00:52.0570 0x09fc  flpydisk - ok
17:00:52.0670 0x09fc  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:00:52.0710 0x09fc  FltMgr - ok
17:00:53.0030 0x09fc  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
17:00:53.0220 0x09fc  FontCache - ok
17:00:53.0400 0x09fc  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:00:53.0440 0x09fc  FontCache3.0.0.0 - ok
17:00:53.0490 0x09fc  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:00:53.0530 0x09fc  FsDepends - ok
17:00:53.0640 0x09fc  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:00:53.0670 0x09fc  Fs_Rec - ok
17:00:53.0760 0x09fc  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:00:53.0800 0x09fc  fvevol - ok
17:00:53.0900 0x09fc  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
17:00:53.0930 0x09fc  gagp30kx - ok
17:00:54.0190 0x09fc  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
17:00:54.0230 0x09fc  GamesAppService - ok
17:00:54.0322 0x09fc  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:00:54.0362 0x09fc  GEARAspiWDM - ok
17:00:54.0612 0x09fc  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
17:00:54.0798 0x09fc  gpsvc - ok
17:00:54.0964 0x09fc  [ 32096F187020A54D29C95B3A1467D963, 2A50686C1FC921B02F6B7472AC09B2CFD9DE290D22DD0342A94AB8E95AC3DC6C ] GREGService     C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
17:00:54.0994 0x09fc  GREGService - ok
17:00:55.0214 0x09fc  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:00:55.0254 0x09fc  gupdate - ok
17:00:55.0374 0x09fc  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:00:55.0414 0x09fc  gupdatem - ok
17:00:55.0464 0x09fc  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:00:55.0554 0x09fc  hcw85cir - ok
17:00:55.0694 0x09fc  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:00:55.0774 0x09fc  HdAudAddService - ok
17:00:55.0819 0x09fc  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
17:00:55.0872 0x09fc  HDAudBus - ok
17:00:55.0899 0x09fc  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
17:00:55.0938 0x09fc  HidBatt - ok
17:00:55.0976 0x09fc  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
17:00:56.0086 0x09fc  HidBth - ok
17:00:56.0144 0x09fc  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
17:00:56.0188 0x09fc  HidIr - ok
17:00:56.0227 0x09fc  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
17:00:56.0314 0x09fc  hidserv - ok
17:00:56.0382 0x09fc  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
17:00:56.0412 0x09fc  HidUsb - ok
17:00:56.0474 0x09fc  [ 545EE654B04D52AF2E7F5F393D1F7D75, 3035171E5E54F6E6FB8BFCA237FCE5564BE3F58EEDA54441334FF3B71EEE1D24 ] hitmanpro37     C:\Windows\system32\drivers\hitmanpro37.sys
17:00:56.0514 0x09fc  hitmanpro37 - ok
17:00:56.0576 0x09fc  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:00:56.0696 0x09fc  hkmsvc - ok
17:00:56.0738 0x09fc  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:00:56.0818 0x09fc  HomeGroupListener - ok
17:00:56.0866 0x09fc  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:00:56.0910 0x09fc  HomeGroupProvider - ok
17:00:56.0962 0x09fc  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:00:56.0982 0x09fc  HpSAMD - ok
17:00:57.0074 0x09fc  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:00:57.0227 0x09fc  HTTP - ok
17:00:57.0260 0x09fc  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:00:57.0278 0x09fc  hwpolicy - ok
17:00:57.0360 0x09fc  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
17:00:57.0400 0x09fc  i8042prt - ok
17:00:57.0472 0x09fc  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:00:57.0522 0x09fc  iaStorV - ok
17:00:57.0738 0x09fc  [ 3CC7B3BB1A9EA201A040883EDFAA67A0, F543A779BA8CBFD5E0B939844B9CB47A2C05A400C693635F520438C18FFDFAF1 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
17:00:57.0956 0x09fc  IconMan_R - ok
17:00:58.0151 0x09fc  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:00:58.0244 0x09fc  idsvc - ok
17:00:58.0294 0x09fc  IEEtwCollectorService - ok
17:00:58.0340 0x09fc  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
17:00:58.0365 0x09fc  iirsp - ok
17:00:58.0466 0x09fc  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
17:00:58.0578 0x09fc  IKEEXT - ok
17:00:59.0007 0x09fc  [ F242E36CDA231701CFA702641C20FAEC, 47350EF8474F83249A9126AB6894145732CA0B68DA2EE001940C9E4AEF128B88 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:00:59.0376 0x09fc  IntcAzAudAddService - ok
17:00:59.0456 0x09fc  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
17:00:59.0486 0x09fc  intelide - ok
17:00:59.0549 0x09fc  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
17:00:59.0599 0x09fc  intelppm - ok
17:00:59.0649 0x09fc  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:00:59.0758 0x09fc  IPBusEnum - ok
17:00:59.0799 0x09fc  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:00:59.0889 0x09fc  IpFilterDriver - ok
17:00:59.0989 0x09fc  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:01:00.0149 0x09fc  iphlpsvc - ok
17:01:00.0179 0x09fc  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
17:01:00.0239 0x09fc  IPMIDRV - ok
17:01:00.0309 0x09fc  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:01:00.0419 0x09fc  IPNAT - ok
17:01:00.0499 0x09fc  [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
17:01:00.0559 0x09fc  iPod Service - ok
17:01:00.0589 0x09fc  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:01:00.0629 0x09fc  IRENUM - ok
17:01:00.0659 0x09fc  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:01:00.0679 0x09fc  isapnp - ok
17:01:00.0739 0x09fc  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:01:00.0779 0x09fc  iScsiPrt - ok
17:01:00.0809 0x09fc  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
17:01:00.0839 0x09fc  kbdclass - ok
17:01:00.0859 0x09fc  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
17:01:00.0899 0x09fc  kbdhid - ok
17:01:00.0919 0x09fc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
17:01:00.0949 0x09fc  KeyIso - ok
17:01:01.0000 0x09fc  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:01:01.0030 0x09fc  KSecDD - ok
17:01:01.0060 0x09fc  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:01:01.0090 0x09fc  KSecPkg - ok
17:01:01.0130 0x09fc  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
17:01:01.0230 0x09fc  ksthunk - ok
17:01:01.0280 0x09fc  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:01:01.0390 0x09fc  KtmRm - ok
17:01:01.0450 0x09fc  [ 3CE6A9BEF066BF9488E6BC4D6C62F77E, CDE0A0DCD9A5A2E49DE55E720B5A6FFF502EE139C0EC8793638560E75BF2118C ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
17:01:01.0480 0x09fc  L1C - ok
17:01:01.0540 0x09fc  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
17:01:01.0640 0x09fc  LanmanServer - ok
17:01:01.0710 0x09fc  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:01:01.0810 0x09fc  LanmanWorkstation - ok
17:01:01.0940 0x09fc  [ 6BB516A31DE232DAB436FF3A117E1E80, 1B91633C9D2FDD27B1712557E95D5642973105F0161D57E074A0601B666F1221 ] Live Updater Service C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
17:01:01.0970 0x09fc  Live Updater Service - ok
17:01:02.0021 0x09fc  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:01:02.0111 0x09fc  lltdio - ok
17:01:02.0161 0x09fc  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:01:02.0271 0x09fc  lltdsvc - ok
17:01:02.0291 0x09fc  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:01:02.0381 0x09fc  lmhosts - ok
17:01:02.0421 0x09fc  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
17:01:02.0461 0x09fc  LSI_FC - ok
17:01:02.0501 0x09fc  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
17:01:02.0531 0x09fc  LSI_SAS - ok
17:01:02.0551 0x09fc  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
17:01:02.0581 0x09fc  LSI_SAS2 - ok
17:01:02.0611 0x09fc  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
17:01:02.0641 0x09fc  LSI_SCSI - ok
17:01:02.0661 0x09fc  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
17:01:02.0751 0x09fc  luafv - ok
17:01:02.0811 0x09fc  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:01:02.0861 0x09fc  Mcx2Svc - ok
17:01:02.0911 0x09fc  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
17:01:02.0941 0x09fc  megasas - ok
17:01:02.0981 0x09fc  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
17:01:03.0021 0x09fc  MegaSR - ok
17:01:03.0061 0x09fc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
17:01:03.0151 0x09fc  MMCSS - ok
17:01:03.0171 0x09fc  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
17:01:03.0261 0x09fc  Modem - ok
17:01:03.0311 0x09fc  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:01:03.0361 0x09fc  monitor - ok
17:01:03.0411 0x09fc  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:01:03.0441 0x09fc  mouclass - ok
17:01:03.0471 0x09fc  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:01:03.0511 0x09fc  mouhid - ok
17:01:03.0541 0x09fc  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:01:03.0571 0x09fc  mountmgr - ok
17:01:03.0621 0x09fc  [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:01:03.0651 0x09fc  MozillaMaintenance - ok
17:01:03.0691 0x09fc  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:01:03.0731 0x09fc  mpio - ok
17:01:03.0761 0x09fc  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:01:03.0841 0x09fc  mpsdrv - ok
17:01:03.0941 0x09fc  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:01:04.0081 0x09fc  MpsSvc - ok
17:01:04.0153 0x09fc  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:01:04.0203 0x09fc  MRxDAV - ok
17:01:04.0253 0x09fc  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:01:04.0323 0x09fc  mrxsmb - ok
17:01:04.0353 0x09fc  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:01:04.0393 0x09fc  mrxsmb10 - ok
17:01:04.0423 0x09fc  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:01:04.0463 0x09fc  mrxsmb20 - ok
17:01:04.0523 0x09fc  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:01:04.0553 0x09fc  msahci - ok
17:01:04.0593 0x09fc  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:01:04.0623 0x09fc  msdsm - ok
17:01:04.0653 0x09fc  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
17:01:04.0693 0x09fc  MSDTC - ok
17:01:04.0723 0x09fc  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:01:04.0823 0x09fc  Msfs - ok
17:01:04.0843 0x09fc  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:01:04.0923 0x09fc  mshidkmdf - ok
17:01:04.0963 0x09fc  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:01:04.0983 0x09fc  msisadrv - ok
17:01:05.0023 0x09fc  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:01:05.0125 0x09fc  MSiSCSI - ok
17:01:05.0135 0x09fc  msiserver - ok
17:01:05.0155 0x09fc  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:01:05.0245 0x09fc  MSKSSRV - ok
17:01:05.0275 0x09fc  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:01:05.0365 0x09fc  MSPCLOCK - ok
17:01:05.0385 0x09fc  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:01:05.0475 0x09fc  MSPQM - ok
17:01:05.0515 0x09fc  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:01:05.0555 0x09fc  MsRPC - ok
17:01:05.0587 0x09fc  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
17:01:05.0607 0x09fc  mssmbios - ok
17:01:05.0637 0x09fc  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:01:05.0727 0x09fc  MSTEE - ok
17:01:05.0757 0x09fc  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
17:01:05.0777 0x09fc  MTConfig - ok
17:01:05.0807 0x09fc  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
17:01:05.0837 0x09fc  Mup - ok
17:01:05.0897 0x09fc  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
17:01:06.0027 0x09fc  napagent - ok
17:01:06.0137 0x09fc  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:01:06.0207 0x09fc  NativeWifiP - ok
17:01:06.0417 0x09fc  [ 13AA2130F2A104DD775EAD0F0EE5417B, EBA07599FC2D10750CE6372EA6BA94EDDAFFF732223A1135F1971B958A6B57A2 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
17:01:06.0477 0x09fc  NAUpdate - ok
17:01:06.0627 0x09fc  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:01:06.0707 0x09fc  NDIS - ok
17:01:06.0760 0x09fc  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:01:06.0850 0x09fc  NdisCap - ok
17:01:06.0890 0x09fc  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:01:06.0970 0x09fc  NdisTapi - ok
17:01:07.0030 0x09fc  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:01:07.0129 0x09fc  Ndisuio - ok
17:01:07.0164 0x09fc  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:01:07.0269 0x09fc  NdisWan - ok
17:01:07.0322 0x09fc  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:01:07.0411 0x09fc  NDProxy - ok
17:01:07.0454 0x09fc  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:01:07.0555 0x09fc  NetBIOS - ok
17:01:07.0606 0x09fc  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
17:01:07.0700 0x09fc  NetBT - ok
17:01:07.0745 0x09fc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
17:01:07.0794 0x09fc  Netlogon - ok
17:01:07.0870 0x09fc  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
17:01:08.0000 0x09fc  Netman - ok
17:01:08.0072 0x09fc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:01:08.0112 0x09fc  NetMsmqActivator - ok
17:01:08.0144 0x09fc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:01:08.0188 0x09fc  NetPipeActivator - ok
17:01:08.0255 0x09fc  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
17:01:08.0376 0x09fc  netprofm - ok
17:01:08.0426 0x09fc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:01:08.0466 0x09fc  NetTcpActivator - ok
17:01:08.0476 0x09fc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:01:08.0516 0x09fc  NetTcpPortSharing - ok
17:01:08.0566 0x09fc  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
17:01:08.0596 0x09fc  nfrd960 - ok
17:01:08.0646 0x09fc  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:01:08.0706 0x09fc  NlaSvc - ok
17:01:08.0966 0x09fc  [ 5839A8027D6D324A7CD494051A96628C, 474F2D0BB463ABE68D7C4D2C630860AED4B722EC62C616C91EE00AA965378382 ] NOBU            C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
17:01:09.0228 0x09fc  NOBU - ok
17:01:09.0310 0x09fc  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:01:09.0387 0x09fc  Npfs - ok
17:01:09.0442 0x09fc  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
17:01:09.0528 0x09fc  nsi - ok
17:01:09.0577 0x09fc  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:01:09.0677 0x09fc  nsiproxy - ok
17:01:10.0070 0x09fc  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:01:10.0233 0x09fc  Ntfs - ok
17:01:10.0286 0x09fc  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
17:01:10.0386 0x09fc  Null - ok
17:01:10.0432 0x09fc  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:01:10.0498 0x09fc  nvraid - ok
17:01:10.0541 0x09fc  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:01:10.0573 0x09fc  nvstor - ok
17:01:10.0612 0x09fc  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:01:10.0658 0x09fc  nv_agp - ok
17:01:10.0693 0x09fc  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:01:10.0735 0x09fc  ohci1394 - ok
17:01:10.0802 0x09fc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:01:10.0892 0x09fc  p2pimsvc - ok
17:01:10.0976 0x09fc  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
17:01:11.0075 0x09fc  p2psvc - ok
17:01:11.0121 0x09fc  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
17:01:11.0154 0x09fc  Parport - ok
17:01:11.0198 0x09fc  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:01:11.0225 0x09fc  partmgr - ok
17:01:11.0319 0x09fc  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:01:11.0378 0x09fc  PcaSvc - ok
17:01:11.0422 0x09fc  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
17:01:11.0462 0x09fc  pci - ok
17:01:11.0518 0x09fc  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
17:01:11.0541 0x09fc  pciide - ok
17:01:11.0583 0x09fc  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
17:01:11.0620 0x09fc  pcmcia - ok
17:01:11.0657 0x09fc  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
17:01:11.0695 0x09fc  pcw - ok
17:01:11.0770 0x09fc  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:01:11.0923 0x09fc  PEAUTH - ok
17:01:12.0060 0x09fc  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
17:01:12.0122 0x09fc  PerfHost - ok
17:01:12.0274 0x09fc  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
17:01:12.0477 0x09fc  pla - ok
17:01:12.0555 0x09fc  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:01:12.0647 0x09fc  PlugPlay - ok
17:01:12.0698 0x09fc  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:01:12.0729 0x09fc  PNRPAutoReg - ok
17:01:12.0790 0x09fc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:01:12.0838 0x09fc  PNRPsvc - ok
17:01:12.0921 0x09fc  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:01:13.0063 0x09fc  PolicyAgent - ok
17:01:13.0103 0x09fc  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
17:01:13.0203 0x09fc  Power - ok
17:01:13.0265 0x09fc  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:01:13.0368 0x09fc  PptpMiniport - ok
17:01:13.0406 0x09fc  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
17:01:13.0447 0x09fc  Processor - ok
17:01:13.0517 0x09fc  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
17:01:13.0575 0x09fc  ProfSvc - ok
17:01:13.0601 0x09fc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:01:13.0630 0x09fc  ProtectedStorage - ok
17:01:13.0677 0x09fc  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:01:13.0809 0x09fc  Psched - ok
17:01:13.0891 0x09fc  [ DD3FD48D69F5FBBB21D46D1514C1C2DB, 2B188E3AC4BD9B608D375DD550507717852C2AF7C0F99FFED90098999B9D4F01 ] PSI             C:\Windows\system32\DRIVERS\psi_mf_amd64.sys
17:01:13.0921 0x09fc  PSI - ok
17:01:14.0081 0x09fc  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
17:01:14.0203 0x09fc  ql2300 - ok
17:01:14.0254 0x09fc  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
17:01:14.0285 0x09fc  ql40xx - ok
17:01:14.0337 0x09fc  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
17:01:14.0398 0x09fc  QWAVE - ok
17:01:14.0444 0x09fc  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:01:14.0504 0x09fc  QWAVEdrv - ok
17:01:14.0534 0x09fc  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:01:14.0619 0x09fc  RasAcd - ok
17:01:14.0669 0x09fc  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
17:01:14.0745 0x09fc  RasAgileVpn - ok
17:01:14.0797 0x09fc  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
17:01:14.0894 0x09fc  RasAuto - ok
17:01:14.0969 0x09fc  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:01:15.0071 0x09fc  Rasl2tp - ok
17:01:15.0123 0x09fc  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
17:01:15.0234 0x09fc  RasMan - ok
17:01:15.0293 0x09fc  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:01:15.0393 0x09fc  RasPppoe - ok
17:01:15.0431 0x09fc  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:01:15.0530 0x09fc  RasSstp - ok
17:01:15.0577 0x09fc  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:01:15.0686 0x09fc  rdbss - ok
17:01:15.0731 0x09fc  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
17:01:15.0769 0x09fc  rdpbus - ok
17:01:15.0819 0x09fc  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:01:15.0928 0x09fc  RDPCDD - ok
17:01:15.0971 0x09fc  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:01:16.0065 0x09fc  RDPENCDD - ok
17:01:16.0113 0x09fc  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:01:16.0192 0x09fc  RDPREFMP - ok
17:01:16.0255 0x09fc  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:01:16.0325 0x09fc  RDPWD - ok
17:01:16.0397 0x09fc  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:01:16.0437 0x09fc  rdyboost - ok
17:01:16.0489 0x09fc  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:01:16.0595 0x09fc  RemoteAccess - ok
17:01:16.0661 0x09fc  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:01:16.0769 0x09fc  RemoteRegistry - ok
17:01:16.0824 0x09fc  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:01:16.0905 0x09fc  RpcEptMapper - ok
17:01:16.0940 0x09fc  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
17:01:16.0973 0x09fc  RpcLocator - ok
17:01:17.0045 0x09fc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
17:01:17.0167 0x09fc  RpcSs - ok
17:01:17.0227 0x09fc  [ 1EA2EDA2D6CD253CE3EC3387FEAA40AC, 292A5F3B8E91617C33D86353AE584106E651BFF9CFF725A6BDD029812973C66B ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
17:01:17.0267 0x09fc  RSPCIESTOR - ok
17:01:17.0319 0x09fc  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:01:17.0412 0x09fc  rspndr - ok
17:01:17.0446 0x09fc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
17:01:17.0473 0x09fc  SamSs - ok
17:01:17.0502 0x09fc  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:01:17.0531 0x09fc  sbp2port - ok
17:01:17.0593 0x09fc  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:01:17.0694 0x09fc  SCardSvr - ok
17:01:17.0740 0x09fc  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:01:17.0844 0x09fc  scfilter - ok
17:01:17.0958 0x09fc  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
17:01:18.0138 0x09fc  Schedule - ok
17:01:18.0193 0x09fc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:01:18.0270 0x09fc  SCPolicySvc - ok
17:01:18.0314 0x09fc  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:01:18.0375 0x09fc  SDRSVC - ok
17:01:18.0435 0x09fc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:01:18.0545 0x09fc  secdrv - ok
17:01:18.0596 0x09fc  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
17:01:18.0692 0x09fc  seclogon - ok
17:01:18.0981 0x09fc  [ 398A81D590424441B2F5C5C08073CADB, 1E064DFCC49EB0D8A4150276BF796B9DFA030C451570A170EC940F8CBAAD80F3 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
17:01:19.0142 0x09fc  Secunia PSI Agent - ok
17:01:19.0343 0x09fc  [ 8C2D3A80FC90A860F0F24DEB67471481, CE4D17B63149C44B4CD5CB7776FD4705DC675F6D2D077D53BE15578294EBC9D4 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
17:01:19.0415 0x09fc  Secunia Update Agent - ok
17:01:19.0465 0x09fc  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
17:01:19.0586 0x09fc  SENS - ok
17:01:19.0629 0x09fc  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:01:19.0687 0x09fc  SensrSvc - ok
17:01:19.0727 0x09fc  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
17:01:19.0777 0x09fc  Serenum - ok
17:01:19.0834 0x09fc  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
17:01:19.0879 0x09fc  Serial - ok
17:01:19.0929 0x09fc  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
17:01:19.0969 0x09fc  sermouse - ok
17:01:20.0031 0x09fc  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
17:01:20.0141 0x09fc  SessionEnv - ok
17:01:20.0183 0x09fc  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:01:20.0253 0x09fc  sffdisk - ok
17:01:20.0278 0x09fc  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:01:20.0315 0x09fc  sffp_mmc - ok
17:01:20.0358 0x09fc  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:01:20.0407 0x09fc  sffp_sd - ok
17:01:20.0451 0x09fc  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
17:01:20.0469 0x09fc  sfloppy - ok
17:01:20.0551 0x09fc  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:01:20.0673 0x09fc  SharedAccess - ok
17:01:20.0743 0x09fc  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:01:20.0865 0x09fc  ShellHWDetection - ok
17:01:20.0910 0x09fc  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
17:01:20.0935 0x09fc  SiSRaid2 - ok
17:01:20.0966 0x09fc  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
17:01:20.0987 0x09fc  SiSRaid4 - ok
17:01:21.0077 0x09fc  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
17:01:21.0117 0x09fc  SkypeUpdate - ok
17:01:21.0167 0x09fc  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:01:21.0257 0x09fc  Smb - ok
17:01:21.0307 0x09fc  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:01:21.0337 0x09fc  SNMPTRAP - ok
17:01:21.0347 0x09fc  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:01:21.0377 0x09fc  spldr - ok
17:01:21.0437 0x09fc  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
17:01:21.0527 0x09fc  Spooler - ok
17:01:21.0778 0x09fc  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
17:01:22.0181 0x09fc  sppsvc - ok
17:01:22.0211 0x09fc  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
17:01:22.0291 0x09fc  sppuinotify - ok
17:01:22.0381 0x09fc  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:01:22.0471 0x09fc  srv - ok
17:01:22.0511 0x09fc  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:01:22.0591 0x09fc  srv2 - ok
17:01:22.0631 0x09fc  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:01:22.0671 0x09fc  srvnet - ok
17:01:22.0731 0x09fc  [ 8F8324ED1DE63FFC7B1A02CD2D963C72, E58603F81DEAFF1D45CB83FB6E625E6A13868741B833B1C9E60D672179D18EE0 ] ssadbus         C:\Windows\system32\DRIVERS\ssadbus.sys
17:01:22.0801 0x09fc  ssadbus - ok
17:01:22.0831 0x09fc  [ 58221EFCB74167B73667F0024C661CE0, D9B67A8897B4DC3E4729187F17ABEB4710CF57440D718E17ED828439198D34DB ] ssadmdfl        C:\Windows\system32\DRIVERS\ssadmdfl.sys
17:01:22.0881 0x09fc  ssadmdfl - ok
17:01:22.0931 0x09fc  [ 4DA7C71BFAC5AD71255B7E4CAB980163, 4CC0F9C8E96ECEF36EEB021E448A9734B63512D030516DC38B1A2EEAA1043AEC ] ssadmdm         C:\Windows\system32\DRIVERS\ssadmdm.sys
17:01:22.0994 0x09fc  ssadmdm - ok
17:01:23.0023 0x09fc  [ D33D1BD3EC0E766211A234F56A12726D, 53EEAA94865554F8422D111D717B548DF553B5B8647D2A45F3718BF4AEEBEC27 ] ssadserd        C:\Windows\system32\DRIVERS\ssadserd.sys
17:01:23.0093 0x09fc  ssadserd - ok
17:01:23.0153 0x09fc  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:01:23.0263 0x09fc  SSDPSRV - ok
17:01:23.0283 0x09fc  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:01:23.0373 0x09fc  SstpSvc - ok
17:01:23.0413 0x09fc  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
17:01:23.0443 0x09fc  stexstor - ok
17:01:23.0523 0x09fc  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
17:01:23.0633 0x09fc  stisvc - ok
17:01:23.0683 0x09fc  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
17:01:23.0713 0x09fc  swenum - ok
17:01:23.0795 0x09fc  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
17:01:24.0009 0x09fc  swprv - ok
17:01:24.0327 0x09fc  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
17:01:24.0563 0x09fc  SysMain - ok
17:01:24.0637 0x09fc  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:01:24.0706 0x09fc  TabletInputService - ok
17:01:24.0757 0x09fc  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:01:24.0897 0x09fc  TapiSrv - ok
17:01:24.0929 0x09fc  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
17:01:25.0052 0x09fc  TBS - ok
17:01:25.0255 0x09fc  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:01:25.0421 0x09fc  Tcpip - ok
17:01:25.0644 0x09fc  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:01:25.0862 0x09fc  TCPIP6 - ok
17:01:25.0962 0x09fc  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:01:25.0986 0x09fc  tcpipreg - ok
17:01:26.0026 0x09fc  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:01:26.0076 0x09fc  TDPIPE - ok
17:01:26.0116 0x09fc  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:01:26.0136 0x09fc  TDTCP - ok
17:01:26.0185 0x09fc  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:01:26.0323 0x09fc  tdx - ok
17:01:26.0353 0x09fc  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
17:01:26.0391 0x09fc  TermDD - ok
17:01:26.0497 0x09fc  [ 4FC4C50985E5B840F4D72E57286887B8, 0BCBB4A938803AE3A3532B6D8FFC85594AA9AEF5D8F9792684841BEA8780AE9E ] TermService     C:\Windows\System32\termsrv.dll
17:01:26.0608 0x09fc  TermService - ok
17:01:26.0648 0x09fc  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
17:01:26.0698 0x09fc  Themes - ok
17:01:26.0720 0x09fc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
17:01:26.0810 0x09fc  THREADORDER - ok
17:01:26.0840 0x09fc  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
17:01:26.0940 0x09fc  TrkWks - ok
17:01:27.0000 0x09fc  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:01:27.0108 0x09fc  TrustedInstaller - ok
17:01:27.0227 0x09fc  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:01:27.0299 0x09fc  tssecsrv - ok
17:01:27.0379 0x09fc  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:01:27.0482 0x09fc  TsUsbFlt - ok
17:01:27.0510 0x09fc  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
17:01:27.0568 0x09fc  TsUsbGD - ok
17:01:27.0696 0x09fc  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:01:27.0827 0x09fc  tunnel - ok
17:01:27.0877 0x09fc  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
17:01:27.0906 0x09fc  uagp35 - ok
17:01:27.0978 0x09fc  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:01:28.0173 0x09fc  udfs - ok
17:01:28.0219 0x09fc  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:01:28.0257 0x09fc  UI0Detect - ok
17:01:28.0277 0x09fc  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:01:28.0307 0x09fc  uliagpkx - ok
17:01:28.0352 0x09fc  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
17:01:28.0395 0x09fc  umbus - ok
17:01:28.0397 0x09fc  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
17:01:28.0448 0x09fc  UmPass - ok
17:01:28.0497 0x09fc  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
17:01:28.0620 0x09fc  upnphost - ok
17:01:28.0664 0x09fc  [ FB251567F41BC61988B26731DEC19E4B, 6A535F5A18EB43DD2E18AF0A05301630A1D1484B7D85DA79A7CD122DA4D018E2 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
17:01:28.0694 0x09fc  USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
17:01:31.0367 0x09fc  Detect skipped due to KSN trusted
17:01:31.0367 0x09fc  USBAAPL64 - ok
17:01:31.0487 0x09fc  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:01:31.0557 0x09fc  usbccgp - ok
17:01:31.0617 0x09fc  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:01:31.0677 0x09fc  usbcir - ok
17:01:31.0717 0x09fc  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
17:01:31.0770 0x09fc  usbehci - ok
17:01:31.0810 0x09fc  [ 87B0382F0713C8D70D4382806492E864, 163CE0862C79F63E12BB864829ED5C5C41D851DEEA6EEF64FEF05E89A0FE8813 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
17:01:31.0840 0x09fc  usbfilter - ok
17:01:31.0889 0x09fc  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:01:31.0949 0x09fc  usbhub - ok
17:01:31.0999 0x09fc  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
17:01:32.0039 0x09fc  usbohci - ok
17:01:32.0079 0x09fc  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
17:01:32.0129 0x09fc  usbprint - ok
17:01:32.0149 0x09fc  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:01:32.0209 0x09fc  USBSTOR - ok
17:01:32.0249 0x09fc  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
17:01:32.0289 0x09fc  usbuhci - ok
17:01:32.0369 0x09fc  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
17:01:32.0431 0x09fc  usbvideo - ok
17:01:32.0461 0x09fc  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
17:01:32.0561 0x09fc  UxSms - ok
17:01:32.0591 0x09fc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
17:01:32.0611 0x09fc  VaultSvc - ok
17:01:32.0661 0x09fc  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:01:32.0691 0x09fc  vdrvroot - ok
17:01:32.0751 0x09fc  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
17:01:32.0895 0x09fc  vds - ok
17:01:32.0907 0x09fc  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:01:32.0947 0x09fc  vga - ok
17:01:32.0974 0x09fc  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:01:33.0054 0x09fc  VgaSave - ok
17:01:33.0094 0x09fc  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
17:01:33.0134 0x09fc  vhdmp - ok
17:01:33.0174 0x09fc  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:01:33.0204 0x09fc  viaide - ok
17:01:33.0224 0x09fc  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:01:33.0254 0x09fc  volmgr - ok
17:01:33.0299 0x09fc  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:01:33.0346 0x09fc  volmgrx - ok
17:01:33.0376 0x09fc  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:01:33.0426 0x09fc  volsnap - ok
17:01:33.0467 0x09fc  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
17:01:33.0497 0x09fc  vsmraid - ok
17:01:33.0637 0x09fc  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
17:01:33.0837 0x09fc  VSS - ok
17:01:33.0877 0x09fc  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
17:01:33.0927 0x09fc  vwifibus - ok
17:01:34.0007 0x09fc  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
17:01:34.0067 0x09fc  vwififlt - ok
17:01:34.0107 0x09fc  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
17:01:34.0157 0x09fc  vwifimp - ok
17:01:34.0214 0x09fc  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
17:01:34.0331 0x09fc  W32Time - ok
17:01:34.0444 0x09fc  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
17:01:34.0530 0x09fc  WacomPen - ok
17:01:34.0568 0x09fc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:01:34.0668 0x09fc  WANARP - ok
17:01:34.0678 0x09fc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:01:34.0765 0x09fc  Wanarpv6 - ok
17:01:34.0880 0x09fc  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
17:01:35.0046 0x09fc  wbengine - ok
17:01:35.0074 0x09fc  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:01:35.0134 0x09fc  WbioSrvc - ok
17:01:35.0184 0x09fc  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:01:35.0264 0x09fc  wcncsvc - ok
17:01:35.0284 0x09fc  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:01:35.0324 0x09fc  WcsPlugInService - ok
17:01:35.0354 0x09fc  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
17:01:35.0384 0x09fc  Wd - ok
17:01:35.0483 0x09fc  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:01:35.0573 0x09fc  Wdf01000 - ok
17:01:35.0614 0x09fc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:01:35.0744 0x09fc  WdiServiceHost - ok
17:01:35.0764 0x09fc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:01:35.0804 0x09fc  WdiSystemHost - ok
17:01:35.0874 0x09fc  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
17:01:35.0924 0x09fc  WebClient - ok
17:01:35.0964 0x09fc  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:01:36.0084 0x09fc  Wecsvc - ok
17:01:36.0125 0x09fc  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:01:36.0202 0x09fc  wercplsupport - ok
17:01:36.0242 0x09fc  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:01:36.0332 0x09fc  WerSvc - ok
17:01:36.0372 0x09fc  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:01:36.0442 0x09fc  WfpLwf - ok
17:01:36.0462 0x09fc  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:01:36.0482 0x09fc  WIMMount - ok
17:01:36.0512 0x09fc  WinDefend - ok
17:01:36.0542 0x09fc  WinHttpAutoProxySvc - ok
17:01:36.0625 0x09fc  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:01:36.0717 0x09fc  Winmgmt - ok
17:01:36.0877 0x09fc  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
17:01:37.0204 0x09fc  WinRM - ok
17:01:37.0277 0x09fc  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
17:01:37.0327 0x09fc  WinUsb - ok
17:01:37.0417 0x09fc  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:01:37.0529 0x09fc  Wlansvc - ok
17:01:37.0600 0x09fc  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:01:37.0630 0x09fc  wlcrasvc - ok
17:01:37.0823 0x09fc  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:01:37.0990 0x09fc  wlidsvc - ok
17:01:38.0100 0x09fc  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
17:01:38.0140 0x09fc  WmiAcpi - ok
17:01:38.0180 0x09fc  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:01:38.0244 0x09fc  wmiApSrv - ok
17:01:38.0283 0x09fc  WMPNetworkSvc - ok
17:01:38.0313 0x09fc  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:01:38.0353 0x09fc  WPCSvc - ok
17:01:38.0383 0x09fc  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:01:38.0423 0x09fc  WPDBusEnum - ok
17:01:38.0463 0x09fc  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:01:38.0563 0x09fc  ws2ifsl - ok
17:01:38.0605 0x09fc  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
17:01:38.0656 0x09fc  wscsvc - ok
17:01:38.0666 0x09fc  WSearch - ok
17:01:38.0883 0x09fc  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
17:01:39.0063 0x09fc  wuauserv - ok
17:01:39.0140 0x09fc  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:01:39.0200 0x09fc  WudfPf - ok
17:01:39.0260 0x09fc  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:01:39.0310 0x09fc  WUDFRd - ok
17:01:39.0350 0x09fc  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:01:39.0400 0x09fc  wudfsvc - ok
17:01:39.0450 0x09fc  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:01:39.0530 0x09fc  WwanSvc - ok
17:01:39.0590 0x09fc  ================ Scan global ===============================
17:01:39.0630 0x09fc  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
17:01:39.0680 0x09fc  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
17:01:39.0720 0x09fc  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
17:01:39.0777 0x09fc  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
17:01:39.0823 0x09fc  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
17:01:39.0853 0x09fc  [ Global ] - ok
17:01:39.0853 0x09fc  ================ Scan MBR ==================================
17:01:39.0873 0x09fc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:01:41.0041 0x09fc  \Device\Harddisk0\DR0 - ok
17:01:41.0041 0x09fc  ================ Scan VBR ==================================
17:01:41.0061 0x09fc  [ 1A8C01513AD00FA35BD20B00C5A85598 ] \Device\Harddisk0\DR0\Partition1
17:01:41.0091 0x09fc  \Device\Harddisk0\DR0\Partition1 - ok
17:01:41.0111 0x09fc  [ CE648271D5BABEA8AD06299745D87F4F ] \Device\Harddisk0\DR0\Partition2
17:01:41.0141 0x09fc  \Device\Harddisk0\DR0\Partition2 - ok
17:01:41.0141 0x09fc  ================ Scan generic autorun ======================
17:01:41.0953 0x09fc  [ 160B5E0566713EB5CAB2EC12C36ACF52, 3B9FC94989CED565C339A0A5E79CE61B180BA14D46759A1F27DC3561E3384E31 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
17:01:42.0858 0x09fc  RTHDVCPL - ok
17:01:42.0898 0x09fc  ETDCtrl - ok
17:01:43.0103 0x09fc  [ 9634F2078F66B901B171F7E75FFF3261, DF82CF522847F930A26A438096C32A34F448A89F28BA4C681F396F0C25B96E28 ] C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
17:01:43.0233 0x09fc  Power Management - ok
17:01:43.0471 0x09fc  [ 8C8BC64D76B197B45D3D2CD2D75CA82A, FBD3BAF7295F44232C9449DDAA487D759C169AFC8D619558D14CD309D3CAB01F ] C:\Program Files (x86)\Connectify\DispatchUI.exe
17:01:43.0620 0x09fc  Connectify Dispatch - ok
17:01:44.0042 0x09fc  [ 7ACFA408E48A2781A5B10D28ED79DC92, A1551A992D199DEB4271C416E3D565871629A8484B459748BA86A9D20D3C0C25 ] C:\Program Files (x86)\Connectify\Connectify.exe
17:01:44.0302 0x09fc  Connectify Hotspot - ok
17:01:44.0473 0x09fc  [ D3E69D500466C17498AAF7F83D12FFF0, F5723FC28396489EADDDCAD67A0E46B56D859590823E3CFA7254BA6709DC5AE6 ] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
17:01:44.0570 0x09fc  Norton Online Backup - ok
17:01:44.0698 0x09fc  [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
17:01:44.0853 0x09fc  Adobe ARM - ok
17:01:45.0078 0x09fc  [ FE668B0E3E87077A46FE77AFB0E27F9C, E9485A083D7CC0438668132154C8AD14267113F15EEB794B356BF3E6F998FD17 ] C:\Program Files (x86)\Launch Manager\LManager.exe
17:01:45.0176 0x09fc  LManager - ok
17:01:45.0250 0x09fc  [ E31FA1FA4F54A1F879716169FF12A562, 33F59E4218B2CBA496AFA19C86FB2F96D550E2D08F15A54F6D64EDA78EA4183D ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
17:01:45.0300 0x09fc  StartCCC - ok
17:01:45.0380 0x09fc  [ 09E60B4FE341A94A300830C008907099, 5F07868953FAA8FFA9E6477F6BAC52DEEDF3EA4A3F8AF5B4E15878D8240223AB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
17:01:45.0400 0x09fc  APSDaemon - ok
17:01:45.0460 0x09fc  [ 887CAA31048EB8ED09A0CBD0E6F46F09, BBCED0BD4EB00C3FECFC9448223D4C441A868787877291F5489B07B43FAB65A4 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
17:01:45.0520 0x09fc  SunJavaUpdateSched - ok
17:01:45.0580 0x09fc  [ 0EF0822810009D58118CCDFD098FA9F4, 9FAA263057898BCDBCB0A064C463F48D149474AA339A3C4C47626CC118750D2D ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
17:01:45.0610 0x09fc  iTunesHelper - ok
17:01:45.0742 0x09fc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:01:45.0862 0x09fc  Sidebar - ok
17:01:45.0902 0x09fc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:01:45.0952 0x09fc  mctadmin - ok
17:01:46.0032 0x09fc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:01:46.0142 0x09fc  Sidebar - ok
17:01:46.0152 0x09fc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:01:46.0202 0x09fc  mctadmin - ok
17:01:46.0312 0x09fc  [ 66A4A7C7802E0968E07647999FFC87E2, 9724C8CB80AF63A4CA14BB3521695942AE33B6C18F42266C407301610C4C7BFE ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
17:01:46.0392 0x09fc  GoogleChromeAutoLaunch_7B5D7D01360FD9AF9E4D88FF49236B5A - ok
17:01:46.0412 0x09fc  Skype - ok
17:01:46.0463 0x09fc  [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe
17:01:46.0543 0x09fc  RESTART_STICKY_NOTES - ok
17:01:46.0543 0x09fc  Waiting for KSN requests completion. In queue: 17
17:01:47.0543 0x09fc  Waiting for KSN requests completion. In queue: 17
17:01:48.0543 0x09fc  Waiting for KSN requests completion. In queue: 17
17:01:49.0595 0x09fc  Win FW state via NFP2: enabled
17:01:52.0295 0x09fc  ============================================================
17:01:52.0295 0x09fc  Scan finished
17:01:52.0295 0x09fc  ============================================================
17:01:52.0325 0x1358  Detected object count: 0
17:01:52.0325 0x1358  Actual detected object count: 0

lG

schrauber · 11.11.2014, 16:31

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

hallohallo1 · 11.11.2014, 23:28

Es gab keine Fehlermeldungen. Trotz allem hat mein Computer wohl den Vogel abgeschossen.

Im Programm stand ja, dass die geschätzte Zeit bei 10 Minuten liegt und sich bei stark infizierten Rechnern die Zeit leicht verdoppeln kann.
Bei mir hat es 80 Minuten gedauert :/

Code:

ATTFilter

ComboFix 14-11-11.01 - Fabian 11.11.2014  22:05:07.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3689.2592 [GMT 1:00]
ausgeführt von:: c:\users\Fabian\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_impaepofmnammebeenafgmllpnjaiime_0.localstorage-journal
c:\users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_impaepofmnammebeenafgmllpnjaiime_0.localstorage
c:\users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\ho2j0dk3.default\extensions\e8up_iiyo@fzyfwn-u.edu
c:\users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\ho2j0dk3.default\extensions\e8up_iiyo@fzyfwn-u.edu\bootstrap.js
c:\users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\ho2j0dk3.default\extensions\e8up_iiyo@fzyfwn-u.edu\chrome.manifest
c:\users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\ho2j0dk3.default\extensions\e8up_iiyo@fzyfwn-u.edu\content\bg.js
c:\users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\ho2j0dk3.default\extensions\e8up_iiyo@fzyfwn-u.edu\install.rdf
c:\users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\ho2j0dk3.default\extensions\i5oiauu@keb-ai.com
c:\users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\ho2j0dk3.default\extensions\i5oiauu@keb-ai.com\bootstrap.js
c:\users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\ho2j0dk3.default\extensions\i5oiauu@keb-ai.com\chrome.manifest
c:\users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\ho2j0dk3.default\extensions\i5oiauu@keb-ai.com\content\bg.js
c:\users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\ho2j0dk3.default\extensions\i5oiauu@keb-ai.com\content\fy.js
c:\users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\ho2j0dk3.default\extensions\i5oiauu@keb-ai.com\install.rdf
c:\users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\ho2j0dk3.default\extensions\vtqfdglz@istlzpeu.org
c:\users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\ho2j0dk3.default\extensions\vtqfdglz@istlzpeu.org\bootstrap.js
c:\users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\ho2j0dk3.default\extensions\vtqfdglz@istlzpeu.org\chrome.manifest
c:\users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\ho2j0dk3.default\extensions\vtqfdglz@istlzpeu.org\content\bg.js
c:\users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\ho2j0dk3.default\extensions\vtqfdglz@istlzpeu.org\install.rdf
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcjnfaoifoefmnbhhlbppaebgnccfddf
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcjnfaoifoefmnbhhlbppaebgnccfddf\138\background.html
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcjnfaoifoefmnbhhlbppaebgnccfddf\138\content.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcjnfaoifoefmnbhhlbppaebgnccfddf\138\IiZA6ZtbY6.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcjnfaoifoefmnbhhlbppaebgnccfddf\138\lsdb.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcjnfaoifoefmnbhhlbppaebgnccfddf\138\manifest.json
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabjlaokbhaoehejcoblhahcekmogbom
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabjlaokbhaoehejcoblhahcekmogbom\220\background.html
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabjlaokbhaoehejcoblhahcekmogbom\220\content.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabjlaokbhaoehejcoblhahcekmogbom\220\CuH1X.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabjlaokbhaoehejcoblhahcekmogbom\220\g3iVLcBaF.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabjlaokbhaoehejcoblhahcekmogbom\220\lsdb.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabjlaokbhaoehejcoblhahcekmogbom\220\manifest.json
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabjlaokbhaoehejcoblhahcekmogbom\220\YJqV.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\naghkjogakhpimmejjmakpmnbdeccinm
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\naghkjogakhpimmejjmakpmnbdeccinm\237\background.html
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\naghkjogakhpimmejjmakpmnbdeccinm\237\content.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\naghkjogakhpimmejjmakpmnbdeccinm\237\JyqMMqbVG.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\naghkjogakhpimmejjmakpmnbdeccinm\237\lsdb.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\naghkjogakhpimmejjmakpmnbdeccinm\237\manifest.json
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\preferences
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\ys6vzuma.default\extensions\staged\e8up_iiyo@fzyfwn-u.edu
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\ys6vzuma.default\extensions\staged\e8up_iiyo@fzyfwn-u.edu\bootstrap.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\ys6vzuma.default\extensions\staged\e8up_iiyo@fzyfwn-u.edu\chrome.manifest
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\ys6vzuma.default\extensions\staged\e8up_iiyo@fzyfwn-u.edu\content\bg.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\ys6vzuma.default\extensions\staged\e8up_iiyo@fzyfwn-u.edu\install.rdf
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\ys6vzuma.default\extensions\staged\i5oiauu@keb-ai.com
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\ys6vzuma.default\extensions\staged\i5oiauu@keb-ai.com\bootstrap.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\ys6vzuma.default\extensions\staged\i5oiauu@keb-ai.com\chrome.manifest
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\ys6vzuma.default\extensions\staged\i5oiauu@keb-ai.com\content\bg.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\ys6vzuma.default\extensions\staged\i5oiauu@keb-ai.com\content\fy.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\ys6vzuma.default\extensions\staged\i5oiauu@keb-ai.com\install.rdf
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\ys6vzuma.default\extensions\staged\vtqfdglz@istlzpeu.org
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\ys6vzuma.default\extensions\staged\vtqfdglz@istlzpeu.org\bootstrap.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\ys6vzuma.default\extensions\staged\vtqfdglz@istlzpeu.org\chrome.manifest
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\ys6vzuma.default\extensions\staged\vtqfdglz@istlzpeu.org\content\bg.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\ys6vzuma.default\extensions\staged\vtqfdglz@istlzpeu.org\install.rdf
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-10-11 bis 2014-11-11  ))))))))))))))))))))))))))))))
.
.
2014-11-11 22:20 . 2014-11-11 22:20	--------	d-----w-	c:\users\Gast\AppData\Local\temp
2014-11-11 22:20 . 2014-11-11 22:20	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-11-11 21:05 . 2014-11-11 21:05	75888	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{A4FA1C8F-E35E-445B-A338-641B2920FCD4}\offreg.dll
2014-11-11 08:57 . 2014-10-14 19:59	11627712	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{A4FA1C8F-E35E-445B-A338-641B2920FCD4}\mpengine.dll
2014-11-10 15:50 . 2014-11-10 15:50	--------	d-----w-	c:\program files (x86)\VS Revo Group
2014-11-09 19:38 . 2014-11-09 19:42	--------	d-----w-	C:\FRST
2014-11-09 17:36 . 2014-11-09 17:36	43664	----a-w-	c:\windows\system32\drivers\hitmanpro37.sys
2014-11-09 15:24 . 2014-11-09 15:24	42152	----a-w-	c:\windows\system32\drivers\cnnctfy3.sys
2014-11-09 15:14 . 2012-10-03 15:14	33240	----a-w-	c:\windows\system32\drivers\GEARAspiWDM.sys
2014-11-09 15:13 . 2014-11-09 15:13	--------	d-----w-	c:\program files\iPod
2014-11-09 15:13 . 2014-11-09 15:14	--------	d-----w-	c:\programdata\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-11-09 15:13 . 2014-11-09 15:14	--------	d-----w-	c:\program files\iTunes
2014-11-09 15:13 . 2014-11-09 15:14	--------	d-----w-	c:\program files (x86)\iTunes
2014-11-09 15:11 . 2014-11-09 15:11	--------	d-----w-	c:\users\Default\AppData\Local\Apple Computer
2014-11-09 15:11 . 2014-11-09 15:11	--------	d-----w-	c:\users\Default\AppData\Roaming\Apple Computer
2014-11-09 15:09 . 2014-11-09 15:09	--------	d-----w-	c:\program files\Bonjour
2014-11-09 15:09 . 2014-11-09 15:09	--------	d-----w-	c:\program files (x86)\Bonjour
2014-11-09 14:45 . 2014-11-09 14:45	--------	d-----w-	c:\users\Fabian\AppData\Local\Secunia PSI
2014-11-09 14:45 . 2014-11-09 14:45	--------	d-----w-	c:\program files (x86)\Secunia
2014-10-28 12:02 . 2014-10-28 12:20	--------	d-----w-	c:\programdata\HitmanPro
2014-10-28 11:24 . 2014-10-28 11:24	--------	d-----w-	c:\program files (x86)\Common Files\Java
2014-10-22 19:26 . 2014-10-28 11:23	98216	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-10-15 23:02 . 2014-09-18 02:00	3241472	----a-w-	c:\windows\system32\msi.dll
2014-10-15 23:01 . 2014-09-13 01:58	77312	----a-w-	c:\windows\system32\packager.dll
2014-10-15 23:01 . 2014-09-13 01:40	67072	----a-w-	c:\windows\SysWow64\packager.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-09 15:10 . 2012-03-24 17:22	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-09 15:10 . 2012-03-24 17:22	701104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-10-28 05:34 . 2010-11-21 03:27	275080	------w-	c:\windows\system32\MpSigStub.exe
2014-10-16 00:16 . 2013-06-19 21:49	103265616	----a-w-	c:\windows\system32\MRT.exe
2014-09-28 09:16 . 2011-03-29 01:36	23256	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-09-25 02:08 . 2014-10-01 14:46	371712	----a-w-	c:\windows\system32\qdvd.dll
2014-09-25 01:40 . 2014-10-01 14:46	519680	----a-w-	c:\windows\SysWow64\qdvd.dll
2014-09-18 18:58 . 2014-09-08 18:10	4	----a-w-	c:\users\Fabian\AppData\Roaming\appdataFr2.bin
2014-09-09 22:11 . 2014-09-24 12:23	2048	----a-w-	c:\windows\system32\tzres.dll
2014-09-09 21:47 . 2014-09-24 12:23	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2014-08-23 02:07 . 2014-08-28 13:01	404480	----a-w-	c:\windows\system32\gdi32.dll
2014-08-23 01:45 . 2014-08-28 13:01	311808	----a-w-	c:\windows\SysWow64\gdi32.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_7B5D7D01360FD9AF9E4D88FF49236B5A"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2014-10-22 854344]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-07-24 21653096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2012-03-23 1105488]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-03-14 343168]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-10-11 60712]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-10-07 507776]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-10-15 157480]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2013-12-6 565464]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
R2 892cc6a3;Performance Optimizer;c:\windows\system32\rundll32.exe;c:\windows\SYSNATIVE\rundll32.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 hitmanpro37;HitmanPro 3.7 Support Driver;c:\windows\system32\drivers\hitmanpro37.sys;c:\windows\SYSNATIVE\drivers\hitmanpro37.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S1 cnnctfy3;Connectify LightWeight Filter;c:\windows\system32\DRIVERS\cnnctfy3.sys;c:\windows\SYSNATIVE\DRIVERS\cnnctfy3.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 Connectify;Connectify;c:\program files (x86)\Connectify\ConnectifyService.exe;c:\program files (x86)\Connectify\ConnectifyService.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
S3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\amdhub30.sys;c:\windows\SYSNATIVE\DRIVERS\amdhub30.sys [x]
S3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\amdxhc.sys;c:\windows\SYSNATIVE\DRIVERS\amdxhc.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_amd64.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf_amd64.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-11-09 15:13	1089352	----a-w-	c:\program files (x86)\Google\Chrome\Application\38.0.2125.111\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-11-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-24 15:10]
.
2014-11-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-23 22:39]
.
2014-11-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-23 22:39]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-01-31 12446824]
"Power Management"="c:\program files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" [2012-02-07 1829768]
"Connectify Dispatch"="c:\program files (x86)\Connectify\DispatchUI.exe" [2014-10-15 2367224]
"Connectify Hotspot"="c:\program files (x86)\Connectify\Connectify.exe" [2014-10-15 4305656]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com
IE: Free YouTube Download - c:\users\Fabian\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\users\Fabian\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\ho2j0dk3.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-{1E517C0C-8542-4F8C-DA23-98BCA13CD1F4}_is1 - c:\program files (x86)\Haushaltsbuch\unins000.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_189_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_189_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_189_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_189_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_189.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_189.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_189.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_189.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-11-11  23:25:07
ComboFix-quarantined-files.txt  2014-11-11 22:25
.
Vor Suchlauf: 8 Verzeichnis(se), 176.409.825.280 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 177.565.691.904 Bytes frei
.
- - End Of File - - D3A87789BAA993A3F78C0357B9403A4B
A36C5E4F47E84449FF07ED3517B43A31

schrauber · 12.11.2014, 19:26

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

hallohallo1 · 12.11.2014, 21:04

Malware Bytes

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 12.11.2014
Suchlauf-Zeit: 19:55:51
Logdatei: Mbam.txt
Administrator: Ja

Version: 2.00.3.1025
Malware Datenbank: v2014.11.12.08
Rootkit Datenbank: v2014.11.12.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Fabian

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 383304
Verstrichene Zeit: 31 Min, 43 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 1
PUP.Optional.QuickStart.A, HKU\S-1-5-21-2369609114-863870372-693991672-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, quick_start@gmail.com, In Quarantäne, [6286e852e597a29443e078d4b251f50b]

Registrierungsdaten: 1
PUP.Optional.HelperBar.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAarvA_SGR1H8laGB2ZqdJbqbtPP3h4ulwTEJvwuOSHageTjBOfqgBv2gSk7qS3Ajf2uKLU7W3Pbma1dmXBxQslMeESAXRY6mAnV-QNd9cj1rrgEK2HiiHNI21AtmMotJ5ZCCIxrFOaKrjDErF0qqtRBGo_81T_cLA,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAarvA_SGR1H8laGB2ZqdJbqbtPP3h4ulwTEJvwuOSHageTjBOfqgBv2gSk7qS3Ajf2uKLU7W3Pbma1dmXBxQslMeESAXRY6mAnV-QNd9cj1rrgEK2HiiHNI21AtmMotJ5ZCCIxrFOaKrjDErF0qqtRBGo_81T_cLA,,&q={searchTerms}),Ersetzt,[8f59e753e8940a2c60150d2e1aebb749]

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 1
PUP.Optional.VeriStaff, C:\Windows\Installer\211e04.msi, In Quarantäne, [5197172389f31a1c0155e27b8977e719], 

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)

AdCleaner

Code:

ATTFilter

# AdwCleaner v4.101 - Bericht erstellt am 12/11/2014 um 20:40:02
# Aktualisiert 09/11/2014 von Xplode
# Database : 2014-11-12.2 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Fabian - FABIAN-PC
# Gestartet von : C:\Users\Fabian\Desktop\AdwCleaner_4.101.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : 892cc6a3

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\b1f90507a74116d3

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17420


-\\ Mozilla Firefox v27.0.1 (de)

[ho2j0dk3.default\prefs.js] - Zeile gelöscht : user_pref("extensions.7EiI.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\"sumorobo.ne[...]
[ho2j0dk3.default\prefs.js] - Zeile gelöscht : user_pref("extensions.S21K3qJT.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\"sumorob[...]
[ho2j0dk3.default\prefs.js] - Zeile gelöscht : user_pref("extensions.S21K3qJT.url", "hxxp://sweetdiaryset.info/sync2/?q=hfZ9oemRCzaMCyVUojC6qGhTB6lKDzt4okmxtNtVh7n0rjnEpjaGrjCErTaGtMFHhd9FqdwErdUGrdwHrjgMDMlGojUMAe4Uojw7qHCHrTs7rjkMC6qUojwHqdg4rTC[...]
[ho2j0dk3.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.DockingPositionDown", false);
[ho2j0dk3.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.SmartbarDisabled", false);
[ho2j0dk3.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
[ho2j0dk3.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.Visibility", false);
[ho2j0dk3.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.keepAliveLastevent", "1412885596");
[ho2j0dk3.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.lastExternalJsUpdate", "1415497312879");
[ho2j0dk3.default\prefs.js] - Zeile gelöscht : user_pref("extensions.lBi.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\"sumorobo.net[...]

-\\ Google Chrome v38.0.2125.111


*************************

AdwCleaner[R0].txt - [26629 octets] - [06/10/2014 12:28:38]
AdwCleaner[R1].txt - [2691 octets] - [12/11/2014 20:36:23]
AdwCleaner[S0].txt - [22283 octets] - [06/10/2014 12:31:26]
AdwCleaner[S1].txt - [2694 octets] - [12/11/2014 20:40:02]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2754 octets] ##########

JRT

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.7 (11.08.2014:1)
OS: Windows 7 Home Premium x64
Ran by Fabian on 12.11.2014 at 20:44:41,98
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update webget
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\util webget



~~~ Files

Successfully deleted: [File] "C:\Windows\wininit.ini"



~~~ Folders

Successfully deleted: [Folder] C:\ProgramData\duownoloaditkoeep



~~~ FireFox

Emptied folder: C:\Users\Fabian\AppData\Roaming\mozilla\firefox\profiles\ho2j0dk3.default\minidumps [15 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12.11.2014 at 20:53:58,31
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-11-2014 01
Ran by Fabian (administrator) on FABIAN-PC on 12-11-2014 20:57:40
Running from C:\Users\Fabian\Desktop
Loaded Profile: Fabian (Available profiles: Fabian & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Connectify) C:\Program Files (x86)\Connectify\DispatchUI.exe
(Connectify) C:\Program Files (x86)\Connectify\Connectify.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Connectify) C:\Program Files (x86)\Connectify\ConnectifyService.exe
(Connectify) C:\Program Files (x86)\Connectify\Connectifyd.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2821936 2012-03-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Power Management] => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [1829768 2012-02-07] (Acer Incorporated)
HKLM\...\Run: [Connectify Dispatch] => C:\Program Files (x86)\Connectify\DispatchUI.exe [2367224 2014-10-15] (Connectify)
HKLM\...\Run: [Connectify Hotspot] => C:\Program Files (x86)\Connectify\Connectify.exe [4305656 2014-10-15] (Connectify)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1105488 2012-03-23] (Dritek System Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2012-03-14] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKU\S-1-5-21-2369609114-863870372-693991672-1000\...\Run: [GoogleChromeAutoLaunch_7B5D7D01360FD9AF9E4D88FF49236B5A] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [854344 2014-10-22] (Google Inc.)
HKU\S-1-5-21-2369609114-863870372-693991672-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21653096 2014-07-24] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2369609114-863870372-693991672-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: QUICKfind BHO Object -> {C08DF07A-3E49-4E25-9AB0-D3882835F153} -> C:\Program Files (x86)\IDM\QUICKfind\PlugIns\IEHelp.dll (IDM)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\ho2j0dk3.default
FF SelectedSearchEngine: ICQ Search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\ho2j0dk3.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Yahoo Community Smartbar - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\ho2j0dk3.default\Extensions\{dbde54ab-2f13-2f9a-4711-1b52e0b6ad5e} [2014-08-12]
FF Extension: ICQ Sparberater - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\ho2j0dk3.default\Extensions\ciuvo-extension@icq.de.xpi [2012-08-11]
FF Extension: Firefox Old Version Update Hotfix - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\ho2j0dk3.default\Extensions\firefox-hotfix@mozilla.org.xpi [2014-11-08]

Chrome: 
=======
CHR HomePage: Default -> https://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.sweet-page.com/?type=hp&ts=1399918233&from=cor&uid=TOSHIBAXMK3259GSXP_42BICPG5TXX42BICPG5T", "https://www.google.de/"
CHR Profile: C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-11]
CHR Extension: (Google Docs) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-24]
CHR Extension: (Google Drive) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-24]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-09]
CHR Extension: (YouTube) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-24]
CHR Extension: (Google-Suche) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-24]
CHR Extension: (iVocab: GRE, TOEFL and SAT) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddbfkngjokojcmmadaaipmjiacnnmgbl [2013-12-23]
CHR Extension: (Google Tabellen) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-11]
CHR Extension: (SAT Exam: Vokabeln) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfgbfnojhclndefdagpdjnilbhggpecn [2013-12-23]
CHR Extension: (Google Wallet) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-04]
CHR Extension: (Google Mail) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-24]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [487936 2014-10-15] (Connectify) [File not signed]
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [871296 2012-02-07] (Acer Incorporated)
R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [28264 2012-02-29] (Acer Incorporated)
S2 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [255376 2012-02-07] (Acer Incorporated)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 cnnctfy3; C:\Windows\System32\DRIVERS\cnnctfy3.sys [42152 2014-11-09] (Connectify)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2014-11-09] ()
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-12] (Malwarebytes Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [52736 2012-04-25] (Apple, Inc.) [File not signed]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U4 WPM; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-12 20:57 - 2014-11-12 20:59 - 00015474 _____ () C:\Users\Fabian\Desktop\FRST.txt
2014-11-12 20:56 - 2014-11-12 20:57 - 02116096 _____ (Farbar) C:\Users\Fabian\Downloads\FRST64 (1).exe
2014-11-12 20:54 - 2014-11-12 20:54 - 00001135 _____ () C:\Users\Fabian\Desktop\JRT2.txt
2014-11-12 20:44 - 2014-11-12 20:44 - 00000000 ____D () C:\Windows\ERUNT
2014-11-12 20:42 - 2014-11-12 20:42 - 00002834 _____ () C:\Users\Fabian\Desktop\AdwCleaner[S1].txt
2014-11-12 20:30 - 2014-11-12 20:34 - 00002174 _____ () C:\Users\Fabian\Desktop\Mbam.txt
2014-11-12 19:54 - 2014-11-12 19:54 - 00001114 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-11-12 19:52 - 2014-11-12 19:53 - 01706808 _____ (Thisisu) C:\Users\Fabian\Desktop\JRT.exe
2014-11-12 19:51 - 2014-11-12 19:51 - 02140160 _____ () C:\Users\Fabian\Desktop\AdwCleaner_4.101.exe
2014-11-12 19:50 - 2014-11-12 19:51 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Fabian\Desktop\mbam-setup-2.0.3.1025.exe
2014-11-12 11:17 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 11:17 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 11:17 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 11:17 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 11:17 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 11:17 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 11:17 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 11:17 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 11:17 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 11:17 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 11:17 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 11:17 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 11:17 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 11:17 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 11:17 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 11:17 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 11:17 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 11:17 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 11:17 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 11:17 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 11:17 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 11:17 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 11:17 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 11:17 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 11:17 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 11:17 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 11:17 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 11:17 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 11:17 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 11:17 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 11:17 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 11:16 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 11:16 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 11:16 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 11:16 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 11:16 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 11:16 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 11:16 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 11:16 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 11:16 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 11:16 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 11:16 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 11:16 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 11:16 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 11:16 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 11:16 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 11:16 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 11:16 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 11:16 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 11:16 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 11:16 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 11:16 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 11:16 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 11:16 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 11:16 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 11:16 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 11:16 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 11:16 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 11:16 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 11:16 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 11:16 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 11:16 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 11:16 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 11:16 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 11:16 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 11:16 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 11:16 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 11:16 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 11:15 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 11:15 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 11:15 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 11:15 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 11:15 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 11:15 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 11:15 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 11:15 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 11:15 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 11:15 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 11:15 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 11:15 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 11:15 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 11:15 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 11:15 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 11:15 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 11:14 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 11:14 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 11:14 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 11:14 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 11:14 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 11:14 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 11:14 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 11:14 - 2014-09-19 10:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-12 11:14 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 11:14 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 11:14 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 11:14 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 11:14 - 2014-09-19 10:23 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-12 11:14 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 11:14 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 11:14 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 11:14 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 11:14 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 11:14 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-11 23:25 - 2014-11-11 23:25 - 00025859 _____ () C:\ComboFix.txt
2014-11-11 22:01 - 2014-11-11 23:25 - 00000000 ____D () C:\Qoobox
2014-11-11 22:01 - 2014-11-11 23:22 - 00000000 ____D () C:\Windows\erdnt
2014-11-11 22:01 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-11-11 22:01 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-11-11 22:01 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-11-11 22:01 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-11-11 22:01 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-11-11 22:01 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-11-11 22:01 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-11-11 22:01 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-11-11 21:57 - 2014-11-11 21:57 - 05598118 ____R (Swearware) C:\Users\Fabian\Desktop\ComboFix.exe
2014-11-10 20:25 - 2014-11-10 22:21 - 00023344 _____ () C:\Users\Fabian\Desktop\English - Literature.odt
2014-11-10 16:57 - 2014-11-10 16:58 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Fabian\Desktop\tdsskiller.exe
2014-11-10 16:50 - 2014-11-10 16:50 - 00001276 _____ () C:\Users\Fabian\Desktop\Revo Uninstaller.lnk
2014-11-10 16:50 - 2014-11-10 16:50 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-11-09 20:41 - 2014-11-09 20:42 - 00032076 _____ () C:\Users\Fabian\Downloads\Addition.txt
2014-11-09 20:39 - 2014-11-09 20:42 - 00035578 _____ () C:\Users\Fabian\Downloads\FRST.txt
2014-11-09 20:38 - 2014-11-12 20:57 - 00000000 ____D () C:\FRST
2014-11-09 20:38 - 2014-11-09 20:38 - 02116096 _____ (Farbar) C:\Users\Fabian\Desktop\FRST64.exe
2014-11-09 18:36 - 2014-11-09 18:36 - 00043664 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-11-09 18:33 - 2014-11-09 18:33 - 00004868 _____ () C:\Windows\system32\.crusader
2014-11-09 16:26 - 2014-11-09 16:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Connectify
2014-11-09 16:24 - 2014-11-09 16:24 - 00042152 _____ (Connectify) C:\Windows\system32\Drivers\cnnctfy3.sys
2014-11-09 16:14 - 2014-11-09 16:14 - 00001795 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-11-09 16:14 - 2014-11-09 16:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-11-09 16:14 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-11-09 16:13 - 2014-11-09 16:14 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-11-09 16:13 - 2014-11-09 16:14 - 00000000 ____D () C:\Program Files\iTunes
2014-11-09 16:13 - 2014-11-09 16:14 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-11-09 16:13 - 2014-11-09 16:13 - 00000000 ____D () C:\Program Files\iPod
2014-11-09 16:11 - 2014-11-09 16:11 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Apple Computer
2014-11-09 16:11 - 2014-11-09 16:11 - 00000000 ____D () C:\Users\Default\AppData\Local\Apple Computer
2014-11-09 16:11 - 2014-11-09 16:11 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Apple Computer
2014-11-09 16:11 - 2014-11-09 16:11 - 00000000 ____D () C:\Users\Default User\AppData\Local\Apple Computer
2014-11-09 16:09 - 2014-11-09 16:09 - 00000000 ____D () C:\Program Files\Bonjour
2014-11-09 16:09 - 2014-11-09 16:09 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-11-09 15:57 - 2014-11-12 11:21 - 00004332 _____ () C:\Windows\SecuniaPackage.log
2014-11-09 15:45 - 2014-11-09 15:45 - 00001081 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2014-11-09 15:45 - 2014-11-09 15:45 - 00000000 ____D () C:\Users\Fabian\AppData\Local\Secunia PSI
2014-11-09 15:45 - 2014-11-09 15:45 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-11-07 21:45 - 2014-11-07 21:45 - 00000000 ____D () C:\Users\Fabian\Desktop\Biwi - Endepohls Ulpe
2014-11-05 19:56 - 2014-11-05 20:48 - 05501867 _____ () C:\Users\Fabian\Downloads\Hausarbeit - Die Bedeutung der Panathenäen für Athen.odt
2014-10-31 06:11 - 2014-11-07 21:15 - 00000000 ____D () C:\Users\Fabian\Desktop\Biwi - Dazert
2014-10-29 22:45 - 2014-11-06 20:29 - 00000000 ____D () C:\Users\Fabian\Desktop\Vorlesung Geulen
2014-10-28 13:02 - 2014-10-28 13:20 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-10-28 13:02 - 2014-10-28 13:02 - 13485202 _____ () C:\Users\Fabian\Downloads\hitmanpro379.zip
2014-10-22 20:27 - 2014-09-26 17:36 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-10-22 20:26 - 2014-10-28 12:23 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-22 20:26 - 2014-10-28 12:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-22 20:26 - 2014-09-26 17:36 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-22 20:26 - 2014-09-26 17:35 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-22 20:25 - 2014-10-22 20:26 - 00004838 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_71-b14.log
2014-10-16 00:04 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 00:04 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-16 00:04 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-16 00:04 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 00:04 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-16 00:04 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 00:02 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 00:02 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 00:02 - 2014-07-17 03:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 00:02 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-16 00:02 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 00:02 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 00:02 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 00:02 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-16 00:02 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-16 00:02 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-16 00:02 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-16 00:02 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 00:02 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-12 20:49 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-12 20:49 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-12 20:47 - 2012-04-30 08:53 - 01390344 _____ () C:\Windows\WindowsUpdate.log
2014-11-12 20:42 - 2013-06-23 23:39 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-12 20:41 - 2010-11-21 04:47 - 00944550 _____ () C:\Windows\PFRO.log
2014-11-12 20:41 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-12 20:41 - 2009-07-14 05:51 - 00104827 _____ () C:\Windows\setupact.log
2014-11-12 20:40 - 2014-10-06 12:28 - 00000000 ____D () C:\AdwCleaner
2014-11-12 20:25 - 2012-03-24 18:22 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-12 20:17 - 2013-06-23 23:39 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-12 19:54 - 2014-05-12 20:53 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-12 19:54 - 2014-05-12 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-11-12 19:54 - 2014-05-12 20:53 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-11-12 19:42 - 2009-07-14 05:45 - 00295376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 19:39 - 2014-05-06 22:03 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-12 12:31 - 2013-07-25 14:22 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 12:21 - 2013-06-19 22:49 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-12 12:07 - 2014-08-15 11:36 - 00000000 ____D () C:\Users\Fabian\Desktop\Hausarbeit Antike
2014-11-12 11:21 - 2012-03-24 18:22 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 11:21 - 2012-03-24 18:22 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-12 11:21 - 2012-03-24 18:22 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-12 01:20 - 2013-04-28 16:43 - 00000000 ____D () C:\Users\Fabian\Desktop\Geschichte
2014-11-12 01:20 - 2012-08-19 11:04 - 00000000 ____D () C:\Users\Fabian\Desktop\BBT 7.3, 19
2014-11-11 23:21 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-11-11 11:42 - 2012-08-22 16:39 - 00000000 ____D () C:\Users\Fabian\Desktop\Will grace 8.2
2014-11-09 18:41 - 2012-03-24 18:21 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-11-09 18:37 - 2012-12-30 13:12 - 00000000 ____D () C:\Program Files (x86)\Connectify
2014-11-09 16:14 - 2013-06-23 23:39 - 00002259 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-09 16:13 - 2012-08-09 18:19 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-11-09 16:12 - 2013-06-23 23:39 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-09 16:12 - 2013-06-23 23:39 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-09 16:05 - 2012-08-09 18:18 - 00000000 ____D () C:\ProgramData\Apple
2014-11-09 15:14 - 2013-11-23 02:22 - 00018374 _____ () C:\Users\Fabian\Desktop\Burger King - Arbeitszeiten.odt
2014-11-06 20:22 - 2013-09-15 17:35 - 00000000 ____D () C:\Users\Fabian\Desktop\Praktika
2014-11-06 16:01 - 2012-04-30 18:36 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-11-06 16:01 - 2012-04-30 18:36 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-11-06 16:01 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-01 15:35 - 2012-08-18 17:55 - 00000000 ____D () C:\Users\Fabian\AppData\Local\CrashDumps
2014-10-28 14:26 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-28 12:23 - 2014-05-05 21:12 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-28 12:22 - 2014-05-05 21:11 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-28 06:34 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-26 14:12 - 2012-08-10 17:13 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\Skype
2014-10-25 16:18 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-10-16 17:11 - 2013-11-10 15:00 - 00016018 _____ () C:\Users\Fabian\Desktop\Mc Fit - Zeiten.odt

Some content of TEMP:
====================
C:\Users\Fabian\AppData\Local\Temp\Quarantine.exe
C:\Users\Fabian\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-06 20:05

==================== End Of Log ============================

--- --- ---

Addition

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-11-2014 01
Ran by Fabian at 2014-11-12 21:00:13
Running from C:\Users\Fabian\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Ableton Live 8 (HKLM-x32\...\{4941E15C-3C68-4FB7-B5A4-5061B92E9166}) (Version: 8.0.0.0 - Ableton)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\{3CA17ADC-2146-49C2-A375-972BB57CF7F6}) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\{10F0B906-1989-4F20-A93C-4C0F94C8DF9E}) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{10436F01-26D3-83D0-97E1-0875A80E57D8}) (Version: 3.0.859.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Aquamarin Haushaltsbuch 2.9.2 b (HKLM-x32\...\{1E517C0C-8542-4F8C-DA23-98BCA13CD1F4}_is1) (Version:  - makasy.com)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.12.13 - Atheros Communications Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Connectify (HKLM\...\Connectify) (Version: 9.2.2.33000 - Connectify)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
eBay Worldwide (HKLM-x32\...\{D3E5A972-9A15-427D-AE78-8181A5FD943C}) (Version: 2.2.0409 - OEM)
ETDWare PS/2-X64 10.6.9.9_WHQL (HKLM\...\Elantech) (Version: 10.6.9.9 - ELAN Microelectronic Corp.)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fooz Kids Platform (HKLM-x32\...\{8D68CE08-9A14-4B7B-9857-3C646A2F34C7}) (Version: 2.1 - FUHU, Inc.)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.3.7.807 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.1.39.1015 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.1.39.1015 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.11.26.706 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.26.706 - DVDVideoSoft Ltd.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GIMP 2.8.0 (HKLM\...\GIMP-2_is1) (Version: 2.8.0 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Packard Bell)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kobo (HKLM-x32\...\Kobo) (Version: 2.1.5 - Kobo Inc.)
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.15 - Packard Bell)
Longman Pronunciation Dictionary (HKLM-x32\...\NSIS_lpd) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.8.11100.9.100 - Nero AG)
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.4.10500.1.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.6.10700.5.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.6.10300 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{68AFA3A7-9265-4ABD-994A-ACA413E3715C}) (Version: 10.6.10400 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.6.10500.3.100 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.6.10600.4.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.10900.31.0 - Nero AG)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
OpenOffice.org 3.4 (HKLM-x32\...\{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}) (Version: 3.4.9590 - OpenOffice.org)
Packard Bell Games (HKLM-x32\...\WildTangent packardbell Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Packard Bell Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3010 - Packard Bell)
Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3507 - Packard Bell)
Packard Bell Registration (HKLM-x32\...\Packard Bell Registration) (Version: 1.04.3506 - Packard Bell)
Packard Bell ScreenSaver (HKLM-x32\...\Packard Bell Screensaver) (Version: 1.1.0915.2011 - Packard Bell )
Packard Bell Social Networks (HKLM-x32\...\InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 3.0.3106 - CyberLink Corp.)
Packard Bell Social Networks (x32 Version: 3.0.3106 - CyberLink Corp.) Hidden
Packard Bell Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3501 - Packard Bell)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QUICKfind server v1.1 (HKLM-x32\...\QUICKfind) (Version:  - IDM)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6559 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.28094 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tales of Lagoona (x32 Version: 2.2.0.98 - WildTangent) Hidden
Teachmaster 4.3 (nur Entfernen) (HKLM-x32\...\Teachmaster 4.3) (Version:  - )
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Video Web Camera (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2624.00 - CyberLink Corp.)
Video Web Camera (x32 Version: 1.5.2624.00 - CyberLink Corp.) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.02.3507 - Packard Bell)
WildTangent Games App (Packard Bell Games) (x32 Version: 4.0.5.32 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

04-11-2014 09:57:06 Windows Update
07-11-2014 17:31:03 Windows Update
09-11-2014 14:51:18 Gerätetreiber-Paketinstallation: Connectify Netzwerkdienst
09-11-2014 15:25:18 Gerätetreiber-Paketinstallation: Connectify Netzwerkdienst
09-11-2014 17:32:26 Prüfpunkt von HitmanPro
10-11-2014 15:51:42 Revo Uninstaller's restore point - Adobe Flash Player Packages
10-11-2014 15:53:13 Revo Uninstaller's restore point - duownoloaditkoeep
10-11-2014 15:54:40 Revo Uninstaller's restore point - Yahoo Community Smartbar Engine
10-11-2014 16:53:50 Revo Uninstaller's restore point - Yahoo Community Smartbar Engine
11-11-2014 08:49:28 Windows Update
12-11-2014 11:19:02 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-11-12 10:55 - 00000065 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1F83DA4E-B66D-479E-93F4-41C89EB4381D} - System32\Tasks\{0932E51F-E328-49BE-A8D5-9E72E0628CF4} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-07-24] (Skype Technologies S.A.)
Task: {236523C7-EA99-4366-8362-2E3982B4B388} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12] (Adobe Systems Incorporated)
Task: {6684E134-BD88-494F-A04D-1860049DF236} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-23] (Google Inc.)
Task: {ABD49254-8760-4CB6-9648-29D6827178EA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-23] (Google Inc.)
Task: {F163A9DE-599E-440C-A9DD-BA8E8AA9EBE9} - System32\Tasks\NBAgent => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2012-01-16] (Nero AG)
Task: {FA877437-7B26-4C05-9B83-BF735C472880} - System32\Tasks\UALU notificatin => C:\Program Files\Packard Bell\Packard Bell Updater\UALU.exe [2012-02-07] (Acer Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-12-30 13:13 - 2014-10-15 20:44 - 00377080 _____ () C:\Program Files (x86)\Connectify\NativeLibrary.dll
2013-06-21 16:37 - 2014-10-15 20:44 - 00713976 _____ () C:\Program Files (x86)\Connectify\log4cplus.dll
2012-12-30 13:13 - 2014-10-15 20:44 - 03564280 _____ () C:\Program Files (x86)\Connectify\ConnectifyNAT.dll
2012-12-30 13:13 - 2014-10-15 20:44 - 00354040 _____ () C:\Program Files (x86)\Connectify\LibDispatch.dll
2014-11-09 16:13 - 2014-10-22 05:04 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-11-09 16:13 - 2014-10-22 05:04 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-11-09 16:13 - 2014-10-22 05:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-11-09 16:13 - 2014-10-22 05:04 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
2014-11-09 16:13 - 2014-10-22 05:05 - 14902600 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-2369609114-863870372-693991672-500 - Administrator - Disabled)
Fabian (S-1-5-21-2369609114-863870372-693991672-1000 - Administrator - Enabled) => C:\Users\Fabian
Gast (S-1-5-21-2369609114-863870372-693991672-501 - Limited - Enabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-2369609114-863870372-693991672-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-11-11 23:19:39.651
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-11 23:19:38.887
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: AMD E1-1200 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 50%
Total physical RAM: 3689.37 MB
Available physical RAM: 1822.99 MB
Total Pagefile: 7376.91 MB
Available Pagefile: 5195.31 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (Packard Bell) (Fixed) (Total:279.99 GB) (Free:168.21 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 5BE1598A)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=280 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber · 13.11.2014, 17:06

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

hallohallo1 · 13.11.2014, 21:13

ESET

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.89  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Secunia PSI (3.0.0.9016)   
 Java 7 Update 71  
 Java 8 Update 25  
 Java version out of Date! 
 Adobe Flash Player 15.0.0.223  
 Adobe Reader 10.1.12 Adobe Reader out of Date!  
 Mozilla Firefox 27.0.1 Firefox out of Date!  
 Google Chrome 36.0.1985.143  
 Google Chrome 38.0.2125.111  
 Google Chrome update.dll..  
````````Process Check: objlist.exe by Laurent````````  
 Symantec Norton Online Backup NOBuAgent.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

FRST

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-11-2014
Ran by Fabian (administrator) on FABIAN-PC on 13-11-2014 21:06:45
Running from C:\Users\Fabian\Desktop
Loaded Profiles: Fabian & Gast (Available profiles: Fabian & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Connectify) C:\Program Files (x86)\Connectify\ConnectifyService.exe
(Connectify) C:\Program Files (x86)\Connectify\Connectifyd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Connectify) C:\Program Files (x86)\Connectify\DispatchUI.exe
(Connectify) C:\Program Files (x86)\Connectify\Connectify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2821936 2012-03-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Power Management] => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [1829768 2012-02-07] (Acer Incorporated)
HKLM\...\Run: [Connectify Dispatch] => C:\Program Files (x86)\Connectify\DispatchUI.exe [2367224 2014-10-15] (Connectify)
HKLM\...\Run: [Connectify Hotspot] => C:\Program Files (x86)\Connectify\Connectify.exe [4305656 2014-10-15] (Connectify)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1105488 2012-03-23] (Dritek System Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2012-03-14] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKU\S-1-5-21-2369609114-863870372-693991672-1000\...\Run: [GoogleChromeAutoLaunch_7B5D7D01360FD9AF9E4D88FF49236B5A] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [854344 2014-10-22] (Google Inc.)
HKU\S-1-5-21-2369609114-863870372-693991672-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21653096 2014-07-24] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2369609114-863870372-693991672-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: QUICKfind BHO Object -> {C08DF07A-3E49-4E25-9AB0-D3882835F153} -> C:\Program Files (x86)\IDM\QUICKfind\PlugIns\IEHelp.dll (IDM)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKU\S-1-5-21-2369609114-863870372-693991672-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\ho2j0dk3.default
FF SelectedSearchEngine: ICQ Search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\ho2j0dk3.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Yahoo Community Smartbar - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\ho2j0dk3.default\Extensions\{dbde54ab-2f13-2f9a-4711-1b52e0b6ad5e} [2014-08-12]
FF Extension: ICQ Sparberater - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\ho2j0dk3.default\Extensions\ciuvo-extension@icq.de.xpi [2012-08-11]
FF Extension: Firefox Old Version Update Hotfix - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\ho2j0dk3.default\Extensions\firefox-hotfix@mozilla.org.xpi [2014-11-08]

Chrome: 
=======
CHR HomePage: Default -> https://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.sweet-page.com/?type=hp&ts=1399918233&from=cor&uid=TOSHIBAXMK3259GSXP_42BICPG5TXX42BICPG5T", "https://www.google.de/"
CHR Profile: C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-11]
CHR Extension: (Google Docs) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-24]
CHR Extension: (Google Drive) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-24]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-09]
CHR Extension: (YouTube) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-24]
CHR Extension: (Google-Suche) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-24]
CHR Extension: (iVocab: GRE, TOEFL and SAT) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddbfkngjokojcmmadaaipmjiacnnmgbl [2013-12-23]
CHR Extension: (Google Tabellen) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-11]
CHR Extension: (SAT Exam: Vokabeln) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfgbfnojhclndefdagpdjnilbhggpecn [2013-12-23]
CHR Extension: (Google Wallet) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-04]
CHR Extension: (Google Mail) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-24]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [487936 2014-10-15] (Connectify) [File not signed]
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [871296 2012-02-07] (Acer Incorporated)
R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [28264 2012-02-29] (Acer Incorporated)
R2 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [255376 2012-02-07] (Acer Incorporated)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 cnnctfy3; C:\Windows\System32\DRIVERS\cnnctfy3.sys [42152 2014-11-09] (Connectify)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2014-11-09] ()
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-12] (Malwarebytes Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [52736 2012-04-25] (Apple, Inc.) [File not signed]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U4 WPM; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-13 21:06 - 2014-11-13 21:07 - 00015778 _____ () C:\Users\Fabian\Desktop\FRST.txt
2014-11-13 21:06 - 2014-11-13 21:06 - 00000000 ____D () C:\Users\Fabian\Desktop\FRST-OlderVersion
2014-11-13 21:05 - 2014-11-13 21:05 - 00001060 _____ () C:\Users\Fabian\Desktop\checkup.txt
2014-11-13 21:01 - 2014-11-13 21:01 - 00854448 _____ () C:\Users\Fabian\Desktop\SecurityCheck.exe
2014-11-13 20:06 - 2014-11-13 20:07 - 02347384 _____ (ESET) C:\Users\Fabian\Desktop\esetsmartinstaller_deu.exe
2014-11-13 16:04 - 2014-11-13 16:04 - 00000000 ____D () C:\Users\Fabian\Desktop\Biwi M3 - Ref. Probleme
2014-11-12 20:56 - 2014-11-12 20:57 - 02116096 _____ (Farbar) C:\Users\Fabian\Downloads\FRST64 (1).exe
2014-11-12 20:44 - 2014-11-12 20:44 - 00000000 ____D () C:\Windows\ERUNT
2014-11-12 19:54 - 2014-11-12 19:54 - 00001114 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-11-12 19:52 - 2014-11-12 19:53 - 01706808 _____ (Thisisu) C:\Users\Fabian\Desktop\JRT.exe
2014-11-12 19:51 - 2014-11-12 19:51 - 02140160 _____ () C:\Users\Fabian\Desktop\AdwCleaner_4.101.exe
2014-11-12 19:50 - 2014-11-12 19:51 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Fabian\Desktop\mbam-setup-2.0.3.1025.exe
2014-11-12 11:17 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 11:17 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 11:17 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 11:17 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 11:17 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 11:17 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 11:17 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 11:17 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 11:17 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 11:17 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 11:17 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 11:17 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 11:17 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 11:17 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 11:17 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 11:17 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 11:17 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 11:17 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 11:17 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 11:17 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 11:17 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 11:17 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 11:17 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 11:17 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 11:17 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 11:17 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 11:17 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 11:17 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 11:17 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 11:17 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 11:17 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 11:16 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 11:16 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 11:16 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 11:16 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 11:16 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 11:16 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 11:16 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 11:16 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 11:16 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 11:16 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 11:16 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 11:16 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 11:16 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 11:16 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 11:16 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 11:16 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 11:16 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 11:16 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 11:16 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 11:16 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 11:16 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 11:16 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 11:16 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 11:16 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 11:16 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 11:16 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 11:16 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 11:16 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 11:16 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 11:16 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 11:16 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 11:16 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 11:16 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 11:16 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 11:16 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 11:16 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 11:16 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 11:15 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 11:15 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 11:15 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 11:15 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 11:15 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 11:15 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 11:15 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 11:15 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 11:15 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 11:15 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 11:15 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 11:15 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 11:15 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 11:15 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 11:15 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 11:15 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 11:14 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 11:14 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 11:14 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 11:14 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 11:14 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 11:14 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 11:14 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 11:14 - 2014-09-19 10:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-12 11:14 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 11:14 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 11:14 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 11:14 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 11:14 - 2014-09-19 10:23 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-12 11:14 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 11:14 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 11:14 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 11:14 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 11:14 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 11:14 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-11 23:25 - 2014-11-11 23:25 - 00025859 _____ () C:\ComboFix.txt
2014-11-11 22:01 - 2014-11-11 23:25 - 00000000 ____D () C:\Qoobox
2014-11-11 22:01 - 2014-11-11 23:22 - 00000000 ____D () C:\Windows\erdnt
2014-11-11 22:01 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-11-11 22:01 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-11-11 22:01 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-11-11 22:01 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-11-11 22:01 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-11-11 22:01 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-11-11 22:01 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-11-11 22:01 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-11-11 21:57 - 2014-11-11 21:57 - 05598118 ____R (Swearware) C:\Users\Fabian\Desktop\ComboFix.exe
2014-11-10 20:25 - 2014-11-12 23:36 - 00025831 _____ () C:\Users\Fabian\Desktop\English - Literature.odt
2014-11-10 16:57 - 2014-11-10 16:58 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Fabian\Desktop\tdsskiller.exe
2014-11-10 16:50 - 2014-11-10 16:50 - 00001276 _____ () C:\Users\Fabian\Desktop\Revo Uninstaller.lnk
2014-11-10 16:50 - 2014-11-10 16:50 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-11-09 20:41 - 2014-11-09 20:42 - 00032076 _____ () C:\Users\Fabian\Downloads\Addition.txt
2014-11-09 20:39 - 2014-11-09 20:42 - 00035578 _____ () C:\Users\Fabian\Downloads\FRST.txt
2014-11-09 20:38 - 2014-11-13 21:06 - 02116608 _____ (Farbar) C:\Users\Fabian\Desktop\FRST64.exe
2014-11-09 20:38 - 2014-11-13 21:06 - 00000000 ____D () C:\FRST
2014-11-09 18:36 - 2014-11-09 18:36 - 00043664 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-11-09 18:33 - 2014-11-09 18:33 - 00004868 _____ () C:\Windows\system32\.crusader
2014-11-09 16:26 - 2014-11-09 16:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Connectify
2014-11-09 16:24 - 2014-11-09 16:24 - 00042152 _____ (Connectify) C:\Windows\system32\Drivers\cnnctfy3.sys
2014-11-09 16:14 - 2014-11-09 16:14 - 00001795 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-11-09 16:14 - 2014-11-09 16:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-11-09 16:14 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-11-09 16:13 - 2014-11-09 16:14 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-11-09 16:13 - 2014-11-09 16:14 - 00000000 ____D () C:\Program Files\iTunes
2014-11-09 16:13 - 2014-11-09 16:14 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-11-09 16:13 - 2014-11-09 16:13 - 00000000 ____D () C:\Program Files\iPod
2014-11-09 16:11 - 2014-11-09 16:11 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Apple Computer
2014-11-09 16:11 - 2014-11-09 16:11 - 00000000 ____D () C:\Users\Default\AppData\Local\Apple Computer
2014-11-09 16:11 - 2014-11-09 16:11 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Apple Computer
2014-11-09 16:11 - 2014-11-09 16:11 - 00000000 ____D () C:\Users\Default User\AppData\Local\Apple Computer
2014-11-09 16:09 - 2014-11-09 16:09 - 00000000 ____D () C:\Program Files\Bonjour
2014-11-09 16:09 - 2014-11-09 16:09 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-11-09 15:57 - 2014-11-12 11:21 - 00004332 _____ () C:\Windows\SecuniaPackage.log
2014-11-09 15:45 - 2014-11-09 15:45 - 00001081 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2014-11-09 15:45 - 2014-11-09 15:45 - 00000000 ____D () C:\Users\Fabian\AppData\Local\Secunia PSI
2014-11-09 15:45 - 2014-11-09 15:45 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-11-07 21:45 - 2014-11-07 21:45 - 00000000 ____D () C:\Users\Fabian\Desktop\Biwi - Endepohls Ulpe
2014-11-05 19:56 - 2014-11-05 20:48 - 05501867 _____ () C:\Users\Fabian\Downloads\Hausarbeit - Die Bedeutung der Panathenäen für Athen.odt
2014-10-31 06:11 - 2014-11-07 21:15 - 00000000 ____D () C:\Users\Fabian\Desktop\Biwi - Dazert
2014-10-29 22:45 - 2014-11-13 17:27 - 00000000 ____D () C:\Users\Fabian\Desktop\Vorlesung Geulen
2014-10-28 13:02 - 2014-10-28 13:20 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-10-28 13:02 - 2014-10-28 13:02 - 13485202 _____ () C:\Users\Fabian\Downloads\hitmanpro379.zip
2014-10-22 20:27 - 2014-09-26 17:36 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-10-22 20:26 - 2014-10-28 12:23 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-22 20:26 - 2014-10-28 12:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-22 20:26 - 2014-09-26 17:36 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-22 20:26 - 2014-09-26 17:35 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-22 20:25 - 2014-10-22 20:26 - 00004838 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_71-b14.log
2014-10-16 00:04 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 00:04 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-16 00:04 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-16 00:04 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 00:04 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-16 00:04 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 00:02 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 00:02 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 00:02 - 2014-07-17 03:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 00:02 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-16 00:02 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 00:02 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 00:02 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 00:02 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-16 00:02 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-16 00:02 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-16 00:02 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-16 00:02 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 00:02 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-13 21:00 - 2014-10-11 13:05 - 00012377 _____ () C:\Users\Fabian\Desktop\S.odt
2014-11-13 20:25 - 2012-04-30 08:53 - 01420114 _____ () C:\Windows\WindowsUpdate.log
2014-11-13 20:25 - 2012-03-24 18:22 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-13 20:17 - 2013-06-23 23:39 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-13 20:06 - 2012-04-30 18:36 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-11-13 20:06 - 2012-04-30 18:36 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-11-13 20:06 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-13 19:53 - 2009-07-14 05:51 - 00104995 _____ () C:\Windows\setupact.log
2014-11-13 19:40 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-13 19:40 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-13 19:25 - 2013-06-23 23:39 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-13 19:24 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-12 20:41 - 2010-11-21 04:47 - 00944550 _____ () C:\Windows\PFRO.log
2014-11-12 20:40 - 2014-10-06 12:28 - 00000000 ____D () C:\AdwCleaner
2014-11-12 19:54 - 2014-05-12 20:53 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-12 19:54 - 2014-05-12 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-11-12 19:54 - 2014-05-12 20:53 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-11-12 19:42 - 2009-07-14 05:45 - 00295376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 19:39 - 2014-05-06 22:03 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-12 12:31 - 2013-07-25 14:22 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 12:21 - 2013-06-19 22:49 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-12 12:07 - 2014-08-15 11:36 - 00000000 ____D () C:\Users\Fabian\Desktop\Hausarbeit Antike
2014-11-12 11:21 - 2012-03-24 18:22 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 11:21 - 2012-03-24 18:22 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-12 11:21 - 2012-03-24 18:22 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-12 01:20 - 2013-04-28 16:43 - 00000000 ____D () C:\Users\Fabian\Desktop\Geschichte
2014-11-12 01:20 - 2012-08-19 11:04 - 00000000 ____D () C:\Users\Fabian\Desktop\BBT 7.3, 19
2014-11-11 23:21 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-11-11 11:42 - 2012-08-22 16:39 - 00000000 ____D () C:\Users\Fabian\Desktop\Will grace 8.2
2014-11-09 18:41 - 2012-03-24 18:21 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-11-09 18:37 - 2012-12-30 13:12 - 00000000 ____D () C:\Program Files (x86)\Connectify
2014-11-09 16:13 - 2012-08-09 18:19 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-11-09 16:12 - 2013-06-23 23:39 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-09 16:12 - 2013-06-23 23:39 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-09 16:05 - 2012-08-09 18:18 - 00000000 ____D () C:\ProgramData\Apple
2014-11-09 15:14 - 2013-11-23 02:22 - 00018374 _____ () C:\Users\Fabian\Desktop\Burger King - Arbeitszeiten.odt
2014-11-06 20:22 - 2013-09-15 17:35 - 00000000 ____D () C:\Users\Fabian\Desktop\Praktika
2014-11-01 15:35 - 2012-08-18 17:55 - 00000000 ____D () C:\Users\Fabian\AppData\Local\CrashDumps
2014-10-28 14:26 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-28 12:23 - 2014-05-05 21:12 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-28 12:22 - 2014-05-05 21:11 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-28 06:34 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-26 14:12 - 2012-08-10 17:13 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\Skype
2014-10-25 16:18 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-10-16 17:11 - 2013-11-10 15:00 - 00016018 _____ () C:\Users\Fabian\Desktop\Mc Fit - Zeiten.odt

Some content of TEMP:
====================
C:\Users\Fabian\AppData\Local\Temp\Quarantine.exe
C:\Users\Fabian\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-06 20:05

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

Addition

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-11-2014
Ran by Fabian at 2014-11-13 21:08:09
Running from C:\Users\Fabian\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Ableton Live 8 (HKLM-x32\...\{4941E15C-3C68-4FB7-B5A4-5061B92E9166}) (Version: 8.0.0.0 - Ableton)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\{3CA17ADC-2146-49C2-A375-972BB57CF7F6}) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\{10F0B906-1989-4F20-A93C-4C0F94C8DF9E}) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{10436F01-26D3-83D0-97E1-0875A80E57D8}) (Version: 3.0.859.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Aquamarin Haushaltsbuch 2.9.2 b (HKLM-x32\...\{1E517C0C-8542-4F8C-DA23-98BCA13CD1F4}_is1) (Version:  - makasy.com)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.12.13 - Atheros Communications Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Connectify (HKLM\...\Connectify) (Version: 9.2.2.33000 - Connectify)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
eBay Worldwide (HKLM-x32\...\{D3E5A972-9A15-427D-AE78-8181A5FD943C}) (Version: 2.2.0409 - OEM)
ETDWare PS/2-X64 10.6.9.9_WHQL (HKLM\...\Elantech) (Version: 10.6.9.9 - ELAN Microelectronic Corp.)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fooz Kids Platform (HKLM-x32\...\{8D68CE08-9A14-4B7B-9857-3C646A2F34C7}) (Version: 2.1 - FUHU, Inc.)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.3.7.807 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.1.39.1015 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.1.39.1015 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.11.26.706 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.26.706 - DVDVideoSoft Ltd.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GIMP 2.8.0 (HKLM\...\GIMP-2_is1) (Version: 2.8.0 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Packard Bell)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kobo (HKLM-x32\...\Kobo) (Version: 2.1.5 - Kobo Inc.)
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.15 - Packard Bell)
Longman Pronunciation Dictionary (HKLM-x32\...\NSIS_lpd) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.8.11100.9.100 - Nero AG)
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.4.10500.1.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.6.10700.5.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.6.10300 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{68AFA3A7-9265-4ABD-994A-ACA413E3715C}) (Version: 10.6.10400 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.6.10500.3.100 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.6.10600.4.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.10900.31.0 - Nero AG)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
OpenOffice.org 3.4 (HKLM-x32\...\{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}) (Version: 3.4.9590 - OpenOffice.org)
Packard Bell Games (HKLM-x32\...\WildTangent packardbell Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Packard Bell Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3010 - Packard Bell)
Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3507 - Packard Bell)
Packard Bell Registration (HKLM-x32\...\Packard Bell Registration) (Version: 1.04.3506 - Packard Bell)
Packard Bell ScreenSaver (HKLM-x32\...\Packard Bell Screensaver) (Version: 1.1.0915.2011 - Packard Bell )
Packard Bell Social Networks (HKLM-x32\...\InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 3.0.3106 - CyberLink Corp.)
Packard Bell Social Networks (x32 Version: 3.0.3106 - CyberLink Corp.) Hidden
Packard Bell Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3501 - Packard Bell)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QUICKfind server v1.1 (HKLM-x32\...\QUICKfind) (Version:  - IDM)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6559 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.28094 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tales of Lagoona (x32 Version: 2.2.0.98 - WildTangent) Hidden
Teachmaster 4.3 (nur Entfernen) (HKLM-x32\...\Teachmaster 4.3) (Version:  - )
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Video Web Camera (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2624.00 - CyberLink Corp.)
Video Web Camera (x32 Version: 1.5.2624.00 - CyberLink Corp.) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.02.3507 - Packard Bell)
WildTangent Games App (Packard Bell Games) (x32 Version: 4.0.5.32 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

04-11-2014 09:57:06 Windows Update
07-11-2014 17:31:03 Windows Update
09-11-2014 14:51:18 Gerätetreiber-Paketinstallation: Connectify Netzwerkdienst
09-11-2014 15:25:18 Gerätetreiber-Paketinstallation: Connectify Netzwerkdienst
09-11-2014 17:32:26 Prüfpunkt von HitmanPro
10-11-2014 15:51:42 Revo Uninstaller's restore point - Adobe Flash Player Packages
10-11-2014 15:53:13 Revo Uninstaller's restore point - duownoloaditkoeep
10-11-2014 15:54:40 Revo Uninstaller's restore point - Yahoo Community Smartbar Engine
10-11-2014 16:53:50 Revo Uninstaller's restore point - Yahoo Community Smartbar Engine
11-11-2014 08:49:28 Windows Update
12-11-2014 11:19:02 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-11-12 10:55 - 00000065 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1F83DA4E-B66D-479E-93F4-41C89EB4381D} - System32\Tasks\{0932E51F-E328-49BE-A8D5-9E72E0628CF4} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-07-24] (Skype Technologies S.A.)
Task: {236523C7-EA99-4366-8362-2E3982B4B388} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12] (Adobe Systems Incorporated)
Task: {6684E134-BD88-494F-A04D-1860049DF236} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-23] (Google Inc.)
Task: {ABD49254-8760-4CB6-9648-29D6827178EA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-23] (Google Inc.)
Task: {F163A9DE-599E-440C-A9DD-BA8E8AA9EBE9} - System32\Tasks\NBAgent => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2012-01-16] (Nero AG)
Task: {FA877437-7B26-4C05-9B83-BF735C472880} - System32\Tasks\UALU notificatin => C:\Program Files\Packard Bell\Packard Bell Updater\UALU.exe [2012-02-07] (Acer Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-12-30 13:13 - 2014-10-15 20:44 - 00377080 _____ () C:\Program Files (x86)\Connectify\NativeLibrary.dll
2013-06-21 16:37 - 2014-10-15 20:44 - 00713976 _____ () C:\Program Files (x86)\Connectify\log4cplus.dll
2012-12-30 13:13 - 2014-10-15 20:44 - 03564280 _____ () C:\Program Files (x86)\Connectify\ConnectifyNAT.dll
2012-12-30 13:13 - 2014-10-15 20:44 - 00354040 _____ () C:\Program Files (x86)\Connectify\LibDispatch.dll
2014-11-09 16:13 - 2014-10-22 05:04 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-11-09 16:13 - 2014-10-22 05:04 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-11-09 16:13 - 2014-10-22 05:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-11-09 16:13 - 2014-10-22 05:04 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
2014-11-09 16:13 - 2014-10-22 05:05 - 14902600 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-2369609114-863870372-693991672-500 - Administrator - Disabled)
Fabian (S-1-5-21-2369609114-863870372-693991672-1000 - Administrator - Enabled) => C:\Users\Fabian
Gast (S-1-5-21-2369609114-863870372-693991672-501 - Limited - Enabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-2369609114-863870372-693991672-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/13/2014 08:59:20 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/13/2014 08:58:41 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/13/2014 08:58:38 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/13/2014 08:58:38 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/13/2014 08:58:25 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/13/2014 08:57:38 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/13/2014 08:07:13 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/13/2014 08:07:10 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/13/2014 07:25:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/13/2014 04:02:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (11/13/2014 05:27:40 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}


Microsoft Office Sessions:
=========================
Error: (11/13/2014 08:59:20 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (11/13/2014 08:58:41 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Fabian\Desktop\esetsmartinstaller_deu.exe

Error: (11/13/2014 08:58:38 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Fabian\Desktop\esetsmartinstaller_deu.exe

Error: (11/13/2014 08:58:38 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Fabian\Desktop\esetsmartinstaller_deu.exe

Error: (11/13/2014 08:58:25 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Fabian\Desktop\esetsmartinstaller_deu.exe

Error: (11/13/2014 08:57:38 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Fabian\Downloads\esetsmartinstaller_deu.exe

Error: (11/13/2014 08:07:13 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Fabian\Downloads\esetsmartinstaller_deu.exe

Error: (11/13/2014 08:07:10 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Fabian\Downloads\esetsmartinstaller_deu.exe

Error: (11/13/2014 07:25:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/13/2014 04:02:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2014-11-11 23:19:39.651
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-11 23:19:38.887
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: AMD E1-1200 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 42%
Total physical RAM: 3689.37 MB
Available physical RAM: 2126.73 MB
Total Pagefile: 7376.91 MB
Available Pagefile: 5424.38 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: (Packard Bell) (Fixed) (Total:279.99 GB) (Free:167.96 GB) NTFS
Drive e: () (Removable) (Total:3.79 GB) (Free:0.98 GB) FAT32
Drive f: () (Removable) (Total:1.92 GB) (Free:0.62 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 5BE1598A)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=280 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 3.8 GB) (Disk ID: 00D33378)
Partition 1: (Active) - (Size=3.8 GB) - (Type=0B)

========================================================
Disk: 2 (Size: 1.9 GB) (Disk ID: 91F72D24)
Partition 1: (Active) - (Size=1.9 GB) - (Type=06)

==================== End Of Log ============================

Also bevor ich die Programme jetzt ausgeführt habe, kam selbe Meldung wieder. Ich werde es jetzt noch mal versuchen und hoffe das beste.

EDIT: Nein, sorry... es kommt nach wie vor. Zwar nicht mehr so oft, aberkommt noch.

Ich verstehe auch nicht, wieso der Security Check mir sagt, dass Java veraltet ist. Ich habe es, nachdem die Meldung das erste Mal kam, auch erneuert. (Aber über die offizielle Seite nicht über den komischen Link den ich immer bekomme^^)

schrauber · 14.11.2014, 18:27

Updates wie angezeigt machen. Bei Java ist die aktuelle drauf, ja, aber auch ne alte Version, die wird angemeckert

Router bitte auf Werkseinstellungen zurücksetzen, Verbindungsdaten neu eingeben.
Dann alle Browser komplett zurücksetzen, nochmal testen.

hallohallo1 · 15.11.2014, 22:06

WIe mache ich das mit dem Router?

Da ist ein Problem, dass ich das Passwort nicht mehr weiss :x

schrauber · 16.11.2014, 18:03

Das Passwort brauchste auch jetzt nit. Hinten am Router sollte ein Knopf zum Resetten sein, 10 sec drücken.

Welche Marke und Modell ist das?

hallohallo1 · 16.11.2014, 23:02

Habe hinten keinen Knopf entdeckt.

Da steht drauf

Allnet
ALL 0277 DSL

16.11.2014, 18:03	#14
schrauber /// the machine /// TB-Ausbilder	Achtung, Ihre Java-Version ist veraltet! Das Passwort brauchste auch jetzt nit. Hinten am Router sollte ein Knopf zum Resetten sein, 10 sec drücken. Welche Marke und Modell ist das? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Achtung, Ihre Java-Version ist veraltet!

Plagegeister aller Art und deren Bekämpfung: Achtung, Ihre Java-Version ist veraltet!