| |
| |||||||
Log-Analyse und Auswertung: Windows 7: Vollbildschirm schließt sich automatischWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
18.11.2014, 20:51
| #1 |
 |  Windows 7: Vollbildschirm schließt sich automatisch Hallo, seit einiger Zeit habe ich ein Problem, dass sich der Vollbildschirm bei mehreren Anwendungen von selbst schließt. Dies kommt z. B. bei Spielen vor, die dann nur noch in der Taskleiste zu finden sind, oder beim Betrachten von Videos oder Sendungen in Youtube bzw. Sky Go. Das ist auf die Dauer mehr als nervig. Gehe mal davon aus, dass ich mir irgendetwas eingefangen habe, was den Vollbildschirm beeinflusst. Ansonsten fällt mir nur noch auf, dass er beim Systemstart schon mal schneller war. Bis die erste Anwendung problemlos gestartet werden kann, dauert es etwas. Aber vielleicht ist das auch nur der Zahn der Zeit?? Gleich kommen die ersten Logfiles. Danke schon mal vorab für die Hilfe! Gruß Seal defogger_disable.log Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 20:24 on 18/11/2014 (Holgi)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
HKCU:DAEMON Tools Lite -> Removed
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-11-2014 Ran by Holgi (administrator) on HOLGI-PC on 18-11-2014 20:25:59 Running from C:\Users\Holgi\Desktop Loaded Profile: Holgi (Available profiles: Holgi) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe () C:\ProgramData\DatacardService\DCService.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe () C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe () C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Huawei Technologies Co., Ltd.) C:\Users\Holgi\AppData\Roaming\Telekom Internet Manager\ouc.exe (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe () C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe (Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe (Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2247976 2010-07-15] (Synaptics Incorporated) HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1928976 2010-03-05] (Intel(R) Corporation) HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3206816 2010-08-04] (Dell Inc.) HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [727664 2010-09-24] () HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation) HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [395344 2011-09-22] (Acronis) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6611048 2011-02-18] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2188904 2011-01-18] (Realtek Semiconductor) HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation) HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe [1807680 2010-02-09] () HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [487562 2010-08-20] (Creative Technology Ltd) HKLM-x32\...\Run: [DataCardMonitor] => C:\Program Files (x86)\Telekom\InternetManager_H\DataCardMonitor.exe [253952 2011-11-12] (Huawei Technologies Co., Ltd.) HKLM-x32\...\Run: [SAOB Monitor] => C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe [2571032 2011-09-22] (Acronis) HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5587832 2011-09-22] (Acronis) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-07-25] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5225064 2014-11-09] (AVAST Software) HKLM-x32\...\RunOnce: [Launcher] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe [163040 2010-08-12] (Softthinks) HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\...\Run: [HW_OPENEYE_OUC_Telekom Internet Manager] => C:\Program Files (x86)\Telekom\InternetManager_H\UpdateDog\ouc.exe [110592 2009-12-31] (Huawei Technologies Co., Ltd.) HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1562264 2014-07-25] (Samsung) HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\...\Run: [DellSystemDetect] => C:\Users\Holgi\AppData\Local\Apps\2.0\WDNJWVRP.6BM\H2A4DABA.YVQ\dell..tion_0f612f649c4a10af_0005.0009_14e1a3fbfbaf942c\DellSystemDetect.exe [263232 2014-08-19] (Dell) HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_189_Plugin.exe [854704 2014-10-22] (Adobe Systems Incorporated) HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\...\MountPoints2: {3b4394af-3fea-11e3-979d-f04da25be7c1} - E:\AutoRun.exe HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\...\MountPoints2: {ca4e480d-867b-11e1-9607-f04da25be7c1} - D:\start.exe /auto HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\...\MountPoints2: {e0af5ea0-1430-11e1-a14c-f04da25be7c1} - E:\AutoRun.exe HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\...\MountPoints2: {ea07ed7a-0b42-11e1-a38f-f04da25be7c1} - E:\AutoRun.exe HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\...\MountPoints2: {ea07ee0e-0b42-11e1-a38f-f04da25be7c1} - E:\AutoRun.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe () Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) Startup: C:\Users\Holgi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8 SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> DefaultScope {5C721AC4-8738-42C0-8CD2-58F97E0398EB} URL = SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {0632309F-DE38-4268-9692-036784E9A1D7} URL = SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {17805846-7469-41E4-9A7C-FFCF75F42C6C} URL = hxxp://suche.t-online.de/fast-cgi/tsc?sr=tportal&q={searchTerms}&dia=tie8 SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {23275BE6-9F0A-4EA7-B2C7-C2E8FD0F511D} URL = hxxp://dict.leo.org/ende?lp=ende&search={searchTerms} SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {5C721AC4-8738-42C0-8CD2-58F97E0398EB} URL = SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {7A7EFF3B-7BF9-478E-9AB7-B445D7AD9D3C} URL = hxxp://preisvergleich.t-online.de/angebote/{searchTerms}?soid=42534758 SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {9164E28C-0259-45DE-B2AF-595F2689BD4D} URL = hxxp://suche.t-online.de/fast-cgi/tsc?sr=twiki&q={searchTerms}&dia=tie8 SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {925BC6A2-7FCF-40DF-8BFF-FAC13BBEDE51} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=tonline-browser_toolbar3_search-21&index=blended&linkCode=ur2 SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {A5651A03-AFF1-4BC2-8DF7-C66D28D8D840} URL = hxxp://dict.leo.org/frde?lp=frde&search={searchTerms} SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {C8EF559E-E0D7-4601-88BE-42F03229A230} URL = hxxp://rover.ebay.com/rover/1/707-1403-9414-51/4?satitle={searchTerms} SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {D58F6799-D10F-4A49-AC4B-7B2CE2CF9328} URL = hxxp://dict.leo.org/esde?lp=esde&search={searchTerms} SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {F44C3FA9-AB56-49F4-A91A-C9D8CE06A609} URL = hxxp://suche.t-online.de/fast-cgi/tsc?sr=tweb&q={searchTerms}&dia=tie8 BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Toolbar 3.0 der Telekom Browserhilfsobjekt -> {C9603180-FA5C-4DB0-A013-ADC60309AF82} -> C:\Program Files\Deutsche Telekom\Toolbar3\ToToolbar.dll (Deutsche Telekom AG) BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - No Name - {2015C8D4-8534-48DB-B5FB-5C76291F080C} - No File DPF: HKLM-x32 {3860DD98-0549-4D50-AA72-5D17D200EE10} hxxp://cdn.scan.onecare.live.com/resource/download/scanner/de-de/wlscctrl2.cab DPF: HKLM-x32 {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} hxxp://download.bitdefender.com/resources/scanner/sources/de/scan8/oscan8.cab Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default FF DefaultSearchEngine: Google FF SearchEngineOrder.1: Ask.com FF Homepage: hxxp://www.google.de/ FF NetworkProxy: "backup.ftp", "213.123.235.132" FF NetworkProxy: "backup.ftp_port", 80 FF NetworkProxy: "backup.socks", "213.123.235.132" FF NetworkProxy: "backup.socks_port", 80 FF NetworkProxy: "backup.ssl", "213.123.235.132" FF NetworkProxy: "backup.ssl_port", 80 FF NetworkProxy: "gopher", "" FF NetworkProxy: "gopher_port", 0 FF NetworkProxy: "share_proxy_settings", true FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\Program Files (x86)\TVUPlayer\npTVUAx.dll No File FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npffvsharetvplg.dll (vShare.tv) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\searchplugins\amazonde.xml FF SearchPlugin: C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\searchplugins\einkaufswelt.xml FF SearchPlugin: C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\searchplugins\leo-franzsisch.xml FF SearchPlugin: C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\searchplugins\leo-spanisch.xml FF SearchPlugin: C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\searchplugins\t-onlinede-portalsuche.xml FF SearchPlugin: C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\searchplugins\t-onlinede-websuche.xml FF Extension: Avira Browser Safety - C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\Extensions\abs@avira.com [2014-09-30] FF Extension: YouTube Unblocker - C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\Extensions\youtubeunblocker@unblocker.yt [2014-11-05] FF Extension: DownloadHelper - C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-12] FF Extension: InvisibleHand - C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\Extensions\canitbecheaper@trafficbroker.co.uk.xpi [2012-11-04] FF Extension: NoScript - C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-07-14] FF Extension: Adblock Plus - C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-07-06] FF Extension: BetterPrivacy - C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2013-07-14] FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-22] Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-09] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-09] (AVAST Software) R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-09] (Avast Software) R2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [229376 2010-08-19] () [File not signed] R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed] S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-03-05] () S3 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed] S3 OpenVPNService; C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe [37176 2014-04-14] (The OpenVPN Project) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-09] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-09] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-09] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-09] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-09] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-09] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-09] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-09] () R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [16512 2009-12-15] (Bytemobile, Inc.) [File not signed] R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-29] (Disc Soft Ltd) U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [256000 2010-08-31] (Huawei Technologies Co., Ltd.) S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-10-12] (Huawei Technologies Co., Ltd.) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-18] (Malwarebytes Corporation) S3 MEMSWEEP2; C:\Windows\system32\DAFB.tmp [6144 2010-05-26] (Sophos Plc) [File not signed] R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [39552 2009-12-15] (Bytemobile, Inc.) [File not signed] S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] () U4 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-09] (Avast Software) S3 ALSysIO; \??\C:\Users\Holgi\AppData\Local\Temp\ALSysIO64.sys [X] S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-18 20:25 - 2014-11-18 20:26 - 00024033 _____ () C:\Users\Holgi\Desktop\FRST.txt 2014-11-18 20:25 - 2014-11-18 20:26 - 00000000 ____D () C:\FRST 2014-11-18 20:24 - 2014-11-18 20:24 - 00000168 _____ () C:\Users\Holgi\defogger_reenable 2014-11-18 20:24 - 2014-11-18 20:24 - 00000000 ____D () C:\Users\Holgi\Desktop\Bereinigung 2014-11-18 20:19 - 2014-11-18 20:19 - 00380416 _____ () C:\Users\Holgi\Desktop\Gmer-19357.exe 2014-11-18 20:17 - 2014-11-18 20:17 - 02117120 _____ (Farbar) C:\Users\Holgi\Desktop\FRST64.exe 2014-11-18 20:16 - 2014-11-18 20:16 - 00050477 _____ () C:\Users\Holgi\Desktop\Defogger.exe 2014-11-18 00:01 - 2014-11-18 00:01 - 00001175 _____ () C:\Users\Holgi\Desktop\Auslogics DiskDefrag.lnk 2014-11-18 00:01 - 2014-11-18 00:01 - 00000000 __SHD () C:\Users\Holgi\AppData\Local\EmieBrowserModeList 2014-11-18 00:01 - 2014-11-18 00:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics 2014-11-18 00:01 - 2014-11-18 00:01 - 00000000 ____D () C:\Program Files (x86)\Auslogics 2014-11-17 23:53 - 2014-11-17 23:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec 2014-11-17 23:53 - 2014-11-17 23:53 - 00000000 ____D () C:\Program Files (x86)\MyFree Codec 2014-11-17 23:43 - 2014-11-17 23:43 - 00000000 ____D () C:\Program Files (x86)\MarkAny 2014-11-14 20:07 - 2014-11-14 20:10 - 304379585 _____ () C:\Users\Holgi\Downloads\nordrhein-westfalen.map 2014-11-12 22:04 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-11-12 22:04 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-11-12 22:04 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-11-12 22:04 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-11-12 22:04 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-11-12 22:04 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-11-12 22:04 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-11-12 22:04 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-11-12 22:04 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-11-12 22:04 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-11-12 22:04 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-11-12 22:04 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-11-12 22:04 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-11-12 22:04 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-11-12 22:04 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-11-12 22:03 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-11-12 22:03 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-11-12 22:03 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-11-12 22:03 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-11-12 22:03 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-11-12 22:03 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-11-12 22:03 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-11-12 22:03 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-11-12 22:03 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-11-12 22:03 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-11-12 22:03 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-11-12 22:03 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-11-12 22:03 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-11-12 22:03 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-11-12 22:03 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-11-12 22:03 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-11-12 22:03 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-11-12 22:03 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-11-12 22:03 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-11-12 22:03 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-11-12 22:03 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-11-12 22:03 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-11-12 22:03 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-11-12 22:03 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-11-12 22:02 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-11-12 22:02 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-11-12 22:02 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-11-12 22:02 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-11-12 22:02 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-11-12 22:02 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-11-12 22:02 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-11-12 22:02 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-11-12 22:02 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-11-12 22:02 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-11-12 22:02 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-11-12 22:02 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-11-12 22:02 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-11-12 22:02 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-11-12 22:02 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-11-12 22:02 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-11-12 22:02 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-11-12 22:02 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL 2014-11-12 22:01 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2014-11-12 22:01 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-11-12 22:01 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-11-12 22:01 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-11-12 22:01 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-11-12 22:01 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-11-12 22:01 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2014-11-12 22:01 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2014-11-12 22:01 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-11-12 22:01 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-11-12 22:01 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2014-11-12 22:01 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2014-11-12 22:01 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2014-11-12 22:01 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2014-11-12 22:01 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2014-11-12 22:01 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2014-11-12 22:01 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2014-11-12 22:01 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2014-11-12 22:01 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2014-11-12 22:01 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2014-11-12 22:01 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL 2014-11-12 22:00 - 2014-09-19 10:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-11-12 22:00 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-11-12 22:00 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-11-12 22:00 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-11-12 22:00 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-11-12 22:00 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-11-12 22:00 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-11-12 22:00 - 2014-09-19 10:23 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-11-12 22:00 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-11-12 22:00 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-11-12 22:00 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-11-12 22:00 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-11-12 22:00 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-11-12 22:00 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-11-12 22:00 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-11-12 22:00 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-11-12 22:00 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-11-12 22:00 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-11-12 21:59 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-11-12 21:59 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-11-12 21:58 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-11-12 21:58 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2014-11-12 21:50 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-11-12 21:49 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2014-11-12 21:49 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2014-11-12 17:51 - 2014-11-12 17:51 - 00000247 _____ () C:\Windows\system32\2014-11-12-16-51-41.084-aswFe.exe-5008.log 2014-11-12 17:51 - 2014-11-12 17:51 - 00000197 _____ () C:\Windows\system32\2014-11-12-16-51-32.051-AvastVBoxSVC.exe-6432.log 2014-11-12 17:33 - 2014-11-12 17:33 - 00003288 ____N () C:\bootsqm.dat 2014-11-11 21:18 - 2014-11-11 21:18 - 00000247 _____ () C:\Windows\system32\2014-11-11-20-18-58.005-aswFe.exe-5780.log 2014-11-11 21:13 - 2014-11-11 21:18 - 00000247 _____ () C:\Windows\system32\2014-11-11-20-13-10.000-aswFe.exe-6212.log 2014-11-11 21:13 - 2014-11-11 21:13 - 00000197 _____ () C:\Windows\system32\2014-11-11-20-13-02.055-AvastVBoxSVC.exe-2204.log 2014-11-10 20:38 - 2014-11-10 20:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-11-10 20:35 - 2014-11-10 20:35 - 00000247 _____ () C:\Windows\system32\2014-11-10-19-35-55.067-aswFe.exe-6240.log 2014-11-10 20:29 - 2014-11-10 20:35 - 00000247 _____ () C:\Windows\system32\2014-11-10-19-29-38.067-aswFe.exe-6824.log 2014-11-10 20:29 - 2014-11-10 20:29 - 00000197 _____ () C:\Windows\system32\2014-11-10-19-29-31.064-AvastVBoxSVC.exe-3728.log 2014-11-09 21:30 - 2014-11-09 21:30 - 00000247 _____ () C:\Windows\system32\2014-11-09-20-30-40.071-aswFe.exe-6752.log 2014-11-09 21:23 - 2014-11-09 21:30 - 00000247 _____ () C:\Windows\system32\2014-11-09-20-23-57.019-aswFe.exe-2728.log 2014-11-09 21:23 - 2014-11-09 21:23 - 00000197 _____ () C:\Windows\system32\2014-11-09-20-23-51.008-AvastVBoxSVC.exe-6404.log 2014-11-09 21:10 - 2014-11-09 21:10 - 05634808 _____ (Canneverbe Limited ) C:\Users\Holgi\Downloads\cdbxp_setup_4.5.4.5143.exe 2014-11-09 21:03 - 2014-11-09 21:03 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-11-09 21:03 - 2014-11-09 21:03 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-11-07 13:10 - 2014-11-17 23:40 - 00020514 _____ () C:\Users\Holgi\Documents\TombRaider.log 2014-11-07 13:10 - 2014-11-07 13:10 - 00000000 ____D () C:\Users\Holgi\AppData\Local\SKIDROW 2014-11-07 12:58 - 2014-11-07 12:58 - 00002262 _____ () C:\Users\Holgi\Desktop\Tomb Raider [2013] Collectors Edition.lnk 2014-11-01 08:15 - 2014-11-01 08:15 - 00000197 _____ () C:\Windows\system32\2014-11-01-07-15-04.051-AvastVBoxSVC.exe-7588.log 2014-11-01 08:13 - 2014-11-01 08:13 - 00000197 _____ () C:\Windows\system32\2014-11-01-07-13-07.072-AvastVBoxSVC.exe-7296.log 2014-11-01 08:11 - 2014-11-01 08:11 - 00000197 _____ () C:\Windows\system32\2014-11-01-07-11-32.041-AvastVBoxSVC.exe-2716.log 2014-10-29 06:52 - 2014-10-29 06:52 - 00000000 ____D () C:\Users\Holgi\AppData\Roaming\Games 2014-10-28 06:45 - 2014-10-28 06:45 - 00000197 _____ () C:\Windows\system32\2014-10-28-05-45-03.047-AvastVBoxSVC.exe-4252.log 2014-10-28 06:29 - 2014-10-28 06:29 - 00000197 _____ () C:\Windows\system32\2014-10-28-05-29-36.048-AvastVBoxSVC.exe-4240.log 2014-10-28 06:22 - 2014-10-28 06:22 - 00235936 _____ (Tagès SA) C:\Users\Holgi\Downloads\TagesSetup_x64.exe 2014-10-28 06:15 - 2014-10-28 06:15 - 00000197 _____ () C:\Windows\system32\2014-10-28-05-15-03.031-AvastVBoxSVC.exe-4584.log 2014-10-27 21:30 - 2014-10-27 21:30 - 00003002 _____ () C:\Windows\System32\Tasks\{64354971-86FB-4918-8AF8-1D957A46373F} 2014-10-27 21:26 - 2014-11-07 06:13 - 00000000 ____D () C:\ProgramData\InstallShield 2014-10-27 20:28 - 2014-10-27 20:28 - 00000197 _____ () C:\Windows\system32\2014-10-27-19-28-17.012-AvastVBoxSVC.exe-3728.log 2014-10-27 06:09 - 2014-10-27 06:09 - 00006662 _____ () C:\Windows\DPINST.LOG 2014-10-26 09:29 - 2014-10-26 09:30 - 00000197 _____ () C:\Windows\system32\2014-10-26-08-29-58.072-AvastVBoxSVC.exe-4004.log 2014-10-26 05:35 - 2014-11-18 19:49 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-10-26 05:35 - 2014-10-26 05:35 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-10-26 05:34 - 2014-10-26 05:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2014-10-26 05:34 - 2014-10-26 05:34 - 00000000 ____D () C:\Program Files\7-Zip 2014-10-22 20:07 - 2014-10-22 20:07 - 00000247 _____ () C:\Windows\system32\2014-10-22-19-07-36.068-aswFe.exe-6604.log 2014-10-22 20:01 - 2014-10-22 20:07 - 00000247 _____ () C:\Windows\system32\2014-10-22-19-01-34.088-aswFe.exe-692.log 2014-10-22 20:01 - 2014-10-22 20:01 - 00000197 _____ () C:\Windows\system32\2014-10-22-19-01-31.040-AvastVBoxSVC.exe-7128.log 2014-10-22 18:25 - 2014-10-22 18:25 - 00000000 ____D () C:\Windows\SysWOW64\vbox 2014-10-22 18:25 - 2014-10-22 18:25 - 00000000 ____D () C:\Windows\system32\vbox 2014-10-22 18:17 - 2014-11-09 21:04 - 00001966 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2014-10-22 18:07 - 2014-10-22 18:07 - 00000000 ____D () C:\Users\Holgi\AppData\Roaming\AVAST Software 2014-10-22 18:06 - 2014-11-18 19:23 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-10-22 18:06 - 2014-11-09 21:03 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys 2014-10-22 18:06 - 2014-11-09 21:03 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2014-10-22 18:06 - 2014-11-09 21:03 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-10-22 18:06 - 2014-11-09 21:03 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2014-10-22 18:06 - 2014-11-09 21:03 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-10-22 18:06 - 2014-11-09 21:03 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys 2014-10-22 18:06 - 2014-11-09 21:03 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-10-22 18:06 - 2014-11-09 21:03 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-10-22 18:05 - 2014-10-22 18:05 - 00000000 ____D () C:\Program Files\AVAST Software 2014-10-22 18:02 - 2014-10-22 18:05 - 00000000 ____D () C:\ProgramData\AVAST Software ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-18 20:24 - 2013-06-01 14:37 - 01839716 _____ () C:\Windows\WindowsUpdate.log 2014-11-18 20:24 - 2010-12-20 18:47 - 00000000 ____D () C:\Users\Holgi 2014-11-18 20:07 - 2014-04-26 08:20 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-11-18 20:06 - 2014-04-26 08:20 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-11-18 20:06 - 2014-04-26 08:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-11-18 20:06 - 2014-04-26 08:20 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-11-18 19:28 - 2014-08-19 07:36 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask 2014-11-17 23:53 - 2014-03-23 09:52 - 00002008 _____ () C:\Users\Public\Desktop\Samsung Kies (Lite).lnk 2014-11-17 23:41 - 2014-03-23 09:53 - 00000000 ____D () C:\Users\Holgi\AppData\Roaming\Samsung 2014-11-17 21:26 - 2014-07-23 20:07 - 00004661 _____ () C:\Windows\setupact.log 2014-11-13 20:09 - 2009-07-14 05:45 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-11-13 20:09 - 2009-07-14 05:45 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-11-13 06:44 - 2009-07-14 18:58 - 00709358 _____ () C:\Windows\system32\perfh007.dat 2014-11-13 06:44 - 2009-07-14 18:58 - 00154862 _____ () C:\Windows\system32\perfc007.dat 2014-11-13 06:44 - 2009-07-14 06:13 - 01648036 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-11-13 06:41 - 2010-12-20 18:47 - 00000000 ____D () C:\Users\Holgi\AppData\Local\SoftThinks 2014-11-13 06:40 - 2010-12-08 11:48 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-11-13 06:40 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-11-13 06:40 - 2009-07-14 05:45 - 00306240 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-11-13 06:37 - 2014-05-04 05:19 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-11-12 22:52 - 2010-12-20 20:04 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-11-12 22:35 - 2013-08-15 21:10 - 00000000 ____D () C:\Windows\system32\MRT 2014-11-12 22:14 - 2010-12-20 20:53 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-11-12 17:34 - 2012-04-25 18:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-11-11 20:53 - 2014-09-17 18:32 - 00000000 ____D () C:\Users\Holgi\Desktop\Geocaching 2014-11-10 20:10 - 2014-07-23 20:07 - 00017632 _____ () C:\Windows\PFRO.log 2014-11-09 21:11 - 2013-07-14 06:45 - 00001161 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk 2014-11-09 21:11 - 2013-07-14 06:45 - 00001111 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk 2014-11-09 21:11 - 2013-07-14 06:45 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP 2014-11-08 09:06 - 2012-07-08 08:18 - 00000000 ____D () C:\Users\Holgi\AppData\Roaming\vlc 2014-11-08 08:18 - 2010-12-08 19:08 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup 2014-11-07 12:48 - 2011-01-04 20:36 - 00000000 ____D () C:\Spiele 2014-11-07 06:13 - 2010-12-08 19:00 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-11-02 21:09 - 2011-11-06 11:38 - 00323072 ___SH () C:\Users\Holgi\Desktop\Thumbs.db 2014-10-27 06:13 - 2011-08-21 14:50 - 00000000 ____D () C:\ProgramData\Nokia 2014-10-27 06:12 - 2011-11-23 11:03 - 00000000 ____D () C:\Users\Holgi\AppData\Roaming\Nokia Suite 2014-10-27 06:12 - 2011-09-03 20:36 - 00000000 ____D () C:\Users\Holgi\AppData\Roaming\Nokia 2014-10-26 05:35 - 2012-04-07 16:46 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-10-26 05:35 - 2011-06-16 20:01 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-10-22 20:44 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2014-10-22 18:07 - 2011-08-29 20:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2014-10-22 17:58 - 2014-08-05 10:58 - 00000000 ____D () C:\ProgramData\Package Cache 2014-10-22 17:58 - 2013-03-10 15:00 - 00000000 ____D () C:\Program Files (x86)\Avira 2014-10-22 17:34 - 2014-09-04 09:25 - 00000000 ____D () C:\Users\Holgi\AppData\Local\Adobe Some content of TEMP: ==================== C:\Users\Holgi\AppData\Local\Temp\abelssoft.setup.exe C:\Users\Holgi\AppData\Local\Temp\avgnt.exe C:\Users\Holgi\AppData\Local\Temp\CH.dll C:\Users\Holgi\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe C:\Users\Holgi\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe C:\Users\Holgi\AppData\Local\Temp\NOSEventMessages.dll C:\Users\Holgi\AppData\Local\Temp\Quarantine.exe C:\Users\Holgi\AppData\Local\Temp\vlc-2.1.5-win64.exe C:\Users\Holgi\AppData\Local\Temp\_isDA45.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-10-31 12:55 ==================== End Of Log =========================== Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-11-2014
Ran by Holgi at 2014-11-18 20:26:40
Running from C:\Users\Holgi\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.11.15 - STMicroelectronics)
Acronis*True*Image*Home 2011 (HKLM-x32\...\{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}) (Version: 14.0.6942 - Acronis)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.4.0 - Auslogics Labs Pty Ltd)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Batman: Arkham Asylum Game of the Year Edition (HKLM-x32\...\{CFABC775-5386-4BA5-86B4-505BBD36E812}) (Version: 1.0.0.0 - Square Enix Limited)
Bullzip PDF Printer 10.7.0.2277 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.7.0.2277 - Bullzip)
Bus-Simulator 2009 (HKLM-x32\...\Bus-Simulator 2009_is1) (Version: - astragon Software GmbH)
Canon Inkjet Printer Driver Add-On Module (HKLM\...\CANONIJINBOXADDON100) (Version: - )
CanoScan LiDE 200 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4807) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5143 - CDBurnerXP)
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version: - )
CheckDrive (HKLM-x32\...\{B83513EC-2E4D-4621-816D-4CCF397BE702}_is1) (Version: 4.4 - Abelssoft)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.47 - Dell)
Dell DataSafe Online (HKLM-x32\...\{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}) (Version: 1.2.0011 - Dell, Inc.)
Dell Dock (HKLM-x32\...\Dell Dock) (Version: 2.0 - Stardock Corporation)
Dell Dock (Version: 2.0 - Stardock Corporation) Hidden
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell System Detect (HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\...\9204f5692a8faf3b) (Version: 5.9.0.5 - Dell)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.35 - Creative Technology Ltd)
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 5.0.1 - CEWE COLOR AG u Co. OHG)
DVDStyler v2.3.4 (HKLM-x32\...\DVDStyler_is1) (Version: - )
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
HMA! Pro VPN 2.8.6.0 (HKLM-x32\...\HMA! Pro VPN) (Version: 2.8.6.0 - Privax Ltd)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{D16A2127-B927-4379-B153-3DEC091E4EEB}) (Version: 13.02.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.41.2 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Meine Dienste Software (HKLM\...\Meine Dienste Software) (Version: 1.0.1.3 - Telekom)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}) (Version: 3.1.99.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 33.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 de)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
MyFreeCodec (HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\...\MyFreeCodec) (Version: - )
NAVIGON Fresh 3.4.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.4.1 - NAVIGON)
Netzmanager (HKLM-x32\...\Netzmanager) (Version: 1.071 - Deutsche Telekom AG)
Netzmanager (Version: 1.071 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
NVIDIA 3D Vision Treiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.82 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
PC Connectivity Solution (HKLM-x32\...\{DA5B2BDC-F654-4A88-A669-4D34BC7846A1}) (Version: 12.0.17.0 - Nokia)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.8.5 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6312 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
Roxio Burn (HKLM-x32\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.01 - Roxio)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
Snowy Treasure Hunter (HKLM-x32\...\Snowy Treasure Hunter_is1) (Version: 1.0 - MyPlayCity, Inc.)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.4.0 - Synaptics Incorporated)
Telekom Internet Manager (HKLM-x32\...\Telekom Internet Manager) (Version: 11.301.05.05.748 - Huawei Technologies Co.,Ltd)
Tomb Raider [2013] Collectors Edition MULTI-2 1.01.748.0 (HKLM-x32\...\Tomb Raider [2013] Collectors Edition MULTI-2 1.01.748.0) (Version: - )
Toolbar 3.0 der Telekom x64 (HKLM\...\Toolbar3 x64_is1) (Version: 3.0.2 (3) - Deutsche Telekom AG)
Überwachungstool für die Intel® Turbo-Boost-Technik (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM-x32\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
vSharetv (HKLM-x32\...\vSharetv) (Version: 1.3 - vSharetv)
VueScan (HKLM-x32\...\VueScan) (Version: - )
Windows Driver Package - Hamrick Software Image (1/8/1999 1.0) (HKLM\...\0DB87D30776CD338CFA6B6217DCA1796A4C60715) (Version: 1/8/1999 1.0 - Hamrick Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live OneCare safety scanner (HKLM-x32\...\Windows Live OneCare safety scanner) (Version: - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
WISO Sparbuch 2010 (HKLM-x32\...\{46B70DEB-97B3-4E38-B746-EC16905E6A8F}) (Version: 17.00.6531 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2011 (HKLM-x32\...\{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}) (Version: 18.00.6928 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2012 (HKLM-x32\...\{0CC1DAFB-40C8-4903-953D-471E541477C7}) (Version: 19.00.7303 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2013 (HKLM-x32\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2014 (HKLM-x32\...\{AC9476C8-C555-4127-B3B5-0DEA9982F691}) (Version: 21.00.8480 - Buhl Data Service GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
23-09-2014 20:42:02 Geplanter Prüfpunkt
24-09-2014 15:01:54 Windows Update
01-10-2014 19:12:40 Windows Update
08-10-2014 19:47:30 Geplanter Prüfpunkt
15-10-2014 17:55:51 Installed Java 7 Update 71
18-10-2014 11:39:39 Windows Update
22-10-2014 17:05:32 avast! antivirus system restore point
22-10-2014 17:16:19 avast! antivirus system restore point
27-10-2014 05:13:29 Nokia Connectivity Cable Driver wird entfernt
27-10-2014 20:22:23 Installiert Sherlock Holmes jagt Arsene Lupin
28-10-2014 05:09:44 Entfernt Sherlock Holmes jagt Arsene Lupin
28-10-2014 05:18:06 Installiert Sherlock Holmes jagt Arsene Lupin
28-10-2014 05:38:51 Entfernt Sherlock Holmes jagt Arsene Lupin
29-10-2014 05:50:08 Installiert Das Geheimnis des Persischen Teppichs
07-11-2014 05:11:05 Entfernt Das Geheimnis des Persischen Teppichs
09-11-2014 20:02:25 avast! antivirus system restore point
12-11-2014 21:06:03 Windows Update
18-11-2014 19:13:23 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {043C4A89-D999-419D-9B75-95C31AB1709F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {06ABEE1F-7F62-4BAF-B837-00F4BD265190} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {07026BFD-8660-47CC-A147-A18A5B7A4B5B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-09] (AVAST Software)
Task: {0EEFD4AA-E01D-4BAD-BB4A-B2F118055B34} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {1B241653-2F7E-40CE-9754-3C36264592D9} - System32\Tasks\{BE14172C-77D4-4388-9396-9224263C2F73} => C:\Users\Holgi\Downloads\Drucker\n1220un650uxp571cde\N065USG\CANOIT32.EXE
Task: {83C53294-F6FB-46C0-B532-07418F5A220C} - System32\Tasks\{64354971-86FB-4918-8AF8-1D957A46373F} => C:\Spiele\Sherlock Holmes\Sherlock Holmes jagt Arsene Lupin\game.exe
Task: {9EC3AC29-D76B-4E31-8C72-2CB5D016EAFD} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {EA75339B-444B-4363-9C20-DC20D67B2B35} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-26] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2010-03-05 16:21 - 2010-03-05 16:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2010-08-19 09:52 - 2010-08-19 09:52 - 00229376 _____ () C:\ProgramData\DatacardService\DCService.exe
2014-11-09 21:03 - 2014-11-09 21:03 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-11-09 21:03 - 2014-11-09 21:03 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2013-12-16 18:07 - 2013-11-11 16:02 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-12-08 19:09 - 2010-08-12 01:19 - 00781536 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
2010-03-05 16:21 - 2010-03-05 16:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2010-12-08 19:07 - 2010-09-24 17:21 - 00727664 _____ () C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
2010-02-09 20:34 - 2010-02-09 20:34 - 01807680 _____ () C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
2014-11-11 20:51 - 2014-11-11 20:51 - 02902016 _____ () C:\Program Files\AVAST Software\Avast\defs\14111100\algo.dll
2014-11-09 21:03 - 2014-11-09 21:03 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2014-11-13 06:44 - 2014-11-13 06:44 - 02902016 _____ () C:\Program Files\AVAST Software\Avast\defs\14111200\algo.dll
2014-11-18 19:23 - 2014-11-18 19:23 - 02902528 _____ () C:\Program Files\AVAST Software\Avast\defs\14111802\algo.dll
2010-12-08 19:08 - 2010-08-12 01:19 - 00056544 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STCoreXml.dll
2010-12-08 19:08 - 2010-08-12 01:19 - 00113888 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\PSTVdsDisk.dll
2010-12-08 19:08 - 2010-08-12 01:19 - 00126176 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
2010-12-08 19:08 - 2010-08-12 01:19 - 01121504 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\LibXml2.dll
2010-12-08 19:08 - 2010-08-12 01:19 - 00077024 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll
2010-12-08 19:08 - 2010-08-12 01:19 - 00232672 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll
2010-12-08 19:08 - 2010-08-12 01:19 - 00072928 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll
2010-12-08 19:08 - 2010-08-12 01:19 - 00109792 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll
2010-12-08 19:08 - 2010-08-12 01:19 - 00119008 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll
2010-02-09 20:34 - 2010-02-09 20:34 - 00275776 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
2010-02-09 20:34 - 2010-02-09 20:34 - 00058688 _____ () C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
2010-02-09 20:34 - 2010-02-09 20:34 - 00095552 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
2010-02-09 20:34 - 2010-02-09 20:34 - 00046400 _____ () C:\Program Files (x86)\Dell DataSafe Online\de\SdbUI.resources.dll
2010-02-09 20:34 - 2010-02-09 20:34 - 00365888 _____ () C:\Program Files (x86)\Dell DataSafe Online\de\DataSafeOnline.resources.dll
2010-02-09 20:34 - 2010-02-09 20:34 - 00152896 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
2010-02-09 20:34 - 2010-02-09 20:34 - 00017728 _____ () C:\Program Files (x86)\Dell DataSafe Online\cpputils.dll
2011-09-22 21:20 - 2011-09-22 21:20 - 11233136 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\Common\ti_managers.dll
2014-10-22 18:36 - 2014-10-22 18:36 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\3d576cbc4ffc5ad06fd61510c5d8f326\IsdiInterop.ni.dll
2010-12-08 19:05 - 2010-03-04 03:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-11-09 21:03 - 2014-11-09 21:03 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-11-10 20:38 - 2014-11-10 20:38 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WISO Mein Steuer-Sparbuch heute.lnk => C:\Windows\pss\WISO Mein Steuer-Sparbuch heute.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Holgi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dell Dock.lnk => C:\Windows\pss\Dell Dock.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Holgi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: NokiaOviSuite2 => C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
MSCONFIG\startupreg: PC Suite Tray => "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
MSCONFIG\startupreg: SAOB Monitor => C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
MSCONFIG\startupreg: TrueImageMonitor.exe => "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
========================= Accounts: ==========================
Administrator (S-1-5-21-3276667617-2959320208-3705288580-500 - Administrator - Disabled)
Gast (S-1-5-21-3276667617-2959320208-3705288580-501 - Limited - Disabled)
Holgi (S-1-5-21-3276667617-2959320208-3705288580-1000 - Administrator - Enabled) => C:\Users\Holgi
HomeGroupUser$ (S-1-5-21-3276667617-2959320208-3705288580-1002 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/17/2014 10:46:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm TombRaider.exe, Version 1.1.748.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 848
Startzeit: 01d002a4c80ddc21
Endzeit: 160
Anwendungspfad: C:\Spiele\Tomb Raider [2013] Collectors Edition\Tomb Raider [2013] Collectors Edition\TombRaider.exe
Berichts-ID:
Error: (11/11/2014 10:39:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm TombRaider.exe, Version 1.1.748.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 17ec
Startzeit: 01cffdef28a0432e
Endzeit: 290
Anwendungspfad: C:\Spiele\Tomb Raider [2013] Collectors Edition\Tomb Raider [2013] Collectors Edition\TombRaider.exe
Berichts-ID:
Error: (11/10/2014 09:45:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TombRaider.exe, Version: 1.1.748.0, Zeitstempel: 0x519379a7
Name des fehlerhaften Moduls: nvwgf2um.dll, Version: 9.18.13.3182, Zeitstempel: 0x5280d757
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000a77e8
ID des fehlerhaften Prozesses: 0x1708
Startzeit der fehlerhaften Anwendung: 0xTombRaider.exe0
Pfad der fehlerhaften Anwendung: TombRaider.exe1
Pfad des fehlerhaften Moduls: TombRaider.exe2
Berichtskennung: TombRaider.exe3
Error: (11/09/2014 10:50:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TombRaider.exe, Version: 1.1.748.0, Zeitstempel: 0x519379a7
Name des fehlerhaften Moduls: TombRaider.exe, Version: 1.1.748.0, Zeitstempel: 0x519379a7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0026ca97
ID des fehlerhaften Prozesses: 0x650
Startzeit der fehlerhaften Anwendung: 0xTombRaider.exe0
Pfad der fehlerhaften Anwendung: TombRaider.exe1
Pfad des fehlerhaften Moduls: TombRaider.exe2
Berichtskennung: TombRaider.exe3
Error: (11/09/2014 09:35:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm TombRaider.exe, Version 1.1.748.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1708
Startzeit: 01cffc5bacfa0a05
Endzeit: 240
Anwendungspfad: C:\Spiele\Tomb Raider [2013] Collectors Edition\Tomb Raider [2013] Collectors Edition\TombRaider.exe
Berichts-ID:
Error: (11/09/2014 09:24:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm TombRaider.exe, Version 1.1.748.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 14ac
Startzeit: 01cffc5996c48c48
Endzeit: 189
Anwendungspfad: C:\Spiele\Tomb Raider [2013] Collectors Edition\Tomb Raider [2013] Collectors Edition\TombRaider.exe
Berichts-ID:
Error: (11/09/2014 09:13:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 970
Startzeit: 01cffc58807e1028
Endzeit: 31
Anwendungspfad: C:\Windows\Explorer.EXE
Berichts-ID: cd4cf657-684c-11e4-8c83-f04da25be7c1
Error: (11/08/2014 09:04:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000004e4e4
ID des fehlerhaften Prozesses: 0x17c4
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Error: (11/07/2014 11:08:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TombRaider.exe, Version: 1.1.748.0, Zeitstempel: 0x519379a7
Name des fehlerhaften Moduls: nvwgf2um.dll, Version: 9.18.13.3182, Zeitstempel: 0x5280d757
Ausnahmecode: 0xc0000005
Fehleroffset: 0x006fe9d2
ID des fehlerhaften Prozesses: 0x1994
Startzeit der fehlerhaften Anwendung: 0xTombRaider.exe0
Pfad der fehlerhaften Anwendung: TombRaider.exe1
Pfad des fehlerhaften Moduls: TombRaider.exe2
Berichtskennung: TombRaider.exe3
Error: (11/07/2014 11:04:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm TombRaider.exe, Version 1.1.748.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1730
Startzeit: 01cffad2ec905812
Endzeit: 229
Anwendungspfad: C:\Spiele\Tomb Raider [2013] Collectors Edition\Tomb Raider [2013] Collectors Edition\TombRaider.exe
Berichts-ID:
System errors:
=============
Error: (11/13/2014 06:40:59 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (11/13/2014 06:40:17 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 12.11.2014 um 23:08:29 unerwartet heruntergefahren.
Error: (11/10/2014 08:16:09 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Search" wurde nicht richtig gestartet.
Error: (11/10/2014 08:11:02 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 09.11.2014 um 22:51:15 unerwartet heruntergefahren.
Error: (11/08/2014 10:59:36 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (11/07/2014 11:10:23 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 07.11.2014 um 23:08:50 unerwartet heruntergefahren.
Error: (10/31/2014 08:31:10 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
Error: (10/30/2014 08:27:38 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
Error: (10/29/2014 06:01:45 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
Error: (10/28/2014 06:27:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2011-06-13 19:35:46.458
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\DAFB.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-06-13 19:35:46.411
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\DAFB.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-06-13 19:07:27.678
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\DAFB.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-06-13 19:07:27.631
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\DAFB.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-06-13 19:06:01.987
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\8B74.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-06-13 19:06:01.956
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\8B74.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-05-12 18:54:09.224
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\55C0.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-05-12 18:54:09.193
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\55C0.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-05-12 18:28:58.362
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\55C0.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-05-12 18:28:58.330
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\55C0.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7 CPU Q 740 @ 1.73GHz
Percentage of memory in use: 30%
Total physical RAM: 8124.38 MB
Available physical RAM: 5659.54 MB
Total Pagefile: 16246.94 MB
Available Pagefile: 13395.7 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:581.48 GB) (Free:288 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 596.2 GB) (Disk ID: FA3F015A)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=581.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-11-18 20:38:07
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 SAMSUNG_ rev.2AK1 596,17GB
Running: Gmer-19357.exe; Driver: C:\Users\Holgi\AppData\Local\Temp\pgloipod.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff800033ef000 52 bytes [FF, FF, FF, FF, FF, FF, FF, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 582 fffff800033ef036 27 bytes [FF, FF, FF, FF, FF, FF, FF, ...]
---- User code sections - GMER 2.1 ----
.text C:\Program Files\AVAST Software\Avast\AvastUI.exe[5880] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter 00000000756b8791 8 bytes [31, C0, C2, 04, 00, 90, 90, ...]
---- Processes - GMER 2.1 ----
Process C:\ProgramData\DatacardService\DCService.exe (*** suspicious ***) @ C:\ProgramData\DatacardService\DCService.exe [1428](2010-08-19 08:52:04) 0000000000400000
Process C:\ProgramData\DatacardService\DCSHelper.exe (*** suspicious ***) @ C:\ProgramData\DatacardService\DCSHelper.exe [4348] (DataCardMonitor MFC Application/Huawei Technologies Co., Ltd.)(2010-08-19 08:52:14) 0000000000400000
Process C:\Users\Holgi\AppData\Roaming\Telekom Internet Manager\ouc.exe (*** suspicious ***) @ C:\Users\Holgi\AppData\Roaming\Telekom Internet Manager\ouc.exe [480] (Online Update Clinet/Huawei Technologies Co., Ltd.)(2011-11-12 20:30:23) 0000000000400000
---- EOF - GMER 2.1 ----
|
|
18.11.2014, 20:55
| #2 |
| /// the machine /// TB-Ausbilder    | Windows 7: Vollbildschirm schließt sich automatisch hi,
__________________Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
18.11.2014, 21:21
| #3 |
| | Windows 7: Vollbildschirm schließt sich automatisch Hi Schrauber,
__________________hier das Ergebnis. Code:
ATTFilter 21:14:34.0386 0x1bf4 TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
21:14:59.0889 0x1bf4 ============================================================
21:14:59.0889 0x1bf4 Current date / time: 2014/11/18 21:14:59.0889
21:14:59.0889 0x1bf4 SystemInfo:
21:14:59.0889 0x1bf4
21:14:59.0889 0x1bf4 OS Version: 6.1.7601 ServicePack: 1.0
21:14:59.0889 0x1bf4 Product type: Workstation
21:14:59.0889 0x1bf4 ComputerName: HOLGI-PC
21:14:59.0890 0x1bf4 UserName: Holgi
21:14:59.0890 0x1bf4 Windows directory: C:\Windows
21:14:59.0890 0x1bf4 System windows directory: C:\Windows
21:14:59.0890 0x1bf4 Running under WOW64
21:14:59.0890 0x1bf4 Processor architecture: Intel x64
21:14:59.0890 0x1bf4 Number of processors: 8
21:14:59.0890 0x1bf4 Page size: 0x1000
21:14:59.0890 0x1bf4 Boot type: Normal boot
21:14:59.0890 0x1bf4 ============================================================
21:15:00.0085 0x1bf4 KLMD registered as C:\Windows\system32\drivers\83043362.sys
21:15:00.0473 0x1bf4 System UUID: {D726E359-B4DF-C402-B43B-08F3268D000E}
21:15:00.0934 0x1bf4 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:15:00.0946 0x1bf4 ============================================================
21:15:00.0946 0x1bf4 \Device\Harddisk0\DR0:
21:15:00.0946 0x1bf4 MBR partitions:
21:15:00.0946 0x1bf4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000
21:15:00.0946 0x1bf4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D5F9C5, BlocksNum 0x48AF80EB
21:15:00.0946 0x1bf4 ============================================================
21:15:01.0009 0x1bf4 C: <-> \Device\Harddisk0\DR0\Partition2
21:15:01.0009 0x1bf4 ============================================================
21:15:01.0009 0x1bf4 Initialize success
21:15:01.0009 0x1bf4 ============================================================
21:16:02.0798 0x11ac ============================================================
21:16:02.0798 0x11ac Scan started
21:16:02.0798 0x11ac Mode: Manual; SigCheck; TDLFS;
21:16:02.0798 0x11ac ============================================================
21:16:02.0798 0x11ac KSN ping started
21:16:05.0559 0x11ac KSN ping finished: true
21:16:06.0480 0x11ac ================ Scan system memory ========================
21:16:06.0480 0x11ac System memory - ok
21:16:06.0480 0x11ac ================ Scan services =============================
21:16:06.0729 0x11ac [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:16:06.0885 0x11ac 1394ohci - ok
21:16:06.0916 0x11ac [ 7A505465BBB1EB8B5AD4D76E8749383B, 999FBBFAF8CCF68D8B7EB5C4F23A5FC00F911FDD0ED192BE9C51F1BC4BE0EA51 ] Acceler C:\Windows\system32\DRIVERS\Accelern.sys
21:16:06.0948 0x11ac Acceler - ok
21:16:07.0010 0x11ac [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:16:07.0072 0x11ac ACPI - ok
21:16:07.0104 0x11ac [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:16:07.0119 0x11ac AcpiPmi - ok
21:16:07.0306 0x11ac [ 249386D5903657326265C996B32A0EDB, AE0BCB06FB96B0CF50D5D6ED8F08E7AF333775911CABF828BFAA8FF5724310F8 ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
21:16:07.0384 0x11ac AcrSch2Svc - ok
21:16:07.0525 0x11ac [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:16:07.0572 0x11ac AdobeARMservice - ok
21:16:07.0774 0x11ac [ 2637233632CCD1837A1A57A43CAF00A4, 848026C6C9B38FD9F70BC7B2306BF4F5DD395726D4FDD6A18B29354921191DC5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:16:07.0837 0x11ac AdobeFlashPlayerUpdateSvc - ok
21:16:07.0884 0x11ac [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
21:16:07.0977 0x11ac adp94xx - ok
21:16:08.0040 0x11ac [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
21:16:08.0086 0x11ac adpahci - ok
21:16:08.0102 0x11ac [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
21:16:08.0133 0x11ac adpu320 - ok
21:16:08.0164 0x11ac [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:16:08.0211 0x11ac AeLookupSvc - ok
21:16:08.0336 0x11ac [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
21:16:08.0398 0x11ac AERTFilters - ok
21:16:08.0461 0x11ac [ AE1FCE2CD1E99BEA89183BA8CD320872, 96F14BCA0C2479F39A5027A71922907D0F35CAD8E9A5037674DF7995BBDB2B51 ] afcdp C:\Windows\system32\DRIVERS\afcdp.sys
21:16:08.0508 0x11ac afcdp - ok
21:16:08.0695 0x11ac [ AF44F7E027037628F1FAC3C13CDE73E6, 56A95EBF2241C275FD401487C5F0E86859F8637D8B1BD01B7157EE9BC22B1907 ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
21:16:08.0820 0x11ac afcdpsrv - ok
21:16:08.0882 0x11ac [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
21:16:08.0960 0x11ac AFD - ok
21:16:09.0007 0x11ac [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
21:16:09.0085 0x11ac agp440 - ok
21:16:09.0116 0x11ac [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
21:16:09.0147 0x11ac ALG - ok
21:16:09.0178 0x11ac [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
21:16:09.0210 0x11ac aliide - ok
21:16:09.0350 0x11ac ALSysIO - ok
21:16:09.0397 0x11ac [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
21:16:09.0444 0x11ac amdide - ok
21:16:09.0506 0x11ac [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:16:09.0568 0x11ac AmdK8 - ok
21:16:09.0584 0x11ac [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:16:09.0615 0x11ac AmdPPM - ok
21:16:09.0662 0x11ac [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:16:09.0678 0x11ac amdsata - ok
21:16:09.0709 0x11ac [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
21:16:09.0771 0x11ac amdsbs - ok
21:16:09.0802 0x11ac [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:16:09.0849 0x11ac amdxata - ok
21:16:09.0896 0x11ac [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
21:16:09.0974 0x11ac AppID - ok
21:16:09.0990 0x11ac [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:16:10.0099 0x11ac AppIDSvc - ok
21:16:10.0161 0x11ac [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
21:16:10.0224 0x11ac Appinfo - ok
21:16:10.0255 0x11ac [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
21:16:10.0317 0x11ac arc - ok
21:16:10.0333 0x11ac [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
21:16:10.0395 0x11ac arcsas - ok
21:16:10.0567 0x11ac [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:16:10.0629 0x11ac aspnet_state - ok
21:16:10.0707 0x11ac [ 9BE9F2B83DE80E2752B1405CC427E2EC, 6015CA66553B3B882083B33F24FB338249A110D9769831C3D3D3C681AAFA9411 ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
21:16:10.0770 0x11ac aswHwid - ok
21:16:10.0832 0x11ac [ 2DA1C1AEDF454F8E32A863A1AEACDD8C, F02E4D197AE00B9A9507CF6007A7B7BEA54AF0F255B752FBA7174FA2596D1CA9 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
21:16:10.0894 0x11ac aswMonFlt - ok
21:16:10.0941 0x11ac [ 4750016EF9CC1DEC6DA3FE5AF9A7F095, C4CF46246D8A3FF9BD8D2FE899685654ADD45EB9B032F33804D0B8131882BC74 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
21:16:11.0004 0x11ac aswRdr - ok
21:16:11.0066 0x11ac [ 1323269A92645705DEFA053F3596829D, 83EC58E0577A1E45D1FCBC0C0AF182099FB70B9005B9F8161166EBB4E9F58F35 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
21:16:11.0128 0x11ac aswRvrt - ok
21:16:11.0206 0x11ac [ 655D6F1B8722091427FB18663A546E2C, 92074D308C9CF1752C49CAA47ED16FB327366174A1AFBE2CAEBFD23021EC830C ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
21:16:11.0284 0x11ac aswSnx - ok
21:16:11.0331 0x11ac [ B1881A01E301990B671694CA1623F1B6, 5299C713EA7CF96F0550943DB37E963CDA09258F65C471CCEEAB44C4736B7A08 ] aswSP C:\Windows\system32\drivers\aswSP.sys
21:16:11.0378 0x11ac aswSP - ok
21:16:11.0425 0x11ac [ 7509F07BA6F84C1E3B2C0D78A1F6F782, A90A36E8E23F58E430DE98B3623688DC09D34B62906EF7796DFC90F581FC385F ] aswStm C:\Windows\system32\drivers\aswStm.sys
21:16:11.0487 0x11ac aswStm - ok
21:16:11.0534 0x11ac [ 1A5BDDE65B648DC3AD48B6ECAA3AE9C8, 858F674C3B775F9C8C782B7AFAC0B02AE9410C9F3B7F5B3AE1C4AD3BF6448C14 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
21:16:11.0565 0x11ac aswVmm - ok
21:16:11.0565 0x11ac [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:16:11.0612 0x11ac AsyncMac - ok
21:16:11.0690 0x11ac [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
21:16:11.0737 0x11ac atapi - ok
21:16:11.0830 0x11ac [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:16:11.0924 0x11ac AudioEndpointBuilder - ok
21:16:11.0955 0x11ac [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:16:11.0986 0x11ac AudioSrv - ok
21:16:12.0080 0x11ac [ E3F7EC811923F3F1A77B185F22638E5E, 324041256314C1471B5F123FA8DECC8F374A6B497A6419D4CAF61E68E1733265 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:16:12.0127 0x11ac avast! Antivirus - ok
21:16:12.0486 0x11ac [ 4F4EBF6163D3A02D52A66BBD145B0069, 179B2FD2671F6BB8D3F77B39001F546A0DEBE85BFF9782060AF1DC50DFA071EF ] AvastVBoxSvc C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
21:16:12.0626 0x11ac AvastVBoxSvc - ok
21:16:12.0673 0x11ac [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:16:12.0704 0x11ac AxInstSV - ok
21:16:12.0751 0x11ac [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
21:16:12.0782 0x11ac b06bdrv - ok
21:16:12.0844 0x11ac [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:16:12.0891 0x11ac b57nd60a - ok
21:16:12.0954 0x11ac [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
21:16:13.0032 0x11ac BDESVC - ok
21:16:13.0032 0x11ac [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
21:16:13.0125 0x11ac Beep - ok
21:16:13.0203 0x11ac [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
21:16:13.0312 0x11ac BFE - ok
21:16:13.0390 0x11ac [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
21:16:13.0468 0x11ac BITS - ok
21:16:13.0515 0x11ac [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:16:13.0562 0x11ac blbdrive - ok
21:16:13.0593 0x11ac [ 057F482CFDB57E75202E2E37795F2D3B, EC0B9A058E67F19F9660D899022433BF1AE241CDEB8256A0FC2F54EEEA9BE3A9 ] BMLoad C:\Windows\system32\drivers\BMLoad.sys
21:16:13.0640 0x11ac BMLoad - detected UnsignedFile.Multi.Generic ( 1 )
21:16:19.0677 0x11ac Detect skipped due to KSN trusted
21:16:19.0677 0x11ac BMLoad - ok
21:16:19.0708 0x11ac [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:16:19.0771 0x11ac bowser - ok
21:16:19.0786 0x11ac [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:16:19.0833 0x11ac BrFiltLo - ok
21:16:19.0833 0x11ac [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:16:19.0864 0x11ac BrFiltUp - ok
21:16:19.0911 0x11ac [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
21:16:19.0942 0x11ac Browser - ok
21:16:19.0958 0x11ac [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:16:20.0005 0x11ac Brserid - ok
21:16:20.0036 0x11ac [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:16:20.0067 0x11ac BrSerWdm - ok
21:16:20.0067 0x11ac [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:16:20.0098 0x11ac BrUsbMdm - ok
21:16:20.0114 0x11ac [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:16:20.0130 0x11ac BrUsbSer - ok
21:16:20.0161 0x11ac [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:16:20.0192 0x11ac BTHMODEM - ok
21:16:20.0254 0x11ac [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
21:16:20.0332 0x11ac bthserv - ok
21:16:20.0364 0x11ac [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:16:20.0410 0x11ac cdfs - ok
21:16:20.0442 0x11ac [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:16:20.0473 0x11ac cdrom - ok
21:16:20.0520 0x11ac [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
21:16:20.0613 0x11ac CertPropSvc - ok
21:16:20.0629 0x11ac [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:16:20.0660 0x11ac circlass - ok
21:16:20.0676 0x11ac [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
21:16:20.0707 0x11ac CLFS - ok
21:16:20.0800 0x11ac [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:16:20.0863 0x11ac clr_optimization_v2.0.50727_32 - ok
21:16:20.0941 0x11ac [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:16:20.0988 0x11ac clr_optimization_v2.0.50727_64 - ok
21:16:21.0097 0x11ac [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:16:21.0159 0x11ac clr_optimization_v4.0.30319_32 - ok
21:16:21.0190 0x11ac [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:16:21.0268 0x11ac clr_optimization_v4.0.30319_64 - ok
21:16:21.0300 0x11ac [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:16:21.0346 0x11ac CmBatt - ok
21:16:21.0378 0x11ac [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:16:21.0424 0x11ac cmdide - ok
21:16:21.0518 0x11ac [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
21:16:21.0580 0x11ac CNG - ok
21:16:21.0596 0x11ac [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:16:21.0627 0x11ac Compbatt - ok
21:16:21.0658 0x11ac [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
21:16:21.0736 0x11ac CompositeBus - ok
21:16:21.0736 0x11ac COMSysApp - ok
21:16:21.0768 0x11ac [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
21:16:21.0814 0x11ac crcdisk - ok
21:16:21.0877 0x11ac [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:16:21.0939 0x11ac CryptSvc - ok
21:16:21.0970 0x11ac [ FBE228ABEAB2BE13B9C3A3A112D4D8DC, A9FF2DC38CBE00AAD904BB7EC74480953D513E46FDE607A7773FF5A2A25B8C15 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
21:16:22.0002 0x11ac CtClsFlt - ok
21:16:22.0064 0x11ac [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:16:22.0126 0x11ac DcomLaunch - ok
21:16:22.0204 0x11ac [ 3B604417EBAE4E1E66E6ABD8CC55FD76, 996C0C32A4F76E675909FBD48EA2EE296041271F26ABB339E05EDD272CB876DC ] DCService.exe C:\ProgramData\DatacardService\DCService.exe
21:16:22.0251 0x11ac DCService.exe - detected UnsignedFile.Multi.Generic ( 1 )
21:16:24.0810 0x11ac Detect skipped due to KSN trusted
21:16:24.0810 0x11ac DCService.exe - ok
21:16:24.0841 0x11ac [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
21:16:24.0950 0x11ac defragsvc - ok
21:16:24.0997 0x11ac [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:16:25.0075 0x11ac DfsC - ok
21:16:25.0122 0x11ac [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
21:16:25.0215 0x11ac Dhcp - ok
21:16:25.0231 0x11ac [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
21:16:25.0309 0x11ac discache - ok
21:16:25.0340 0x11ac [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
21:16:25.0356 0x11ac Disk - ok
21:16:25.0402 0x11ac [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:16:25.0465 0x11ac Dnscache - ok
21:16:25.0558 0x11ac [ 0840ABBBDF438691EE65A20040635CBE, F83597ECECFADBA45242B683A19A01ADF84203B016301B64530C7BE8234175E8 ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
21:16:25.0605 0x11ac DockLoginService - detected UnsignedFile.Multi.Generic ( 1 )
21:16:28.0148 0x11ac Detect skipped due to KSN trusted
21:16:28.0148 0x11ac DockLoginService - ok
21:16:28.0210 0x11ac [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
21:16:28.0304 0x11ac dot3svc - ok
21:16:28.0335 0x11ac [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
21:16:28.0382 0x11ac DPS - ok
21:16:28.0429 0x11ac [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:16:28.0444 0x11ac drmkaud - ok
21:16:28.0522 0x11ac [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
21:16:28.0585 0x11ac dtsoftbus01 - ok
21:16:28.0663 0x11ac [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:16:28.0741 0x11ac DXGKrnl - ok
21:16:28.0803 0x11ac [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
21:16:28.0850 0x11ac EapHost - ok
21:16:29.0037 0x11ac [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
21:16:29.0146 0x11ac ebdrv - ok
21:16:29.0193 0x11ac [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
21:16:29.0224 0x11ac EFS - ok
21:16:29.0334 0x11ac [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:16:29.0427 0x11ac ehRecvr - ok
21:16:29.0458 0x11ac [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
21:16:29.0505 0x11ac ehSched - ok
21:16:29.0568 0x11ac [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
21:16:29.0661 0x11ac elxstor - ok
21:16:29.0692 0x11ac [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:16:29.0755 0x11ac ErrDev - ok
21:16:29.0864 0x11ac [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
21:16:29.0958 0x11ac EventSystem - ok
21:16:30.0145 0x11ac [ B56D9602DB5FE1C116B1CA5EFD8E2E50, 34F52939089A98860E659BEF6AB8275BC50C33CC282DD3D34E13909BB7E3E575 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
21:16:30.0207 0x11ac EvtEng - ok
21:16:30.0254 0x11ac [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
21:16:30.0348 0x11ac exfat - ok
21:16:30.0379 0x11ac [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:16:30.0426 0x11ac fastfat - ok
21:16:30.0488 0x11ac [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
21:16:30.0535 0x11ac Fax - ok
21:16:30.0582 0x11ac [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:16:30.0597 0x11ac fdc - ok
21:16:30.0628 0x11ac [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
21:16:30.0738 0x11ac fdPHost - ok
21:16:30.0753 0x11ac [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
21:16:30.0862 0x11ac FDResPub - ok
21:16:30.0894 0x11ac [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:16:30.0925 0x11ac FileInfo - ok
21:16:30.0940 0x11ac [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:16:30.0972 0x11ac Filetrace - ok
21:16:31.0018 0x11ac [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:16:31.0034 0x11ac flpydisk - ok
21:16:31.0065 0x11ac [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:16:31.0112 0x11ac FltMgr - ok
21:16:31.0237 0x11ac [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
21:16:31.0299 0x11ac FontCache - ok
21:16:31.0362 0x11ac [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:16:31.0408 0x11ac FontCache3.0.0.0 - ok
21:16:31.0424 0x11ac [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:16:31.0471 0x11ac FsDepends - ok
21:16:31.0518 0x11ac [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:16:31.0580 0x11ac Fs_Rec - ok
21:16:31.0627 0x11ac [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:16:31.0674 0x11ac fvevol - ok
21:16:31.0689 0x11ac [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
21:16:31.0705 0x11ac gagp30kx - ok
21:16:31.0752 0x11ac [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
21:16:31.0830 0x11ac gpsvc - ok
21:16:31.0861 0x11ac [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:16:31.0908 0x11ac hcw85cir - ok
21:16:31.0954 0x11ac [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
21:16:32.0017 0x11ac HDAudBus - ok
21:16:32.0064 0x11ac [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
21:16:32.0095 0x11ac HECIx64 - ok
21:16:32.0126 0x11ac [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
21:16:32.0188 0x11ac HidBatt - ok
21:16:32.0204 0x11ac [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
21:16:32.0282 0x11ac HidBth - ok
21:16:32.0298 0x11ac [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:16:32.0360 0x11ac HidIr - ok
21:16:32.0391 0x11ac [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
21:16:32.0485 0x11ac hidserv - ok
21:16:32.0547 0x11ac [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:16:32.0610 0x11ac HidUsb - ok
21:16:32.0656 0x11ac [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:16:32.0750 0x11ac hkmsvc - ok
21:16:32.0781 0x11ac [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:16:32.0844 0x11ac HomeGroupListener - ok
21:16:32.0890 0x11ac [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:16:32.0968 0x11ac HomeGroupProvider - ok
21:16:33.0000 0x11ac [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:16:33.0015 0x11ac HpSAMD - ok
21:16:33.0062 0x11ac [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:16:33.0124 0x11ac HTTP - ok
21:16:33.0171 0x11ac [ D969D0E26C5B1E813B17066A8318D5D4, 27308902D216CD38F40B9341F40AFDCFEC09EA3122FB88E7C7A5C42D0433315D ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
21:16:33.0202 0x11ac hwdatacard - ok
21:16:33.0218 0x11ac [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:16:33.0249 0x11ac hwpolicy - ok
21:16:33.0280 0x11ac [ B45B3647BA32749B94FA689175EC8C26, F0876ECA6FA66A296DB7E11FA9E4094D96064AE87EC21CC752C9B7E6A7DFEDD2 ] hwusbdev C:\Windows\system32\DRIVERS\ewusbdev.sys
21:16:33.0327 0x11ac hwusbdev - ok
21:16:33.0374 0x11ac [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
21:16:33.0405 0x11ac i8042prt - ok
21:16:33.0452 0x11ac [ ABBF174CB394F5C437410A788B7E404A, 95554F675329E7062F0936E4E902FEFF2456CAD95D6C9B60DCC213EF6E4C62D8 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
21:16:33.0483 0x11ac iaStor - ok
21:16:33.0624 0x11ac [ 31A0E93CDF29007D6C6FFFB632F375ED, CA464928E9868B9A09C324DBBC8DA41A01C5C486B43578FC695250D523DE555B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
21:16:33.0670 0x11ac IAStorDataMgrSvc - ok
21:16:33.0717 0x11ac [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:16:33.0811 0x11ac iaStorV - ok
21:16:33.0936 0x11ac [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:16:34.0045 0x11ac idsvc - ok
21:16:34.0076 0x11ac IEEtwCollectorService - ok
21:16:34.0138 0x11ac [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
21:16:34.0201 0x11ac iirsp - ok
21:16:34.0294 0x11ac [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
21:16:34.0372 0x11ac IKEEXT - ok
21:16:34.0560 0x11ac [ 8FED6428FDE53D7F4C105095F22524BE, 58DE45CB61643B25ABA73BD77553021FDD9AA904749582B10CDC662534CD77E7 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:16:34.0700 0x11ac IntcAzAudAddService - ok
21:16:34.0731 0x11ac [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
21:16:34.0747 0x11ac intelide - ok
21:16:34.0778 0x11ac [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:16:34.0856 0x11ac intelppm - ok
21:16:34.0903 0x11ac [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:16:35.0028 0x11ac IPBusEnum - ok
21:16:35.0059 0x11ac [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:16:35.0152 0x11ac IpFilterDriver - ok
21:16:35.0199 0x11ac [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:16:35.0277 0x11ac iphlpsvc - ok
21:16:35.0293 0x11ac [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:16:35.0355 0x11ac IPMIDRV - ok
21:16:35.0386 0x11ac [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:16:35.0449 0x11ac IPNAT - ok
21:16:35.0480 0x11ac [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:16:35.0511 0x11ac IRENUM - ok
21:16:35.0527 0x11ac [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:16:35.0542 0x11ac isapnp - ok
21:16:35.0574 0x11ac [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:16:35.0605 0x11ac iScsiPrt - ok
21:16:35.0714 0x11ac [ 3926C8C55A2CD2C94888BE39B4BEB629, 75777C6EBC1D415248B84C19895F2BDF5AAFC1511CEF6A0ABE14540D7E1151B5 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
21:16:35.0761 0x11ac JMCR - ok
21:16:35.0792 0x11ac [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:16:35.0854 0x11ac kbdclass - ok
21:16:35.0886 0x11ac [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:16:35.0948 0x11ac kbdhid - ok
21:16:35.0979 0x11ac [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
21:16:36.0026 0x11ac KeyIso - ok
21:16:36.0057 0x11ac [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:16:36.0104 0x11ac KSecDD - ok
21:16:36.0135 0x11ac [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:16:36.0198 0x11ac KSecPkg - ok
21:16:36.0229 0x11ac [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:16:36.0291 0x11ac ksthunk - ok
21:16:36.0322 0x11ac [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
21:16:36.0385 0x11ac KtmRm - ok
21:16:36.0432 0x11ac [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:16:36.0525 0x11ac LanmanServer - ok
21:16:36.0556 0x11ac [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:16:36.0650 0x11ac LanmanWorkstation - ok
21:16:36.0681 0x11ac [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:16:36.0790 0x11ac lltdio - ok
21:16:36.0868 0x11ac [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:16:36.0946 0x11ac lltdsvc - ok
21:16:36.0962 0x11ac [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:16:37.0009 0x11ac lmhosts - ok
21:16:37.0087 0x11ac [ 23D990150D56B670A62B21B9ABDD45EE, BB9DBC0D02474976420321162C3AB1FDF975FA0494B1030488B03BC98A65F888 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:16:37.0118 0x11ac LMS - ok
21:16:37.0149 0x11ac [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
21:16:37.0165 0x11ac LSI_FC - ok
21:16:37.0180 0x11ac [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
21:16:37.0212 0x11ac LSI_SAS - ok
21:16:37.0227 0x11ac [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:16:37.0243 0x11ac LSI_SAS2 - ok
21:16:37.0258 0x11ac [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:16:37.0290 0x11ac LSI_SCSI - ok
21:16:37.0321 0x11ac [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
21:16:37.0414 0x11ac luafv - ok
21:16:37.0446 0x11ac [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:16:37.0492 0x11ac Mcx2Svc - ok
21:16:37.0508 0x11ac [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
21:16:37.0555 0x11ac megasas - ok
21:16:37.0602 0x11ac [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
21:16:37.0648 0x11ac MegaSR - ok
21:16:37.0726 0x11ac [ D70476AD02D6FD75282B196D3B58831D, F93565261EC57F43445C082DBCE5CE0D4B121A5C34B818A09AB5B311457588FD ] MEMSWEEP2 C:\Windows\system32\DAFB.tmp
21:16:37.0758 0x11ac MEMSWEEP2 - detected UnsignedFile.Multi.Generic ( 1 )
21:16:40.0472 0x11ac Detect skipped due to KSN trusted
21:16:40.0472 0x11ac MEMSWEEP2 - ok
21:16:40.0519 0x11ac [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
21:16:40.0628 0x11ac MMCSS - ok
21:16:40.0659 0x11ac [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
21:16:40.0690 0x11ac Modem - ok
21:16:40.0722 0x11ac [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:16:40.0753 0x11ac monitor - ok
21:16:40.0800 0x11ac [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:16:40.0815 0x11ac mouclass - ok
21:16:40.0846 0x11ac [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:16:40.0909 0x11ac mouhid - ok
21:16:40.0956 0x11ac [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:16:41.0018 0x11ac mountmgr - ok
21:16:41.0080 0x11ac [ DEA022193DF8C88F6E2B3E33D148A5DB, 97DFC47DB83E04A975A1969AA120385463FCAF4E1A9984FD3220442D7026B45A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:16:41.0158 0x11ac MozillaMaintenance - ok
21:16:41.0174 0x11ac [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
21:16:41.0252 0x11ac mpio - ok
21:16:41.0283 0x11ac [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:16:41.0392 0x11ac mpsdrv - ok
21:16:41.0502 0x11ac [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:16:41.0626 0x11ac MpsSvc - ok
21:16:41.0673 0x11ac [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:16:41.0736 0x11ac MRxDAV - ok
21:16:41.0782 0x11ac [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:16:41.0829 0x11ac mrxsmb - ok
21:16:41.0876 0x11ac [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:16:41.0970 0x11ac mrxsmb10 - ok
21:16:41.0985 0x11ac [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:16:42.0048 0x11ac mrxsmb20 - ok
21:16:42.0094 0x11ac [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
21:16:42.0141 0x11ac msahci - ok
21:16:42.0188 0x11ac [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:16:42.0250 0x11ac msdsm - ok
21:16:42.0266 0x11ac [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
21:16:42.0297 0x11ac MSDTC - ok
21:16:42.0313 0x11ac [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:16:42.0360 0x11ac Msfs - ok
21:16:42.0406 0x11ac [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:16:42.0438 0x11ac mshidkmdf - ok
21:16:42.0469 0x11ac [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:16:42.0484 0x11ac msisadrv - ok
21:16:42.0547 0x11ac [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:16:42.0640 0x11ac MSiSCSI - ok
21:16:42.0640 0x11ac msiserver - ok
21:16:42.0672 0x11ac [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:16:42.0703 0x11ac MSKSSRV - ok
21:16:42.0718 0x11ac [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:16:42.0750 0x11ac MSPCLOCK - ok
21:16:42.0765 0x11ac [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:16:42.0812 0x11ac MSPQM - ok
21:16:42.0843 0x11ac [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:16:42.0874 0x11ac MsRPC - ok
21:16:42.0890 0x11ac [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
21:16:42.0921 0x11ac mssmbios - ok
21:16:42.0937 0x11ac [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:16:42.0984 0x11ac MSTEE - ok
21:16:42.0999 0x11ac [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
21:16:43.0030 0x11ac MTConfig - ok
21:16:43.0062 0x11ac [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
21:16:43.0077 0x11ac Mup - ok
21:16:43.0155 0x11ac [ A9BC2302FBDF52C8AF4E2FC966288D21, 4CBDCDCC2BA8133BDC0BA1A1EB47FB9241CAACF93544BAD37175417DA9E616D6 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
21:16:43.0233 0x11ac MyWiFiDHCPDNS - ok
21:16:43.0280 0x11ac [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
21:16:43.0327 0x11ac napagent - ok
21:16:43.0374 0x11ac [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:16:43.0405 0x11ac NativeWifiP - ok
21:16:43.0452 0x11ac [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
21:16:43.0498 0x11ac NDIS - ok
21:16:43.0514 0x11ac [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:16:43.0561 0x11ac NdisCap - ok
21:16:43.0592 0x11ac [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:16:43.0623 0x11ac NdisTapi - ok
21:16:43.0670 0x11ac [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:16:43.0701 0x11ac Ndisuio - ok
21:16:43.0732 0x11ac [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:16:43.0779 0x11ac NdisWan - ok
21:16:43.0826 0x11ac [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:16:43.0904 0x11ac NDProxy - ok
21:16:43.0904 0x11ac [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:16:43.0951 0x11ac NetBIOS - ok
21:16:43.0982 0x11ac [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:16:44.0029 0x11ac NetBT - ok
21:16:44.0060 0x11ac [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
21:16:44.0122 0x11ac Netlogon - ok
21:16:44.0216 0x11ac [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
21:16:44.0325 0x11ac Netman - ok
21:16:44.0372 0x11ac [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:16:44.0434 0x11ac NetMsmqActivator - ok
21:16:44.0434 0x11ac [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:16:44.0466 0x11ac NetPipeActivator - ok
21:16:44.0497 0x11ac [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
21:16:44.0544 0x11ac netprofm - ok
21:16:44.0575 0x11ac [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:16:44.0590 0x11ac NetTcpActivator - ok
21:16:44.0606 0x11ac [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:16:44.0622 0x11ac NetTcpPortSharing - ok
21:16:44.0949 0x11ac [ 18555F48844C2861D9DCE8F2B7223AE5, 35F8C0DFCF14780F86AD9A476A7AE22A98589B27ED9C7E109945CBBD227E6E2B ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
21:16:45.0246 0x11ac NETw5s64 - ok
21:16:45.0511 0x11ac [ 82FFC84EC3AFC2F2D38DB880F50157C0, 4D37A44A5BBD3ECA2B29FE8565FC5840093E5BB41D197BEDA406BCE4A7C3479A ] Netzmanager Service C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
21:16:45.0698 0x11ac Netzmanager Service - detected UnsignedFile.Multi.Generic ( 1 )
21:16:48.0241 0x11ac Detect skipped due to KSN trusted
21:16:48.0241 0x11ac Netzmanager Service - ok
21:16:48.0303 0x11ac [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
21:16:48.0350 0x11ac nfrd960 - ok
21:16:48.0397 0x11ac [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:16:48.0490 0x11ac NlaSvc - ok
21:16:48.0522 0x11ac [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:16:48.0631 0x11ac Npfs - ok
21:16:48.0646 0x11ac [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
21:16:48.0693 0x11ac nsi - ok
21:16:48.0709 0x11ac [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:16:48.0740 0x11ac nsiproxy - ok
21:16:48.0849 0x11ac [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:16:48.0974 0x11ac Ntfs - ok
21:16:48.0974 0x11ac [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
21:16:49.0021 0x11ac Null - ok
21:16:49.0068 0x11ac [ 0EBC9D13CD96C15B1B18D8678A609E4B, B10896DE16B0C102DFB3E73A6C11A1982C5B428015DAE1F8776BCEF94A0F75C6 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
21:16:49.0083 0x11ac nusb3hub - ok
21:16:49.0130 0x11ac [ 7BDEC000D56D485021D9C1E63C2F81CA, 7F1303FD0371AF8715BFC38433B730C797170AEF10C7DB845B7B547DA8DBB5D5 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
21:16:49.0177 0x11ac nusb3xhc - ok
21:16:49.0208 0x11ac [ 554964B900AE2954B8B589B6287034AC, C6C9EA3ADAFEBBF2AF944E4A0656BD795AD37706008CC0CA3F2150BD709476E7 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
21:16:49.0239 0x11ac NVHDA - ok
21:16:49.0660 0x11ac [ F554291C0A11F5B713B54C5886D4AA31, 65B7DF4BB3DFF616DC2C863988E30F901E14221C00E2A99A2079E19D91D93BAE ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:16:50.0019 0x11ac nvlddmkm - ok
21:16:50.0113 0x11ac [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:16:50.0144 0x11ac nvraid - ok
21:16:50.0175 0x11ac [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:16:50.0222 0x11ac nvstor - ok
21:16:50.0284 0x11ac [ 8E99BF264C1F20934A67E91BC9F4FB20, 89AA8823B751F4CEF4E862F1270E7EFDA81A6E5D9C5F72625CBF83C70B312353 ] nvsvc C:\Windows\system32\nvvsvc.exe
21:16:50.0347 0x11ac nvsvc - ok
21:16:50.0362 0x11ac nvvad_WaveExtensible - ok
21:16:50.0425 0x11ac [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:16:50.0487 0x11ac nv_agp - ok
21:16:50.0612 0x11ac [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:16:50.0674 0x11ac odserv - ok
21:16:50.0706 0x11ac [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:16:50.0737 0x11ac ohci1394 - ok
21:16:50.0799 0x11ac [ 2BA1E814DCBCDB16CDA4B18A0417F88F, 1A9D41092395786B94926652A4C0E36AFD35CB840D086999339410079451636E ] OpenVPNService C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe
21:16:50.0862 0x11ac OpenVPNService - ok
21:16:50.0893 0x11ac [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:16:50.0955 0x11ac ose - ok
21:16:51.0002 0x11ac [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:16:51.0049 0x11ac p2pimsvc - ok
21:16:51.0080 0x11ac [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
21:16:51.0127 0x11ac p2psvc - ok
21:16:51.0174 0x11ac [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:16:51.0205 0x11ac Parport - ok
21:16:51.0267 0x11ac [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:16:51.0330 0x11ac partmgr - ok
21:16:51.0361 0x11ac [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
21:16:51.0392 0x11ac PcaSvc - ok
21:16:51.0423 0x11ac [ BC0018C2D29F655188A0ED3FA94FDB24, BCF7F2CA5E30F569AEB69049BA3C196982C72EA7264CFBA59D7123041BA96E5A ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
21:16:51.0454 0x11ac pccsmcfd - ok
21:16:51.0470 0x11ac [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
21:16:51.0501 0x11ac pci - ok
21:16:51.0532 0x11ac [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
21:16:51.0548 0x11ac pciide - ok
21:16:51.0579 0x11ac [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
21:16:51.0626 0x11ac pcmcia - ok
21:16:51.0642 0x11ac [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
21:16:51.0673 0x11ac pcw - ok
21:16:51.0688 0x11ac [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:16:51.0751 0x11ac PEAUTH - ok
21:16:51.0860 0x11ac [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:16:51.0922 0x11ac PerfHost - ok
21:16:52.0047 0x11ac [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
21:16:52.0125 0x11ac pla - ok
21:16:52.0188 0x11ac [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:16:52.0234 0x11ac PlugPlay - ok
21:16:52.0266 0x11ac [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:16:52.0312 0x11ac PNRPAutoReg - ok
21:16:52.0344 0x11ac [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:16:52.0406 0x11ac PNRPsvc - ok
21:16:52.0453 0x11ac [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:16:52.0500 0x11ac PolicyAgent - ok
21:16:52.0546 0x11ac [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
21:16:52.0593 0x11ac Power - ok
21:16:52.0624 0x11ac [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:16:52.0671 0x11ac PptpMiniport - ok
21:16:52.0687 0x11ac [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
21:16:52.0718 0x11ac Processor - ok
21:16:52.0734 0x11ac [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
21:16:52.0765 0x11ac ProfSvc - ok
21:16:52.0780 0x11ac [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:16:52.0812 0x11ac ProtectedStorage - ok
21:16:52.0858 0x11ac [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:16:52.0890 0x11ac Psched - ok
21:16:52.0952 0x11ac [ 4712CC14E720ECCCC0AA16949D18AAF1, AF0223D118A25CA14EC1AF8A40A793D3CBCBE3576CCACBCD4F9A3D3F10407262 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
21:16:52.0999 0x11ac PxHlpa64 - ok
21:16:53.0061 0x11ac [ 0928BD20273625622722FE1DE5BBDE57, 5313C222F8810D3A62CCE64482B5E50E58BBE2A2C298A23C84A454C34324AC52 ] qicflt C:\Windows\system32\DRIVERS\qicflt.sys
21:16:53.0108 0x11ac qicflt - ok
21:16:53.0248 0x11ac [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
21:16:53.0311 0x11ac ql2300 - ok
21:16:53.0326 0x11ac [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
21:16:53.0358 0x11ac ql40xx - ok
21:16:53.0404 0x11ac [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
21:16:53.0498 0x11ac QWAVE - ok
21:16:53.0514 0x11ac [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:16:53.0592 0x11ac QWAVEdrv - ok
21:16:53.0654 0x11ac [ A55E7D0D873B2C97585B3B5926AC6ADE, 3BE3895DA7F0888E85B1941525878BA0846A8F215AD39ED8138BB39615468E32 ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
21:16:53.0732 0x11ac RapiMgr - ok
21:16:53.0748 0x11ac [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:16:53.0810 0x11ac RasAcd - ok
21:16:53.0857 0x11ac [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:16:53.0888 0x11ac RasAgileVpn - ok
21:16:53.0904 0x11ac [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
21:16:53.0950 0x11ac RasAuto - ok
21:16:54.0013 0x11ac [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:16:54.0106 0x11ac Rasl2tp - ok
21:16:54.0184 0x11ac [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
21:16:54.0247 0x11ac RasMan - ok
21:16:54.0262 0x11ac [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:16:54.0309 0x11ac RasPppoe - ok
21:16:54.0325 0x11ac [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:16:54.0372 0x11ac RasSstp - ok
21:16:54.0403 0x11ac [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:16:54.0450 0x11ac rdbss - ok
21:16:54.0465 0x11ac [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:16:54.0512 0x11ac rdpbus - ok
21:16:54.0528 0x11ac [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:16:54.0637 0x11ac RDPCDD - ok
21:16:54.0668 0x11ac [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:16:54.0715 0x11ac RDPENCDD - ok
21:16:54.0746 0x11ac [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:16:54.0793 0x11ac RDPREFMP - ok
21:16:54.0886 0x11ac [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:16:54.0933 0x11ac RdpVideoMiniport - ok
21:16:54.0980 0x11ac [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:16:55.0058 0x11ac RDPWD - ok
21:16:55.0105 0x11ac [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:16:55.0183 0x11ac rdyboost - ok
21:16:55.0308 0x11ac [ 0AA473966357C4A41B5EB19649EB6E5E, D4F1EADDECE41481332CBF03B8CAB4AC6AB048834DF013DB30757E7941F306FE ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
21:16:55.0370 0x11ac RegSrvc - ok
21:16:55.0401 0x11ac [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:16:55.0448 0x11ac RemoteAccess - ok
21:16:55.0495 0x11ac [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:16:55.0542 0x11ac RemoteRegistry - ok
21:16:55.0542 0x11ac [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:16:55.0588 0x11ac RpcEptMapper - ok
21:16:55.0620 0x11ac [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
21:16:55.0635 0x11ac RpcLocator - ok
21:16:55.0682 0x11ac [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
21:16:55.0822 0x11ac RpcSs - ok
21:16:55.0838 0x11ac [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:16:55.0947 0x11ac rspndr - ok
21:16:56.0010 0x11ac [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
21:16:56.0072 0x11ac RTL8167 - ok
21:16:56.0088 0x11ac [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
21:16:56.0119 0x11ac SamSs - ok
21:16:56.0134 0x11ac [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:16:56.0166 0x11ac sbp2port - ok
21:16:56.0212 0x11ac [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:16:56.0290 0x11ac SCardSvr - ok
21:16:56.0322 0x11ac [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:16:56.0353 0x11ac scfilter - ok
21:16:56.0431 0x11ac [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
21:16:56.0556 0x11ac Schedule - ok
21:16:56.0587 0x11ac [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
21:16:56.0618 0x11ac SCPolicySvc - ok
21:16:56.0649 0x11ac [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:16:56.0727 0x11ac SDRSVC - ok
21:16:56.0758 0x11ac [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:16:56.0852 0x11ac secdrv - ok
21:16:56.0883 0x11ac [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
21:16:56.0977 0x11ac seclogon - ok
21:16:56.0992 0x11ac [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
21:16:57.0055 0x11ac SENS - ok
21:16:57.0070 0x11ac [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:16:57.0102 0x11ac SensrSvc - ok
21:16:57.0133 0x11ac [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:16:57.0195 0x11ac Serenum - ok
21:16:57.0226 0x11ac [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:16:57.0273 0x11ac Serial - ok
21:16:57.0304 0x11ac [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
21:16:57.0336 0x11ac sermouse - ok
21:16:57.0507 0x11ac [ C15B813F2FDB44F87F23312472C6E790, 2AA4024C312D0FFDC7DD2F46D011C8C54085216A3B5FA99FA42312C2E991E141 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
21:16:57.0632 0x11ac ServiceLayer - ok
21:16:57.0694 0x11ac [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
21:16:57.0804 0x11ac SessionEnv - ok
21:16:57.0835 0x11ac [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:16:57.0897 0x11ac sffdisk - ok
21:16:57.0913 0x11ac [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:16:57.0975 0x11ac sffp_mmc - ok
21:16:57.0991 0x11ac [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:16:58.0053 0x11ac sffp_sd - ok
21:16:58.0069 0x11ac [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
21:16:58.0131 0x11ac sfloppy - ok
21:16:58.0240 0x11ac [ E1974A92AC0914A3859359A0A8C82C68, 4908917F72D6E531B44488F06A05915F0DA9767758E44C886F5F93F46BA79654 ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
21:16:58.0303 0x11ac SftService - ok
21:16:58.0381 0x11ac [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:16:58.0490 0x11ac SharedAccess - ok
21:16:58.0552 0x11ac [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:16:58.0630 0x11ac ShellHWDetection - ok
21:16:58.0677 0x11ac [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:16:58.0693 0x11ac SiSRaid2 - ok
21:16:58.0708 0x11ac [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
21:16:58.0740 0x11ac SiSRaid4 - ok
21:16:58.0786 0x11ac [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:16:58.0864 0x11ac SkypeUpdate - ok
21:16:58.0896 0x11ac [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:16:58.0942 0x11ac Smb - ok
21:16:58.0989 0x11ac [ 10450F432811D7FDA60A97FCC674D7B2, FD6245B06DD81C6E287DA47173D622357D86D84E3A5444CD34645973FE2E8BF5 ] snapman C:\Windows\system32\DRIVERS\snapman.sys
21:16:59.0020 0x11ac snapman - ok
21:16:59.0145 0x11ac [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:16:59.0208 0x11ac SNMPTRAP - ok
21:16:59.0208 0x11ac [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
21:16:59.0254 0x11ac spldr - ok
21:16:59.0317 0x11ac [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
21:16:59.0395 0x11ac Spooler - ok
21:16:59.0520 0x11ac [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
21:16:59.0676 0x11ac sppsvc - ok
21:16:59.0691 0x11ac [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:16:59.0738 0x11ac sppuinotify - ok
21:16:59.0769 0x11ac [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:16:59.0816 0x11ac srv - ok
21:16:59.0832 0x11ac [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:16:59.0863 0x11ac srv2 - ok
21:16:59.0878 0x11ac [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:16:59.0910 0x11ac srvnet - ok
21:16:59.0956 0x11ac [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:17:00.0050 0x11ac SSDPSRV - ok
21:17:00.0066 0x11ac [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:17:00.0112 0x11ac SstpSvc - ok
21:17:00.0128 0x11ac [ 92E7F6666633D2DD91D527503DAA7BE0, E97C7FFCAF2C7A83B270B6C797A91C2731FEA26874FE1E59B4CB55D5D98744BB ] stdcfltn C:\Windows\system32\DRIVERS\stdcfltn.sys
21:17:00.0159 0x11ac stdcfltn - ok
21:17:00.0300 0x11ac [ 49D9C17FDDFAC66F27FA735E94923216, 18C8FE5B794927989CDD3BB7A5500C73CCC23559470EEB37D42FD9AD04098C0D ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:17:00.0346 0x11ac Stereo Service - ok
21:17:00.0378 0x11ac [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
21:17:00.0440 0x11ac stexstor - ok
21:17:00.0518 0x11ac [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
21:17:00.0612 0x11ac stisvc - ok
21:17:00.0643 0x11ac [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
21:17:00.0674 0x11ac swenum - ok
21:17:00.0690 0x11ac [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
21:17:00.0768 0x11ac swprv - ok
21:17:00.0846 0x11ac [ 36F506C894E1EA59C65FAF6398BDF49A, 70B7CA69958796C3AFA1ACA4C3BF054CBFEE84DC73A55D395EFED4A80B5399A2 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
21:17:00.0892 0x11ac SynTP - ok
21:17:00.0986 0x11ac [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
21:17:01.0080 0x11ac SysMain - ok
21:17:01.0111 0x11ac [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:17:01.0158 0x11ac TabletInputService - ok
21:17:01.0189 0x11ac [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
21:17:01.0220 0x11ac tap0901 - ok
21:17:01.0345 0x11ac [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
21:17:01.0423 0x11ac TapiSrv - ok
21:17:01.0485 0x11ac [ 048CFE7569D6ADCAB9349BB1A566A79E, E248D2A66881FDFF9505896F383EFFEF2FD5AFC15D8992E653F5C31F1F80DAF3 ] tbhsd C:\Windows\system32\drivers\tbhsd.sys
21:17:01.0501 0x11ac tbhsd - ok
21:17:01.0548 0x11ac [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
21:17:01.0594 0x11ac TBS - ok
21:17:01.0672 0x11ac [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:17:01.0766 0x11ac Tcpip - ok
21:17:01.0828 0x11ac [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:17:01.0906 0x11ac TCPIP6 - ok
21:17:01.0938 0x11ac [ 1A95043750E359F993154EF8559BE518, C1CDFAA87084B4D7CF38598E6C723EDD2E1DCA23D29449F48D016F589DACEA29 ] tcpipBM C:\Windows\system32\drivers\tcpipBM.sys
21:17:01.0953 0x11ac tcpipBM - detected UnsignedFile.Multi.Generic ( 1 )
21:17:04.0496 0x11ac Detect skipped due to KSN trusted
21:17:04.0496 0x11ac tcpipBM - ok
21:17:04.0543 0x11ac [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:17:04.0590 0x11ac tcpipreg - ok
21:17:04.0621 0x11ac [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:17:04.0636 0x11ac TDPIPE - ok
21:17:04.0777 0x11ac [ 99527D49EE0A96FC25537C61B270A372, 519E23F86EC86349F92C4A88DBD19C097AEE0A6E152776B32B45D293ED14946B ] tdrpman273 C:\Windows\system32\DRIVERS\tdrpm273.sys
21:17:04.0870 0x11ac tdrpman273 - ok
21:17:04.0902 0x11ac [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:17:04.0917 0x11ac TDTCP - ok
21:17:04.0948 0x11ac [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:17:05.0026 0x11ac tdx - ok
21:17:05.0151 0x11ac [ 4283D7125BA4BD0CB50BB0F78B54257A, A9DBFC45CDF7444BA7AD92734E66E3E4F844BF036AC19FD43F915151191F12C5 ] TelekomNM6 C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys
21:17:05.0198 0x11ac TelekomNM6 - ok
21:17:05.0245 0x11ac [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
21:17:05.0292 0x11ac TermDD - ok
21:17:05.0354 0x11ac [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
21:17:05.0401 0x11ac TermService - ok
21:17:05.0432 0x11ac [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
21:17:05.0463 0x11ac Themes - ok
21:17:05.0494 0x11ac [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
21:17:05.0541 0x11ac THREADORDER - ok
21:17:05.0572 0x11ac [ 3E24B7FE52BC455DA8D6E2CC2B4CA23F, 0AC9C626F0ED7F27CCE0236897D44836789331953AA0A73B2A88E4A91CF996B6 ] tifsfilter C:\Windows\system32\DRIVERS\tifsfilt.sys
21:17:05.0588 0x11ac tifsfilter - ok
21:17:05.0682 0x11ac [ EBBAEA02F0095A798000C7E06B16D41B, CBEAC6CBF0F8D5B72ACCBADA6BD1DF1EB31F84B0D973DA955337991D4DBBDF7E ] timounter C:\Windows\system32\DRIVERS\timntr.sys
21:17:05.0775 0x11ac timounter - ok
21:17:05.0806 0x11ac [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
21:17:05.0869 0x11ac TrkWks - ok
21:17:05.0931 0x11ac [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:17:06.0025 0x11ac TrustedInstaller - ok
21:17:06.0087 0x11ac [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:17:06.0150 0x11ac tssecsrv - ok
21:17:06.0228 0x11ac [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:17:06.0290 0x11ac TsUsbFlt - ok
21:17:06.0384 0x11ac [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:17:06.0508 0x11ac tunnel - ok
21:17:06.0524 0x11ac [ 825E7A1F48FB8BCFBA27C178AAB4E275, 94F039917B52BEFFFE383E14A6169AE81B6E79C30BA7DD017A9CFE15708A1605 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
21:17:06.0586 0x11ac TurboB - ok
21:17:06.0633 0x11ac [ B206BE1174D5964D49A56BB6C4E0524A, 9D7DA11220B69E2EDEA9E55EC0E4CB554DD7F638ABF49B76353CE5A5C75965B8 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
21:17:06.0711 0x11ac TurboBoost - ok
21:17:06.0742 0x11ac [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
21:17:06.0805 0x11ac uagp35 - ok
21:17:06.0852 0x11ac [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:17:06.0992 0x11ac udfs - ok
21:17:07.0039 0x11ac [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:17:07.0101 0x11ac UI0Detect - ok
21:17:07.0132 0x11ac [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:17:07.0195 0x11ac uliagpkx - ok
21:17:07.0226 0x11ac [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
21:17:07.0288 0x11ac umbus - ok
21:17:07.0320 0x11ac [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:17:07.0382 0x11ac UmPass - ok
21:17:07.0554 0x11ac [ CBDEE152D73200EE49031A26310B9D3E, 92E22235446F8DB3BFE97EDE7DE7D33F43EAC5957C5B41ACCEC4EBFD19BFF819 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
21:17:07.0647 0x11ac UNS - ok
21:17:07.0663 0x11ac [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
21:17:07.0725 0x11ac upnphost - ok
21:17:07.0741 0x11ac [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:17:07.0772 0x11ac usbccgp - ok
21:17:07.0819 0x11ac [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:17:07.0866 0x11ac usbcir - ok
21:17:07.0897 0x11ac [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
21:17:07.0959 0x11ac usbehci - ok
21:17:08.0022 0x11ac [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:17:08.0084 0x11ac usbhub - ok
21:17:08.0100 0x11ac [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:17:08.0146 0x11ac usbohci - ok
21:17:08.0209 0x11ac [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:17:08.0271 0x11ac usbprint - ok
21:17:08.0334 0x11ac [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
21:17:08.0396 0x11ac usbscan - ok
21:17:08.0427 0x11ac [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser C:\Windows\system32\drivers\usbser.sys
21:17:08.0458 0x11ac usbser - ok
21:17:08.0490 0x11ac [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:17:08.0552 0x11ac USBSTOR - ok
21:17:08.0583 0x11ac [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:17:08.0646 0x11ac usbuhci - ok
21:17:08.0677 0x11ac [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
21:17:08.0739 0x11ac usbvideo - ok
21:17:08.0770 0x11ac [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
21:17:08.0880 0x11ac UxSms - ok
21:17:08.0895 0x11ac [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
21:17:08.0958 0x11ac VaultSvc - ok
21:17:09.0160 0x11ac [ 1352B215BDC5807A5641E7C143796DD7, B54F95307253BB81E4CEE4F2033782210652364DE6A1E833B27ECE7E04A2BD51 ] VBoxAswDrv C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
21:17:09.0207 0x11ac VBoxAswDrv - ok
21:17:09.0238 0x11ac [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:17:09.0254 0x11ac vdrvroot - ok
21:17:09.0316 0x11ac [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
21:17:09.0426 0x11ac vds - ok
21:17:09.0472 0x11ac [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:17:09.0488 0x11ac vga - ok
21:17:09.0519 0x11ac [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
21:17:09.0628 0x11ac VgaSave - ok
21:17:09.0644 0x11ac [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:17:09.0706 0x11ac vhdmp - ok
21:17:09.0753 0x11ac [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
21:17:09.0816 0x11ac viaide - ok
21:17:09.0847 0x11ac [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:17:09.0909 0x11ac volmgr - ok
21:17:09.0956 0x11ac [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:17:10.0050 0x11ac volmgrx - ok
21:17:10.0065 0x11ac [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:17:10.0096 0x11ac volsnap - ok
21:17:10.0128 0x11ac [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
21:17:10.0143 0x11ac vsmraid - ok
21:17:10.0221 0x11ac [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
21:17:10.0315 0x11ac VSS - ok
21:17:10.0330 0x11ac [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:17:10.0362 0x11ac vwifibus - ok
21:17:10.0377 0x11ac [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:17:10.0408 0x11ac vwififlt - ok
21:17:10.0440 0x11ac [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
21:17:10.0455 0x11ac vwifimp - ok
21:17:10.0502 0x11ac [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
21:17:10.0611 0x11ac W32Time - ok
21:17:10.0642 0x11ac [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
21:17:10.0689 0x11ac WacomPen - ok
21:17:10.0720 0x11ac [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:17:10.0783 0x11ac WANARP - ok
21:17:10.0783 0x11ac [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:17:10.0830 0x11ac Wanarpv6 - ok
21:17:10.0954 0x11ac [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:17:11.0032 0x11ac WatAdminSvc - ok
21:17:11.0110 0x11ac [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
21:17:11.0188 0x11ac wbengine - ok
21:17:11.0204 0x11ac [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:17:11.0235 0x11ac WbioSrvc - ok
21:17:11.0298 0x11ac [ 8BDA6DB43AA54E8BB5E0794541DDC209, 8753C507BE77B019A3403AF5252434A01DB9F9332E58AC3783ABCE3D21AD9DD4 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
21:17:11.0360 0x11ac WcesComm - ok
21:17:11.0407 0x11ac [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:17:11.0485 0x11ac wcncsvc - ok
21:17:11.0500 0x11ac [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:17:11.0578 0x11ac WcsPlugInService - ok
21:17:11.0610 0x11ac [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
21:17:11.0656 0x11ac Wd - ok
21:17:11.0750 0x11ac [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:17:11.0812 0x11ac Wdf01000 - ok
21:17:11.0875 0x11ac [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:17:11.0953 0x11ac WdiServiceHost - ok
21:17:11.0968 0x11ac [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:17:12.0000 0x11ac WdiSystemHost - ok
21:17:12.0015 0x11ac [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
21:17:12.0046 0x11ac WebClient - ok
21:17:12.0093 0x11ac [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:17:12.0156 0x11ac Wecsvc - ok
21:17:12.0156 0x11ac [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:17:12.0202 0x11ac wercplsupport - ok
21:17:12.0234 0x11ac [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
21:17:12.0280 0x11ac WerSvc - ok
21:17:12.0280 0x11ac [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:17:12.0327 0x11ac WfpLwf - ok
21:17:12.0374 0x11ac [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
21:17:12.0436 0x11ac WimFltr - ok
21:17:12.0452 0x11ac [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:17:12.0468 0x11ac WIMMount - ok
21:17:12.0499 0x11ac WinDefend - ok
21:17:12.0499 0x11ac WinHttpAutoProxySvc - ok
21:17:12.0592 0x11ac [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:17:12.0717 0x11ac Winmgmt - ok
21:17:12.0873 0x11ac [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
21:17:12.0982 0x11ac WinRM - ok
21:17:13.0076 0x11ac [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WINUSB C:\Windows\system32\DRIVERS\WinUSB.SYS
21:17:13.0138 0x11ac WINUSB - ok
21:17:13.0232 0x11ac [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
21:17:13.0326 0x11ac Wlansvc - ok
21:17:13.0372 0x11ac [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
21:17:13.0404 0x11ac wlcrasvc - ok
21:17:13.0591 0x11ac [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:17:13.0684 0x11ac wlidsvc - ok
21:17:13.0700 0x11ac [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:17:13.0731 0x11ac WmiAcpi - ok
21:17:13.0762 0x11ac [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:17:13.0794 0x11ac wmiApSrv - ok
21:17:13.0825 0x11ac WMPNetworkSvc - ok
21:17:13.0856 0x11ac [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:17:13.0887 0x11ac WPCSvc - ok
21:17:13.0950 0x11ac [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:17:14.0012 0x11ac WPDBusEnum - ok
21:17:14.0074 0x11ac [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:17:14.0184 0x11ac ws2ifsl - ok
21:17:14.0199 0x11ac [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
21:17:14.0262 0x11ac wscsvc - ok
21:17:14.0262 0x11ac WSearch - ok
21:17:14.0433 0x11ac [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
21:17:14.0542 0x11ac wuauserv - ok
21:17:14.0605 0x11ac [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:17:14.0667 0x11ac WudfPf - ok
21:17:14.0730 0x11ac [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:17:14.0792 0x11ac WUDFRd - ok
21:17:14.0839 0x11ac [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:17:14.0901 0x11ac wudfsvc - ok
21:17:14.0964 0x11ac [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
21:17:15.0057 0x11ac WwanSvc - ok
21:17:15.0088 0x11ac ================ Scan global ===============================
21:17:15.0120 0x11ac [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
21:17:15.0166 0x11ac [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
21:17:15.0198 0x11ac [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
21:17:15.0260 0x11ac [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:17:15.0338 0x11ac [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
21:17:15.0354 0x11ac [ Global ] - ok
21:17:15.0354 0x11ac ================ Scan MBR ==================================
21:17:15.0369 0x11ac [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
21:17:15.0759 0x11ac \Device\Harddisk0\DR0 - ok
21:17:15.0775 0x11ac ================ Scan VBR ==================================
21:17:15.0775 0x11ac [ C27B706087C4EEA52DEEA50C6CD520AB ] \Device\Harddisk0\DR0\Partition1
21:17:15.0775 0x11ac \Device\Harddisk0\DR0\Partition1 - ok
21:17:15.0775 0x11ac [ 0E662C73D12129A298A047E9FA3BE88B ] \Device\Harddisk0\DR0\Partition2
21:17:15.0837 0x11ac \Device\Harddisk0\DR0\Partition2 - ok
21:17:15.0837 0x11ac ================ Scan generic autorun ======================
21:17:15.0837 0x11ac SynTPEnh - ok
21:17:15.0978 0x11ac [ F2C49A7AA03FC231BE87A65E50D0B6F6, 549A188E8F1E2CA1E4A82EC4F5D7B45C24BAB2B1177EA848183D72F97E198E38 ] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
21:17:16.0134 0x11ac IntelWireless - ok
21:17:16.0243 0x11ac [ 0AD61A3C844EEFE88780749E362D1E57, 5F2EF864827F65130B3292F49A2AFEC45006980D061978DAB31A6ECB1F2A0200 ] c:\Program Files\Dell\QuickSet\QuickSet.exe
21:17:16.0368 0x11ac QuickSet - detected UnsignedFile.Multi.Generic ( 1 )
21:17:18.0942 0x11ac Detect skipped due to KSN trusted
21:17:18.0942 0x11ac QuickSet - ok
21:17:19.0020 0x11ac [ A358C6D2F299ACDE00D40C605BA5FEDC, FFAE3A508C8756D67E7C37870E53A621D0F174A66E48BBD30B03F2DAF1C0BFB8 ] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
21:17:19.0082 0x11ac FreeFallProtection - ok
21:17:19.0160 0x11ac [ 233A10D4B3F6897899112E4EC60F1906, 1F7E768E57064938114DF2EFC5B219EB0D30A7D9E574924E9CED054462505AF0 ] C:\Windows\WindowsMobile\wmdc.exe
21:17:19.0238 0x11ac Windows Mobile Device Center - ok
21:17:19.0347 0x11ac [ 2078AE5DF5876F58124CDC2B4F972CD3, 59023E6A595950BFA611502AA9AA68C1AD48114DDCBD6BA7FDE4CDC86A7170B1 ] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
21:17:19.0425 0x11ac Acronis Scheduler2 Service - ok
21:17:19.0737 0x11ac [ 29A1AA60BEB49F0D270817F138618647, 0581DEB23E721938F96D8DD3BCAF2E83E0B35E7A36821CE9C216CFF1B578A849 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
21:17:19.0940 0x11ac RTHDVCPL - ok
21:17:20.0080 0x11ac [ 495B01F44E917CCDF79005CC0EC56F5A, F9FE6E5EC0C40B8877F846568BA4DC23EEBCC0CCA1F43364C65079F7B77F19F9 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
21:17:20.0158 0x11ac RtHDVBg - ok
21:17:20.0236 0x11ac [ 9D51EA92A612B37E76E5E4621650C50A, 00BD61C8527A80C0F684882379A0AC2E5A54E8BBECC797087B960CDC8454C373 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
21:17:20.0283 0x11ac NUSB3MON - ok
21:17:20.0361 0x11ac [ 25107F58D1B8F60D67D1EE95798C0DE8, C3B5205E8818576EBF33E3B9FD8664A498714B823D9128FC1CA0A64F81499263 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
21:17:20.0439 0x11ac IAStorIcon - ok
21:17:20.0548 0x11ac [ 637E9EEA864CE9C5778E3C4358B1E0D1, BF1E58E0C50DCB06FD1611786ECF500F426DFEFCF795D8A048A4B1BCA51F4556 ] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
21:17:20.0626 0x11ac Dell DataSafe Online - ok
21:17:20.0689 0x11ac [ 30293898C1A9DFBCFE38EB6A2F7D555A, 467B0BE56B0CF06607C5C0EAE4D4703810A2E65D4137CEB6ECA581E4E848CA70 ] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
21:17:20.0720 0x11ac Dell Webcam Central - detected UnsignedFile.Multi.Generic ( 1 )
21:17:23.0279 0x11ac Detect skipped due to KSN trusted
21:17:23.0279 0x11ac Dell Webcam Central - ok
21:17:23.0341 0x11ac [ 813F9EA38AEB2AD4D9BD689388DDD93A, 68766E259C0D7F6EAFBF8C24A903C34CE624FF37EBFB8CDBFC1405AC6DA6E8F8 ] C:\Program Files (x86)\Telekom\InternetManager_H\DataCardMonitor.exe
21:17:23.0388 0x11ac DataCardMonitor - detected UnsignedFile.Multi.Generic ( 1 )
21:17:25.0915 0x11ac Detect skipped due to KSN trusted
21:17:25.0915 0x11ac DataCardMonitor - ok
21:17:26.0196 0x11ac [ C433243E73FCF988435CEC1F461C48EE, 65C601B72EC48528F9CFF8F412E5AB75497E018E92754A4669741F34996A954E ] C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
21:17:26.0321 0x11ac SAOB Monitor - ok
21:17:26.0539 0x11ac [ A7D3BA9573C2BD5DDCA2A87140915D6A, 2D36D01A10B5F988FB6ED2204FAB3F05B7E31373B7A16B13E3CE5E8EB81420EA ] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
21:17:26.0742 0x11ac TrueImageMonitor.exe - ok
21:17:26.0867 0x11ac [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
21:17:26.0945 0x11ac Adobe ARM - ok
21:17:27.0023 0x11ac [ F8A3337DE768B126B061F1B7CD38A436, F93EE8D8D7CA28658587F82C38AE6C13D51A03CFE8DE6AC3BA35DC6A1DB986CE ] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
21:17:27.0101 0x11ac KiesTrayAgent - ok
21:17:27.0163 0x11ac [ 14D6542607ACD4B2D1DDB1A36E0D8813, 3A270600549E8E7988D5AF3486C0F504269B9573393D87BF87BDB2287BF007B2 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
21:17:27.0210 0x11ac SunJavaUpdateSched - ok
21:17:27.0397 0x11ac [ 07AF92553C94A548C38BE54B6A668318, C43269A6F2B7F95290D4ABF9EFDA8E2631408671A7A6E01A06DD90E503467C36 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
21:17:27.0584 0x11ac AvastUI.exe - ok
21:17:27.0647 0x11ac [ 6CE36EE8D47C825A8D0C56C846CF636F, 62611B4D1CB67E93BFEFCCE605D33A72C3AF2C362B904B571A9E671A178F73E1 ] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
21:17:27.0693 0x11ac Launcher - detected UnsignedFile.Multi.Generic ( 1 )
21:17:30.0377 0x11ac Detect skipped due to KSN trusted
21:17:30.0377 0x11ac Launcher - ok
21:17:30.0517 0x11ac [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:17:30.0626 0x11ac Sidebar - ok
21:17:30.0642 0x11ac [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:17:30.0689 0x11ac mctadmin - ok
21:17:30.0720 0x11ac [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:17:30.0782 0x11ac Sidebar - ok
21:17:30.0798 0x11ac [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:17:30.0829 0x11ac mctadmin - ok
21:17:30.0845 0x11ac [ 75F26DE6CFCC49AD02D99BB9922D863B, 8043540932A70E7A316E3F76723087711889A0772A7E94DF03EC8FC368AD1BA6 ] C:\Program Files (x86)\Telekom\InternetManager_H\UpdateDog\ouc.exe
21:17:30.0876 0x11ac HW_OPENEYE_OUC_Telekom Internet Manager - detected UnsignedFile.Multi.Generic ( 1 )
21:17:33.0621 0x11ac Detect skipped due to KSN trusted
21:17:33.0621 0x11ac HW_OPENEYE_OUC_Telekom Internet Manager - ok
21:17:33.0762 0x11ac [ 2F85D5E63A1ECE08085D32C1B615BBFD, 7263F4E0CC7D375CBAA44406F90F427E6EC9382184B3CD62A90C0DD6B7D88372 ] C:\Program Files (x86)\Samsung\Kies\Kies.exe
21:17:33.0824 0x11ac KiesPreload - ok
21:17:33.0824 0x11ac KiesAirMessage - ok
21:17:33.0996 0x11ac [ 9DFDDB86952846EAD3E00F9399724CBE, 800A3C55D9D166F80068A265A389A335F7105312429CC9983909DC46B242A8C7 ] C:\Users\Holgi\AppData\Local\Apps\2.0\WDNJWVRP.6BM\H2A4DABA.YVQ\dell..tion_0f612f649c4a10af_0005.0009_14e1a3fbfbaf942c\DellSystemDetect.exe
21:17:34.0058 0x11ac DellSystemDetect - detected UnsignedFile.Multi.Generic ( 1 )
21:17:36.0601 0x11ac Detect skipped due to KSN trusted
21:17:36.0601 0x11ac DellSystemDetect - ok
21:17:36.0773 0x11ac [ D9009C0433DD64FEBA944189174E6212, DE90C5457A9A3F2A157B6D48171F85F67DC0E82C90FA2FA347AA2014155CFF8A ] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_189_Plugin.exe
21:17:36.0851 0x11ac FlashPlayerUpdate - ok
21:17:36.0851 0x11ac Waiting for KSN requests completion. In queue: 2
21:17:37.0865 0x11ac Waiting for KSN requests completion. In queue: 2
21:17:38.0879 0x11ac Waiting for KSN requests completion. In queue: 2
21:17:39.0955 0x11ac AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.0.2208.712 ), 0x41000 ( enabled : updated )
21:17:39.0986 0x11ac Win FW state via NFP2: enabled
21:17:42.0498 0x11ac ============================================================
21:17:42.0498 0x11ac Scan finished
21:17:42.0498 0x11ac ============================================================
21:17:42.0513 0x109c Detected object count: 0
21:17:42.0513 0x109c Actual detected object count: 0
|
|
19.11.2014, 17:32
| #4 |
| /// the machine /// TB-Ausbilder | Windows 7: Vollbildschirm schließt sich automatisch hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
19.11.2014, 20:52
| #5 |
| | Windows 7: Vollbildschirm schließt sich automatisch Hi, ComboFix habe ich ausgeführt. Beim Herunterfahren des Systems kam folgende Fehlermeldung: "Unable to create a backup current registry file C:/windows/System32/config/default Continue restoration of this file?" Ich habe dann immer "Yes" ausgewählt. Die Meldung kam noch mit anderen Pfaden und nach eingen Bestätigungen ist der Rechner dann doch heruntergefahren. log.txt Code:
ATTFilter ComboFix 14-11-18.01 - Holgi 19.11.2014 20:18:02.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8124.5389 [GMT 1:00]
ausgeführt von:: c:\users\Holgi\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\Holgi\AppData\Local\TempDIR
c:\windows\msdownld.tmp
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_DCService.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-10-19 bis 2014-11-19 ))))))))))))))))))))))))))))))
.
.
2014-11-19 19:26 . 2014-11-19 19:26 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-11-18 19:25 . 2014-11-18 19:27 -------- d-----w- C:\FRST
2014-11-18 18:37 . 2014-11-11 03:08 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-18 18:37 . 2014-11-11 03:08 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-18 18:37 . 2014-11-11 02:44 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-18 18:37 . 2014-11-11 02:44 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-11-17 23:01 . 2014-11-17 23:01 -------- d-sh--w- c:\users\Holgi\AppData\Local\EmieBrowserModeList
2014-11-17 23:01 . 2014-11-17 23:01 -------- d-----w- c:\program files (x86)\Auslogics
2014-11-17 22:53 . 2014-11-17 22:53 -------- d-----w- c:\program files (x86)\MyFree Codec
2014-11-17 22:43 . 2014-11-17 22:43 -------- d-----w- c:\program files (x86)\MarkAny
2014-11-12 21:03 . 2014-11-06 03:28 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-11-12 21:02 . 2014-11-06 01:52 1892864 ----a-w- c:\windows\SysWow64\wininet.dll
2014-11-12 21:01 . 2014-08-12 01:36 701440 ----a-w- c:\windows\SysWow64\IMJP10K.DLL
2014-11-12 21:00 . 2014-08-21 06:43 1882624 ----a-w- c:\windows\system32\msxml3.dll
2014-11-12 20:59 . 2014-10-14 02:13 3241984 ----a-w- c:\windows\system32\msi.dll
2014-11-12 20:59 . 2014-10-14 01:50 2363904 ----a-w- c:\windows\SysWow64\msi.dll
2014-11-12 20:58 . 2014-10-25 01:57 77824 ----a-w- c:\windows\system32\packager.dll
2014-11-12 20:58 . 2014-10-25 01:32 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-11-12 20:50 . 2014-10-10 00:57 3198976 ----a-w- c:\windows\system32\win32k.sys
2014-11-12 20:49 . 2014-10-18 02:05 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-11-12 20:49 . 2014-10-18 01:33 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-11-09 20:03 . 2014-11-09 20:03 364512 ----a-w- c:\windows\system32\aswBoot.exe
2014-10-22 17:05 . 2014-10-22 17:05 -------- d-----w- c:\program files\AVAST Software
2014-10-22 17:02 . 2014-10-22 17:05 -------- d-----w- c:\programdata\AVAST Software
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-18 19:07 . 2014-04-26 07:20 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-11-12 21:14 . 2010-12-20 19:53 103374192 ----a-w- c:\windows\system32\MRT.exe
2014-10-26 04:35 . 2012-04-07 15:46 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-10-26 04:35 . 2011-06-16 19:01 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-10-15 17:57 . 2014-10-15 17:58 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-10-01 10:11 . 2014-04-26 07:20 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-10-01 10:11 . 2014-04-26 07:20 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-10-01 10:11 . 2014-04-26 07:20 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-09-25 02:08 . 2014-09-30 19:18 371712 ----a-w- c:\windows\system32\qdvd.dll
2014-09-25 01:40 . 2014-09-30 19:18 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-09-09 22:11 . 2014-09-23 18:43 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-09 21:47 . 2014-09-23 18:43 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-09-05 02:11 . 2014-10-16 19:00 6584320 ----a-w- c:\windows\system32\mstscax.dll
2014-09-05 01:52 . 2014-10-16 19:00 5703168 ----a-w- c:\windows\SysWow64\mstscax.dll
2014-09-04 05:23 . 2014-10-16 19:00 424448 ----a-w- c:\windows\system32\rastls.dll
2014-09-04 05:04 . 2014-10-16 19:00 372736 ----a-w- c:\windows\SysWow64\rastls.dll
2014-08-29 02:07 . 2014-10-16 19:00 3179520 ----a-w- c:\windows\system32\rdpcorets.dll
2014-08-23 02:07 . 2014-08-28 19:08 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-23 01:45 . 2014-08-28 19:08 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2012-05-15 08:33 . 2013-03-31 18:55 1456640 ----a-w- c:\program files (x86)\Common Files\Falk Navi-Manager classic.msi
2012-03-28 08:14 . 2011-01-01 12:50 1456640 ----a-w- c:\program files (x86)\Common Files\Falk Navi-Manager.msi
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HW_OPENEYE_OUC_Telekom Internet Manager"="c:\program files (x86)\Telekom\InternetManager_H\UpdateDog\ouc.exe" [2009-12-31 110592]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2014-07-25 1562264]
"DellSystemDetect"="c:\users\Holgi\AppData\Local\Apps\2.0\WDNJWVRP.6BM\H2A4DABA.YVQ\dell..tion_0f612f649c4a10af_0005.0009_14e1a3fbfbaf942c\DellSystemDetect.exe" [2014-08-19 263232]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2010-02-09 1807680]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2010-08-20 487562]
"DataCardMonitor"="c:\program files (x86)\Telekom\InternetManager_H\DataCardMonitor.exe" [2011-11-12 253952]
"SAOB Monitor"="c:\program files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe" [2011-09-22 2571032]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2011-09-22 5587832]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2014-07-25 311616]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-09-26 271744]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-11-09 5225064]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\program files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe" [2010-08-12 163040]
.
c:\users\Holgi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Netzmanager.lnk - c:\program files\Netzmanager\netzmanager.exe /Autostart [2012-7-20 14134784]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
WISO Mein Steuer-Sparbuch heute.lnk - c:\program files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe [2014-5-8 1428248]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe /firstrun [2010-5-28 1324384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ALSysIO;ALSysIO;c:\users\Holgi\AppData\Local\Temp\ALSysIO64.sys;c:\users\Holgi\AppData\Local\Temp\ALSysIO64.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\DAFB.tmp;c:\windows\SYSNATIVE\DAFB.tmp [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 Netzmanager Service;Netzmanager Infrastruktur Informationssystem Dienst;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe ;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TelekomNM6;Telekom Netzmanager Packet Filter Driver;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 BMLoad;Bytemobile Boot Time Load Driver;c:\windows\system32\drivers\BMLoad.sys;c:\windows\SYSNATIVE\drivers\BMLoad.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys;c:\windows\SYSNATIVE\DRIVERS\stdcfltn.sys [x]
S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys;c:\windows\SYSNATIVE\DRIVERS\tdrpm273.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
S2 afcdpsrv;Acronis Nonstop Backup-Dienst;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe;c:\program files\Dell\DellDock\DockLogin.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys;c:\windows\SYSNATIVE\DRIVERS\Accelern.sys [x]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys;c:\windows\SYSNATIVE\DRIVERS\afcdp.sys [x]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link der Serie 5000 Adaptertreiber für Windows 7 64-Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 qicflt;upper Device Filter Driver;c:\windows\system32\DRIVERS\qicflt.sys;c:\windows\SYSNATIVE\DRIVERS\qicflt.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2014-11-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-07 04:35]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-09 20:03 860984 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-03-05 1928976]
"FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-09-24 727664]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2011-09-22 395344]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-02-18 6611048]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-01-18 2188904]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: dell.com
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: network.proxy.gopher -
FF - prefs.js: network.proxy.gopher_port - 0
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-KiesAirMessage - c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\DAFB.tmp"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_189_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_189_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_189_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_189_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_189.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_189.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_189.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_189.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-11-19 20:44:36 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2014-11-19 19:44
.
Vor Suchlauf: 18 Verzeichnis(se), 249.040.105.472 Bytes frei
Nach Suchlauf: 23 Verzeichnis(se), 249.128.624.128 Bytes frei
.
- - End Of File - - A5EC36D3D9BF6B0FF5C690E469DF1E05
|
|
20.11.2014, 18:45
| #6 |
| /// the machine /// TB-Ausbilder | Windows 7: Vollbildschirm schließt sich automatisch Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> Windows 7: Vollbildschirm schließt sich automatisch |
|
20.11.2014, 19:54
| #7 |
| | Windows 7: Vollbildschirm schließt sich automatisch Bitteschön  mbam.txt Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 20.11.2014 Suchlauf-Zeit: 19:08:16 Logdatei: mbam.txt Administrator: Ja Version: 2.00.3.1025 Malware Datenbank: v2014.11.20.06 Rootkit Datenbank: v2014.11.18.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Holgi Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 349234 Verstrichene Zeit: 16 Min, 41 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente erkannt) Module: 0 (Keine schädliche Elemente erkannt) Registrierungsschlüssel: 0 (Keine schädliche Elemente erkannt) Registrierungswerte: 0 (Keine schädliche Elemente erkannt) Registrierungsdaten: 0 (Keine schädliche Elemente erkannt) Ordner: 0 (Keine schädliche Elemente erkannt) Dateien: 0 (Keine schädliche Elemente erkannt) Physische Sektoren: 0 (Keine schädliche Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v4.101 - Bericht erstellt am 20/11/2014 um 19:35:31
# Aktualisiert 09/11/2014 von Xplode
# Database : 2014-11-16.1 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Holgi - HOLGI-PC
# Gestartet von : C:\Users\Holgi\Desktop\AdwCleaner_4.101.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Users\Holgi\AppData\Local\CrashRpt
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\Myfree Codec
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Myfree Codec
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17420
-\\ Mozilla Firefox v33.1 (x86 de)
[7408l0tn.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.order.1", "Ask.com");
*************************
AdwCleaner[R0].txt - [5004 octets] - [01/08/2014 06:35:59]
AdwCleaner[R1].txt - [1429 octets] - [20/11/2014 19:31:12]
AdwCleaner[S0].txt - [4800 octets] - [01/08/2014 06:37:02]
AdwCleaner[S1].txt - [1254 octets] - [20/11/2014 19:35:31]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1314 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.9 (11.15.2014:2)
OS: Windows 7 Home Premium x64
Ran by Holgi on 20.11.2014 at 19:42:42,66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\pcdr"
Successfully deleted: [Folder] "C:\Users\Holgi\AppData\Roaming\pcdr"
Successfully deleted: [Folder] "C:\Users\Holgi\appdata\locallow\pcdr"
Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"
~~~ FireFox
Emptied folder: C:\Users\Holgi\AppData\Roaming\mozilla\firefox\profiles\7408l0tn.default\minidumps [9 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.11.2014 at 19:48:09,25
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-11-2014
Ran by Holgi (administrator) on HOLGI-PC on 20-11-2014 19:55:49
Running from C:\Users\Holgi\Desktop
Loaded Profile: Holgi (Available profiles: Holgi)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Huawei Technologies Co., Ltd.) C:\Users\Holgi\AppData\Roaming\Telekom Internet Manager\ouc.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Dell) C:\Users\Holgi\AppData\Local\Apps\2.0\WDNJWVRP.6BM\H2A4DABA.YVQ\dell..tion_0f612f649c4a10af_0005.0009_14e1a3fbfbaf942c\DellSystemDetect.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Huawei Technologies Co., Ltd.) C:\Program Files (x86)\Telekom\InternetManager_H\DataCardMonitor.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2247976 2010-07-15] (Synaptics Incorporated)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1928976 2010-03-05] (Intel(R) Corporation)
HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [727664 2010-09-24] ()
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [395344 2011-09-22] (Acronis)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6611048 2011-02-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2188904 2011-01-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe [1807680 2010-02-09] ()
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [487562 2010-08-20] (Creative Technology Ltd)
HKLM-x32\...\Run: [DataCardMonitor] => C:\Program Files (x86)\Telekom\InternetManager_H\DataCardMonitor.exe [253952 2011-11-12] (Huawei Technologies Co., Ltd.)
HKLM-x32\...\Run: [SAOB Monitor] => C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe [2571032 2011-09-22] (Acronis)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5587832 2011-09-22] (Acronis)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-07-25] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5225064 2014-11-09] (AVAST Software)
HKLM-x32\...\RunOnce: [Launcher] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe [163040 2010-08-12] (Softthinks)
HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\...\Run: [HW_OPENEYE_OUC_Telekom Internet Manager] => C:\Program Files (x86)\Telekom\InternetManager_H\UpdateDog\ouc.exe [110592 2009-12-31] (Huawei Technologies Co., Ltd.)
HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1562264 2014-07-25] (Samsung)
HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\...\Run: [DellSystemDetect] => C:\Users\Holgi\AppData\Local\Apps\2.0\WDNJWVRP.6BM\H2A4DABA.YVQ\dell..tion_0f612f649c4a10af_0005.0009_14e1a3fbfbaf942c\DellSystemDetect.exe [263232 2014-08-19] (Dell)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe ()
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Holgi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de
HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> DefaultScope {5C721AC4-8738-42C0-8CD2-58F97E0398EB} URL =
SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {0632309F-DE38-4268-9692-036784E9A1D7} URL =
SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {17805846-7469-41E4-9A7C-FFCF75F42C6C} URL = hxxp://suche.t-online.de/fast-cgi/tsc?sr=tportal&q={searchTerms}&dia=tie8
SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {23275BE6-9F0A-4EA7-B2C7-C2E8FD0F511D} URL = hxxp://dict.leo.org/ende?lp=ende&search={searchTerms}
SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {5C721AC4-8738-42C0-8CD2-58F97E0398EB} URL =
SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {7A7EFF3B-7BF9-478E-9AB7-B445D7AD9D3C} URL = hxxp://preisvergleich.t-online.de/angebote/{searchTerms}?soid=42534758
SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {9164E28C-0259-45DE-B2AF-595F2689BD4D} URL = hxxp://suche.t-online.de/fast-cgi/tsc?sr=twiki&q={searchTerms}&dia=tie8
SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {925BC6A2-7FCF-40DF-8BFF-FAC13BBEDE51} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=tonline-browser_toolbar3_search-21&index=blended&linkCode=ur2
SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {A5651A03-AFF1-4BC2-8DF7-C66D28D8D840} URL = hxxp://dict.leo.org/frde?lp=frde&search={searchTerms}
SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {C8EF559E-E0D7-4601-88BE-42F03229A230} URL = hxxp://rover.ebay.com/rover/1/707-1403-9414-51/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {D58F6799-D10F-4A49-AC4B-7B2CE2CF9328} URL = hxxp://dict.leo.org/esde?lp=esde&search={searchTerms}
SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {F44C3FA9-AB56-49F4-A91A-C9D8CE06A609} URL = hxxp://suche.t-online.de/fast-cgi/tsc?sr=tweb&q={searchTerms}&dia=tie8
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Toolbar 3.0 der Telekom Browserhilfsobjekt -> {C9603180-FA5C-4DB0-A013-ADC60309AF82} -> C:\Program Files\Deutsche Telekom\Toolbar3\ToToolbar.dll (Deutsche Telekom AG)
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {2015C8D4-8534-48DB-B5FB-5C76291F080C} - No File
DPF: HKLM-x32 {3860DD98-0549-4D50-AA72-5D17D200EE10} hxxp://cdn.scan.onecare.live.com/resource/download/scanner/de-de/wlscctrl2.cab
DPF: HKLM-x32 {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} hxxp://download.bitdefender.com/resources/scanner/sources/de/scan8/oscan8.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default
FF DefaultSearchEngine: Google
FF Homepage: hxxp://www.google.de/
FF NetworkProxy: "backup.ftp", "213.123.235.132"
FF NetworkProxy: "backup.ftp_port", 80
FF NetworkProxy: "backup.socks", "213.123.235.132"
FF NetworkProxy: "backup.socks_port", 80
FF NetworkProxy: "backup.ssl", "213.123.235.132"
FF NetworkProxy: "backup.ssl_port", 80
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 0
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\Program Files (x86)\TVUPlayer\npTVUAx.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npffvsharetvplg.dll (vShare.tv)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\searchplugins\amazonde.xml
FF SearchPlugin: C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\searchplugins\einkaufswelt.xml
FF SearchPlugin: C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\searchplugins\leo-franzsisch.xml
FF SearchPlugin: C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\searchplugins\leo-spanisch.xml
FF SearchPlugin: C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\searchplugins\t-onlinede-portalsuche.xml
FF SearchPlugin: C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\searchplugins\t-onlinede-websuche.xml
FF Extension: Avira Browser Safety - C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\Extensions\abs@avira.com [2014-09-30]
FF Extension: YouTube Unblocker - C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\Extensions\youtubeunblocker@unblocker.yt [2014-11-05]
FF Extension: DownloadHelper - C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-12]
FF Extension: InvisibleHand - C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\Extensions\canitbecheaper@trafficbroker.co.uk.xpi [2012-11-04]
FF Extension: NoScript - C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-07-14]
FF Extension: Adblock Plus - C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-07-06]
FF Extension: BetterPrivacy - C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2013-07-14]
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-22]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-09]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-09] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-09] (Avast Software)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-03-05] ()
S3 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed]
S3 OpenVPNService; C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe [37176 2014-04-14] (The OpenVPN Project)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-09] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-09] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-09] ()
R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [16512 2009-12-15] (Bytemobile, Inc.) [File not signed]
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-29] (Disc Soft Ltd)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [256000 2010-08-31] (Huawei Technologies Co., Ltd.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-10-12] (Huawei Technologies Co., Ltd.)
S3 MEMSWEEP2; C:\Windows\system32\DAFB.tmp [6144 2010-05-26] (Sophos Plc) [File not signed]
R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [39552 2009-12-15] (Bytemobile, Inc.) [File not signed]
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
U4 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-09] (Avast Software)
S3 ALSysIO; \??\C:\Users\Holgi\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-20 19:55 - 2014-11-20 19:57 - 00023418 _____ () C:\Users\Holgi\Desktop\FRST.txt
2014-11-20 19:48 - 2014-11-20 19:48 - 00001023 _____ () C:\Users\Holgi\Desktop\JRT.txt
2014-11-20 19:40 - 2014-11-20 19:40 - 01707532 _____ (Thisisu) C:\Users\Holgi\Desktop\JRT.exe
2014-11-20 19:30 - 2014-11-20 19:30 - 02140160 _____ () C:\Users\Holgi\Desktop\AdwCleaner_4.101.exe
2014-11-19 20:44 - 2014-11-19 20:44 - 00023419 _____ () C:\ComboFix.txt
2014-11-19 20:16 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-11-19 20:16 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-11-19 20:16 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-11-19 20:16 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-11-19 20:16 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-11-19 20:16 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-11-19 20:16 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-11-19 20:16 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-11-19 20:15 - 2014-11-19 20:44 - 00000000 ____D () C:\Qoobox
2014-11-19 20:15 - 2014-11-19 20:40 - 00000000 ____D () C:\Windows\erdnt
2014-11-19 20:13 - 2014-11-19 20:13 - 05598306 ____R (Swearware) C:\Users\Holgi\Desktop\ComboFix.exe
2014-11-18 21:11 - 2014-11-18 21:13 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Holgi\Desktop\tdsskiller.exe
2014-11-18 20:25 - 2014-11-20 19:55 - 00000000 ____D () C:\FRST
2014-11-18 20:24 - 2014-11-20 19:48 - 00000000 ____D () C:\Users\Holgi\Desktop\Bereinigung
2014-11-18 20:24 - 2014-11-18 20:24 - 00000168 _____ () C:\Users\Holgi\defogger_reenable
2014-11-18 20:19 - 2014-11-18 20:19 - 00380416 _____ () C:\Users\Holgi\Desktop\Gmer-19357.exe
2014-11-18 20:17 - 2014-11-18 20:17 - 02117120 _____ (Farbar) C:\Users\Holgi\Desktop\FRST64.exe
2014-11-18 20:16 - 2014-11-18 20:16 - 00050477 _____ () C:\Users\Holgi\Desktop\Defogger.exe
2014-11-18 19:37 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-18 19:37 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-18 19:37 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-18 19:37 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-18 00:01 - 2014-11-18 00:01 - 00001175 _____ () C:\Users\Holgi\Desktop\Auslogics DiskDefrag.lnk
2014-11-18 00:01 - 2014-11-18 00:01 - 00000000 __SHD () C:\Users\Holgi\AppData\Local\EmieBrowserModeList
2014-11-18 00:01 - 2014-11-18 00:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2014-11-18 00:01 - 2014-11-18 00:01 - 00000000 ____D () C:\Program Files (x86)\Auslogics
2014-11-17 23:53 - 2014-11-17 23:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
2014-11-17 23:43 - 2014-11-17 23:43 - 00000000 ____D () C:\Program Files (x86)\MarkAny
2014-11-14 20:07 - 2014-11-14 20:10 - 304379585 _____ () C:\Users\Holgi\Downloads\nordrhein-westfalen.map
2014-11-12 22:04 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 22:04 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 22:04 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 22:04 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 22:04 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 22:04 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 22:04 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 22:04 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 22:04 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 22:04 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 22:04 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 22:04 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 22:04 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 22:04 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 22:04 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 22:03 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 22:03 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 22:03 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 22:03 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 22:03 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 22:03 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 22:03 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 22:03 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 22:03 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 22:03 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 22:03 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 22:03 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 22:03 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 22:03 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 22:03 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 22:03 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 22:03 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 22:03 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 22:03 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 22:03 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 22:03 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 22:03 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 22:03 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 22:03 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 22:02 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 22:02 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 22:02 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 22:02 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 22:02 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 22:02 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 22:02 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 22:02 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 22:02 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 22:02 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 22:02 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 22:02 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 22:02 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 22:02 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 22:02 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 22:02 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 22:02 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 22:02 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 22:01 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 22:01 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 22:01 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 22:01 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 22:01 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 22:01 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 22:01 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 22:01 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 22:01 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 22:01 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 22:01 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 22:01 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 22:01 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 22:01 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 22:01 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 22:01 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 22:01 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 22:01 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 22:01 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 22:01 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 22:01 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 22:00 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 22:00 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 22:00 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 22:00 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 22:00 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 22:00 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 22:00 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 22:00 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 22:00 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 22:00 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 22:00 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 22:00 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 22:00 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 22:00 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 22:00 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 22:00 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 21:59 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 21:59 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 21:58 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 21:58 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 21:50 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 21:49 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 21:49 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 17:51 - 2014-11-12 17:51 - 00000247 _____ () C:\Windows\system32\2014-11-12-16-51-41.084-aswFe.exe-5008.log
2014-11-12 17:51 - 2014-11-12 17:51 - 00000197 _____ () C:\Windows\system32\2014-11-12-16-51-32.051-AvastVBoxSVC.exe-6432.log
2014-11-12 17:33 - 2014-11-12 17:33 - 00003288 ____N () C:\bootsqm.dat
2014-11-11 21:18 - 2014-11-11 21:18 - 00000247 _____ () C:\Windows\system32\2014-11-11-20-18-58.005-aswFe.exe-5780.log
2014-11-11 21:13 - 2014-11-11 21:18 - 00000247 _____ () C:\Windows\system32\2014-11-11-20-13-10.000-aswFe.exe-6212.log
2014-11-11 21:13 - 2014-11-11 21:13 - 00000197 _____ () C:\Windows\system32\2014-11-11-20-13-02.055-AvastVBoxSVC.exe-2204.log
2014-11-10 20:38 - 2014-11-10 20:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-10 20:35 - 2014-11-10 20:35 - 00000247 _____ () C:\Windows\system32\2014-11-10-19-35-55.067-aswFe.exe-6240.log
2014-11-10 20:29 - 2014-11-10 20:35 - 00000247 _____ () C:\Windows\system32\2014-11-10-19-29-38.067-aswFe.exe-6824.log
2014-11-10 20:29 - 2014-11-10 20:29 - 00000197 _____ () C:\Windows\system32\2014-11-10-19-29-31.064-AvastVBoxSVC.exe-3728.log
2014-11-09 21:30 - 2014-11-09 21:30 - 00000247 _____ () C:\Windows\system32\2014-11-09-20-30-40.071-aswFe.exe-6752.log
2014-11-09 21:23 - 2014-11-09 21:30 - 00000247 _____ () C:\Windows\system32\2014-11-09-20-23-57.019-aswFe.exe-2728.log
2014-11-09 21:23 - 2014-11-09 21:23 - 00000197 _____ () C:\Windows\system32\2014-11-09-20-23-51.008-AvastVBoxSVC.exe-6404.log
2014-11-09 21:10 - 2014-11-09 21:10 - 05634808 _____ (Canneverbe Limited ) C:\Users\Holgi\Downloads\cdbxp_setup_4.5.4.5143.exe
2014-11-09 21:03 - 2014-11-09 21:03 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-11-09 21:03 - 2014-11-09 21:03 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-11-07 13:10 - 2014-11-18 22:46 - 00012411 _____ () C:\Users\Holgi\Documents\TombRaider.log
2014-11-07 13:10 - 2014-11-07 13:10 - 00000000 ____D () C:\Users\Holgi\AppData\Local\SKIDROW
2014-11-07 12:58 - 2014-11-07 12:58 - 00002262 _____ () C:\Users\Holgi\Desktop\Tomb Raider [2013] Collectors Edition.lnk
2014-11-01 08:15 - 2014-11-01 08:15 - 00000197 _____ () C:\Windows\system32\2014-11-01-07-15-04.051-AvastVBoxSVC.exe-7588.log
2014-11-01 08:13 - 2014-11-01 08:13 - 00000197 _____ () C:\Windows\system32\2014-11-01-07-13-07.072-AvastVBoxSVC.exe-7296.log
2014-11-01 08:11 - 2014-11-01 08:11 - 00000197 _____ () C:\Windows\system32\2014-11-01-07-11-32.041-AvastVBoxSVC.exe-2716.log
2014-10-29 06:52 - 2014-10-29 06:52 - 00000000 ____D () C:\Users\Holgi\AppData\Roaming\Games
2014-10-28 06:45 - 2014-10-28 06:45 - 00000197 _____ () C:\Windows\system32\2014-10-28-05-45-03.047-AvastVBoxSVC.exe-4252.log
2014-10-28 06:29 - 2014-10-28 06:29 - 00000197 _____ () C:\Windows\system32\2014-10-28-05-29-36.048-AvastVBoxSVC.exe-4240.log
2014-10-28 06:22 - 2014-10-28 06:22 - 00235936 _____ (Tagès SA) C:\Users\Holgi\Downloads\TagesSetup_x64.exe
2014-10-28 06:15 - 2014-10-28 06:15 - 00000197 _____ () C:\Windows\system32\2014-10-28-05-15-03.031-AvastVBoxSVC.exe-4584.log
2014-10-27 21:30 - 2014-10-27 21:30 - 00003002 _____ () C:\Windows\System32\Tasks\{64354971-86FB-4918-8AF8-1D957A46373F}
2014-10-27 21:26 - 2014-11-07 06:13 - 00000000 ____D () C:\ProgramData\InstallShield
2014-10-27 20:28 - 2014-10-27 20:28 - 00000197 _____ () C:\Windows\system32\2014-10-27-19-28-17.012-AvastVBoxSVC.exe-3728.log
2014-10-27 06:09 - 2014-10-27 06:09 - 00006662 _____ () C:\Windows\DPINST.LOG
2014-10-26 09:29 - 2014-10-26 09:30 - 00000197 _____ () C:\Windows\system32\2014-10-26-08-29-58.072-AvastVBoxSVC.exe-4004.log
2014-10-26 05:35 - 2014-11-20 19:49 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-26 05:35 - 2014-10-26 05:35 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-26 05:34 - 2014-10-26 05:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-10-26 05:34 - 2014-10-26 05:34 - 00000000 ____D () C:\Program Files\7-Zip
2014-10-22 20:07 - 2014-10-22 20:07 - 00000247 _____ () C:\Windows\system32\2014-10-22-19-07-36.068-aswFe.exe-6604.log
2014-10-22 20:01 - 2014-10-22 20:07 - 00000247 _____ () C:\Windows\system32\2014-10-22-19-01-34.088-aswFe.exe-692.log
2014-10-22 20:01 - 2014-10-22 20:01 - 00000197 _____ () C:\Windows\system32\2014-10-22-19-01-31.040-AvastVBoxSVC.exe-7128.log
2014-10-22 18:25 - 2014-10-22 18:25 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-10-22 18:25 - 2014-10-22 18:25 - 00000000 ____D () C:\Windows\system32\vbox
2014-10-22 18:17 - 2014-11-09 21:04 - 00001966 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-10-22 18:07 - 2014-10-22 18:07 - 00000000 ____D () C:\Users\Holgi\AppData\Roaming\AVAST Software
2014-10-22 18:06 - 2014-11-20 18:29 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-10-22 18:06 - 2014-11-09 21:03 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-10-22 18:06 - 2014-11-09 21:03 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-10-22 18:06 - 2014-11-09 21:03 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-10-22 18:06 - 2014-11-09 21:03 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-10-22 18:06 - 2014-11-09 21:03 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-10-22 18:06 - 2014-11-09 21:03 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2014-10-22 18:06 - 2014-11-09 21:03 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-10-22 18:06 - 2014-11-09 21:03 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-10-22 18:05 - 2014-10-22 18:05 - 00000000 ____D () C:\Program Files\AVAST Software
2014-10-22 18:02 - 2014-10-22 18:05 - 00000000 ____D () C:\ProgramData\AVAST Software
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-20 19:49 - 2013-06-01 14:37 - 01898034 _____ () C:\Windows\WindowsUpdate.log
2014-11-20 19:44 - 2009-07-14 05:45 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-20 19:44 - 2009-07-14 05:45 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-20 19:41 - 2009-07-14 18:58 - 00709358 _____ () C:\Windows\system32\perfh007.dat
2014-11-20 19:41 - 2009-07-14 18:58 - 00154862 _____ () C:\Windows\system32\perfc007.dat
2014-11-20 19:41 - 2009-07-14 06:13 - 01648036 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-20 19:37 - 2014-07-23 20:07 - 00004941 _____ () C:\Windows\setupact.log
2014-11-20 19:37 - 2010-12-20 18:47 - 00000000 ____D () C:\Users\Holgi\AppData\Local\SoftThinks
2014-11-20 19:37 - 2010-12-08 11:48 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-20 19:37 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-20 19:36 - 2014-07-23 20:07 - 00018508 _____ () C:\Windows\PFRO.log
2014-11-20 19:35 - 2014-08-01 06:35 - 00000000 ____D () C:\AdwCleaner
2014-11-20 19:08 - 2014-04-26 08:20 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-20 18:44 - 2014-08-19 07:23 - 00000000 ____D () C:\Users\Holgi\AppData\Local\Apps\2.0
2014-11-20 18:42 - 2014-08-19 07:36 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-11-19 20:44 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-11-19 20:35 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-11-18 20:24 - 2010-12-20 18:47 - 00000000 ____D () C:\Users\Holgi
2014-11-18 20:06 - 2014-04-26 08:20 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-11-18 20:06 - 2014-04-26 08:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-11-18 20:06 - 2014-04-26 08:20 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-11-17 23:53 - 2014-03-23 09:52 - 00002008 _____ () C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2014-11-17 23:41 - 2014-03-23 09:53 - 00000000 ____D () C:\Users\Holgi\AppData\Roaming\Samsung
2014-11-13 06:40 - 2009-07-14 05:45 - 00306240 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-13 06:37 - 2014-05-04 05:19 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-12 22:52 - 2010-12-20 20:04 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-12 22:35 - 2013-08-15 21:10 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 22:14 - 2010-12-20 20:53 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-12 17:34 - 2012-04-25 18:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-11 20:53 - 2014-09-17 18:32 - 00000000 ____D () C:\Users\Holgi\Desktop\Geocaching
2014-11-09 21:11 - 2013-07-14 06:45 - 00001161 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-11-09 21:11 - 2013-07-14 06:45 - 00001111 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2014-11-09 21:11 - 2013-07-14 06:45 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-11-08 09:06 - 2012-07-08 08:18 - 00000000 ____D () C:\Users\Holgi\AppData\Roaming\vlc
2014-11-08 08:18 - 2010-12-08 19:08 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-11-07 12:48 - 2011-01-04 20:36 - 00000000 ____D () C:\Spiele
2014-11-07 06:13 - 2010-12-08 19:00 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-02 21:09 - 2011-11-06 11:38 - 00323072 ___SH () C:\Users\Holgi\Desktop\Thumbs.db
2014-10-27 06:13 - 2011-08-21 14:50 - 00000000 ____D () C:\ProgramData\Nokia
2014-10-27 06:12 - 2011-11-23 11:03 - 00000000 ____D () C:\Users\Holgi\AppData\Roaming\Nokia Suite
2014-10-27 06:12 - 2011-09-03 20:36 - 00000000 ____D () C:\Users\Holgi\AppData\Roaming\Nokia
2014-10-26 05:35 - 2012-04-07 16:46 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-26 05:35 - 2011-06-16 20:01 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-22 20:44 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-10-22 18:07 - 2011-08-29 20:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-10-22 17:58 - 2014-08-05 10:58 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-22 17:58 - 2013-03-10 15:00 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-10-22 17:34 - 2014-09-04 09:25 - 00000000 ____D () C:\Users\Holgi\AppData\Local\Adobe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-31 12:55
==================== End Of Log ============================
Adition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-11-2014
Ran by Holgi at 2014-11-20 19:57:25
Running from C:\Users\Holgi\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.11.15 - STMicroelectronics)
Acronis*True*Image*Home 2011 (HKLM-x32\...\{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}) (Version: 14.0.6942 - Acronis)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.4.0 - Auslogics Labs Pty Ltd)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Batman: Arkham Asylum Game of the Year Edition (HKLM-x32\...\{CFABC775-5386-4BA5-86B4-505BBD36E812}) (Version: 1.0.0.0 - Square Enix Limited)
Bullzip PDF Printer 10.7.0.2277 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.7.0.2277 - Bullzip)
Bus-Simulator 2009 (HKLM-x32\...\Bus-Simulator 2009_is1) (Version: - astragon Software GmbH)
Canon Inkjet Printer Driver Add-On Module (HKLM\...\CANONIJINBOXADDON100) (Version: - )
CanoScan LiDE 200 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4807) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5143 - CDBurnerXP)
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version: - )
CheckDrive (HKLM-x32\...\{B83513EC-2E4D-4621-816D-4CCF397BE702}_is1) (Version: 4.4 - Abelssoft)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.47 - Dell)
Dell DataSafe Online (HKLM-x32\...\{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}) (Version: 1.2.0011 - Dell, Inc.)
Dell Dock (HKLM-x32\...\Dell Dock) (Version: 2.0 - Stardock Corporation)
Dell Dock (Version: 2.0 - Stardock Corporation) Hidden
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell System Detect (HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\...\9204f5692a8faf3b) (Version: 5.9.0.5 - Dell)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.35 - Creative Technology Ltd)
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 5.0.1 - CEWE COLOR AG u Co. OHG)
DVDStyler v2.3.4 (HKLM-x32\...\DVDStyler_is1) (Version: - )
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
HMA! Pro VPN 2.8.6.0 (HKLM-x32\...\HMA! Pro VPN) (Version: 2.8.6.0 - Privax Ltd)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{D16A2127-B927-4379-B153-3DEC091E4EEB}) (Version: 13.02.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.41.2 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Meine Dienste Software (HKLM\...\Meine Dienste Software) (Version: 1.0.1.3 - Telekom)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}) (Version: 3.1.99.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 33.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 de)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
MyFreeCodec (HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\...\MyFreeCodec) (Version: - )
NAVIGON Fresh 3.4.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.4.1 - NAVIGON)
Netzmanager (HKLM-x32\...\Netzmanager) (Version: 1.071 - Deutsche Telekom AG)
Netzmanager (Version: 1.071 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
NVIDIA 3D Vision Treiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.82 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
PC Connectivity Solution (HKLM-x32\...\{DA5B2BDC-F654-4A88-A669-4D34BC7846A1}) (Version: 12.0.17.0 - Nokia)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.8.5 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6312 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
Roxio Burn (HKLM-x32\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.01 - Roxio)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
Snowy Treasure Hunter (HKLM-x32\...\Snowy Treasure Hunter_is1) (Version: 1.0 - MyPlayCity, Inc.)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.4.0 - Synaptics Incorporated)
Telekom Internet Manager (HKLM-x32\...\Telekom Internet Manager) (Version: 11.301.05.05.748 - Huawei Technologies Co.,Ltd)
Tomb Raider [2013] Collectors Edition MULTI-2 1.01.748.0 (HKLM-x32\...\Tomb Raider [2013] Collectors Edition MULTI-2 1.01.748.0) (Version: - )
Toolbar 3.0 der Telekom x64 (HKLM\...\Toolbar3 x64_is1) (Version: 3.0.2 (3) - Deutsche Telekom AG)
Überwachungstool für die Intel® Turbo-Boost-Technik (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM-x32\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
vSharetv (HKLM-x32\...\vSharetv) (Version: 1.3 - vSharetv)
VueScan (HKLM-x32\...\VueScan) (Version: - )
Windows Driver Package - Hamrick Software Image (1/8/1999 1.0) (HKLM\...\0DB87D30776CD338CFA6B6217DCA1796A4C60715) (Version: 1/8/1999 1.0 - Hamrick Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live OneCare safety scanner (HKLM-x32\...\Windows Live OneCare safety scanner) (Version: - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
WISO Sparbuch 2010 (HKLM-x32\...\{46B70DEB-97B3-4E38-B746-EC16905E6A8F}) (Version: 17.00.6531 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2011 (HKLM-x32\...\{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}) (Version: 18.00.6928 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2012 (HKLM-x32\...\{0CC1DAFB-40C8-4903-953D-471E541477C7}) (Version: 19.00.7303 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2013 (HKLM-x32\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2014 (HKLM-x32\...\{AC9476C8-C555-4127-B3B5-0DEA9982F691}) (Version: 21.00.8480 - Buhl Data Service GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
23-09-2014 20:42:02 Geplanter Prüfpunkt
24-09-2014 15:01:54 Windows Update
01-10-2014 19:12:40 Windows Update
08-10-2014 19:47:30 Geplanter Prüfpunkt
15-10-2014 17:55:51 Installed Java 7 Update 71
18-10-2014 11:39:39 Windows Update
22-10-2014 17:05:32 avast! antivirus system restore point
22-10-2014 17:16:19 avast! antivirus system restore point
27-10-2014 05:13:29 Nokia Connectivity Cable Driver wird entfernt
27-10-2014 20:22:23 Installiert Sherlock Holmes jagt Arsene Lupin
28-10-2014 05:09:44 Entfernt Sherlock Holmes jagt Arsene Lupin
28-10-2014 05:18:06 Installiert Sherlock Holmes jagt Arsene Lupin
28-10-2014 05:38:51 Entfernt Sherlock Holmes jagt Arsene Lupin
29-10-2014 05:50:08 Installiert Das Geheimnis des Persischen Teppichs
07-11-2014 05:11:05 Entfernt Das Geheimnis des Persischen Teppichs
09-11-2014 20:02:25 avast! antivirus system restore point
12-11-2014 21:06:03 Windows Update
18-11-2014 19:13:23 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2014-11-19 20:35 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {043C4A89-D999-419D-9B75-95C31AB1709F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {06ABEE1F-7F62-4BAF-B837-00F4BD265190} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {07026BFD-8660-47CC-A147-A18A5B7A4B5B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-09] (AVAST Software)
Task: {0EEFD4AA-E01D-4BAD-BB4A-B2F118055B34} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {1B241653-2F7E-40CE-9754-3C36264592D9} - System32\Tasks\{BE14172C-77D4-4388-9396-9224263C2F73} => C:\Users\Holgi\Downloads\Drucker\n1220un650uxp571cde\N065USG\CANOIT32.EXE
Task: {83C53294-F6FB-46C0-B532-07418F5A220C} - System32\Tasks\{64354971-86FB-4918-8AF8-1D957A46373F} => C:\Spiele\Sherlock Holmes\Sherlock Holmes jagt Arsene Lupin\game.exe
Task: {9EC3AC29-D76B-4E31-8C72-2CB5D016EAFD} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {EA75339B-444B-4363-9C20-DC20D67B2B35} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-26] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2013-12-16 18:07 - 2013-11-11 16:02 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-03-05 16:21 - 2010-03-05 16:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2014-11-09 21:03 - 2014-11-09 21:03 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-11-09 21:03 - 2014-11-09 21:03 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2010-12-08 19:09 - 2010-08-12 01:19 - 00781536 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
2010-03-05 16:21 - 2010-03-05 16:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2010-12-08 19:07 - 2010-09-24 17:21 - 00727664 _____ () C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
2010-02-09 20:34 - 2010-02-09 20:34 - 01807680 _____ () C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
2014-11-20 18:29 - 2014-11-20 18:29 - 02903040 _____ () C:\Program Files\AVAST Software\Avast\defs\14112000\algo.dll
2014-11-09 21:03 - 2014-11-09 21:03 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2010-12-08 19:08 - 2010-08-12 01:19 - 00056544 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STCoreXml.dll
2010-12-08 19:08 - 2010-08-12 01:19 - 00113888 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\PSTVdsDisk.dll
2010-12-08 19:08 - 2010-08-12 01:19 - 00126176 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
2010-12-08 19:08 - 2010-08-12 01:19 - 01121504 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\LibXml2.dll
2010-12-08 19:08 - 2010-08-12 01:19 - 00077024 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll
2010-12-08 19:08 - 2010-08-12 01:19 - 00232672 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll
2010-12-08 19:08 - 2010-08-12 01:19 - 00072928 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll
2010-12-08 19:08 - 2010-08-12 01:19 - 00109792 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll
2010-12-08 19:08 - 2010-08-12 01:19 - 00119008 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll
2010-02-09 20:34 - 2010-02-09 20:34 - 00275776 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
2010-02-09 20:34 - 2010-02-09 20:34 - 00058688 _____ () C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
2010-02-09 20:34 - 2010-02-09 20:34 - 00095552 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
2010-02-09 20:34 - 2010-02-09 20:34 - 00046400 _____ () C:\Program Files (x86)\Dell DataSafe Online\de\SdbUI.resources.dll
2010-02-09 20:34 - 2010-02-09 20:34 - 00365888 _____ () C:\Program Files (x86)\Dell DataSafe Online\de\DataSafeOnline.resources.dll
2010-02-09 20:34 - 2010-02-09 20:34 - 00152896 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
2010-02-09 20:34 - 2010-02-09 20:34 - 00017728 _____ () C:\Program Files (x86)\Dell DataSafe Online\cpputils.dll
2011-09-22 21:20 - 2011-09-22 21:20 - 11233136 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\Common\ti_managers.dll
2014-11-09 21:03 - 2014-11-09 21:03 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-10-22 18:36 - 2014-10-22 18:36 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\3d576cbc4ffc5ad06fd61510c5d8f326\IsdiInterop.ni.dll
2010-12-08 19:05 - 2010-03-04 03:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-11-10 20:38 - 2014-11-10 20:38 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-10-22 17:35 - 2014-10-22 17:35 - 16832176 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WISO Mein Steuer-Sparbuch heute.lnk => C:\Windows\pss\WISO Mein Steuer-Sparbuch heute.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Holgi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dell Dock.lnk => C:\Windows\pss\Dell Dock.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Holgi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: NokiaOviSuite2 => C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
MSCONFIG\startupreg: PC Suite Tray => "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
MSCONFIG\startupreg: SAOB Monitor => C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
MSCONFIG\startupreg: TrueImageMonitor.exe => "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
========================= Accounts: ==========================
Administrator (S-1-5-21-3276667617-2959320208-3705288580-500 - Administrator - Disabled)
Gast (S-1-5-21-3276667617-2959320208-3705288580-501 - Limited - Disabled)
Holgi (S-1-5-21-3276667617-2959320208-3705288580-1000 - Administrator - Enabled) => C:\Users\Holgi
HomeGroupUser$ (S-1-5-21-3276667617-2959320208-3705288580-1002 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-11-19 20:25:32.945
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-11-19 20:25:32.664
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-06-13 19:35:46.458
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\DAFB.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-06-13 19:35:46.411
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\DAFB.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-06-13 19:07:27.678
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\DAFB.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-06-13 19:07:27.631
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\DAFB.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-06-13 19:06:01.987
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\8B74.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-06-13 19:06:01.956
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\8B74.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-05-12 18:54:09.224
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\55C0.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-05-12 18:54:09.193
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\55C0.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7 CPU Q 740 @ 1.73GHz
Percentage of memory in use: 27%
Total physical RAM: 8124.38 MB
Available physical RAM: 5921.04 MB
Total Pagefile: 16246.94 MB
Available Pagefile: 13890.94 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:581.48 GB) (Free:232.44 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 596.2 GB) (Disk ID: FA3F015A)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=581.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Geändert von seal.1 (20.11.2014 um 20:01 Uhr) |
|
21.11.2014, 16:34
| #8 |
| /// the machine /// TB-Ausbilder | Windows 7: Vollbildschirm schließt sich automatischESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
24.11.2014, 20:49
| #9 |
| | Windows 7: Vollbildschirm schließt sich automatisch Hi Schrauber, ich brauche für die nächste Rückmeldung noch a bissl. So, jetzt habe ich es geschafft. Für den Eset Onlinescan habe ich noch zwei externe Festplatten meines Bruders angeschlossen, auf die ich hin und wieder zugreife. Nachdem der Onlinescanner hier einiges gefunden hat, habe ich sie meinem Brüderchen um die Ohren gehauen  Avast hat hier nie was gefunden. Überprüfe ja eigentlich immer alles, wenn ich etwas anschließe. Leider besteht weiterhin das Problem mit dem automatischen Beenden des Vollbildschirms. Keine Veränderungen erkennbar. ESET Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=12
esets_scanner_update returned -1 esets_gle=12
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=12
esets_scanner_update returned -1 esets_gle=12
esets_scanner_update returned -1 esets_gle=12
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=12
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=12
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=12
esets_scanner_update returned -1 esets_gle=12
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=12
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=6232015246049c46accb6fbc44ffb8b5
# engine=21215
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-11-22 02:39:23
# local_time=2014-11-22 03:39:23 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 91 81028 2669587 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 43191974 168297013 0 0
# scanned=225938
# found=9
# cleaned=0
# scan_time=17891
sh=4E1D845F88F6FC12D23C00CC568B58BC252B3DB3 ft=1 fh=662630e24492d3df vn="Variante von Win32/Packed.VMProtect.AAH Trojaner" ac=I fn="C:\Spiele\Batman\Binaries\paul.dll"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Variante von Win32/Packed.VMProtect.AAH Trojaner" ac=I fn="H:\Spiele\Batman - Arkham Asylum\TVM_BAAGOTY.iso"
sh=E91323D457A3147AD578FC0D408DB90F6CA9B8B5 ft=1 fh=c4d4f358e4a96b8e vn="Variante von Win32/Packed.VMProtect.ABD Trojaner" ac=I fn="H:\Spiele\Battlefield 4\Battlefield 4_Incl.UPD10\Battlefield 4 German Edition Incl. Update 10\BF4.G.E_Incl.UPD10.exe"
sh=9F8529A40F598EAD8795C963B05E814A0FB88E2E ft=1 fh=08ce60a92eb28bd1 vn="Variante von Win32/Packed.VMProtect.ABD Trojaner" ac=I fn="H:\Spiele\Battlefield 4\Battlefield 4_UPD12\Battlefield 4 German Edition Update 12 [3DM]\BF4.G.E_UPD12.exe"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Variante von Win32/Packed.VMProtect.AAH Trojaner" ac=I fn="H:\Spiele\Das Testament des Sherlock Holmes\ppt-tosh.iso"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Variante von Win32/Packed.VMProtect.AAA Trojaner" ac=I fn="H:\Spiele\Splinter Cell - Conviction\Tom Clancy's Splinter Cell Conviction\Tom Clancy's Splinter Cell Conviction.iso"
sh=3B9A77397D072E271FE31139A8878AFC8379EBFB ft=1 fh=44ef420d4094607e vn="Variante von Win32/Packed.VMProtect.ABD Trojaner" ac=I fn="H:\Spiele\Thief\Thief_Incl.UPD5\TMTE_M2_Incl.UPD5\Thief Master Thief Edition MULTI-2 Incl. Update 5 (v1.4.4133.3)\TMTE_M2_Incl.UPD5.exe"
sh=7678C98541387D505CCB0C905B8456A8DE2CAA8B ft=1 fh=f45768db05c1af93 vn="Variante von Win32/Packed.VMProtect.ABD Trojaner" ac=I fn="H:\Spiele\Watch Dogs\Patch\Watch Dogs_UPD3\Watch Dogs Digital Deluxe Edition Update 3 MULTi2\DOGS_DDE_M2_UPD3.exe"
sh=95AE9706FF5E3B4396948CCBB54DEE305BD09793 ft=1 fh=4573e272ff6777ef vn="Variante von Win32/Packed.VMProtect.ABD Trojaner" ac=I fn="H:\Spiele\Watch Dogs\Watch Dogs Digital Deluxe Edition Multi2\DOGS_DDE_M2.exe"
Code:
ATTFilter Results of screen317's Security Check version 0.99.90
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
JavaFX 2.1.1
Java 7 Update 71
Adobe Flash Player 15.0.0.223
Adobe Reader 9
Adobe Reader XI
Mozilla Firefox (33.1)
````````Process Check: objlist.exe by Laurent````````
Acronis TrueImageHome OnlineBackupStandalone TrueImageMonitor.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast ng vbox\AvastVBoxSVC.exe
AVAST Software Avast ng ngservice.exe
AVAST Software Avast avastui.exe
AVAST Software Avast setup instup.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-11-2014
Ran by Holgi (administrator) on HOLGI-PC on 23-11-2014 18:43:10
Running from C:\Users\Holgi\Desktop
Loaded Profile: Holgi (Available profiles: Holgi)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Huawei Technologies Co., Ltd.) C:\Users\Holgi\AppData\Roaming\Telekom Internet Manager\ouc.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Huawei Technologies Co., Ltd.) C:\Program Files (x86)\Telekom\InternetManager_H\DataCardMonitor.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(PC-Doctor, Inc.) C:\Program Files\My Dell\uaclauncher.exe
() C:\Users\Holgi\Desktop\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2247976 2010-07-15] (Synaptics Incorporated)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1928976 2010-03-05] (Intel(R) Corporation)
HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [727664 2010-09-24] ()
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [395344 2011-09-22] (Acronis)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6611048 2011-02-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2188904 2011-01-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe [1807680 2010-02-09] ()
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [487562 2010-08-20] (Creative Technology Ltd)
HKLM-x32\...\Run: [DataCardMonitor] => C:\Program Files (x86)\Telekom\InternetManager_H\DataCardMonitor.exe [253952 2011-11-12] (Huawei Technologies Co., Ltd.)
HKLM-x32\...\Run: [SAOB Monitor] => C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe [2571032 2011-09-22] (Acronis)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5587832 2011-09-22] (Acronis)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-07-25] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-11-20] (AVAST Software)
HKLM-x32\...\RunOnce: [Launcher] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe [163040 2010-08-12] (Softthinks)
HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\...\Run: [HW_OPENEYE_OUC_Telekom Internet Manager] => C:\Program Files (x86)\Telekom\InternetManager_H\UpdateDog\ouc.exe [110592 2009-12-31] (Huawei Technologies Co., Ltd.)
HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1562264 2014-07-25] (Samsung)
HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\...\Run: [DellSystemDetect] => C:\Users\Holgi\AppData\Local\Apps\2.0\WDNJWVRP.6BM\H2A4DABA.YVQ\dell..tion_0f612f649c4a10af_0005.0009_14e1a3fbfbaf942c\DellSystemDetect.exe [263232 2014-08-19] (Dell)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe ()
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Holgi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de
HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> DefaultScope {5C721AC4-8738-42C0-8CD2-58F97E0398EB} URL =
SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {0632309F-DE38-4268-9692-036784E9A1D7} URL =
SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {17805846-7469-41E4-9A7C-FFCF75F42C6C} URL = hxxp://suche.t-online.de/fast-cgi/tsc?sr=tportal&q={searchTerms}&dia=tie8
SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {23275BE6-9F0A-4EA7-B2C7-C2E8FD0F511D} URL = hxxp://dict.leo.org/ende?lp=ende&search={searchTerms}
SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {5C721AC4-8738-42C0-8CD2-58F97E0398EB} URL =
SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {7A7EFF3B-7BF9-478E-9AB7-B445D7AD9D3C} URL = hxxp://preisvergleich.t-online.de/angebote/{searchTerms}?soid=42534758
SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {9164E28C-0259-45DE-B2AF-595F2689BD4D} URL = hxxp://suche.t-online.de/fast-cgi/tsc?sr=twiki&q={searchTerms}&dia=tie8
SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {925BC6A2-7FCF-40DF-8BFF-FAC13BBEDE51} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=tonline-browser_toolbar3_search-21&index=blended&linkCode=ur2
SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {A5651A03-AFF1-4BC2-8DF7-C66D28D8D840} URL = hxxp://dict.leo.org/frde?lp=frde&search={searchTerms}
SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {C8EF559E-E0D7-4601-88BE-42F03229A230} URL = hxxp://rover.ebay.com/rover/1/707-1403-9414-51/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {D58F6799-D10F-4A49-AC4B-7B2CE2CF9328} URL = hxxp://dict.leo.org/esde?lp=esde&search={searchTerms}
SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {F44C3FA9-AB56-49F4-A91A-C9D8CE06A609} URL = hxxp://suche.t-online.de/fast-cgi/tsc?sr=tweb&q={searchTerms}&dia=tie8
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Toolbar 3.0 der Telekom Browserhilfsobjekt -> {C9603180-FA5C-4DB0-A013-ADC60309AF82} -> C:\Program Files\Deutsche Telekom\Toolbar3\ToToolbar.dll (Deutsche Telekom AG)
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {2015C8D4-8534-48DB-B5FB-5C76291F080C} - No File
DPF: HKLM-x32 {3860DD98-0549-4D50-AA72-5D17D200EE10} hxxp://cdn.scan.onecare.live.com/resource/download/scanner/de-de/wlscctrl2.cab
DPF: HKLM-x32 {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} hxxp://download.bitdefender.com/resources/scanner/sources/de/scan8/oscan8.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default
FF DefaultSearchEngine: Google
FF Homepage: hxxp://www.google.de/
FF NetworkProxy: "backup.ftp", "213.123.235.132"
FF NetworkProxy: "backup.ftp_port", 80
FF NetworkProxy: "backup.socks", "213.123.235.132"
FF NetworkProxy: "backup.socks_port", 80
FF NetworkProxy: "backup.ssl", "213.123.235.132"
FF NetworkProxy: "backup.ssl_port", 80
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 0
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\Program Files (x86)\TVUPlayer\npTVUAx.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npffvsharetvplg.dll (vShare.tv)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\searchplugins\amazonde.xml
FF SearchPlugin: C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\searchplugins\einkaufswelt.xml
FF SearchPlugin: C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\searchplugins\leo-franzsisch.xml
FF SearchPlugin: C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\searchplugins\leo-spanisch.xml
FF SearchPlugin: C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\searchplugins\t-onlinede-portalsuche.xml
FF SearchPlugin: C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\searchplugins\t-onlinede-websuche.xml
FF Extension: Avira Browser Safety - C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\Extensions\abs@avira.com [2014-09-30]
FF Extension: YouTube Unblocker - C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\Extensions\youtubeunblocker@unblocker.yt [2014-11-05]
FF Extension: DownloadHelper - C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-12]
FF Extension: InvisibleHand - C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\Extensions\canitbecheaper@trafficbroker.co.uk.xpi [2012-11-04]
FF Extension: NoScript - C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-07-14]
FF Extension: Adblock Plus - C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-07-06]
FF Extension: BetterPrivacy - C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\7408l0tn.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2013-07-14]
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-22]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-09]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-09] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-09] (Avast Software)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-03-05] ()
S3 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed]
S3 OpenVPNService; C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe [37176 2014-04-14] (The OpenVPN Project)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-09] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-09] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-09] ()
R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [16512 2009-12-15] (Bytemobile, Inc.) [File not signed]
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-29] (Disc Soft Ltd)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [256000 2010-08-31] (Huawei Technologies Co., Ltd.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-10-12] (Huawei Technologies Co., Ltd.)
S3 MEMSWEEP2; C:\Windows\system32\DAFB.tmp [6144 2010-05-26] (Sophos Plc) [File not signed]
R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [39552 2009-12-15] (Bytemobile, Inc.) [File not signed]
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
U4 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-09] (Avast Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-23 18:43 - 2014-11-23 18:43 - 00023428 _____ () C:\Users\Holgi\Desktop\FRST.txt
2014-11-23 18:43 - 2014-11-23 18:43 - 00000000 ____D () C:\Users\Holgi\Desktop\FRST-OlderVersion
2014-11-22 16:02 - 2014-11-22 16:03 - 00000000 ____D () C:\Users\Holgi\AppData\Roaming\PCDr
2014-11-22 16:01 - 2014-11-22 16:01 - 00000000 ____D () C:\ProgramData\PCDr
2014-11-21 18:20 - 2014-11-21 18:20 - 00854414 _____ () C:\Users\Holgi\Desktop\SecurityCheck.exe
2014-11-21 18:16 - 2014-11-21 18:26 - 02347384 _____ (ESET) C:\Users\Holgi\Desktop\esetsmartinstaller_deu.exe
2014-11-20 19:40 - 2014-11-20 19:40 - 01707532 _____ (Thisisu) C:\Users\Holgi\Desktop\JRT.exe
2014-11-20 19:30 - 2014-11-20 19:30 - 02140160 _____ () C:\Users\Holgi\Desktop\AdwCleaner_4.101.exe
2014-11-19 20:44 - 2014-11-19 20:44 - 00023419 _____ () C:\ComboFix.txt
2014-11-19 20:16 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-11-19 20:16 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-11-19 20:16 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-11-19 20:16 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-11-19 20:16 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-11-19 20:16 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-11-19 20:16 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-11-19 20:16 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-11-19 20:15 - 2014-11-19 20:44 - 00000000 ____D () C:\Qoobox
2014-11-19 20:15 - 2014-11-19 20:40 - 00000000 ____D () C:\Windows\erdnt
2014-11-19 20:13 - 2014-11-19 20:13 - 05598306 ____R (Swearware) C:\Users\Holgi\Desktop\ComboFix.exe
2014-11-18 21:11 - 2014-11-18 21:13 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Holgi\Desktop\tdsskiller.exe
2014-11-18 20:25 - 2014-11-23 18:43 - 00000000 ____D () C:\FRST
2014-11-18 20:24 - 2014-11-23 18:44 - 00000000 ____D () C:\Users\Holgi\Desktop\Bereinigung
2014-11-18 20:24 - 2014-11-18 20:24 - 00000168 _____ () C:\Users\Holgi\defogger_reenable
2014-11-18 20:19 - 2014-11-18 20:19 - 00380416 _____ () C:\Users\Holgi\Desktop\Gmer-19357.exe
2014-11-18 20:17 - 2014-11-23 18:43 - 02118144 _____ (Farbar) C:\Users\Holgi\Desktop\FRST64.exe
2014-11-18 20:16 - 2014-11-18 20:16 - 00050477 _____ () C:\Users\Holgi\Desktop\Defogger.exe
2014-11-18 19:37 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-18 19:37 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-18 19:37 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-18 19:37 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-18 00:01 - 2014-11-18 00:01 - 00001175 _____ () C:\Users\Holgi\Desktop\Auslogics DiskDefrag.lnk
2014-11-18 00:01 - 2014-11-18 00:01 - 00000000 __SHD () C:\Users\Holgi\AppData\Local\EmieBrowserModeList
2014-11-18 00:01 - 2014-11-18 00:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2014-11-18 00:01 - 2014-11-18 00:01 - 00000000 ____D () C:\Program Files (x86)\Auslogics
2014-11-17 23:53 - 2014-11-17 23:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
2014-11-17 23:43 - 2014-11-17 23:43 - 00000000 ____D () C:\Program Files (x86)\MarkAny
2014-11-12 22:04 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 22:04 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 22:04 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 22:04 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 22:04 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 22:04 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 22:04 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 22:04 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 22:04 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 22:04 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 22:04 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 22:04 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 22:04 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 22:04 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 22:04 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 22:03 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 22:03 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 22:03 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 22:03 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 22:03 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 22:03 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 22:03 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 22:03 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 22:03 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 22:03 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 22:03 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 22:03 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 22:03 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 22:03 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 22:03 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 22:03 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 22:03 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 22:03 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 22:03 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 22:03 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 22:03 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 22:03 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 22:03 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 22:03 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 22:02 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 22:02 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 22:02 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 22:02 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 22:02 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 22:02 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 22:02 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 22:02 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 22:02 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 22:02 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 22:02 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 22:02 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 22:02 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 22:02 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 22:02 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 22:02 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 22:02 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 22:02 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 22:01 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 22:01 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 22:01 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 22:01 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 22:01 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 22:01 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 22:01 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 22:01 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 22:01 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 22:01 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 22:01 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 22:01 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 22:01 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 22:01 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 22:01 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 22:01 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 22:01 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 22:01 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 22:01 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 22:01 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 22:01 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 22:00 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 22:00 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 22:00 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 22:00 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 22:00 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 22:00 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 22:00 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 22:00 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 22:00 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 22:00 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 22:00 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 22:00 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 22:00 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 22:00 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 22:00 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 22:00 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 21:59 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 21:59 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 21:58 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 21:58 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 21:50 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 21:49 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 21:49 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 17:51 - 2014-11-12 17:51 - 00000247 _____ () C:\Windows\system32\2014-11-12-16-51-41.084-aswFe.exe-5008.log
2014-11-12 17:51 - 2014-11-12 17:51 - 00000197 _____ () C:\Windows\system32\2014-11-12-16-51-32.051-AvastVBoxSVC.exe-6432.log
2014-11-11 21:18 - 2014-11-11 21:18 - 00000247 _____ () C:\Windows\system32\2014-11-11-20-18-58.005-aswFe.exe-5780.log
2014-11-11 21:13 - 2014-11-11 21:18 - 00000247 _____ () C:\Windows\system32\2014-11-11-20-13-10.000-aswFe.exe-6212.log
2014-11-11 21:13 - 2014-11-11 21:13 - 00000197 _____ () C:\Windows\system32\2014-11-11-20-13-02.055-AvastVBoxSVC.exe-2204.log
2014-11-10 20:38 - 2014-11-10 20:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-10 20:35 - 2014-11-10 20:35 - 00000247 _____ () C:\Windows\system32\2014-11-10-19-35-55.067-aswFe.exe-6240.log
2014-11-10 20:29 - 2014-11-10 20:35 - 00000247 _____ () C:\Windows\system32\2014-11-10-19-29-38.067-aswFe.exe-6824.log
2014-11-10 20:29 - 2014-11-10 20:29 - 00000197 _____ () C:\Windows\system32\2014-11-10-19-29-31.064-AvastVBoxSVC.exe-3728.log
2014-11-09 21:30 - 2014-11-09 21:30 - 00000247 _____ () C:\Windows\system32\2014-11-09-20-30-40.071-aswFe.exe-6752.log
2014-11-09 21:23 - 2014-11-09 21:30 - 00000247 _____ () C:\Windows\system32\2014-11-09-20-23-57.019-aswFe.exe-2728.log
2014-11-09 21:23 - 2014-11-09 21:23 - 00000197 _____ () C:\Windows\system32\2014-11-09-20-23-51.008-AvastVBoxSVC.exe-6404.log
2014-11-09 21:10 - 2014-11-09 21:10 - 05634808 _____ (Canneverbe Limited ) C:\Users\Holgi\Downloads\cdbxp_setup_4.5.4.5143.exe
2014-11-09 21:03 - 2014-11-09 21:03 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-11-09 21:03 - 2014-11-09 21:03 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-11-07 13:10 - 2014-11-18 22:46 - 00012411 _____ () C:\Users\Holgi\Documents\TombRaider.log
2014-11-07 13:10 - 2014-11-07 13:10 - 00000000 ____D () C:\Users\Holgi\AppData\Local\SKIDROW
2014-11-07 12:58 - 2014-11-07 12:58 - 00002262 _____ () C:\Users\Holgi\Desktop\Tomb Raider [2013] Collectors Edition.lnk
2014-11-01 08:15 - 2014-11-01 08:15 - 00000197 _____ () C:\Windows\system32\2014-11-01-07-15-04.051-AvastVBoxSVC.exe-7588.log
2014-11-01 08:13 - 2014-11-01 08:13 - 00000197 _____ () C:\Windows\system32\2014-11-01-07-13-07.072-AvastVBoxSVC.exe-7296.log
2014-11-01 08:11 - 2014-11-01 08:11 - 00000197 _____ () C:\Windows\system32\2014-11-01-07-11-32.041-AvastVBoxSVC.exe-2716.log
2014-10-29 06:52 - 2014-10-29 06:52 - 00000000 ____D () C:\Users\Holgi\AppData\Roaming\Games
2014-10-28 06:45 - 2014-10-28 06:45 - 00000197 _____ () C:\Windows\system32\2014-10-28-05-45-03.047-AvastVBoxSVC.exe-4252.log
2014-10-28 06:29 - 2014-10-28 06:29 - 00000197 _____ () C:\Windows\system32\2014-10-28-05-29-36.048-AvastVBoxSVC.exe-4240.log
2014-10-28 06:22 - 2014-10-28 06:22 - 00235936 _____ (Tagès SA) C:\Users\Holgi\Downloads\TagesSetup_x64.exe
2014-10-28 06:15 - 2014-10-28 06:15 - 00000197 _____ () C:\Windows\system32\2014-10-28-05-15-03.031-AvastVBoxSVC.exe-4584.log
2014-10-27 21:30 - 2014-10-27 21:30 - 00003002 _____ () C:\Windows\System32\Tasks\{64354971-86FB-4918-8AF8-1D957A46373F}
2014-10-27 21:26 - 2014-11-07 06:13 - 00000000 ____D () C:\ProgramData\InstallShield
2014-10-27 20:28 - 2014-10-27 20:28 - 00000197 _____ () C:\Windows\system32\2014-10-27-19-28-17.012-AvastVBoxSVC.exe-3728.log
2014-10-27 06:09 - 2014-10-27 06:09 - 00006662 _____ () C:\Windows\DPINST.LOG
2014-10-26 09:29 - 2014-10-26 09:30 - 00000197 _____ () C:\Windows\system32\2014-10-26-08-29-58.072-AvastVBoxSVC.exe-4004.log
2014-10-26 05:34 - 2014-10-26 05:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-10-26 05:34 - 2014-10-26 05:34 - 00000000 ____D () C:\Program Files\7-Zip
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-23 18:23 - 2013-06-01 14:37 - 01970100 _____ () C:\Windows\WindowsUpdate.log
2014-11-23 18:13 - 2014-10-22 18:06 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-11-22 21:36 - 2014-09-17 18:32 - 00000000 ____D () C:\Users\Holgi\Desktop\Geocaching
2014-11-22 21:11 - 2009-07-14 05:45 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-22 21:11 - 2009-07-14 05:45 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-22 21:09 - 2012-07-08 08:18 - 00000000 ____D () C:\Users\Holgi\AppData\Roaming\vlc
2014-11-22 21:08 - 2009-07-14 18:58 - 00709358 _____ () C:\Windows\system32\perfh007.dat
2014-11-22 21:08 - 2009-07-14 18:58 - 00154862 _____ () C:\Windows\system32\perfc007.dat
2014-11-22 21:08 - 2009-07-14 06:13 - 01648036 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-22 21:04 - 2014-07-23 20:07 - 00019334 _____ () C:\Windows\PFRO.log
2014-11-22 21:04 - 2014-07-23 20:07 - 00005277 _____ () C:\Windows\setupact.log
2014-11-22 21:04 - 2010-12-20 18:47 - 00000000 ____D () C:\Users\Holgi\AppData\Local\SoftThinks
2014-11-22 21:04 - 2010-12-08 11:48 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-22 21:04 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-22 16:01 - 2014-08-19 07:36 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-11-22 10:44 - 2014-10-22 18:06 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-22 05:48 - 2010-12-08 19:08 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-11-21 21:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-21 18:05 - 2014-09-04 09:25 - 00000000 ____D () C:\Users\Holgi\AppData\Local\Adobe
2014-11-21 18:05 - 2012-04-07 16:46 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-21 18:05 - 2011-06-16 20:01 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-20 19:35 - 2014-08-01 06:35 - 00000000 ____D () C:\AdwCleaner
2014-11-20 19:08 - 2014-04-26 08:20 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-20 18:44 - 2014-08-19 07:23 - 00000000 ____D () C:\Users\Holgi\AppData\Local\Apps\2.0
2014-11-19 20:44 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-11-19 20:35 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-11-18 20:24 - 2010-12-20 18:47 - 00000000 ____D () C:\Users\Holgi
2014-11-18 20:06 - 2014-04-26 08:20 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-11-18 20:06 - 2014-04-26 08:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-11-18 20:06 - 2014-04-26 08:20 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-11-17 23:53 - 2014-03-23 09:52 - 00002008 _____ () C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2014-11-17 23:41 - 2014-03-23 09:53 - 00000000 ____D () C:\Users\Holgi\AppData\Roaming\Samsung
2014-11-13 06:40 - 2009-07-14 05:45 - 00306240 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-13 06:37 - 2014-05-04 05:19 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-12 22:52 - 2010-12-20 20:04 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-12 22:35 - 2013-08-15 21:10 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 22:14 - 2010-12-20 20:53 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-12 17:34 - 2012-04-25 18:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-09 21:11 - 2013-07-14 06:45 - 00001161 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-11-09 21:11 - 2013-07-14 06:45 - 00001111 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2014-11-09 21:11 - 2013-07-14 06:45 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-11-09 21:04 - 2014-10-22 18:17 - 00001966 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-11-09 21:03 - 2014-10-22 18:06 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-11-09 21:03 - 2014-10-22 18:06 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-11-09 21:03 - 2014-10-22 18:06 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-11-09 21:03 - 2014-10-22 18:06 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-11-09 21:03 - 2014-10-22 18:06 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2014-11-09 21:03 - 2014-10-22 18:06 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-11-09 21:03 - 2014-10-22 18:06 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-11-07 12:48 - 2011-01-04 20:36 - 00000000 ____D () C:\Spiele
2014-11-07 06:13 - 2010-12-08 19:00 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-02 21:09 - 2011-11-06 11:38 - 00323072 ___SH () C:\Users\Holgi\Desktop\Thumbs.db
2014-10-27 06:13 - 2011-08-21 14:50 - 00000000 ____D () C:\ProgramData\Nokia
2014-10-27 06:12 - 2011-11-23 11:03 - 00000000 ____D () C:\Users\Holgi\AppData\Roaming\Nokia Suite
2014-10-27 06:12 - 2011-09-03 20:36 - 00000000 ____D () C:\Users\Holgi\AppData\Roaming\Nokia
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-20 20:39
==================== End Of Log ============================
--- --- --- --- --- --- --- --- --- --- --- --- Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-11-2014
Ran by Holgi at 2014-11-23 18:44:20
Running from C:\Users\Holgi\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.11.15 - STMicroelectronics)
Acronis*True*Image*Home 2011 (HKLM-x32\...\{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}) (Version: 14.0.6942 - Acronis)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.4.0 - Auslogics Labs Pty Ltd)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Batman: Arkham Asylum Game of the Year Edition (HKLM-x32\...\{CFABC775-5386-4BA5-86B4-505BBD36E812}) (Version: 1.0.0.0 - Square Enix Limited)
Bullzip PDF Printer 10.7.0.2277 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.7.0.2277 - Bullzip)
Bus-Simulator 2009 (HKLM-x32\...\Bus-Simulator 2009_is1) (Version: - astragon Software GmbH)
Canon Inkjet Printer Driver Add-On Module (HKLM\...\CANONIJINBOXADDON100) (Version: - )
CanoScan LiDE 200 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4807) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5143 - CDBurnerXP)
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version: - )
CheckDrive (HKLM-x32\...\{B83513EC-2E4D-4621-816D-4CCF397BE702}_is1) (Version: 4.4 - Abelssoft)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.47 - Dell)
Dell DataSafe Online (HKLM-x32\...\{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}) (Version: 1.2.0011 - Dell, Inc.)
Dell Dock (HKLM-x32\...\Dell Dock) (Version: 2.0 - Stardock Corporation)
Dell Dock (Version: 2.0 - Stardock Corporation) Hidden
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell System Detect (HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\...\9204f5692a8faf3b) (Version: 5.9.0.5 - Dell)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.35 - Creative Technology Ltd)
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 5.0.1 - CEWE COLOR AG u Co. OHG)
DVDStyler v2.3.4 (HKLM-x32\...\DVDStyler_is1) (Version: - )
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
HMA! Pro VPN 2.8.6.0 (HKLM-x32\...\HMA! Pro VPN) (Version: 2.8.6.0 - Privax Ltd)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{D16A2127-B927-4379-B153-3DEC091E4EEB}) (Version: 13.02.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.41.2 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Meine Dienste Software (HKLM\...\Meine Dienste Software) (Version: 1.0.1.3 - Telekom)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}) (Version: 3.1.99.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 33.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 de)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
MyFreeCodec (HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\...\MyFreeCodec) (Version: - )
NAVIGON Fresh 3.4.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.4.1 - NAVIGON)
Netzmanager (HKLM-x32\...\Netzmanager) (Version: 1.071 - Deutsche Telekom AG)
Netzmanager (Version: 1.071 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
NVIDIA 3D Vision Treiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.82 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
PC Connectivity Solution (HKLM-x32\...\{DA5B2BDC-F654-4A88-A669-4D34BC7846A1}) (Version: 12.0.17.0 - Nokia)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.8.5 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6312 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
Roxio Burn (HKLM-x32\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.01 - Roxio)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
Snowy Treasure Hunter (HKLM-x32\...\Snowy Treasure Hunter_is1) (Version: 1.0 - MyPlayCity, Inc.)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.4.0 - Synaptics Incorporated)
Telekom Internet Manager (HKLM-x32\...\Telekom Internet Manager) (Version: 11.301.05.05.748 - Huawei Technologies Co.,Ltd)
Tomb Raider [2013] Collectors Edition MULTI-2 1.01.748.0 (HKLM-x32\...\Tomb Raider [2013] Collectors Edition MULTI-2 1.01.748.0) (Version: - )
Toolbar 3.0 der Telekom x64 (HKLM\...\Toolbar3 x64_is1) (Version: 3.0.2 (3) - Deutsche Telekom AG)
Überwachungstool für die Intel® Turbo-Boost-Technik (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM-x32\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
vSharetv (HKLM-x32\...\vSharetv) (Version: 1.3 - vSharetv)
VueScan (HKLM-x32\...\VueScan) (Version: - )
Windows Driver Package - Hamrick Software Image (1/8/1999 1.0) (HKLM\...\0DB87D30776CD338CFA6B6217DCA1796A4C60715) (Version: 1/8/1999 1.0 - Hamrick Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live OneCare safety scanner (HKLM-x32\...\Windows Live OneCare safety scanner) (Version: - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
WISO Sparbuch 2010 (HKLM-x32\...\{46B70DEB-97B3-4E38-B746-EC16905E6A8F}) (Version: 17.00.6531 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2011 (HKLM-x32\...\{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}) (Version: 18.00.6928 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2012 (HKLM-x32\...\{0CC1DAFB-40C8-4903-953D-471E541477C7}) (Version: 19.00.7303 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2013 (HKLM-x32\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2014 (HKLM-x32\...\{AC9476C8-C555-4127-B3B5-0DEA9982F691}) (Version: 21.00.8480 - Buhl Data Service GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
23-09-2014 20:42:02 Geplanter Prüfpunkt
24-09-2014 15:01:54 Windows Update
01-10-2014 19:12:40 Windows Update
08-10-2014 19:47:30 Geplanter Prüfpunkt
15-10-2014 17:55:51 Installed Java 7 Update 71
18-10-2014 11:39:39 Windows Update
22-10-2014 17:05:32 avast! antivirus system restore point
22-10-2014 17:16:19 avast! antivirus system restore point
27-10-2014 05:13:29 Nokia Connectivity Cable Driver wird entfernt
27-10-2014 20:22:23 Installiert Sherlock Holmes jagt Arsene Lupin
28-10-2014 05:09:44 Entfernt Sherlock Holmes jagt Arsene Lupin
28-10-2014 05:18:06 Installiert Sherlock Holmes jagt Arsene Lupin
28-10-2014 05:38:51 Entfernt Sherlock Holmes jagt Arsene Lupin
29-10-2014 05:50:08 Installiert Das Geheimnis des Persischen Teppichs
07-11-2014 05:11:05 Entfernt Das Geheimnis des Persischen Teppichs
09-11-2014 20:02:25 avast! antivirus system restore point
12-11-2014 21:06:03 Windows Update
18-11-2014 19:13:23 Windows Update
22-11-2014 15:04:43 Windows Modules Installer
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2014-11-19 20:35 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {043C4A89-D999-419D-9B75-95C31AB1709F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {06ABEE1F-7F62-4BAF-B837-00F4BD265190} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {07026BFD-8660-47CC-A147-A18A5B7A4B5B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-09] (AVAST Software)
Task: {0EEFD4AA-E01D-4BAD-BB4A-B2F118055B34} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {1B241653-2F7E-40CE-9754-3C36264592D9} - System32\Tasks\{BE14172C-77D4-4388-9396-9224263C2F73} => C:\Users\Holgi\Downloads\Drucker\n1220un650uxp571cde\N065USG\CANOIT32.EXE
Task: {83C53294-F6FB-46C0-B532-07418F5A220C} - System32\Tasks\{64354971-86FB-4918-8AF8-1D957A46373F} => C:\Spiele\Sherlock Holmes\Sherlock Holmes jagt Arsene Lupin\game.exe
Task: {9EC3AC29-D76B-4E31-8C72-2CB5D016EAFD} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-10] (PC-Doctor, Inc.)
==================== Loaded Modules (whitelisted) =============
2010-03-05 16:21 - 2010-03-05 16:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2014-11-09 21:03 - 2014-11-09 21:03 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-11-09 21:03 - 2014-11-09 21:03 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2013-12-16 18:07 - 2013-11-11 16:02 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-12-08 19:09 - 2010-08-12 01:19 - 00781536 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
2010-03-05 16:21 - 2010-03-05 16:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2010-12-08 19:07 - 2010-09-24 17:21 - 00727664 _____ () C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
2010-02-09 20:34 - 2010-02-09 20:34 - 01807680 _____ () C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
2014-11-21 18:20 - 2014-11-21 18:20 - 00854414 _____ () C:\Users\Holgi\Desktop\SecurityCheck.exe
2014-11-22 14:40 - 2014-11-22 14:40 - 02903552 _____ () C:\Program Files\AVAST Software\Avast\defs\14112200\algo.dll
2014-11-09 21:03 - 2014-11-09 21:03 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2014-11-23 18:13 - 2014-11-23 18:13 - 02903552 _____ () C:\Program Files\AVAST Software\Avast\defs\14112300\algo.dll
2010-12-08 19:08 - 2010-08-12 01:19 - 00056544 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STCoreXml.dll
2010-12-08 19:08 - 2010-08-12 01:19 - 00113888 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\PSTVdsDisk.dll
2010-12-08 19:08 - 2010-08-12 01:19 - 00126176 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
2010-12-08 19:08 - 2010-08-12 01:19 - 01121504 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\LibXml2.dll
2010-12-08 19:08 - 2010-08-12 01:19 - 00077024 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll
2010-12-08 19:08 - 2010-08-12 01:19 - 00232672 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll
2010-12-08 19:08 - 2010-08-12 01:19 - 00072928 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll
2010-12-08 19:08 - 2010-08-12 01:19 - 00109792 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll
2010-12-08 19:08 - 2010-08-12 01:19 - 00119008 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll
2010-02-09 20:34 - 2010-02-09 20:34 - 00275776 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
2010-02-09 20:34 - 2010-02-09 20:34 - 00058688 _____ () C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
2010-02-09 20:34 - 2010-02-09 20:34 - 00095552 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
2010-02-09 20:34 - 2010-02-09 20:34 - 00046400 _____ () C:\Program Files (x86)\Dell DataSafe Online\de\SdbUI.resources.dll
2010-02-09 20:34 - 2010-02-09 20:34 - 00365888 _____ () C:\Program Files (x86)\Dell DataSafe Online\de\DataSafeOnline.resources.dll
2010-02-09 20:34 - 2010-02-09 20:34 - 00152896 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
2010-02-09 20:34 - 2010-02-09 20:34 - 00017728 _____ () C:\Program Files (x86)\Dell DataSafe Online\cpputils.dll
2011-09-22 21:20 - 2011-09-22 21:20 - 11233136 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\Common\ti_managers.dll
2014-11-09 21:03 - 2014-11-09 21:03 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-10-22 18:36 - 2014-10-22 18:36 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\3d576cbc4ffc5ad06fd61510c5d8f326\IsdiInterop.ni.dll
2010-12-08 19:05 - 2010-03-04 03:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-11-10 20:38 - 2014-11-10 20:38 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WISO Mein Steuer-Sparbuch heute.lnk => C:\Windows\pss\WISO Mein Steuer-Sparbuch heute.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Holgi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dell Dock.lnk => C:\Windows\pss\Dell Dock.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Holgi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: NokiaOviSuite2 => C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
MSCONFIG\startupreg: PC Suite Tray => "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
MSCONFIG\startupreg: SAOB Monitor => C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
MSCONFIG\startupreg: TrueImageMonitor.exe => "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
========================= Accounts: ==========================
Administrator (S-1-5-21-3276667617-2959320208-3705288580-500 - Administrator - Disabled)
Gast (S-1-5-21-3276667617-2959320208-3705288580-501 - Limited - Disabled)
Holgi (S-1-5-21-3276667617-2959320208-3705288580-1000 - Administrator - Enabled) => C:\Users\Holgi
HomeGroupUser$ (S-1-5-21-3276667617-2959320208-3705288580-1002 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/22/2014 04:33:29 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (11/22/2014 10:40:26 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (11/22/2014 10:40:22 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (11/22/2014 10:40:20 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (11/22/2014 05:48:02 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (11/22/2014 05:47:53 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (11/22/2014 05:47:52 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (11/21/2014 08:42:11 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (11/21/2014 08:42:08 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (11/21/2014 08:42:07 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
System errors:
=============
Error: (11/23/2014 06:12:08 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (11/22/2014 09:04:43 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (11/22/2014 04:01:34 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error: (11/22/2014 04:01:33 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error: (11/22/2014 10:37:16 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (11/22/2014 10:36:23 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 22.11.2014 um 06:34:48 unerwartet heruntergefahren.
Error: (11/22/2014 05:47:49 AM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unerwarteter Fehler. Fehlercode: D@01010004
Error: (11/22/2014 05:47:48 AM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unerwarteter Fehler. Fehlercode: D@01010004
Error: (11/21/2014 08:41:31 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (11/21/2014 07:04:39 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-11-19 20:25:32.945
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-11-19 20:25:32.664
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-06-13 19:35:46.458
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\DAFB.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-06-13 19:35:46.411
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\DAFB.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-06-13 19:07:27.678
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\DAFB.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-06-13 19:07:27.631
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\DAFB.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-06-13 19:06:01.987
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\8B74.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-06-13 19:06:01.956
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\8B74.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-05-12 18:54:09.224
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\55C0.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-05-12 18:54:09.193
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\55C0.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7 CPU Q 740 @ 1.73GHz
Percentage of memory in use: 29%
Total physical RAM: 8124.38 MB
Available physical RAM: 5736.04 MB
Total Pagefile: 16246.94 MB
Available Pagefile: 13613.5 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:581.48 GB) (Free:223.01 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 596.2 GB) (Disk ID: FA3F015A)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=581.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Geändert von seal.1 (24.11.2014 um 21:17 Uhr) |
|
25.11.2014, 16:41
| #10 |
| /// the machine /// TB-Ausbilder | Windows 7: Vollbildschirm schließt sich automatisch Versuchen wir mal was. 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.11.2014, 22:25
| #11 |
| | Windows 7: Vollbildschirm schließt sich automatisch Hat leider nichts gebracht. Gleich Problematik wie bisher. Zusätzlich kommt beim Öffnen des Firefox seit unserer Bereinigungsaktion sehr häufig - eben nicht immer - eine Fehlermeldung, die ich mal angehängt habe. Vielleicht auch nur Zufall? Hat wohl irgendetwas mit Avast zu tun..... |
|
28.11.2014, 18:21
| #12 |
| /// the machine /// TB-Ausbilder | Windows 7: Vollbildschirm schließt sich automatisch Ja, Avast. Revo Uninstaller - Download - Filepony damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren. Dann: https://support.mozilla.org/de/kb/fi...einfach-loesen Dann bitte noch die Hardwarebeschleunigung in FF abschalten und Firefox mal testen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.12.2014, 10:38
| #13 |
| | Windows 7: Vollbildschirm schließt sich automatisch Hi, hab ich gemacht. Die entsprechenden Add-ons (z. B. NoScript) habe ich wieder installiert. Jedoch schließen sich die Anwendungen im Firefox immer noch. Ich probiere es mal im IE. Hätte ich Dussel natürlich schon längst mal machen können  Nachdem sich aber auch die Vollbildschirme von Anwendungen außerhalb der Browser schließen, hab ich noch nen Verdacht. Weiß aber net wirklich, ob dieser Verdacht sinnvoll ist. Bei einer Anwendung schließt sich der Vollbildschirm nicht komplett, sondern die Taskleiste schiebt sich in den Vordergrund und das Symbol für den Flash Player ist ersichtlich. Die Idee ist den Flash Player (Plugin und ActiveX) mal komplett mit Revo Uninstaller zu deinstallieren und dann wieder aufzuspielen. Sinnvoll oder Quatsch? Egal wie, versuche es die nächsten Tage mal. Die Meldung von Avast kommt aktuell nicht mehr. Habe auch in Avast eine entsprechende Einstellung bzgl. BrowserCleanup deaktiviert. |
|
02.12.2014, 09:28
| #14 |
| /// the machine /// TB-Ausbilder | Windows 7: Vollbildschirm schließt sich automatisch Sinnvoll, teste das mal
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.12.2014, 11:58
| #15 |
| | Windows 7: Vollbildschirm schließt sich automatisch Bin aktuell etwas kanpp an Zeit. Deswegen kann die nächste Rückmeldung noch etwas dauern. Wird aber nicht vergessen  |
|
| Themen zu Windows 7: Vollbildschirm schließt sich automatisch |
| adware, antivirus, avg, avira, cpu, device driver, excel, firefox, firefox 33.1, flash player, home, homepage, installation, mozilla, problem, realtek, registry, samsung kies, scan, security, services.exe, software, svchost.exe, tagès, taskleiste, usb, vista, vollbildschirm, windows, wiso |
WARNUNG an die MITLESER: 
Linear-Darstellung
