| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Trojaner-Warnung nach Steam-UpdateWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
07.12.2014, 12:42
| #1 |
| |  Trojaner-Warnung nach Steam-Update Gestern habe ich mir ein Spiel installiert (Die Schicksalsklinge), welches leider Steam braucht. Bin ja gar nicht der Fan von Steam, aber gut.. Steam hat dann auch gleich mal ein Update gemacht, ich hab ein paar Stunden gezockt und dann den Rechner ausgemacht. Als ich ihn heute morgen dann hochgefahren hab, kam die Warnung vom ESET: C:\Users\ERSTERUSER\AppData\Local\Temp\wininit.exe Variante von MSIL/Injector.GPS Trojaner Gesäubert durch Löschen - in Quarantäne kopiert Ereignis aufgetreten beim Versuch die Datei auszuführen durch die Anwendung: C:\Windows\explorer.exe. Da gestern das Installieren des Spiels und das Update durch Steam die einzigen Ereignisse waren, die sich vom sonstigen Tagesablauf unterscheiden, gehe ich stark davon aus, dass es damit zusammen hängt. In der Meldung steht "Gesäubert durch Löschen - in Quarantäne kopiert". Muss ich da jetzt noch irgendwas machen? Ihr seht meiner Fragestellung vielleicht schon an, dass ich nicht so der Crack bin, wenn es um Computer geht, daher bitte in möglichst einfachen Sätzen und ohne viele Fachausdrücke  Vielen Dank für eure Hilfe. |
|
07.12.2014, 13:23
| #2 |
| /// the machine /// TB-Ausbilder    |  Trojaner-Warnung nach Steam-Update hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
07.12.2014, 14:09
| #3 |
| | Trojaner-Warnung nach Steam-UpdateFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-12-2014 01
Ran by ERSTERUSER (administrator) on CLAUDIA-PC on 07-12-2014 14:05:31
Running from D:\Downloads
Loaded Profile: ERSTERUSER (Available profiles: ERSTERUSER & UpdatusUser)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Super Flexible Software Ltd. & Co. KG) C:\Program Files-s\SuperFlexible\ExtremeVSS.exe
(Seagate Technology LLC) C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
(Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(StorageCraft Technology Corporation) C:\Program Files-s\StorageCraft\ShadowProtect\ShadowProtectSvc.exe
(StorageCraft Technology Corporation) C:\Program Files-s\StorageCraft\ShadowProtect\ShadowProtectSvc.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(StorageCraft Technology Corporation) C:\Windows\System32\vsnapvss.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Seagate LLC) C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
(ROCCAT) C:\Program Files\ROCCAT\Kone Mouse\KoneHID.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(ROCCAT) C:\Program Files\ROCCAT\Kone Mouse\OSD.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Oliver Frietsch) C:\Program Files-s\Quicklaunch\QuickLaunch.exe
() C:\Users\ERSTERUSER\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
(Super Flexible Software) C:\Program Files-s\SuperFlexible\ExtremeSyncService.exe
() C:\Users\ERSTERUSER\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Audible, Inc.) C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Program Files\UseNeXT\UseNeXT.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MaxMenuMgr] => C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe [185640 2009-05-01] (Seagate LLC)
HKLM\...\Run: [Kone] => C:\Program Files\ROCCAT\Kone Mouse\KoneHID.EXE [151552 2008-10-06] (ROCCAT)
HKLM\...\Run: [Malwarebytes' Anti-Malware (reboot)] => "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM\...\Run: [Ninite Updater] => C:\Program Files\Ninite Updater\NiniteUpdater.exe [265760 2013-11-14] (Secure By Design Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [1795872 2014-08-19] (NVIDIA Corporation)
HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [191528 2014-07-04] (Geek Software GmbH)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5088456 2014-10-01] (ESET)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\Run: [Quicklaunch] => C:\Program Files-s\Quicklaunch\QuickLaunch.exe [554496 2006-12-16] (Oliver Frietsch)
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\ERSTERUSER\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\Run: [ExtremeSync Background Scheduler] => C:\Program Files-s\SuperFlexible\ExtremeSyncService.exe [13941120 2011-11-18] (Super Flexible Software)
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\Run: [Amazon Music] => C:\Users\ERSTERUSER\AppData\Local\Amazon Music\Amazon Music Helper.exe [3162944 2014-07-01] ()
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\MountPoints2: F - F:\LaunchU3.exe -a
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\MountPoints2: {dac28781-b80c-11df-b978-005056c00008} - F:\LaunchU3.exe -a
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\MountPoints2: {faf60acb-bc8e-11e1-9d41-806e6f6e6963} - E:\SETUP.EXE
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk
ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.)
Startup: C:\Users\ERSTERUSER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xCCFD043C75EACE01
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de,de-DE;q=0.5
SearchScopes: HKU\S-1-5-21-3507585339-1609819653-644593918-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-3507585339-1609819653-644593918-1000 -> {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredibar.com/mb128/?search={searchTerms}&loc=IB_DS&a=6R8vtSumhl&i=26
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKU\S-1-5-21-3507585339-1609819653-644593918-1000 -> No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
Toolbar: HKU\S-1-5-21-3507585339-1609819653-644593918-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\ERSTERUSER\AppData\Roaming\Mozilla\Firefox\Profiles\a7rjlmc2.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files-s\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.448 -> C:\Program Files-s\Win7codecs\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files-s\Win7codecs\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3507585339-1609819653-644593918-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ERSTERUSER\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3507585339-1609819653-644593918-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\ERSTERUSER\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF HKLM\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF Extension: Freemake Video Converter Plugin - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2013-08-10]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "https://www.google.de/"
CHR Profile: C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-07-28]
CHR Extension: (Beautiful landscape) - C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ambfimhigppdidfmelpjmojccbfdoeig [2013-07-13]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-27]
CHR Extension: (Get F.B. Purity for Facebook) - C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifpbhmjbfiogpipemadffnijpbcdfkmp [2013-07-13]
CHR Extension: (Freemake Video Converter) - C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj [2013-08-10]
CHR Extension: (F.B Purity-Clean Up Facebook) - C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdlagniojmheiklojdcpdaeepochckl [2013-07-13]
CHR Extension: (Google Wallet) - C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (ProxPrice) - C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nopgehbobniifpngnhmljfojnkkopbje [2014-07-28]
CHR Extension: (Privacy Badger) - C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2014-08-05]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-08-10]
CHR HKLM\...\Chrome\Extension: [jplinpmadfkdgipabgcdchbdikologlh] - C:\Program Files\1ClickDownload\1click12.crx [Not Found]
CHR HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\Chrome\Extension: [ncmdmcjifbkefpaijakdbgfjbpaonjhg] - No Path
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1349576 2014-10-01] (ESET)
R2 ExtremeVSSService; C:\Program Files-S\SuperFlexible\ExtremeVSS.exe [3196800 2011-09-20] (Super Flexible Software Ltd. & Co. KG)
R2 FreeAgentGoNext Service; C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe [181544 2009-05-01] (Seagate Technology LLC)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [430592 2008-04-07] (Nokia.) [File not signed]
R2 ShadowProtectSvc; C:\Program Files-s\StorageCraft\ShadowProtect\ShadowProtectSvc.exe [1497632 2009-12-17] (StorageCraft Technology Corporation)
S2 BingDesktopUpdate; "C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [191928 2014-09-22] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [135296 2014-09-22] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [176448 2014-09-22] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [37928 2014-09-22] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [51288 2014-09-22] (ESET)
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2009-03-31] () [File not signed]
R3 KoneFltr; C:\Windows\System32\drivers\Kone.sys [13056 2008-12-11] (ROCCAT Ltd)
R3 mcdbus; C:\Windows\System32\DRIVERS\mcdbus.sys [116736 2009-02-24] (MagicISO, Inc.) [File not signed]
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2009-09-19] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2009-09-19] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2009-09-19] (MCCI Corporation)
R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [165376 2009-07-22] (Microsoft Corporation)
R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [55040 2009-07-22] (Microsoft Corporation)
R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2009-07-22] (Microsoft Corporation)
R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [293904 2009-07-22] (Microsoft Corporation)
S3 w800bus; C:\Windows\System32\DRIVERS\w800bus.sys [60768 2005-06-13] (MCCI)
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
U5 UnlockerDriver5; C:\Program Files-s\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-07 13:28 - 2014-12-07 14:05 - 00000000 ____D () C:\FRST
2014-12-06 17:33 - 2014-12-06 17:33 - 00000000 ____D () C:\Users\ERSTERUSER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-02 08:37 - 2014-12-02 10:12 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-11-28 14:43 - 2014-11-28 14:43 - 00001760 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-11-28 14:43 - 2014-11-28 14:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-11-28 14:42 - 2014-11-28 14:42 - 00000000 ____D () C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2014-11-28 14:42 - 2014-11-28 14:42 - 00000000 ____D () C:\Program Files\iTunes
2014-11-28 14:42 - 2014-11-28 14:42 - 00000000 ____D () C:\Program Files\iPod
2014-11-28 14:41 - 2014-11-28 14:41 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-11-28 14:41 - 2014-11-28 14:41 - 00000000 ____D () C:\Program Files\Apple Software Update
2014-11-28 14:40 - 2014-11-28 14:40 - 00000000 ____D () C:\Program Files\Bonjour
2014-11-21 16:16 - 2014-11-21 16:59 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-11-21 11:46 - 2014-11-21 11:46 - 00000000 __SHD () C:\Users\ERSTERUSER\AppData\Local\EmieBrowserModeList
2014-11-19 14:33 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 14:33 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 13:07 - 2014-11-19 13:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-11-19 13:07 - 2014-11-19 13:07 - 00000000 ____D () C:\ProgramData\ESET
2014-11-19 13:07 - 2014-11-19 13:07 - 00000000 ____D () C:\Program Files\ESET
2014-11-19 09:00 - 2014-11-26 03:08 - 00002128 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-12 09:51 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 09:50 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 09:50 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 09:49 - 2014-10-10 01:45 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 09:49 - 2014-10-03 02:44 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 09:49 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 09:49 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 09:49 - 2014-10-03 02:44 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 09:49 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 09:49 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 09:49 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 09:49 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 09:49 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 09:49 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 09:49 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 09:49 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 09:49 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 09:48 - 2014-11-05 18:50 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 09:48 - 2014-11-05 18:50 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 09:48 - 2014-11-05 18:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 09:48 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 09:48 - 2014-10-14 02:56 - 00136632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 09:48 - 2014-10-14 02:50 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 09:48 - 2014-10-14 02:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 09:48 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 09:48 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 09:47 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 09:47 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 09:47 - 2014-11-06 04:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 09:47 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 09:47 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 09:47 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 09:47 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 09:47 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 09:47 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 09:47 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 09:47 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 09:47 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 09:47 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 09:47 - 2014-11-06 03:59 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 09:47 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 09:47 - 2014-11-06 03:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 09:47 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 09:47 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 09:47 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 09:47 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 09:47 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 09:47 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 09:47 - 2014-11-06 03:22 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 09:47 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 09:47 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 09:47 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 09:47 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 09:47 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 09:47 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 09:47 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-07 14:06 - 2013-11-16 18:41 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cee2f31d07067f.job
2014-12-07 14:06 - 2010-02-14 15:26 - 00000000 ____D () C:\Users\ERSTERUSER\AppData\Roaming\UseNeXT
2014-12-07 14:03 - 2010-02-13 11:44 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-07 13:29 - 2013-08-01 06:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-07 10:57 - 2009-07-14 05:34 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-07 10:57 - 2009-07-14 05:34 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-07 10:51 - 2010-02-13 11:43 - 01222100 _____ () C:\Windows\WindowsUpdate.log
2014-12-07 10:50 - 2014-06-17 16:26 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8a4073898d18.job
2014-12-07 10:50 - 2012-06-25 11:49 - 00000000 ____D () C:\Users\ERSTERUSER\AppData\Roaming\Dropbox
2014-12-07 10:50 - 2010-02-13 21:46 - 00000000 ____D () C:\ProgramData\TEMP
2014-12-07 10:50 - 2010-02-13 12:11 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-07 10:50 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-07 10:50 - 2009-07-14 05:39 - 00117130 _____ () C:\Windows\setupact.log
2014-12-06 23:38 - 2014-04-10 08:50 - 00000000 ____D () C:\Program Files\Steam
2014-12-06 17:50 - 2014-04-10 08:50 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-12-06 14:51 - 2013-06-28 06:54 - 00000000 ____D () C:\Users\ERSTERUSER\AppData\Roaming\vlc
2014-12-03 06:43 - 2011-02-17 18:04 - 00000000 ____D () C:\Users\ERSTERUSER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-12-03 06:43 - 2011-02-17 18:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-12-03 06:26 - 2012-05-06 13:00 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-28 14:42 - 2014-10-10 19:26 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-11-28 14:40 - 2010-09-04 13:06 - 00000000 ____D () C:\ProgramData\Apple
2014-11-27 06:34 - 2013-08-01 06:05 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-11-27 06:34 - 2013-08-01 06:05 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-11-22 23:34 - 2013-04-19 16:10 - 00000000 ____D () C:\Program Files\UseNeXT
2014-11-22 23:34 - 2010-02-14 15:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2014-11-21 17:15 - 2010-10-14 20:50 - 00000000 ____D () C:\Windows\Minidump
2014-11-15 09:48 - 2014-09-12 22:42 - 00000000 ____D () C:\Users\ERSTERUSER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-12 17:59 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-11-12 17:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-11-12 16:34 - 2009-07-14 05:33 - 00288400 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 16:32 - 2014-05-02 08:32 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-12 16:32 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-11-12 16:27 - 2013-08-14 05:15 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 16:23 - 2010-02-13 22:18 - 100445232 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.3368.dll
Some content of TEMP:
====================
C:\Users\ERSTERUSER\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphnizyw.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-05 00:58
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-12-2014 01
Ran by ERSTERUSER at 2014-12-07 14:06:39
Running from D:\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Smart Security 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal Firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Advertising Center (Version: 0.0.0.1 - Nero AG) Hidden
Alle meine Passworte 3.15 (HKLM\...\AllemeinePassworte) (Version: - )
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\Amazon Amazon Music) (Version: 3.1.0.570 - Amazon Services LLC)
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audible Download Manager (HKLM\...\AudibleDownloadManager) (Version: 6.6.0.13 - Audible, Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 2.28 - Piriform)
CodeStuff Starter (HKLM\...\CodeStuff Starter) (Version: 5.6.2.9 - CodeStuff)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
Dupehunter Professional - Computerbild Edition (HKLM\...\Dupehunter Professional - Computerbild Edition) (Version: 8.1.0.3700 - Carsten Heidtke Software)
ESET Smart Security (HKLM\...\{1F4CBC3C-5CAE-4528-A584-C25E6CE3D7E5}) (Version: 8.0.304.4 - ESET, spol s r. o.)
EzImplant-CDViewer (HKLM\...\{B8CB4ED2-74EE-44F0-88CB-C2DD30B36EEA}) (Version: 1.5.7415 - INFINITT)
EzImplant-CDViewer (Version: 1.5.7415 - INFINITT) Hidden
Fernwartungshilfe für Kunden von PC-Blitzhelfer (HKLM\...\Fernwartungshilfe für Kunden von PC-Blitzhelfer) (Version: 1.0.1 - PC-Blitzhelfer)
Folder Guide (HKLM\...\Folder Guide) (Version: - )
Freemake Video Converter Version 4.0.3 (HKLM\...\Freemake Video Converter_is1) (Version: 4.0.3 - Ellora Assets Corporation)
Google Chrome (HKLM\...\{BED0D2F3-7407-3B43-A48F-6C33BC3D5DAD}) (Version: 66.30.49217 - Google, Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
HD Tune 2.55 (HKLM\...\HD Tune_is1) (Version: - EFD Software)
HTC Driver Installer (HKLM\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.13.0.003 - HTC Corporation)
ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden
IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LameXP (HKLM\...\{FBD7A67D-D700-4043-B54F-DD106D00F308}) (Version: - )
Menu Templates - Starter Kit (Version: 9.4.1.0 - Nero AG) Hidden
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.6109.5003 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Movie Templates - Starter Kit (Version: 9.4.1.0 - Nero AG) Hidden
Mozilla Firefox 27.0 (x86 de) (HKLM\...\Mozilla Firefox 27.0 (x86 de)) (Version: 27.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.2.0 - Mozilla)
Mozilla Thunderbird 31.3.0 (x86 de) (HKLM\...\Mozilla Thunderbird 31.3.0 (x86 de)) (Version: 31.3.0 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NC Launcher (GameForge) (HKLM\...\NCLauncher_GameForge) (Version: - NCsoft)
Nero 9 Essentials (HKLM\...\{86bde101-32cf-471a-8575-8de7c21570d8}) (Version: - Nero AG)
Ninite Updater (HKLM\...\NiniteUpdater) (Version: - )
NVIDIA 3D Vision Controller-Treiber 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 306.97 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PC Connectivity Solution (HKLM\...\{AC599724-5755-48C1-ABE7-ABB857652930}) (Version: 8.15.0.0 - Nokia)
PDF24 Creator 6.7.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickLaunch (HKLM\...\QuickLaunch_is1) (Version: 2.3 - Oliver Frietsch)
QuickPar 0.9 (HKLM\...\QuickPar) (Version: 0.9 - Peter B. Clements)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realms of Arkania: Blade of Destiny (HKLM\...\Steam App 237550) (Version: - Crafty Studios)
ROCCAT Kone Mouse Driver (HKLM\...\{9733747E-E53D-4C17-977E-3A872AFB93E1}) (Version: - )
Seagate Manager Installer (HKLM\...\InstallShield_{E6F019F1-DFB6-4853-A87D-6E31624755A9}) (Version: 2.02.0109 - Seagate)
Seagate Manager Installer (Version: 2.02.0109 - Seagate) Hidden
ShadowProtect Desktop (HKLM\...\{8850DEC8-22FD-4F05-A3AA-49B91200C24F}) (Version: 3.5.4183 - StorageCraft)
ShadowProtect Desktop (Version: 3.5.4183 - StorageCraft) Hidden
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Flexible File Synchronizer 5.60 (HKLM\...\Super Flexible File Synchronizer_is1) (Version: 5.60 - Super Flexible Software)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version: - )
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version: - Bethesda Game Studios)
TomTom HOME (HKLM\...\{99072AB4-D795-44D5-9D65-E3C9F8322C97}) (Version: 2.9.6 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Unity Web Player (HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unlocker 1.9.0 (HKLM\...\Unlocker) (Version: 1.9.0 - Cedrick Collomb)
UseNeXT by Tangysoft (HKLM\...\UseNeXT by Tangysoft_is1) (Version: - Tangysoft Ltd.)
Visual Subst (HKLM\...\Visual Subst) (Version: 1.0.6 - NTWind Software)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Win7codecs (HKLM\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 2.1.9 - Shark007)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.2.7235.0 - Microsoft Corporation)
Windows-Treiberpaket - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0) (HKLM\...\6194C28A8F62DD817EA1B918E6E46E806A21B452) (Version: 02/23/2007 2.5.0.0 - MobileTop)
Windows-Treiberpaket - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0) (HKLM\...\65B6FE5418CE28F4D72543FB2D964C3CEC83F161) (Version: 02/23/2007 2.5.0.0 - MobileTop)
Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0) (HKLM\...\3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F) (Version: 10/12/2007 6.85.4.0 - Nokia)
WinRAR 5.20 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.57\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.69\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 -> C:\Program Files\7-Zip\7-zip.dll (Igor Pavlov)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.2.183.39\goopdate.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{3f04dadf-6ea4-44d1-a507-03cad176f443}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{4DB26476-6787-4046-B836-E8412A9E8A27}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{4E77131D-3629-431C-9818-C5679DC83E81}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{56FDF344-FD6D-11D0-958A-006097C9A090}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{b5eedee0-c06e-11cf-8c56-444553540000}\InprocServer32 -> C:\TotCmdPM-C\Progs\UltraEdit\ue32ctmn.dll ()
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> C:\Windows\system32\actxprxy.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.65\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{F8383852-FCD3-11D1-A6B9-006097DF5BD4}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0AC90BA6-D407-4A06-935C-F95E8CBB14B5} - System32\Tasks\{CD119950-AECB-4970-9DA8-F6213814FE9A} => C:\Program Files\iTunes\iTunes.exe [2014-10-15] (Apple Inc.)
Task: {1063CB4E-C6A1-49F7-AFD4-E77A616A5D08} - System32\Tasks\{2CCBD1DD-5138-4FC2-B65A-A639DB1995AB} => C:\Program Files\Ninite Updater\NiniteUpdater.exe [2013-11-14] (Secure By Design Inc.)
Task: {17D647C6-BA2C-4EE7-AA4E-CD295B7397C9} - System32\Tasks\{593FE8EE-21EC-4C14-A0B7-6F269650F7EE} => C:\Program Files\iTunes\iTunes.exe [2014-10-15] (Apple Inc.)
Task: {1BDD75B6-BB8C-42B1-BECC-601C3736FCA0} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {20CDBC76-9955-4B73-A03A-68ABB5738DBA} - System32\Tasks\{100C0DF1-7649-433E-8DBA-124AF678EF5D} => C:\Program Files\iTunes\iTunes.exe [2014-10-15] (Apple Inc.)
Task: {23AF1B7C-E5A2-4E33-8D17-5CC12BDCEBBE} - System32\Tasks\{AC64EE3F-8680-47B7-889E-8D5F82241735} => C:\Program Files\Ninite Updater\NiniteUpdater.exe [2013-11-14] (Secure By Design Inc.)
Task: {33D76DA5-57BA-4F12-9CCD-2722B3EE282B} - System32\Tasks\GoogleUpdateTaskMachineCore1cf8a4073898d18 => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-13] (Google Inc.)
Task: {3AE0A447-349B-4FA2-B97D-B6049A88D5CE} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {58951724-E1B5-41BA-B202-109D6978DA96} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5F8D57B7-0D18-4F4F-9484-E451F5C6E98C} - System32\Tasks\GoogleUpdateTaskMachineUA1cee2f31d07067f => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-13] (Google Inc.)
Task: {5FD37F6B-B837-498D-87FC-804AC4F661ED} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-27] (Adobe Systems Incorporated)
Task: {75F1BD09-2D15-452A-B5B5-6C2A0A837DE3} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {B5D64E0D-8DAF-468D-8B28-5726C7447D2C} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {D3044F96-FDCB-491E-A7B3-B76F021B5B63} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {EA0A65EE-B164-412D-BB18-C1AA7AE7F78B} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {FED0C4A7-752F-4CD4-AC3F-74E82454929E} - System32\Tasks\{291ABD72-DAA7-4DC2-978E-5A78C2BD2A94} => C:\Program Files\iTunes\iTunes.exe [2014-10-15] (Apple Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8a4073898d18.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cee2f31d07067f.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2011-10-25 14:48 - 2014-07-02 20:42 - 00107992 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-12-07 17:27 - 2012-12-07 17:27 - 00167424 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2013-05-22 19:50 - 2013-05-22 19:50 - 00400704 _____ () C:\Users\ERSTERUSER\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
2014-07-29 22:22 - 2014-07-01 19:58 - 03162944 _____ () C:\Users\ERSTERUSER\AppData\Local\Amazon Music\Amazon Music Helper.exe
2014-11-26 03:08 - 2014-11-25 07:39 - 01077064 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.71\libglesv2.dll
2014-11-26 03:08 - 2014-11-25 07:39 - 00211272 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.71\libegl.dll
2014-11-26 03:08 - 2014-11-25 07:39 - 09009480 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.71\pdf.dll
2014-11-26 03:08 - 2014-11-25 07:39 - 01677128 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll
2013-04-19 16:10 - 2014-11-19 16:21 - 04318720 _____ () C:\Program Files\UseNeXT\UseNeXT.exe
2013-04-19 16:10 - 2014-03-06 10:18 - 00160768 _____ () C:\Program Files\UseNeXT\unrar.dll
2013-04-19 16:10 - 2014-03-06 10:24 - 00041472 _____ () C:\Program Files\UseNeXT\Par2Calc.dll
2014-11-26 03:08 - 2014-11-25 07:39 - 14910280 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.71\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:9453D700
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\Users\ERSTERUSER\AppData\Roaming\default.rss:OECustomProperty
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\Software\Classes\.exe: => <===== ATTENTION!
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-3507585339-1609819653-644593918-500 - Administrator - Disabled)
ERSTERUSER (S-1-5-21-3507585339-1609819653-644593918-1000 - Administrator - Enabled) => C:\Users\ERSTERUSER
Gast (S-1-5-21-3507585339-1609819653-644593918-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3507585339-1609819653-644593918-1007 - Limited - Enabled)
UpdatusUser (S-1-5-21-3507585339-1609819653-644593918-1005 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/01/2014 04:57:20 AM) (Source: Chrome) (EventID: 1) (User: NT-AUTORITÄT)
Description: Chrome has encountered a fatal error.
ver=39.0.2171.71;lang=;guid=F2D1FBB44E12420184E9440CA877A2A0;is_machine=1;oop=1;upload=1;minidump=C:\Program Files\Google\CrashReports\33e77023-5479-4b36-9490-dd502fa4dc72.dmp
Error: (11/28/2014 03:20:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iTunes.exe, Version 12.0.1.26 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 147c
Startzeit: 01d00b14efb4510e
Endzeit: 60000
Anwendungspfad: C:\Program Files\iTunes\iTunes.exe
Berichts-ID:
Error: (11/28/2014 03:06:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iTunes.exe, Version 12.0.1.26 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: eb0
Startzeit: 01d00b1153bb0f15
Endzeit: 21714
Anwendungspfad: C:\Program Files\iTunes\iTunes.exe
Berichts-ID:
Error: (11/27/2014 07:34:42 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (11/21/2014 05:00:26 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (11/21/2014 04:42:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iTunes.exe, Version 11.4.0.18 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: fec
Startzeit: 01d0059fb63cb425
Endzeit: 60000
Anwendungspfad: C:\Program Files\iTunes\iTunes.exe
Berichts-ID:
Error: (11/21/2014 00:07:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iTunes.exe, Version 12.0.1.26 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: ef4
Startzeit: 01d00579bbfdcc28
Endzeit: 0
Anwendungspfad: C:\Program Files\iTunes\iTunes.exe
Berichts-ID:
Error: (11/21/2014 11:29:34 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:
Error: (11/17/2014 05:37:01 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Error: HTTP-Status 404: Die angeforderte URL ist auf diesem Server nicht vorhanden.
ErrorCode: 14007(0x36b7).
Error: (11/15/2014 09:56:05 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Error: HTTP-Status 404: Die angeforderte URL ist auf diesem Server nicht vorhanden.
ErrorCode: 14007(0x36b7).
System errors:
=============
Error: (12/07/2014 01:59:38 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
Error: (12/07/2014 01:59:38 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
Error: (12/07/2014 01:59:37 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
Error: (12/07/2014 00:56:41 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (12/06/2014 05:31:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (12/06/2014 05:31:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (12/05/2014 08:22:54 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR8 gefunden.
Error: (12/04/2014 11:16:02 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (12/04/2014 04:55:19 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 04.12.2014 um 16:47:36 unerwartet heruntergefahren.
Error: (12/03/2014 02:07:30 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Microsoft Office Sessions:
=========================
Error: (12/01/2014 04:57:20 AM) (Source: Chrome) (EventID: 1) (User: NT-AUTORITÄT)
Description: Chrome has encountered a fatal error.
ver=39.0.2171.71;lang=;guid=F2D1FBB44E12420184E9440CA877A2A0;is_machine=1;oop=1;upload=1;minidump=C:\Program Files\Google\CrashReports\33e77023-5479-4b36-9490-dd502fa4dc72.dmp
Error: (11/28/2014 03:20:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iTunes.exe12.0.1.26147c01d00b14efb4510e60000C:\Program Files\iTunes\iTunes.exe
Error: (11/28/2014 03:06:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iTunes.exe12.0.1.26eb001d00b1153bb0f1521714C:\Program Files\iTunes\iTunes.exe
Error: (11/27/2014 07:34:42 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"F:\DPInst64.exe
Error: (11/21/2014 05:00:26 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"D:\Eigene Dateien\Downloads\iTunes64Setup1061.exe
Error: (11/21/2014 04:42:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iTunes.exe11.4.0.18fec01d0059fb63cb42560000C:\Program Files\iTunes\iTunes.exe
Error: (11/21/2014 00:07:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iTunes.exe12.0.1.26ef401d00579bbfdcc280C:\Program Files\iTunes\iTunes.exe
Error: (11/21/2014 11:29:34 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:
Error: (11/17/2014 05:37:01 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Error: HTTP-Status 404: Die angeforderte URL ist auf diesem Server nicht vorhanden.
ErrorCode: 14007(0x36b7).
Error: (11/15/2014 09:56:05 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Error: HTTP-Status 404: Die angeforderte URL ist auf diesem Server nicht vorhanden.
ErrorCode: 14007(0x36b7).
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz
Percentage of memory in use: 55%
Total physical RAM: 3327.18 MB
Available physical RAM: 1491.8 MB
Total Pagefile: 6652.65 MB
Available Pagefile: 4603.19 MB
Total Virtual: 2047.88 MB
Available Virtual: 1892.98 MB
==================== Drives ================================
Drive c: (Start-C) (Fixed) (Total:110 GB) (Free:56.68 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Daten-D) (Fixed) (Total:1753.01 GB) (Free:980.61 GB) NTFS
Drive e: (RoA - Blade of D) (CDROM) (Total:4.64 GB) (Free:0 GB) CDFS
Drive f: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
Drive m: (CRUZER) (Removable) (Total:7.47 GB) (Free:0.01 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: DF1E9041)
Partition 1: (Active) - (Size=110 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1753 GB) - (Type=07 NTFS)
========================================================
Disk: 5 (Size: 7.5 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
|
08.12.2014, 10:44
| #4 |
| /// the machine /// TB-Ausbilder | Trojaner-Warnung nach Steam-Update hi, Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.12.2014, 13:40
| #5 |
| | Trojaner-Warnung nach Steam-UpdateCode:
ATTFilter 13:35:49.0092 0x1178 TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
13:35:57.0105 0x1178 KSN EULA was not accepted. For auto accept you could use -accepteulaksn command line parameter.
13:35:57.0105 0x1178 ============================================================
13:35:57.0105 0x1178 Current date / time: 2014/12/08 13:35:57.0105
13:35:57.0105 0x1178 SystemInfo:
13:35:57.0105 0x1178
13:35:57.0105 0x1178 OS Version: 6.1.7601 ServicePack: 1.0
13:35:57.0105 0x1178 Product type: Workstation
13:35:57.0105 0x1178 ComputerName: CLAUDIA-PC
13:35:57.0105 0x1178 UserName: ERSTERUSER
13:35:57.0105 0x1178 Windows directory: C:\Windows
13:35:57.0105 0x1178 System windows directory: C:\Windows
13:35:57.0105 0x1178 Processor architecture: Intel x86
13:35:57.0105 0x1178 Number of processors: 4
13:35:57.0105 0x1178 Page size: 0x1000
13:35:57.0105 0x1178 Boot type: Normal boot
13:35:57.0105 0x1178 ============================================================
13:35:58.0369 0x1178 KLMD registered as C:\Windows\system32\drivers\07099069.sys
13:35:59.0133 0x1178 System UUID: {CB3CBFB9-93FF-EE6A-E266-DD68BB7234AE}
13:35:59.0133 0x1178 Skipping KSN library initialization due to KSN EULA unacceptance
13:35:59.0710 0x1178 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:35:59.0804 0x1178 ============================================================
13:35:59.0804 0x1178 \Device\Harddisk0\DR0:
13:35:59.0820 0x1178 MBR partitions:
13:35:59.0820 0x1178 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDC019D9
13:35:59.0820 0x1178 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xDC01A18, BlocksNum 0xDB206E98
13:35:59.0820 0x1178 ============================================================
13:35:59.0913 0x1178 D: <-> \Device\Harddisk0\DR0\Partition2
13:35:59.0991 0x1178 C: <-> \Device\Harddisk0\DR0\Partition1
13:35:59.0991 0x1178 ============================================================
13:35:59.0991 0x1178 Initialize success
13:35:59.0991 0x1178 ============================================================
13:36:55.0458 0x0970 ============================================================
13:36:55.0458 0x0970 Scan started
13:36:55.0458 0x0970 Mode: Manual; SigCheck; TDLFS;
13:36:55.0458 0x0970 ============================================================
13:36:56.0514 0x0970 ================ Scan system memory ========================
13:36:56.0514 0x0970 System memory - ok
13:36:56.0514 0x0970 ================ Scan services =============================
13:36:57.0142 0x0970 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:36:57.0332 0x0970 1394ohci - ok
13:36:57.0347 0x0970 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:36:57.0379 0x0970 ACPI - ok
13:36:57.0394 0x0970 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:36:57.0442 0x0970 AcpiPmi - ok
13:36:57.0568 0x0970 [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
13:36:57.0599 0x0970 AdobeARMservice - ok
13:36:57.0662 0x0970 [ F79623288F2A357AB20288B5DC4F452A, AA6F70A4C12E390E08074D6FD0EA0D1856D8274DA833E56A8811BF820A2D41D4 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:36:57.0678 0x0970 AdobeFlashPlayerUpdateSvc - ok
13:36:57.0709 0x0970 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
13:36:57.0756 0x0970 adp94xx - ok
13:36:57.0788 0x0970 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
13:36:57.0804 0x0970 adpahci - ok
13:36:57.0835 0x0970 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
13:36:57.0851 0x0970 adpu320 - ok
13:36:57.0883 0x0970 [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:36:57.0962 0x0970 AeLookupSvc - ok
13:36:58.0025 0x0970 [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD C:\Windows\system32\drivers\afd.sys
13:36:58.0103 0x0970 AFD - ok
13:36:58.0120 0x0970 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
13:36:58.0120 0x0970 agp440 - ok
13:36:58.0135 0x0970 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
13:36:58.0167 0x0970 aic78xx - ok
13:36:58.0230 0x0970 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
13:36:58.0277 0x0970 ALG - ok
13:36:58.0292 0x0970 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
13:36:58.0324 0x0970 aliide - ok
13:36:58.0339 0x0970 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
13:36:58.0355 0x0970 amdagp - ok
13:36:58.0370 0x0970 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
13:36:58.0386 0x0970 amdide - ok
13:36:58.0402 0x0970 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:36:58.0449 0x0970 AmdK8 - ok
13:36:58.0465 0x0970 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
13:36:58.0512 0x0970 AmdPPM - ok
13:36:58.0527 0x0970 [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:36:58.0560 0x0970 amdsata - ok
13:36:58.0575 0x0970 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
13:36:58.0591 0x0970 amdsbs - ok
13:36:58.0606 0x0970 [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:36:58.0622 0x0970 amdxata - ok
13:36:58.0654 0x0970 [ E499E422412EF37576092A52648DB2B4, 95E9C11258CAF37060242BA4E1170CEDECF3376CF0A9A1E61D46706D7C7F36F8 ] AppID C:\Windows\system32\drivers\appid.sys
13:36:58.0701 0x0970 AppID - ok
13:36:58.0763 0x0970 [ 89B6FA43B68A373B304DFB8F6776B255, 36ABD9AB89CBC7991DE9B04051B26014982953697862BC46EF8AE4ACC2404128 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:36:58.0810 0x0970 AppIDSvc - ok
13:36:58.0841 0x0970 [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo C:\Windows\System32\appinfo.dll
13:36:58.0889 0x0970 Appinfo - ok
13:36:58.0952 0x0970 [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:36:58.0984 0x0970 Apple Mobile Device - ok
13:36:59.0062 0x0970 [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt C:\Windows\System32\appmgmts.dll
13:36:59.0156 0x0970 AppMgmt - ok
13:36:59.0156 0x0970 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys
13:36:59.0188 0x0970 arc - ok
13:36:59.0204 0x0970 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
13:36:59.0220 0x0970 arcsas - ok
13:36:59.0330 0x0970 [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
13:36:59.0377 0x0970 aspnet_state - ok
13:36:59.0392 0x0970 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:36:59.0456 0x0970 AsyncMac - ok
13:36:59.0471 0x0970 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
13:36:59.0487 0x0970 atapi - ok
13:36:59.0550 0x0970 [ F4157B3CECF19B1C266C83AFF051C97A, 26728B59B6003EB36BC322D189254574E94790CE23637228A669FAD6ED76ECE3 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:36:59.0676 0x0970 AudioEndpointBuilder - ok
13:36:59.0707 0x0970 [ F4157B3CECF19B1C266C83AFF051C97A, 26728B59B6003EB36BC322D189254574E94790CE23637228A669FAD6ED76ECE3 ] Audiosrv C:\Windows\System32\Audiosrv.dll
13:36:59.0723 0x0970 Audiosrv - ok
13:36:59.0771 0x0970 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:36:59.0818 0x0970 AxInstSV - ok
13:36:59.0849 0x0970 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
13:36:59.0881 0x0970 b06bdrv - ok
13:36:59.0928 0x0970 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
13:36:59.0959 0x0970 b57nd60x - ok
13:37:00.0007 0x0970 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
13:37:00.0054 0x0970 BDESVC - ok
13:37:00.0054 0x0970 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
13:37:00.0086 0x0970 Beep - ok
13:37:00.0179 0x0970 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
13:37:00.0212 0x0970 BFE - ok
13:37:00.0243 0x0970 BingDesktopUpdate - ok
13:37:00.0274 0x0970 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\System32\qmgr.dll
13:37:00.0327 0x0970 BITS - ok
13:37:00.0342 0x0970 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:37:00.0358 0x0970 blbdrive - ok
13:37:00.0421 0x0970 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:37:00.0453 0x0970 Bonjour Service - ok
13:37:00.0484 0x0970 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:37:00.0547 0x0970 bowser - ok
13:37:00.0578 0x0970 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:37:00.0625 0x0970 BrFiltLo - ok
13:37:00.0625 0x0970 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:37:00.0657 0x0970 BrFiltUp - ok
13:37:00.0689 0x0970 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll
13:37:00.0732 0x0970 Browser - ok
13:37:00.0747 0x0970 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:37:00.0784 0x0970 Brserid - ok
13:37:00.0799 0x0970 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:37:00.0815 0x0970 BrSerWdm - ok
13:37:00.0830 0x0970 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:37:00.0862 0x0970 BrUsbMdm - ok
13:37:00.0862 0x0970 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:37:00.0878 0x0970 BrUsbSer - ok
13:37:00.0894 0x0970 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
13:37:00.0909 0x0970 BTHMODEM - ok
13:37:00.0956 0x0970 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
13:37:00.0988 0x0970 bthserv - ok
13:37:01.0020 0x0970 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:37:01.0051 0x0970 cdfs - ok
13:37:01.0100 0x0970 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:37:01.0142 0x0970 cdrom - ok
13:37:01.0206 0x0970 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
13:37:01.0237 0x0970 CertPropSvc - ok
13:37:01.0252 0x0970 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
13:37:01.0284 0x0970 circlass - ok
13:37:01.0299 0x0970 [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS C:\Windows\system32\CLFS.sys
13:37:01.0335 0x0970 CLFS - ok
13:37:01.0382 0x0970 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:37:01.0398 0x0970 clr_optimization_v2.0.50727_32 - ok
13:37:01.0460 0x0970 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:37:01.0507 0x0970 clr_optimization_v4.0.30319_32 - ok
13:37:01.0523 0x0970 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:37:01.0539 0x0970 CmBatt - ok
13:37:01.0570 0x0970 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:37:01.0586 0x0970 cmdide - ok
13:37:01.0617 0x0970 [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG C:\Windows\system32\Drivers\cng.sys
13:37:01.0665 0x0970 CNG - ok
13:37:01.0681 0x0970 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:37:01.0712 0x0970 Compbatt - ok
13:37:01.0712 0x0970 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
13:37:01.0743 0x0970 CompositeBus - ok
13:37:01.0760 0x0970 COMSysApp - ok
13:37:01.0775 0x0970 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
13:37:01.0806 0x0970 crcdisk - ok
13:37:01.0838 0x0970 [ 623E143F2DF17C0106A9988F5D7DC878, 9DA30262FF22FA9F1DB247CB3B4A2892D79730EF0ECC9589D399D24B4F58E565 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:37:01.0853 0x0970 CryptSvc - ok
13:37:01.0901 0x0970 [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC C:\Windows\system32\drivers\csc.sys
13:37:01.0948 0x0970 CSC - ok
13:37:01.0980 0x0970 [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService C:\Windows\System32\cscsvc.dll
13:37:02.0011 0x0970 CscService - ok
13:37:02.0090 0x0970 [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
13:37:02.0137 0x0970 cvhsvc - ok
13:37:02.0153 0x0970 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll
13:37:02.0200 0x0970 DcomLaunch - ok
13:37:02.0232 0x0970 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
13:37:02.0263 0x0970 defragsvc - ok
13:37:02.0294 0x0970 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:37:02.0325 0x0970 DfsC - ok
13:37:02.0373 0x0970 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
13:37:02.0424 0x0970 Dhcp - ok
13:37:02.0439 0x0970 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
13:37:02.0486 0x0970 discache - ok
13:37:02.0502 0x0970 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\DRIVERS\disk.sys
13:37:02.0517 0x0970 Disk - ok
13:37:02.0550 0x0970 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:37:02.0565 0x0970 Dnscache - ok
13:37:02.0596 0x0970 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
13:37:02.0675 0x0970 dot3svc - ok
13:37:02.0722 0x0970 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
13:37:02.0753 0x0970 DPS - ok
13:37:02.0785 0x0970 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:37:02.0831 0x0970 drmkaud - ok
13:37:02.0864 0x0970 [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:37:02.0895 0x0970 DXGKrnl - ok
13:37:02.0942 0x0970 [ 687CCC438AA414AE22EEA081F98DC645, F8CA8B99A241D080D7AD8867244FBACE87095190908D62AB0B989FDBE27D6CE5 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
13:37:03.0005 0x0970 eamonm - ok
13:37:03.0036 0x0970 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
13:37:03.0084 0x0970 EapHost - ok
13:37:03.0210 0x0970 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
13:37:03.0320 0x0970 ebdrv - ok
13:37:03.0367 0x0970 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] EFS C:\Windows\System32\lsass.exe
13:37:03.0430 0x0970 EFS - ok
13:37:03.0477 0x0970 [ 340870877DBE2A6D848537FC6AC2BA2F, 97A0D3EAC232A86DB3AACF3359B8AA61EF5C5152930E46D37C18BAC6DB234AD7 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
13:37:03.0493 0x0970 ehdrv - ok
13:37:03.0539 0x0970 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:37:03.0602 0x0970 ehRecvr - ok
13:37:03.0634 0x0970 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
13:37:03.0681 0x0970 ehSched - ok
13:37:03.0807 0x0970 [ 58FBDA10FC403CF9F82ABD0A68129BA3, D731021C2A94A31CD944E95628AC2DFFF0D555659BF0DF6FC57676B8B88355A4 ] ekrn C:\Program Files\ESET\ESET Smart Security\ekrn.exe
13:37:03.0886 0x0970 ekrn - ok
13:37:03.0917 0x0970 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
13:37:03.0948 0x0970 elxstor - ok
13:37:03.0965 0x0970 [ 372AA9B1146D66E5D6B65844D9416778, 35E48F3728CC4FB9CA967DAEFC280DA372D740947B69C39A5F5CF2ED64CC8D9D ] epfw C:\Windows\system32\DRIVERS\epfw.sys
13:37:03.0996 0x0970 epfw - ok
13:37:04.0027 0x0970 [ 2789A04E91E4E2C4CAF24C966342859B, 41CDA6950FE4F0BC1125054D5E8D98FD4A8245332035562B53E6296A90AA1C85 ] EpfwLWF C:\Windows\system32\DRIVERS\EpfwLWF.sys
13:37:04.0027 0x0970 EpfwLWF - ok
13:37:04.0058 0x0970 [ 752924FC04A89BDD6D6A42BD6D5CA12B, 773D26F0AAC0C5FD8B7C235CE1E0C94B601616599DF79EC9E752E4AC2D26E3AD ] epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys
13:37:04.0075 0x0970 epfwwfp - ok
13:37:04.0090 0x0970 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:37:04.0122 0x0970 ErrDev - ok
13:37:04.0168 0x0970 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
13:37:04.0216 0x0970 EventSystem - ok
13:37:04.0247 0x0970 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
13:37:04.0279 0x0970 exfat - ok
13:37:04.0433 0x0970 [ A7796E1163C2D1DDF66941F1CE92DFEB, 056F8823B1B27B6804599CF0C4AFEEDDA0798A4364AC48BCBA5E8377B669033D ] ExtremeVSSService C:\Program Files-S\SuperFlexible\ExtremeVSS.exe
13:37:04.0559 0x0970 ExtremeVSSService - ok
13:37:04.0574 0x0970 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:37:04.0623 0x0970 fastfat - ok
13:37:04.0654 0x0970 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
13:37:04.0717 0x0970 Fax - ok
13:37:04.0733 0x0970 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:37:04.0749 0x0970 fdc - ok
13:37:04.0765 0x0970 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
13:37:04.0796 0x0970 fdPHost - ok
13:37:04.0811 0x0970 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
13:37:04.0859 0x0970 FDResPub - ok
13:37:04.0875 0x0970 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:37:04.0890 0x0970 FileInfo - ok
13:37:04.0906 0x0970 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:37:04.0937 0x0970 Filetrace - ok
13:37:04.0954 0x0970 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:37:04.0969 0x0970 flpydisk - ok
13:37:04.0985 0x0970 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:37:05.0016 0x0970 FltMgr - ok
13:37:05.0095 0x0970 [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache C:\Windows\system32\FntCache.dll
13:37:05.0205 0x0970 FontCache - ok
13:37:05.0252 0x0970 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:37:05.0284 0x0970 FontCache3.0.0.0 - ok
13:37:05.0331 0x0970 [ 07AF7870ABF051EBBAE8A8A92FF34ABE, D5FD122A8F1984DA33EB8A0B70F11E5C7B48744B80C182A3B7891CFBC30B2BD3 ] FreeAgentGoNext Service C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
13:37:05.0362 0x0970 FreeAgentGoNext Service - ok
13:37:05.0396 0x0970 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:37:05.0411 0x0970 FsDepends - ok
13:37:05.0442 0x0970 [ B0082808A6856A252F7CDD939892CE50, 3A069239629C4F54049A2CFC6642AC5102ECEAA74470BAA9DDB1AB108D1060EE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
13:37:05.0458 0x0970 fssfltr - ok
13:37:05.0584 0x0970 [ 28DDEEEC44E988657B732CF404D504CB, 47F83018E5449CDCED3DD447991788EBAAC92C418D4513FBA9408C45E9AB8E7E ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
13:37:05.0647 0x0970 fsssvc - ok
13:37:05.0694 0x0970 [ 790A4CA68F44BE35967B3DF61F3E4675, 7CBC77C620ABA75FEF4BA8AD9C38766D50CD18106EBA4693F162F2C5A7D46AA8 ] FsUsbExDisk C:\Windows\system32\FsUsbExDisk.SYS
13:37:05.0726 0x0970 FsUsbExDisk - detected UnsignedFile.Multi.Generic ( 1 )
13:37:05.0804 0x0970 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
13:37:05.0820 0x0970 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:37:05.0836 0x0970 Fs_Rec - ok
13:37:05.0883 0x0970 [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:37:05.0914 0x0970 fvevol - ok
13:37:05.0948 0x0970 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
13:37:05.0963 0x0970 gagp30kx - ok
13:37:05.0979 0x0970 [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:37:05.0994 0x0970 GEARAspiWDM - ok
13:37:06.0026 0x0970 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\Windows\System32\gpsvc.dll
13:37:06.0089 0x0970 gpsvc - ok
13:37:06.0168 0x0970 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
13:37:06.0168 0x0970 gupdate - ok
13:37:06.0184 0x0970 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
13:37:06.0199 0x0970 gupdatem - ok
13:37:06.0230 0x0970 [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
13:37:06.0278 0x0970 gusvc - ok
13:37:06.0294 0x0970 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:37:06.0356 0x0970 hcw85cir - ok
13:37:06.0393 0x0970 [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:37:06.0409 0x0970 HdAudAddService - ok
13:37:06.0440 0x0970 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
13:37:06.0471 0x0970 HDAudBus - ok
13:37:06.0487 0x0970 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
13:37:06.0519 0x0970 HidBatt - ok
13:37:06.0535 0x0970 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
13:37:06.0566 0x0970 HidBth - ok
13:37:06.0597 0x0970 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
13:37:06.0614 0x0970 HidIr - ok
13:37:06.0645 0x0970 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\system32\hidserv.dll
13:37:06.0676 0x0970 hidserv - ok
13:37:06.0707 0x0970 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:37:06.0740 0x0970 HidUsb - ok
13:37:06.0755 0x0970 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
13:37:06.0786 0x0970 hkmsvc - ok
13:37:06.0802 0x0970 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:37:06.0834 0x0970 HomeGroupListener - ok
13:37:06.0865 0x0970 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:37:06.0897 0x0970 HomeGroupProvider - ok
13:37:06.0944 0x0970 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:37:06.0960 0x0970 HpSAMD - ok
13:37:07.0007 0x0970 [ 950CC1E6AE3A6CD23E0945CDE089B02C, C242AE9F21FE7FBC269BD11BDD3346936626DA15596561B527EF20CFAEF77055 ] HTCAND32 C:\Windows\system32\Drivers\ANDROIDUSB.sys
13:37:07.0070 0x0970 HTCAND32 - ok
13:37:07.0117 0x0970 [ 339ADEFAD60353F960E3CA67CE468C24, AF0953ACBE2CA6466595A31349DBF96452DEF2633FD279E8F2B59A3767B89AFC ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
13:37:07.0148 0x0970 htcnprot - ok
13:37:07.0180 0x0970 [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:37:07.0227 0x0970 HTTP - ok
13:37:07.0227 0x0970 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:37:07.0258 0x0970 hwpolicy - ok
13:37:07.0275 0x0970 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
13:37:07.0306 0x0970 i8042prt - ok
13:37:07.0337 0x0970 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:37:07.0369 0x0970 iaStorV - ok
13:37:07.0427 0x0970 [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:37:07.0458 0x0970 idsvc - ok
13:37:07.0474 0x0970 IEEtwCollectorService - ok
13:37:07.0506 0x0970 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
13:37:07.0521 0x0970 iirsp - ok
13:37:07.0568 0x0970 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll
13:37:07.0600 0x0970 IKEEXT - ok
13:37:07.0632 0x0970 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
13:37:07.0647 0x0970 intelide - ok
13:37:07.0678 0x0970 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:37:07.0694 0x0970 intelppm - ok
13:37:07.0726 0x0970 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:37:07.0773 0x0970 IPBusEnum - ok
13:37:07.0804 0x0970 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:37:07.0868 0x0970 IpFilterDriver - ok
13:37:07.0899 0x0970 [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:37:07.0962 0x0970 iphlpsvc - ok
13:37:07.0978 0x0970 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:37:07.0993 0x0970 IPMIDRV - ok
13:37:08.0009 0x0970 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:37:08.0057 0x0970 IPNAT - ok
13:37:08.0119 0x0970 [ 4D800977F7EB0C310AF04BF5B517985A, DD4EC347D4759AC401BD08739DE012E5F1903DF2EDEBEA17CCD3C19FF1F6005E ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:37:08.0167 0x0970 iPod Service - ok
13:37:08.0198 0x0970 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:37:08.0229 0x0970 IRENUM - ok
13:37:08.0261 0x0970 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:37:08.0262 0x0970 isapnp - ok
13:37:08.0324 0x0970 [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:37:08.0355 0x0970 iScsiPrt - ok
13:37:08.0391 0x0970 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:37:08.0423 0x0970 kbdclass - ok
13:37:08.0454 0x0970 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:37:08.0486 0x0970 kbdhid - ok
13:37:08.0533 0x0970 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] KeyIso C:\Windows\system32\lsass.exe
13:37:08.0548 0x0970 KeyIso - ok
13:37:08.0595 0x0970 [ 5EFBDEF257E891773B22F2544B856C54, BA23313AF76AAEB7842D10FDA890C9E85F2AE7AB26B13A3FAE524D8833A639AE ] KoneFltr C:\Windows\system32\drivers\Kone.sys
13:37:08.0613 0x0970 KoneFltr - ok
13:37:08.0628 0x0970 [ 4120DA10AA42A9996F4575DB9E3E6E6E, 1C6E790772EA327ACB885D731A030408160534997DD56FEE4D6CEE6929873BB8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:37:08.0660 0x0970 KSecDD - ok
13:37:08.0691 0x0970 [ 1E1845606C5A4579F7F3D95796CC1ED1, 26A478A0B5417CBC880A7F2D977AAC5FBF40EC4296426B757D6ACCBBC09486CC ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:37:08.0708 0x0970 KSecPkg - ok
13:37:08.0724 0x0970 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
13:37:08.0755 0x0970 KtmRm - ok
13:37:08.0786 0x0970 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\system32\srvsvc.dll
13:37:08.0819 0x0970 LanmanServer - ok
13:37:08.0834 0x0970 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:37:08.0865 0x0970 LanmanWorkstation - ok
13:37:08.0881 0x0970 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:37:08.0912 0x0970 lltdio - ok
13:37:08.0944 0x0970 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:37:08.0991 0x0970 lltdsvc - ok
13:37:08.0991 0x0970 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:37:09.0039 0x0970 lmhosts - ok
13:37:09.0086 0x0970 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
13:37:09.0117 0x0970 LSI_FC - ok
13:37:09.0133 0x0970 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
13:37:09.0151 0x0970 LSI_SAS - ok
13:37:09.0198 0x0970 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:37:09.0214 0x0970 LSI_SAS2 - ok
13:37:09.0245 0x0970 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:37:09.0262 0x0970 LSI_SCSI - ok
13:37:09.0294 0x0970 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
13:37:09.0325 0x0970 luafv - ok
13:37:09.0377 0x0970 [ A3F4391DFDF2F9E9FE4EAD193265A5AD, A60A1A345622F4758181FB0B6EE784B0B718105FEE7B0F6FEDE5AD59FE448EE1 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
13:37:09.0393 0x0970 MBAMProtector - ok
13:37:09.0471 0x0970 [ 0BB29DE40C9D9529793DCDB59A43CF5B, 251001A407D32EF22F64915EEFFAAEC229073C4549BF7D9D1D4209B7D15B4681 ] MBAMScheduler C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
13:37:09.0549 0x0970 MBAMScheduler - ok
13:37:09.0596 0x0970 [ 5F82D8188B370B0CF185D4AE2B9B4A0E, 549B53DD989A069E1C38347C4CEF5283DF9B428CE102799B06A20D3D8F23825F ] MBAMService C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
13:37:09.0627 0x0970 MBAMService - ok
13:37:09.0658 0x0970 [ 8E2E9CCD873ABF180F48BCAEEEBE347D, 35DBBB8E63B480151EA5701D9DB7C90642FA2391D044DB400D3644F3E21BB0C1 ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
13:37:09.0674 0x0970 MBAMSwissArmy - ok
13:37:09.0705 0x0970 [ 312CD3307F600E7CD340B79B3DCB3A01, 861A6DFC53C69743129DAAFE73DECDE8D842475503E8D713E7CE5D22AC8D1370 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
13:37:09.0723 0x0970 MBAMWebAccessControl - ok
13:37:09.0759 0x0970 [ 8FD868E32459ECE2A1BB0169F513D31E, F28E47FBEC8EC8424FFFB359668E0FEEA66A69E9D737D75472934FAC39770390 ] mcdbus C:\Windows\system32\DRIVERS\mcdbus.sys
13:37:09.0777 0x0970 mcdbus - detected UnsignedFile.Multi.Generic ( 1 )
13:37:09.0777 0x0970 mcdbus ( UnsignedFile.Multi.Generic ) - warning
13:37:09.0793 0x0970 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:37:09.0824 0x0970 Mcx2Svc - ok
13:37:09.0856 0x0970 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
13:37:09.0872 0x0970 megasas - ok
13:37:09.0887 0x0970 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
13:37:09.0903 0x0970 MegaSR - ok
13:37:09.0919 0x0970 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
13:37:09.0965 0x0970 MMCSS - ok
13:37:09.0965 0x0970 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
13:37:09.0997 0x0970 Modem - ok
13:37:10.0028 0x0970 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:37:10.0043 0x0970 monitor - ok
13:37:10.0075 0x0970 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:37:10.0090 0x0970 mouclass - ok
13:37:10.0106 0x0970 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:37:10.0137 0x0970 mouhid - ok
13:37:10.0137 0x0970 [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:37:10.0153 0x0970 mountmgr - ok
13:37:10.0215 0x0970 [ A08662124B1510709C4514E7333E27D8, 4ECF5200484A0412F1B9EEBA10D3E01F6610FA33C99140EB8F329CFDF812FD3B ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:37:10.0246 0x0970 MozillaMaintenance - ok
13:37:10.0262 0x0970 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys
13:37:10.0277 0x0970 mpio - ok
13:37:10.0309 0x0970 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:37:10.0324 0x0970 mpsdrv - ok
13:37:10.0355 0x0970 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:37:10.0402 0x0970 MpsSvc - ok
13:37:10.0433 0x0970 [ 21F4B24ACFC79A483515BD986DD9043F, 22681907E02E0B723ABE2CEF0602D36C8EF862E7E2B62A9B40A5EF582E58D7BA ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:37:10.0480 0x0970 MRxDAV - ok
13:37:10.0511 0x0970 [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:37:10.0558 0x0970 mrxsmb - ok
13:37:10.0589 0x0970 [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:37:10.0621 0x0970 mrxsmb10 - ok
13:37:10.0636 0x0970 [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:37:10.0652 0x0970 mrxsmb20 - ok
13:37:10.0683 0x0970 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys
13:37:10.0699 0x0970 msahci - ok
13:37:10.0714 0x0970 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:37:10.0745 0x0970 msdsm - ok
13:37:10.0777 0x0970 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
13:37:10.0792 0x0970 MSDTC - ok
13:37:10.0823 0x0970 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:37:10.0870 0x0970 Msfs - ok
13:37:10.0886 0x0970 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:37:10.0917 0x0970 mshidkmdf - ok
13:37:10.0933 0x0970 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:37:10.0948 0x0970 msisadrv - ok
13:37:10.0979 0x0970 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:37:11.0026 0x0970 MSiSCSI - ok
13:37:11.0042 0x0970 msiserver - ok
13:37:11.0073 0x0970 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:37:11.0104 0x0970 MSKSSRV - ok
13:37:11.0135 0x0970 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:37:11.0167 0x0970 MSPCLOCK - ok
13:37:11.0182 0x0970 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:37:11.0229 0x0970 MSPQM - ok
13:37:11.0260 0x0970 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:37:11.0276 0x0970 MsRPC - ok
13:37:11.0307 0x0970 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
13:37:11.0323 0x0970 mssmbios - ok
13:37:11.0338 0x0970 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:37:11.0369 0x0970 MSTEE - ok
13:37:11.0385 0x0970 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
13:37:11.0401 0x0970 MTConfig - ok
13:37:11.0432 0x0970 [ D48659BB24C48345D926ECB45C1EBDF5, EDEDE58316827530C25F8085F62AD48EA6D44B0F8AC1917B940F53B02CF72EA6 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
13:37:11.0447 0x0970 MTsensor - ok
13:37:11.0494 0x0970 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
13:37:11.0510 0x0970 Mup - ok
13:37:11.0541 0x0970 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll
13:37:11.0572 0x0970 napagent - ok
13:37:11.0603 0x0970 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:37:11.0635 0x0970 NativeWifiP - ok
13:37:11.0681 0x0970 [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:37:11.0713 0x0970 NDIS - ok
13:37:11.0744 0x0970 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:37:11.0775 0x0970 NdisCap - ok
13:37:11.0791 0x0970 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:37:11.0822 0x0970 NdisTapi - ok
13:37:11.0853 0x0970 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:37:11.0884 0x0970 Ndisuio - ok
13:37:11.0900 0x0970 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:37:11.0947 0x0970 NdisWan - ok
13:37:11.0978 0x0970 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:37:12.0025 0x0970 NDProxy - ok
13:37:12.0103 0x0970 [ B90E093E7A7250906F1054418B5339C0, F9A0BAC5B4B29F14B5CACA1047F8928A495EFD56E485492BF71C856B296476D6 ] Nero BackItUp Scheduler 4.0 C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
13:37:12.0134 0x0970 Nero BackItUp Scheduler 4.0 - ok
13:37:12.0149 0x0970 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:37:12.0196 0x0970 NetBIOS - ok
13:37:12.0212 0x0970 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:37:12.0243 0x0970 NetBT - ok
13:37:12.0259 0x0970 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] Netlogon C:\Windows\system32\lsass.exe
13:37:12.0290 0x0970 Netlogon - ok
13:37:12.0321 0x0970 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
13:37:12.0352 0x0970 Netman - ok
13:37:12.0383 0x0970 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:37:12.0415 0x0970 NetMsmqActivator - ok
13:37:12.0415 0x0970 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:37:12.0430 0x0970 NetPipeActivator - ok
13:37:12.0461 0x0970 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
13:37:12.0508 0x0970 netprofm - ok
13:37:12.0539 0x0970 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:37:12.0555 0x0970 NetTcpActivator - ok
13:37:12.0571 0x0970 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:37:12.0586 0x0970 NetTcpPortSharing - ok
13:37:12.0633 0x0970 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
13:37:12.0649 0x0970 nfrd960 - ok
13:37:12.0680 0x0970 [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:37:12.0711 0x0970 NlaSvc - ok
13:37:12.0727 0x0970 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:37:12.0758 0x0970 Npfs - ok
13:37:12.0789 0x0970 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
13:37:12.0836 0x0970 nsi - ok
13:37:12.0851 0x0970 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:37:12.0883 0x0970 nsiproxy - ok
13:37:12.0945 0x0970 [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:37:12.0992 0x0970 Ntfs - ok
13:37:13.0023 0x0970 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
13:37:13.0085 0x0970 Null - ok
13:37:13.0132 0x0970 [ 9F8EE4948B7ADD9D12F778F61A2758A4, 9848C7D97AC000BF7A00BAE12593E48E14D36D7FFFCF25A163FAAB446691032F ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
13:37:13.0148 0x0970 NVHDA - ok
13:37:13.0460 0x0970 [ 1E3D32DDBE6BBDC0843432BAD599069F, 908893652F953C01E3FFEA19E76154B6246277720B088A61086A9B336B3EC6AD ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:37:13.0819 0x0970 nvlddmkm - ok
13:37:13.0865 0x0970 [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:37:13.0897 0x0970 nvraid - ok
13:37:13.0928 0x0970 [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:37:13.0959 0x0970 nvstor - ok
13:37:13.0990 0x0970 [ 5004DAF6A37C5C73FFCF4D3935A6FE87, 52F2149383EC41B18310801FD07C1363EE81C5D1F2B0206460FC7922C00D7A15 ] nvsvc C:\Windows\system32\nvvsvc.exe
13:37:14.0021 0x0970 nvsvc - ok
13:37:14.0099 0x0970 [ 813B806949EE12980BA93771637D0315, BE30739FE6A64551D2E26A6352680DEF7AB499B4A076E18A7EBAB43D3A9C1B0E ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
13:37:14.0177 0x0970 nvUpdatusService - ok
13:37:14.0193 0x0970 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:37:14.0224 0x0970 nv_agp - ok
13:37:14.0240 0x0970 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:37:14.0263 0x0970 ohci1394 - ok
13:37:14.0326 0x0970 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:37:14.0341 0x0970 ose - ok
13:37:14.0511 0x0970 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:37:14.0667 0x0970 osppsvc - ok
13:37:14.0699 0x0970 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:37:14.0777 0x0970 p2pimsvc - ok
13:37:14.0808 0x0970 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
13:37:14.0842 0x0970 p2psvc - ok
13:37:14.0874 0x0970 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:37:14.0889 0x0970 Parport - ok
13:37:14.0920 0x0970 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:37:14.0936 0x0970 partmgr - ok
13:37:14.0967 0x0970 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
13:37:14.0983 0x0970 Parvdm - ok
13:37:15.0030 0x0970 [ 3CAE2BBC86FCF7F94C9696994AF30386, 4DA063A60523567272CFB35DF5D7CA142B100EF9123B1F23A6F11AB89DB83486 ] PassThru Service C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
13:37:15.0045 0x0970 PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
13:37:15.0045 0x0970 PassThru Service ( UnsignedFile.Multi.Generic ) - warning
13:37:15.0076 0x0970 [ 3A55D53687F16D9EF5BF307BBFEFCD9C, F1BB1B43442B151686500768C43A4D20CAA47427E78386953A42DDB42D9DDF0C ] PcaSvc C:\Windows\System32\pcasvc.dll
13:37:15.0108 0x0970 PcaSvc - ok
13:37:15.0139 0x0970 [ 175CC28DCF819F78CAA3FBD44AD9E52A, C00F17040440E5C10439FF8110368A7813BD197E96338FD3703C86E399E27128 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
13:37:15.0203 0x0970 pccsmcfd - ok
13:37:15.0253 0x0970 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys
13:37:15.0273 0x0970 pci - ok
13:37:15.0294 0x0970 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys
13:37:15.0310 0x0970 pciide - ok
13:37:15.0344 0x0970 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
13:37:15.0364 0x0970 pcmcia - ok
13:37:15.0424 0x0970 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
13:37:15.0448 0x0970 pcw - ok
13:37:15.0482 0x0970 [ 344D1FA0438A967F1A2BAA42C86D6E19, E9CB31CBD9075B84BA771CF82A4C3AB5BF57ADEA3E76ABE8FE36FEACFD681D89 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:37:15.0529 0x0970 PEAUTH - ok
13:37:15.0579 0x0970 [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
13:37:15.0686 0x0970 PeerDistSvc - ok
13:37:15.0763 0x0970 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
13:37:15.0847 0x0970 pla - ok
13:37:15.0928 0x0970 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:37:16.0040 0x0970 PlugPlay - ok
13:37:16.0067 0x0970 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:37:16.0088 0x0970 PNRPAutoReg - ok
13:37:16.0109 0x0970 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:37:16.0117 0x0970 PNRPsvc - ok
13:37:16.0179 0x0970 [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:37:16.0211 0x0970 PolicyAgent - ok
13:37:16.0242 0x0970 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
13:37:16.0289 0x0970 Power - ok
13:37:16.0320 0x0970 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:37:16.0351 0x0970 PptpMiniport - ok
13:37:16.0367 0x0970 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys
13:37:16.0398 0x0970 Processor - ok
13:37:16.0429 0x0970 [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc C:\Windows\system32\profsvc.dll
13:37:16.0476 0x0970 ProfSvc - ok
13:37:16.0491 0x0970 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:37:16.0507 0x0970 ProtectedStorage - ok
13:37:16.0523 0x0970 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:37:16.0556 0x0970 Psched - ok
13:37:16.0611 0x0970 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
13:37:16.0673 0x0970 ql2300 - ok
13:37:16.0704 0x0970 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
13:37:16.0735 0x0970 ql40xx - ok
13:37:16.0751 0x0970 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
13:37:16.0782 0x0970 QWAVE - ok
13:37:16.0798 0x0970 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:37:16.0829 0x0970 QWAVEdrv - ok
13:37:16.0845 0x0970 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:37:16.0876 0x0970 RasAcd - ok
13:37:16.0907 0x0970 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:37:16.0969 0x0970 RasAgileVpn - ok
13:37:16.0985 0x0970 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
13:37:17.0016 0x0970 RasAuto - ok
13:37:17.0063 0x0970 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:37:17.0094 0x0970 Rasl2tp - ok
13:37:17.0141 0x0970 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
13:37:17.0172 0x0970 RasMan - ok
13:37:17.0188 0x0970 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:37:17.0219 0x0970 RasPppoe - ok
13:37:17.0235 0x0970 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:37:17.0281 0x0970 RasSstp - ok
13:37:17.0297 0x0970 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:37:17.0328 0x0970 rdbss - ok
13:37:17.0344 0x0970 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:37:17.0375 0x0970 rdpbus - ok
13:37:17.0391 0x0970 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:37:17.0422 0x0970 RDPCDD - ok
13:37:17.0437 0x0970 [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
13:37:17.0515 0x0970 RDPDR - ok
13:37:17.0547 0x0970 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:37:17.0562 0x0970 RDPENCDD - ok
13:37:17.0578 0x0970 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:37:17.0625 0x0970 RDPREFMP - ok
13:37:17.0671 0x0970 [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:37:17.0734 0x0970 RdpVideoMiniport - ok
13:37:17.0765 0x0970 [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:37:17.0812 0x0970 RDPWD - ok
13:37:17.0827 0x0970 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:37:17.0843 0x0970 rdyboost - ok
13:37:17.0874 0x0970 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:37:17.0905 0x0970 RemoteAccess - ok
13:37:17.0937 0x0970 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:37:17.0968 0x0970 RemoteRegistry - ok
13:37:17.0999 0x0970 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:37:18.0030 0x0970 RpcEptMapper - ok
13:37:18.0046 0x0970 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
13:37:18.0061 0x0970 RpcLocator - ok
13:37:18.0077 0x0970 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\Windows\system32\rpcss.dll
13:37:18.0108 0x0970 RpcSs - ok
13:37:18.0139 0x0970 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:37:18.0155 0x0970 rspndr - ok
13:37:18.0202 0x0970 [ 5283B9A27FF230F2FF70D92451FF409A, B8BAC70E1DE4485C79CA7B47D4DCFE0223CECEA8ED75CE4F128D47051F95FE5D ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
13:37:18.0217 0x0970 RTL8167 - ok
13:37:18.0249 0x0970 [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap C:\Windows\system32\drivers\vms3cap.sys
13:37:18.0295 0x0970 s3cap - ok
13:37:18.0311 0x0970 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] SamSs C:\Windows\system32\lsass.exe
13:37:18.0327 0x0970 SamSs - ok
13:37:18.0358 0x0970 [ C7EDD0516DC3D45A1438BBCB560EC2DA, E1502FCC5D8292854BB361A691A593ACA5F8B9F8C35522AE570D872568BA1BDE ] sbmount C:\Windows\system32\drivers\sbmount.sys
13:37:18.0373 0x0970 sbmount - ok
13:37:18.0420 0x0970 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:37:18.0436 0x0970 sbp2port - ok
13:37:18.0467 0x0970 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:37:18.0498 0x0970 SCardSvr - ok
13:37:18.0529 0x0970 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:37:18.0576 0x0970 scfilter - ok
13:37:18.0623 0x0970 [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule C:\Windows\system32\schedsvc.dll
13:37:18.0670 0x0970 Schedule - ok
13:37:18.0701 0x0970 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
13:37:18.0717 0x0970 SCPolicySvc - ok
13:37:18.0732 0x0970 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:37:18.0795 0x0970 SDRSVC - ok
13:37:18.0810 0x0970 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:37:18.0841 0x0970 secdrv - ok
13:37:18.0873 0x0970 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
13:37:18.0904 0x0970 seclogon - ok
13:37:18.0935 0x0970 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\System32\sens.dll
13:37:18.0966 0x0970 SENS - ok
13:37:18.0997 0x0970 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:37:19.0029 0x0970 SensrSvc - ok
13:37:19.0044 0x0970 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:37:19.0075 0x0970 Serenum - ok
13:37:19.0091 0x0970 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:37:19.0107 0x0970 Serial - ok
13:37:19.0122 0x0970 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
13:37:19.0153 0x0970 sermouse - ok
13:37:19.0200 0x0970 [ 9D38320BB32230349379DF5DDBBF7FCE, 8AAA8B0B60E65F596C3276DCCD0D8146B40172B6D509B597EDFDA46AC8A72A4C ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
13:37:19.0231 0x0970 ServiceLayer - detected UnsignedFile.Multi.Generic ( 1 )
13:37:19.0231 0x0970 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
13:37:19.0263 0x0970 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
13:37:19.0294 0x0970 SessionEnv - ok
13:37:19.0309 0x0970 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:37:19.0341 0x0970 sffdisk - ok
13:37:19.0356 0x0970 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:37:19.0387 0x0970 sffp_mmc - ok
13:37:19.0419 0x0970 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:37:19.0434 0x0970 sffp_sd - ok
13:37:19.0465 0x0970 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
13:37:19.0512 0x0970 sfloppy - ok
13:37:19.0559 0x0970 [ EC5C79BD81F0C55DF53F4818D4F1C2C8, B9650F484CF918781CA3B02278F19E73FA3B619133F75C0C42FEB788A183E0CB ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
13:37:19.0606 0x0970 Sftfs - ok
13:37:19.0653 0x0970 [ 1AEBDC693C74EA55FE05D51FA6573EBC, 92E3A6C8D3B5193BD2831DD47C4C58419F72ABC2C21C71A9A690CCFC2D05CBB0 ] sftlist C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
13:37:19.0684 0x0970 sftlist - ok
13:37:19.0715 0x0970 [ A224670FB892A205E4D99E06C0B85C7C, 3E2E401FF5E0E9EE4C2BE9F5C3144086F5AB015789C36D7263BBAB59FEEB74C7 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
13:37:19.0731 0x0970 Sftplay - ok
13:37:19.0746 0x0970 [ 9D354D425FB55CDF0EDC7F67FBC5B04E, C3B68F8B5F34B73EF6588DCBB67BE7CB3E59918E7A58D90A83E3D8EBB6ECA291 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
13:37:19.0762 0x0970 Sftredir - ok
13:37:19.0777 0x0970 [ F369D6B89AA610174A4E90C8513B7C7A, 2AEFA10F57C0ED0466611957DED5425363608E88414DD7DCF74E182117B12F5A ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
13:37:19.0793 0x0970 Sftvol - ok
13:37:19.0824 0x0970 [ 19D34534176E62F35DDB7DC7B7FF2A87, DBBB9155B62482E4782E5302193586514880734BD3617FDCB51798EB404758D6 ] sftvsa C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
13:37:19.0840 0x0970 sftvsa - ok
13:37:19.0949 0x0970 [ A7D7211F0F2BD205FA3452602D8FCA94, DBF18F6065F153903C789FF12D39F98B51E0EBABA847B262489B8B5DFC0714D1 ] ShadowProtectSvc C:\Program Files-s\StorageCraft\ShadowProtect\ShadowProtectSvc.exe
13:37:20.0027 0x0970 ShadowProtectSvc - ok
13:37:20.0058 0x0970 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:37:20.0089 0x0970 SharedAccess - ok
13:37:20.0152 0x0970 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:37:20.0199 0x0970 ShellHWDetection - ok
13:37:20.0230 0x0970 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys
13:37:20.0277 0x0970 sisagp - ok
13:37:20.0323 0x0970 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:37:20.0339 0x0970 SiSRaid2 - ok
13:37:20.0355 0x0970 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
13:37:20.0370 0x0970 SiSRaid4 - ok
13:37:20.0401 0x0970 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:37:20.0433 0x0970 Smb - ok
13:37:20.0479 0x0970 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:37:20.0511 0x0970 SNMPTRAP - ok
13:37:20.0542 0x0970 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
13:37:20.0557 0x0970 spldr - ok
13:37:20.0589 0x0970 [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\Windows\System32\spoolsv.exe
13:37:20.0667 0x0970 Spooler - ok
13:37:20.0745 0x0970 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe
13:37:20.0869 0x0970 sppsvc - ok
13:37:20.0901 0x0970 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:37:20.0934 0x0970 sppuinotify - ok
13:37:20.0981 0x0970 [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\Windows\system32\DRIVERS\srv.sys
13:37:21.0012 0x0970 srv - ok
13:37:21.0059 0x0970 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:37:21.0105 0x0970 srv2 - ok
13:37:21.0137 0x0970 [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:37:21.0152 0x0970 srvnet - ok
13:37:21.0183 0x0970 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:37:21.0215 0x0970 SSDPSRV - ok
13:37:21.0246 0x0970 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:37:21.0277 0x0970 SstpSvc - ok
13:37:21.0293 0x0970 [ 3F0164FBC0BD1ADBD02DF9759181451A, 8BDAA0373BD16B38407F93FE5C697481D4D88C72B1931D6A7B9F80C0276242B9 ] ss_bbus C:\Windows\system32\DRIVERS\ss_bbus.sys
13:37:21.0308 0x0970 ss_bbus - ok
13:37:21.0339 0x0970 [ B89D62206034E5FE573C80A24DD55675, 26D12E2A7CB538DDEEA7B764242E9EAE25E0A46293AE3608E6B7DD71AECBA901 ] ss_bmdfl C:\Windows\system32\DRIVERS\ss_bmdfl.sys
13:37:21.0355 0x0970 ss_bmdfl - ok
13:37:21.0371 0x0970 [ 1ED0FCEA586FE2A416EE15196E5631DD, AF1EBAD7D580BF85ACD6C6287892DE4E7A679852887B9E866A032B1DDCF26183 ] ss_bmdm C:\Windows\system32\DRIVERS\ss_bmdm.sys
13:37:21.0402 0x0970 ss_bmdm - ok
13:37:21.0433 0x0970 [ 306521935042FC0A6988D528643619B3, 6FCC06EA71F5C83A8C3A8B7152E9FF48BCFBD35ED8C134A0879735F9135BB20C ] StarOpen C:\Windows\system32\drivers\StarOpen.sys
13:37:21.0433 0x0970 StarOpen - detected UnsignedFile.Multi.Generic ( 1 )
13:37:21.0433 0x0970 StarOpen ( UnsignedFile.Multi.Generic ) - warning
13:37:21.0464 0x0970 [ 1E46E6F82684ACCFBD74A5EA8727FD38, 2347CC10CEAC1086D494EA9BFF3DE0BA02B9D8D68323AC77C31A7A6E602F8E6D ] stcvsm C:\Windows\system32\drivers\stcvsm.sys
13:37:21.0480 0x0970 stcvsm - ok
13:37:21.0527 0x0970 [ CC7ED069C2FC82B5B1555C2044C765CC, CE43363544A3EE2C5133CD0D47BF34AFAFA4EAD6AC9EB9A772EE55E89D4D89D4 ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe
13:37:21.0558 0x0970 Steam Client Service - ok
13:37:21.0636 0x0970 [ 5DA84663B5DC64AF9D5E944D809A6099, C5D427F019081BF93C08391845E7B22A9AFCE7D3A6E6F8EA1F36566F05F9843E ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
13:37:21.0651 0x0970 Stereo Service - ok
13:37:21.0683 0x0970 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
13:37:21.0729 0x0970 stexstor - ok
13:37:21.0776 0x0970 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
13:37:21.0807 0x0970 StiSvc - ok
13:37:21.0839 0x0970 [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt C:\Windows\system32\drivers\vmstorfl.sys
13:37:21.0854 0x0970 storflt - ok
13:37:21.0870 0x0970 [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc C:\Windows\system32\storsvc.dll
13:37:21.0932 0x0970 StorSvc - ok
13:37:21.0948 0x0970 [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc C:\Windows\system32\drivers\storvsc.sys
13:37:21.0979 0x0970 storvsc - ok
13:37:21.0995 0x0970 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\drivers\swenum.sys
13:37:22.0010 0x0970 swenum - ok
13:37:22.0026 0x0970 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
13:37:22.0073 0x0970 swprv - ok
13:37:22.0104 0x0970 [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain C:\Windows\system32\sysmain.dll
13:37:22.0166 0x0970 SysMain - ok
13:37:22.0197 0x0970 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
13:37:22.0229 0x0970 TabletInputService - ok
13:37:22.0244 0x0970 taphss6 - ok
13:37:22.0260 0x0970 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
13:37:22.0291 0x0970 TapiSrv - ok
13:37:22.0322 0x0970 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
13:37:22.0353 0x0970 TBS - ok
13:37:22.0416 0x0970 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:37:22.0478 0x0970 Tcpip - ok
13:37:22.0525 0x0970 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:37:22.0556 0x0970 TCPIP6 - ok
13:37:22.0587 0x0970 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:37:22.0603 0x0970 tcpipreg - ok
13:37:22.0634 0x0970 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:37:22.0681 0x0970 TDPIPE - ok
13:37:22.0712 0x0970 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:37:22.0728 0x0970 TDTCP - ok
13:37:22.0743 0x0970 [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:37:22.0790 0x0970 tdx - ok
13:37:22.0806 0x0970 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\drivers\termdd.sys
13:37:22.0806 0x0970 TermDD - ok
13:37:22.0837 0x0970 [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService C:\Windows\System32\termsrv.dll
13:37:22.0884 0x0970 TermService - ok
13:37:22.0899 0x0970 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
13:37:22.0931 0x0970 Themes - ok
13:37:22.0931 0x0970 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
13:37:22.0962 0x0970 THREADORDER - ok
13:37:23.0009 0x0970 [ 9512B0ED87A530A786B4DDB97D22DB17, 79E9BBFCFDA31BE3CCEF5A76A65CBDAF3DDDFEAE6F9DC51079A64BE5DE48A2DB ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
13:37:23.0024 0x0970 TomTomHOMEService - ok
13:37:23.0055 0x0970 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
13:37:23.0087 0x0970 TrkWks - ok
13:37:23.0118 0x0970 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:37:23.0149 0x0970 TrustedInstaller - ok
13:37:23.0165 0x0970 [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:37:23.0180 0x0970 tssecsrv - ok
13:37:23.0227 0x0970 [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:37:23.0258 0x0970 TsUsbFlt - ok
13:37:23.0289 0x0970 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:37:23.0321 0x0970 tunnel - ok
13:37:23.0336 0x0970 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
13:37:23.0352 0x0970 uagp35 - ok
13:37:23.0383 0x0970 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:37:23.0414 0x0970 udfs - ok
13:37:23.0430 0x0970 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:37:23.0461 0x0970 UI0Detect - ok
13:37:23.0477 0x0970 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:37:23.0492 0x0970 uliagpkx - ok
13:37:23.0508 0x0970 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\drivers\umbus.sys
13:37:23.0523 0x0970 umbus - ok
13:37:23.0539 0x0970 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
13:37:23.0555 0x0970 UmPass - ok
13:37:23.0570 0x0970 [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService C:\Windows\System32\umrdp.dll
13:37:23.0601 0x0970 UmRdpService - ok
13:37:23.0679 0x0970 [ BB879DCFD22926EFBEB3298129898CBB, 2A24E6CD5D6E0CEA3082C0699A2371084CC1268B31BC714098EA0D0C11B3AFAC ] UnlockerDriver5 C:\Program Files-s\Unlocker\UnlockerDriver5.sys
13:37:23.0695 0x0970 UnlockerDriver5 - detected UnsignedFile.Multi.Generic ( 1 )
13:37:23.0695 0x0970 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - warning
13:37:23.0726 0x0970 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
13:37:23.0757 0x0970 upnphost - ok
13:37:23.0789 0x0970 [ EC1C23779BB41A8B2AB2AA6FCE308BDE, D027A2B472CAE97AECB16F69BE52E06CB61E1C61AE196C22662050B711C1C72D ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
13:37:23.0821 0x0970 USBAAPL - ok
13:37:23.0836 0x0970 [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:37:23.0899 0x0970 usbccgp - ok
13:37:23.0899 0x0970 [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:37:23.0946 0x0970 usbcir - ok
13:37:23.0961 0x0970 [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:37:23.0992 0x0970 usbehci - ok
13:37:24.0039 0x0970 [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:37:24.0055 0x0970 usbhub - ok
13:37:24.0086 0x0970 [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:37:24.0102 0x0970 usbohci - ok
13:37:24.0148 0x0970 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:37:24.0164 0x0970 usbprint - ok
13:37:24.0195 0x0970 [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:37:24.0226 0x0970 USBSTOR - ok
13:37:24.0242 0x0970 [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
13:37:24.0258 0x0970 usbuhci - ok
13:37:24.0289 0x0970 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
13:37:24.0320 0x0970 UxSms - ok
13:37:24.0336 0x0970 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] VaultSvc C:\Windows\system32\lsass.exe
13:37:24.0351 0x0970 VaultSvc - ok
13:37:24.0367 0x0970 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:37:24.0382 0x0970 vdrvroot - ok
13:37:24.0398 0x0970 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
13:37:24.0429 0x0970 vds - ok
13:37:24.0460 0x0970 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:37:24.0492 0x0970 vga - ok
13:37:24.0492 0x0970 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
13:37:24.0523 0x0970 VgaSave - ok
13:37:24.0554 0x0970 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:37:24.0585 0x0970 vhdmp - ok
13:37:24.0601 0x0970 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys
13:37:24.0616 0x0970 viaagp - ok
13:37:24.0632 0x0970 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
13:37:24.0648 0x0970 ViaC7 - ok
13:37:24.0663 0x0970 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys
13:37:24.0679 0x0970 viaide - ok
13:37:24.0710 0x0970 [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus C:\Windows\system32\drivers\vmbus.sys
13:37:24.0726 0x0970 vmbus - ok
13:37:24.0726 0x0970 [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
13:37:24.0741 0x0970 VMBusHID - ok
13:37:24.0757 0x0970 VMnetAdapter - ok
13:37:24.0772 0x0970 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:37:24.0788 0x0970 volmgr - ok
13:37:24.0804 0x0970 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:37:24.0835 0x0970 volmgrx - ok
13:37:24.0850 0x0970 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:37:24.0866 0x0970 volsnap - ok
13:37:24.0897 0x0970 [ 63EF70B7BFB875436D5983E3C77F0681, D0C9A7D42393DEFF33507D4A7ECC207D7CB071D78404B70398A0480C121708AB ] vpcbus C:\Windows\system32\DRIVERS\vpchbus.sys
13:37:24.0928 0x0970 vpcbus - ok
13:37:24.0960 0x0970 [ 2559494DC74877AFCE97C6F75E4B7020, D5B74A2E076427D9F41C81E98AD1AA934A3B749B3C7D4EEA750CB02DAA3A3FDA ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys
13:37:24.0975 0x0970 vpcnfltr - ok
13:37:24.0991 0x0970 [ AC0ADAD2AD5A166100CF59FB9A7880B7, D47B1C57F61BC18BE85F3D276ABA936CCF354C03994622710498EE1B440E4698 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys
13:37:25.0038 0x0970 vpcusb - ok
13:37:25.0053 0x0970 [ 7A806CC4416FE9B1B9C091E31BC638BC, 5F98E6B9285267B2C16DC8E61D6827F787FF44EDA085493E1F68305396EBB675 ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys
13:37:25.0084 0x0970 vpcvmm - ok
13:37:25.0100 0x0970 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
13:37:25.0116 0x0970 vsmraid - ok
13:37:25.0131 0x0970 [ DA54496D15E5FA65BFEFD227885F3055, 4E28EDFADD3BE0198EE8C7D4288C43002D9F75D092EEAEB608668513EF06B186 ] VSNAPVSS C:\Windows\system32\vsnapvss.exe
13:37:25.0147 0x0970 VSNAPVSS - ok
13:37:25.0225 0x0970 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe
13:37:25.0272 0x0970 VSS - ok
13:37:25.0287 0x0970 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
13:37:25.0334 0x0970 vwifibus - ok
13:37:25.0365 0x0970 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
13:37:25.0396 0x0970 W32Time - ok
13:37:25.0428 0x0970 [ B8C182DF79AC8938311AC8E193D52762, A92C79A748E2423C9C4AF96A1D823EAD529A04D4E42F7F1F46CD331432D36080 ] w800bus C:\Windows\system32\DRIVERS\w800bus.sys
13:37:25.0443 0x0970 w800bus - ok
13:37:25.0460 0x0970 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
13:37:25.0491 0x0970 WacomPen - ok
13:37:25.0507 0x0970 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:37:25.0538 0x0970 WANARP - ok
13:37:25.0553 0x0970 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:37:25.0569 0x0970 Wanarpv6 - ok
13:37:25.0663 0x0970 [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
13:37:25.0709 0x0970 WatAdminSvc - ok
13:37:25.0756 0x0970 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe
13:37:25.0897 0x0970 wbengine - ok
13:37:25.0928 0x0970 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:37:25.0959 0x0970 WbioSrvc - ok
13:37:25.0975 0x0970 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:37:26.0006 0x0970 wcncsvc - ok
13:37:26.0021 0x0970 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:37:26.0061 0x0970 WcsPlugInService - ok
13:37:26.0076 0x0970 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys
13:37:26.0092 0x0970 Wd - ok
13:37:26.0123 0x0970 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:37:26.0154 0x0970 Wdf01000 - ok
13:37:26.0170 0x0970 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:37:26.0232 0x0970 WdiServiceHost - ok
13:37:26.0248 0x0970 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:37:26.0263 0x0970 WdiSystemHost - ok
13:37:26.0279 0x0970 [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient C:\Windows\System32\webclnt.dll
13:37:26.0310 0x0970 WebClient - ok
13:37:26.0357 0x0970 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:37:26.0404 0x0970 Wecsvc - ok
13:37:26.0419 0x0970 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:37:26.0451 0x0970 wercplsupport - ok
13:37:26.0484 0x0970 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
13:37:26.0515 0x0970 WerSvc - ok
13:37:26.0531 0x0970 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:37:26.0577 0x0970 WfpLwf - ok
13:37:26.0593 0x0970 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:37:26.0609 0x0970 WIMMount - ok
13:37:26.0671 0x0970 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
13:37:26.0733 0x0970 WinDefend - ok
13:37:26.0749 0x0970 WinHttpAutoProxySvc - ok
13:37:26.0936 0x0970 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:37:26.0967 0x0970 Winmgmt - ok
13:37:26.0999 0x0970 [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM C:\Windows\system32\WsmSvc.dll
13:37:27.0077 0x0970 WinRM - ok
13:37:27.0108 0x0970 [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
13:37:27.0139 0x0970 WinUsb - ok
13:37:27.0186 0x0970 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
13:37:27.0248 0x0970 Wlansvc - ok
13:37:27.0342 0x0970 [ 6067ACEF367E79914AF628FA1E9B5330, 491A705267B48C103E00B26BBD21FA8829DB03A88343CBC27264CEE5DE8C8DEF ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:37:27.0357 0x0970 wlcrasvc - ok
13:37:27.0420 0x0970 [ FB01D4AE207B9EFDBABFC55DC95C7E31, E0EFDBBE0BAC275230C8C1A053948C21BCF20B99B92E50939E95FFB9DC87F6BA ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:37:27.0498 0x0970 wlidsvc - ok
13:37:27.0529 0x0970 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:37:27.0545 0x0970 WmiAcpi - ok
13:37:27.0591 0x0970 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:37:27.0607 0x0970 wmiApSrv - ok
13:37:27.0669 0x0970 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
13:37:27.0732 0x0970 WMPNetworkSvc - ok
13:37:27.0747 0x0970 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:37:27.0810 0x0970 WPCSvc - ok
13:37:27.0825 0x0970 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:37:27.0857 0x0970 WPDBusEnum - ok
13:37:27.0872 0x0970 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:37:27.0919 0x0970 ws2ifsl - ok
13:37:27.0935 0x0970 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\System32\wscsvc.dll
13:37:27.0981 0x0970 wscsvc - ok
13:37:27.0981 0x0970 WSearch - ok
13:37:28.0075 0x0970 [ D9B0134913E5EF007AF82A418C503322, 7418DD28C8E968674382F8352AAFFC4DE77887E2B71B8844D615F19432B4C55A ] wuauserv C:\Windows\system32\wuaueng.dll
13:37:28.0169 0x0970 wuauserv - ok
13:37:28.0184 0x0970 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:37:28.0231 0x0970 WudfPf - ok
13:37:28.0247 0x0970 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:37:28.0278 0x0970 WUDFRd - ok
13:37:28.0309 0x0970 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:37:28.0325 0x0970 wudfsvc - ok
13:37:28.0356 0x0970 [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\Windows\System32\wwansvc.dll
13:37:28.0403 0x0970 WwanSvc - ok
13:37:28.0418 0x0970 ================ Scan global ===============================
13:37:28.0449 0x0970 [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
13:37:28.0481 0x0970 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
13:37:28.0496 0x0970 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
13:37:28.0512 0x0970 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
13:37:28.0561 0x0970 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
13:37:28.0571 0x0970 [ Global ] - ok
13:37:28.0575 0x0970 ================ Scan MBR ==================================
13:37:28.0591 0x0970 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:37:28.0999 0x0970 \Device\Harddisk0\DR0 - ok
13:37:28.0999 0x0970 ================ Scan VBR ==================================
13:37:29.0030 0x0970 [ A7857A603708D60086B034F105D72D72 ] \Device\Harddisk0\DR0\Partition1
13:37:29.0077 0x0970 \Device\Harddisk0\DR0\Partition1 - ok
13:37:29.0092 0x0970 [ 54B50F592762A0681F5DEC3A0ACFF1B5 ] \Device\Harddisk0\DR0\Partition2
13:37:29.0123 0x0970 \Device\Harddisk0\DR0\Partition2 - ok
13:37:29.0123 0x0970 ================ Scan generic autorun ======================
13:37:29.0186 0x0970 [ EC07666783127E0CA927B24FF9EBD9C6, 38E23C6A1222F024B275F1795202E8BB34E68639456C2B27138E288D9104C052 ] C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe
13:37:29.0217 0x0970 MaxMenuMgr - ok
13:37:29.0264 0x0970 [ 615F1493A5D111007DA9CF1F9C88EEE0, 3322317012C9DB7ECD100DE6A52CC73CF442FCA4D0492C8EEDC68F8AF24533FF ] C:\Program Files\ROCCAT\Kone Mouse\KoneHID.EXE
13:37:29.0264 0x0970 Kone - detected UnsignedFile.Multi.Generic ( 1 )
13:37:29.0264 0x0970 Kone ( UnsignedFile.Multi.Generic ) - warning
13:37:29.0279 0x0970 Malwarebytes' Anti-Malware (reboot) - ok
13:37:29.0326 0x0970 [ 09E60B4FE341A94A300830C008907099, 5F07868953FAA8FFA9E6477F6BAC52DEEDF3EA4A3F8AF5B4E15878D8240223AB ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
13:37:29.0342 0x0970 APSDaemon - ok
13:37:29.0373 0x0970 [ 057E55EDF3D73ABBCF7FF865C359AFA6, 61CE5601225FF7B0530B710B22986E04B69CF4DFBE8212FFE2EA2689C80F3FAB ] C:\Program Files\Ninite Updater\NiniteUpdater.exe
13:37:29.0404 0x0970 Ninite Updater - ok
13:37:29.0498 0x0970 [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
13:37:29.0545 0x0970 Adobe ARM - ok
13:37:29.0624 0x0970 [ F6C586C6D7A253ACA913FB49831797DE, BF8BE1660DD8DEE72E195D5A26C9A78454F70F81CEB6E1CF8B8B630D25F66A53 ] C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
13:37:29.0686 0x0970 NvBackend - ok
13:37:29.0748 0x0970 [ 16D4D2AB28EDD90AEE06826B3ADF50AB, EE8E54702B22E7F1DB8DE7296132C3473DD9D18B9E9C47414F315173E0A26E16 ] C:\Program Files\PDF24\pdf24.exe
13:37:29.0764 0x0970 PDFPrint - ok
13:37:29.0811 0x0970 [ 14D6542607ACD4B2D1DDB1A36E0D8813, 3A270600549E8E7988D5AF3486C0F504269B9573393D87BF87BDB2287BF007B2 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
13:37:29.0826 0x0970 SunJavaUpdateSched - ok
13:37:29.0873 0x0970 [ 271B0D188430670509CB9943D5229205, 74CB5A9D8B5988AE08C0F65C601FC54F8745BAB6825B6FEEFBA8F068D656D8D7 ] C:\Program Files\QuickTime\QTTask.exe
13:37:29.0904 0x0970 QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
13:37:29.0904 0x0970 QuickTime Task ( UnsignedFile.Multi.Generic ) - warning
13:37:30.0123 0x0970 [ D2124327CB66F3727D26343122DBC4F5, BEE49D88C8FE602E78613B62BD2F3759596FED0C0F39633CD955A55474F1F479 ] C:\Program Files\ESET\ESET Smart Security\egui.exe
13:37:30.0309 0x0970 egui - ok
13:37:30.0402 0x0970 [ 0EF0822810009D58118CCDFD098FA9F4, 9FAA263057898BCDBCB0A064C463F48D149474AA339A3C4C47626CC118750D2D ] C:\Program Files\iTunes\iTunesHelper.exe
13:37:30.0465 0x0970 iTunesHelper - ok
13:37:30.0527 0x0970 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
13:37:30.0605 0x0970 Sidebar - ok
13:37:30.0605 0x0970 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
13:37:30.0636 0x0970 mctadmin - ok
13:37:30.0683 0x0970 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
13:37:30.0714 0x0970 Sidebar - ok
13:37:30.0730 0x0970 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
13:37:30.0746 0x0970 mctadmin - ok
13:37:30.0792 0x0970 [ 8E5C5A904BF220C835336139448A3B76, 7F70D9AD6A020E0172CAB88F7BD48D60DB8E71E126E8626C251D6C71E8008B64 ] C:\Program Files-s\Quicklaunch\QuickLaunch.exe
13:37:30.0824 0x0970 Quicklaunch - detected UnsignedFile.Multi.Generic ( 1 )
13:37:30.0824 0x0970 Quicklaunch ( UnsignedFile.Multi.Generic ) - warning
13:37:31.0073 0x0970 [ E8405C87CD06FF5D69BC6F3B24D766D0, C82171BEDBFE593A04D09C2E20B0528AA3CEC722D6919F8A5C70C6EFFB9EFEAE ] C:\Users\ERSTERUSER\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
13:37:31.0136 0x0970 AmazonMP3DownloaderHelper - ok
13:37:31.0604 0x0970 [ 463A64DCF4E5CDA3A950A0C7B11027DD, BFA5CB24FF30311FC4284A65B4D3110A69C588B685D5EA367BF6A63B1EC6A1DD ] C:\Program Files-s\SuperFlexible\ExtremeSyncService.exe
13:37:32.0025 0x0970 ExtremeSync Background Scheduler - ok
13:37:32.0150 0x0970 [ ABFE73726B0561B8DBFE4FF30E7D4951, 1774E58DD1C1AB784E988643B71A357CA897F235CBBF4CDF98F0556DCA411585 ] C:\Users\ERSTERUSER\AppData\Local\Amazon Music\Amazon Music Helper.exe
13:37:32.0259 0x0970 Amazon Music - ok
13:37:32.0290 0x0970 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
13:37:32.0337 0x0970 Sidebar - ok
13:37:32.0337 0x0970 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
13:37:32.0353 0x0970 mctadmin - ok
13:37:32.0415 0x0970 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
13:37:32.0446 0x0970 Sidebar - ok
13:37:32.0462 0x0970 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
13:37:32.0477 0x0970 mctadmin - ok
13:37:32.0477 0x0970 ============================================================
13:37:32.0477 0x0970 Scan finished
13:37:32.0477 0x0970 ============================================================
13:37:32.0493 0x0ddc Detected object count: 9
13:37:32.0493 0x0ddc Actual detected object count: 9
13:38:48.0808 0x0ddc FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
13:38:48.0808 0x0ddc FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:38:48.0808 0x0ddc mcdbus ( UnsignedFile.Multi.Generic ) - skipped by user
13:38:48.0808 0x0ddc mcdbus ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:38:48.0808 0x0ddc PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user
13:38:48.0808 0x0ddc PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:38:48.0808 0x0ddc ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
13:38:48.0808 0x0ddc ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:38:48.0808 0x0ddc StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
13:38:48.0808 0x0ddc StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:38:48.0824 0x0ddc UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - skipped by user
13:38:48.0824 0x0ddc UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:38:48.0824 0x0ddc Kone ( UnsignedFile.Multi.Generic ) - skipped by user
13:38:48.0824 0x0ddc Kone ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:38:48.0824 0x0ddc QuickTime Task ( UnsignedFile.Multi.Generic ) - skipped by user
13:38:48.0824 0x0ddc QuickTime Task ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:38:48.0824 0x0ddc Quicklaunch ( UnsignedFile.Multi.Generic ) - skipped by user
13:38:48.0824 0x0ddc Quicklaunch ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
09.12.2014, 11:29
| #6 |
| /// the machine /// TB-Ausbilder | Trojaner-Warnung nach Steam-Update hi, Scan mit Combofix
__________________ --> Trojaner-Warnung nach Steam-Update |
|
10.12.2014, 10:28
| #7 |
| | Trojaner-Warnung nach Steam-Update Das hat leider gar nicht funktioniert. Ich konnte keinen Screenshot machen, da der Bildschirm eingefroren war, aber sie lautete ungefähr: "Scan-Vorgang läuft" Nach einem Kaltstart läuft alles wie bisher, ich kann auch keine Verlangsamung feststellen. |
|
10.12.2014, 19:20
| #8 |
| /// the machine /// TB-Ausbilder | Trojaner-Warnung nach Steam-Update Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
13.12.2014, 22:59
| #9 |
| | Trojaner-Warnung nach Steam-Update Sorry, hat ein bisschen länger gedauert diesmal - blöder Grippevirus. Code:
ATTFilter # AdwCleaner v4.105 - Bericht erstellt am 13/12/2014 um 22:54:43
# Aktualisiert 08/12/2014 von Xplode
# Database : 2014-12-13.4 [Live]
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzername : ERSTERUSER - CLAUDIA-PC
# Gestartet von : D:\Eigene Dateien\Downloads\AdwCleaner_4.105.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\apn
Ordner Gelöscht : C:\Program Files\1ClickDownload
Ordner Gelöscht : C:\Users\ERSTERUSER\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\ERSTERUSER\AppData\Roaming\registry mechanic
Ordner Gelöscht : C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_lyrics.wikia.com_0.localstorage
Datei Gelöscht : C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_lyrics.wikia.com_0.localstorage-journal
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}]
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
Schlüssel Gelöscht : HKCU\Software\Alexa Internet
Schlüssel Gelöscht : HKCU\Software\anchorfree
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\distromatic
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\UpdateStar
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\PIP
Schlüssel Gelöscht : HKLM\SOFTWARE\Web Assistant
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17496
-\\ Mozilla Firefox v27.0 (de)
-\\ Google Chrome v39.0.2171.95
[C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=49&cc=&mi=35f69b3c00000000000090e6bac907bf
*************************
AdwCleaner[R0].txt - [4115 octets] - [13/12/2014 22:39:59]
AdwCleaner[S0].txt - [4036 octets] - [13/12/2014 22:54:43]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4096 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Professional x86
Ran by ERSTERUSER on 13.12.2014 at 23:00:50,21
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
Successfully deleted: [File] "C:\Users\ERSTERUSER\appdata\locallow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com"
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{18A1CE82-4920-4C69-AD2C-171FB922760D}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{1E69FCF3-6E48-4F0B-8F63-C7B3107C866C}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{2343B2B2-FBD5-41C7-8ECA-65BBBF105C9D}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{2CE687AA-0773-4260-AAEA-ABBDDE6A4455}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{41289636-DDEF-4581-9669-0E3B8450F4A5}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{43EA183B-529C-4067-B4E7-63E03F78F02A}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{4801030D-0C66-4E6F-B338-A98537EB4A78}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{4AF6FE78-3E33-45BD-BE0C-0B9D2B5B2123}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{4C1B95E2-8338-441F-99DC-3C83CF017456}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{50F14731-F8EB-463F-A1CD-98F613E60CAC}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{56755E24-A21B-4279-BB12-9B6858663C7D}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{61A026D4-29CF-44F0-B938-79E014CD7D50}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{6820988A-CEAB-414E-A089-DB6D347F4CAF}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{6D57CCD3-71AF-4A26-A7DF-075C603F5B37}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{7983E433-9B22-4A3C-97E1-848FA88E0C86}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{7A7E709F-AEAB-4E6A-B131-5C67660590CB}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{84A7CDB1-E149-4705-ADEC-09F1E159372D}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{8B88ED79-1546-422F-9B17-5B25E12A238A}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{940E89A1-0F18-4F16-B1CC-C6A862EF3961}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{96AA6247-32D8-42B2-8DCE-5EAFE761F01A}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{9FAA0EA6-D5E1-4B02-9CAA-8F49754D1247}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{A571AF33-F552-4BA6-ABF6-6BB24ED07C7C}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{AED1007B-3D68-4992-9A69-AA5960C6646D}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{B9D6E9CB-BFF3-4CE6-8DEF-87860C3B463B}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{C66C875D-ABCE-4DA1-920E-8CCC1C60F787}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{CC510C75-278F-4FAA-B2EF-125135117DC7}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{E155E047-C97C-4C68-BFBD-B59F4F6B5BDA}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{E4B7344A-086A-4E51-A689-01E627D76079}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{EC04B8E8-7AE3-44EF-935E-5C8F4A9BC756}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{F0CBEE9A-2126-4222-9A67-2896BA689C23}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{F991A20E-08E7-450F-897F-25F76B40EC48}
~~~ FireFox
Successfully deleted: [File] C:\user.js
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13.12.2014 at 23:04:12,42
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Geändert von Mokba (13.12.2014 um 23:28 Uhr) |
|
14.12.2014, 16:32
| #10 |
| /// the machine /// TB-Ausbilder | Trojaner-Warnung nach Steam-Update und der Rest?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
14.12.2014, 19:45
| #11 |
| | Trojaner-Warnung nach Steam-Update Hab ich was vergessen? Sorry, mir glüht immer noch die Birne. Ich les mir das morgen nochmal in Ruhe durch. |
|
15.12.2014, 19:13
| #12 |
| /// the machine /// TB-Ausbilder | Trojaner-Warnung nach Steam-Update MBAM, also Tool 1 in der Liste, und das frische FRST Log 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
17.12.2014, 16:22
| #13 |
| | Trojaner-Warnung nach Steam-UpdateCode:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 14-12-2014 01
Ran by ERSTERUSER at 2014-12-17 15:58:26
Running from D:\Eigene Dateien\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Smart Security 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal Firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advertising Center (Version: 0.0.0.1 - Nero AG) Hidden
Alle meine Passworte 3.15 (HKLM\...\AllemeinePassworte) (Version: - )
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\Amazon Amazon Music) (Version: 3.1.0.570 - Amazon Services LLC)
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audible Download Manager (HKLM\...\AudibleDownloadManager) (Version: 6.6.0.13 - Audible, Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 2.28 - Piriform)
CodeStuff Starter (HKLM\...\CodeStuff Starter) (Version: 5.6.2.9 - CodeStuff)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Dupehunter Professional - Computerbild Edition (HKLM\...\Dupehunter Professional - Computerbild Edition) (Version: 8.1.0.3700 - Carsten Heidtke Software)
ESET Smart Security (HKLM\...\{1F4CBC3C-5CAE-4528-A584-C25E6CE3D7E5}) (Version: 8.0.304.4 - ESET, spol s r. o.)
EzImplant-CDViewer (HKLM\...\{B8CB4ED2-74EE-44F0-88CB-C2DD30B36EEA}) (Version: 1.5.7415 - INFINITT)
EzImplant-CDViewer (Version: 1.5.7415 - INFINITT) Hidden
Fernwartungshilfe für Kunden von PC-Blitzhelfer (HKLM\...\Fernwartungshilfe für Kunden von PC-Blitzhelfer) (Version: 1.0.1 - PC-Blitzhelfer)
Folder Guide (HKLM\...\Folder Guide) (Version: - )
Freemake Video Converter Version 4.0.3 (HKLM\...\Freemake Video Converter_is1) (Version: 4.0.3 - Ellora Assets Corporation)
Google Chrome (HKLM\...\{C3FF5ACB-174A-3E07-AE2A-62063FBCC9B1}) (Version: 66.30.49247 - Google, Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
HD Tune 2.55 (HKLM\...\HD Tune_is1) (Version: - EFD Software)
HTC Driver Installer (HKLM\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.13.0.003 - HTC Corporation)
ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden
IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LameXP (HKLM\...\{FBD7A67D-D700-4043-B54F-DD106D00F308}) (Version: - )
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Menu Templates - Starter Kit (Version: 9.4.1.0 - Nero AG) Hidden
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.6109.5003 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Movie Templates - Starter Kit (Version: 9.4.1.0 - Nero AG) Hidden
Mozilla Firefox 27.0 (x86 de) (HKLM\...\Mozilla Firefox 27.0 (x86 de)) (Version: 27.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.2.0 - Mozilla)
Mozilla Thunderbird 31.3.0 (x86 de) (HKLM\...\Mozilla Thunderbird 31.3.0 (x86 de)) (Version: 31.3.0 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NC Launcher (GameForge) (HKLM\...\NCLauncher_GameForge) (Version: - NCsoft)
Nero 9 Essentials (HKLM\...\{86bde101-32cf-471a-8575-8de7c21570d8}) (Version: - Nero AG)
Ninite Updater (HKLM\...\NiniteUpdater) (Version: - )
NVIDIA 3D Vision Controller-Treiber 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 306.97 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PC Connectivity Solution (HKLM\...\{AC599724-5755-48C1-ABE7-ABB857652930}) (Version: 8.15.0.0 - Nokia)
PDF24 Creator 6.7.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickLaunch (HKLM\...\QuickLaunch_is1) (Version: 2.3 - Oliver Frietsch)
QuickPar 0.9 (HKLM\...\QuickPar) (Version: 0.9 - Peter B. Clements)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realms of Arkania: Blade of Destiny (HKLM\...\Steam App 237550) (Version: - Crafty Studios)
ROCCAT Kone Mouse Driver (HKLM\...\{9733747E-E53D-4C17-977E-3A872AFB93E1}) (Version: - )
Seagate Manager Installer (HKLM\...\InstallShield_{E6F019F1-DFB6-4853-A87D-6E31624755A9}) (Version: 2.02.0109 - Seagate)
Seagate Manager Installer (Version: 2.02.0109 - Seagate) Hidden
ShadowProtect Desktop (HKLM\...\{8850DEC8-22FD-4F05-A3AA-49B91200C24F}) (Version: 3.5.4183 - StorageCraft)
ShadowProtect Desktop (Version: 3.5.4183 - StorageCraft) Hidden
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Flexible File Synchronizer 5.60 (HKLM\...\Super Flexible File Synchronizer_is1) (Version: 5.60 - Super Flexible Software)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version: - )
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version: - Bethesda Game Studios)
TomTom HOME (HKLM\...\{99072AB4-D795-44D5-9D65-E3C9F8322C97}) (Version: 2.9.6 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Unity Web Player (HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unlocker 1.9.0 (HKLM\...\Unlocker) (Version: 1.9.0 - Cedrick Collomb)
UseNeXT by Tangysoft (HKLM\...\UseNeXT by Tangysoft_is1) (Version: - Tangysoft Ltd.)
Visual Subst (HKLM\...\Visual Subst) (Version: 1.0.6 - NTWind Software)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Win7codecs (HKLM\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 2.1.9 - Shark007)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.2.7235.0 - Microsoft Corporation)
Windows-Treiberpaket - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0) (HKLM\...\6194C28A8F62DD817EA1B918E6E46E806A21B452) (Version: 02/23/2007 2.5.0.0 - MobileTop)
Windows-Treiberpaket - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0) (HKLM\...\65B6FE5418CE28F4D72543FB2D964C3CEC83F161) (Version: 02/23/2007 2.5.0.0 - MobileTop)
Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0) (HKLM\...\3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F) (Version: 10/12/2007 6.85.4.0 - Nokia)
WinRAR 5.20 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.57\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.69\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 -> C:\Program Files\7-Zip\7-zip.dll (Igor Pavlov)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.2.183.39\goopdate.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{3f04dadf-6ea4-44d1-a507-03cad176f443}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{4DB26476-6787-4046-B836-E8412A9E8A27}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{4E77131D-3629-431C-9818-C5679DC83E81}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{56FDF344-FD6D-11D0-958A-006097C9A090}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{b5eedee0-c06e-11cf-8c56-444553540000}\InprocServer32 -> C:\TotCmdPM-C\Progs\UltraEdit\ue32ctmn.dll ()
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> C:\Windows\system32\actxprxy.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.65\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{F8383852-FCD3-11D1-A6B9-006097DF5BD4}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0AC90BA6-D407-4A06-935C-F95E8CBB14B5} - System32\Tasks\{CD119950-AECB-4970-9DA8-F6213814FE9A} => C:\Program Files\iTunes\iTunes.exe [2014-10-15] (Apple Inc.)
Task: {1063CB4E-C6A1-49F7-AFD4-E77A616A5D08} - System32\Tasks\{2CCBD1DD-5138-4FC2-B65A-A639DB1995AB} => C:\Program Files\Ninite Updater\NiniteUpdater.exe [2013-11-14] (Secure By Design Inc.)
Task: {17D647C6-BA2C-4EE7-AA4E-CD295B7397C9} - System32\Tasks\{593FE8EE-21EC-4C14-A0B7-6F269650F7EE} => C:\Program Files\iTunes\iTunes.exe [2014-10-15] (Apple Inc.)
Task: {1BDD75B6-BB8C-42B1-BECC-601C3736FCA0} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {20CDBC76-9955-4B73-A03A-68ABB5738DBA} - System32\Tasks\{100C0DF1-7649-433E-8DBA-124AF678EF5D} => C:\Program Files\iTunes\iTunes.exe [2014-10-15] (Apple Inc.)
Task: {23AF1B7C-E5A2-4E33-8D17-5CC12BDCEBBE} - System32\Tasks\{AC64EE3F-8680-47B7-889E-8D5F82241735} => C:\Program Files\Ninite Updater\NiniteUpdater.exe [2013-11-14] (Secure By Design Inc.)
Task: {33D76DA5-57BA-4F12-9CCD-2722B3EE282B} - System32\Tasks\GoogleUpdateTaskMachineCore1cf8a4073898d18 => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-13] (Google Inc.)
Task: {3AE0A447-349B-4FA2-B97D-B6049A88D5CE} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {4F0F9E71-2380-416E-9498-34BFFB46DFE6} - System32\Tasks\{F7564B6E-1F94-45F6-8801-861FD474C13F} => pcalua.exe -a D:\Downloads\267.85_desktop_win7_winvista_32bit_international.exe -d "D:\Eigene Dateien\Desktop"
Task: {58951724-E1B5-41BA-B202-109D6978DA96} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5F8D57B7-0D18-4F4F-9484-E451F5C6E98C} - System32\Tasks\GoogleUpdateTaskMachineUA1cee2f31d07067f => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-13] (Google Inc.)
Task: {5FD37F6B-B837-498D-87FC-804AC4F661ED} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
Task: {75F1BD09-2D15-452A-B5B5-6C2A0A837DE3} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {914C6117-625F-4E12-BE29-3158EEC2E19F} - System32\Tasks\{2B2007DA-4AA5-4EFD-80C1-2164C5EE99BE} => pcalua.exe -a "D:\Eigene Dateien\Downloads\Shockwave_Installer_Slim.exe" -d "D:\Eigene Dateien\Downloads"
Task: {A0B33EA5-C94B-4745-AE8A-BE7AAD785BC8} - System32\Tasks\{07C6FB47-2689-4A31-8470-F2E2825F0942} => pcalua.exe -a "C:\Program Files-s\Codestuff\Starter\unStarter.exe"
Task: {B5D64E0D-8DAF-468D-8B28-5726C7447D2C} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {B626FA49-F9AA-41BA-A4E9-BFC9306DC923} - System32\Tasks\{8ADA1F88-BA75-4746-8AF1-4B2D4D9D4A34} => pcalua.exe -a "D:\Eigene Dateien\Downloads\AudibleDM_iTunesSetup.exe" -d "D:\Eigene Dateien\Downloads"
Task: {D3044F96-FDCB-491E-A7B3-B76F021B5B63} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {EA0A65EE-B164-412D-BB18-C1AA7AE7F78B} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {EA8E6B62-CFB3-448D-A481-A0E5096639E7} - System32\Tasks\{B57E924A-9BE1-48CA-955E-394A93E26B06} => pcalua.exe -a E:\Install.exe -d E:\
Task: {FED0C4A7-752F-4CD4-AC3F-74E82454929E} - System32\Tasks\{291ABD72-DAA7-4DC2-978E-5A78C2BD2A94} => C:\Program Files\iTunes\iTunes.exe [2014-10-15] (Apple Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8a4073898d18.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cee2f31d07067f.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2011-10-25 14:48 - 2014-07-02 20:42 - 00107992 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-12-07 17:27 - 2012-12-07 17:27 - 00167424 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2013-05-22 19:50 - 2013-05-22 19:50 - 00400704 _____ () C:\Users\ERSTERUSER\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
2014-07-29 22:22 - 2014-07-01 19:58 - 03162944 _____ () C:\Users\ERSTERUSER\AppData\Local\Amazon Music\Amazon Music Helper.exe
2010-07-04 22:32 - 2010-07-04 22:32 - 00010752 _____ () C:\Program Files-s\Unlocker\UnlockerCOM.dll
2010-02-13 22:00 - 2008-08-13 16:20 - 00153600 _____ () C:\Program Files-s\Folder Guide\FGShellExt.dll
2014-12-10 06:56 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-10 06:56 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-10 06:56 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-10 06:56 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-10 06:56 - 2014-12-06 02:50 - 14913352 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll
2013-04-19 16:10 - 2014-11-19 16:21 - 04318720 _____ () C:\Program Files\UseNeXT\UseNeXT.exe
2013-04-19 16:10 - 2014-03-06 10:24 - 00041472 _____ () C:\Program Files\UseNeXT\Par2Calc.dll
2013-04-19 16:10 - 2014-03-06 10:18 - 00160768 _____ () C:\Program Files\UseNeXT\unrar.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:9453D700
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\Users\ERSTERUSER\AppData\Roaming\default.rss:OECustomProperty
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\Software\Classes\.exe: exefile => <===== ATTENTION!
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-3507585339-1609819653-644593918-500 - Administrator - Disabled)
ERSTERUSER (S-1-5-21-3507585339-1609819653-644593918-1000 - Administrator - Enabled) => C:\Users\ERSTERUSER
Gast (S-1-5-21-3507585339-1609819653-644593918-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3507585339-1609819653-644593918-1007 - Limited - Enabled)
UpdatusUser (S-1-5-21-3507585339-1609819653-644593918-1005 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/17/2014 07:22:03 AM) (Source: Chrome) (EventID: 1) (User: NT-AUTORITÄT)
Description: Chrome has encountered a fatal error.
ver=39.0.2171.95;lang=;guid=F2D1FBB44E12420184E9440CA877A2A0;is_machine=1;oop=1;upload=1;minidump=C:\Program Files\Google\CrashReports\a9e41c9f-f0b5-4bc3-b913-23a7a50b4574.dmp
Error: (12/14/2014 04:17:04 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (12/14/2014 10:50:15 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Picasa3.exe, Version 3.9.138.151 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: bd8
Startzeit: 01d017833e5a66dd
Endzeit: 5
Anwendungspfad: C:\Program Files-s\Google\Picasa3\Picasa3.exe
Berichts-ID: 91037292-8376-11e4-942a-90e6bac907bf
System errors:
=============
Error: (12/17/2014 02:35:51 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR11 gefunden.
Error: (12/17/2014 02:35:51 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR11 gefunden.
Error: (12/17/2014 02:35:50 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR11 gefunden.
Error: (12/17/2014 02:35:50 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR11 gefunden.
Error: (12/17/2014 02:08:27 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (12/17/2014 02:06:43 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR9 gefunden.
Error: (12/17/2014 02:06:42 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR9 gefunden.
Error: (12/17/2014 01:21:12 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (12/16/2014 06:11:20 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.
Error: (12/16/2014 06:11:18 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Microsoft Office Sessions:
=========================
Error: (12/17/2014 07:22:03 AM) (Source: Chrome) (EventID: 1) (User: NT-AUTORITÄT)
Description: Chrome has encountered a fatal error.
ver=39.0.2171.95;lang=;guid=F2D1FBB44E12420184E9440CA877A2A0;is_machine=1;oop=1;upload=1;minidump=C:\Program Files\Google\CrashReports\a9e41c9f-f0b5-4bc3-b913-23a7a50b4574.dmp
Error: (12/14/2014 04:17:04 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"J:\DPInst64.exe
Error: (12/14/2014 10:50:15 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Picasa3.exe3.9.138.151bd801d017833e5a66dd5C:\Program Files-s\Google\Picasa3\Picasa3.exe91037292-8376-11e4-942a-90e6bac907bf
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz
Percentage of memory in use: 63%
Total physical RAM: 3327.18 MB
Available physical RAM: 1223.58 MB
Total Pagefile: 6652.65 MB
Available Pagefile: 3929.15 MB
Total Virtual: 2047.88 MB
Available Virtual: 1903.09 MB
==================== Drives ================================
Drive c: (Start-C) (Fixed) (Total:110 GB) (Free:56.24 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Daten-D) (Fixed) (Total:1753.01 GB) (Free:870.26 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: DF1E9041)
Partition 1: (Active) - (Size=110 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1753 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 14-12-2014 01
Ran by ERSTERUSER at 2014-12-17 16:25:20
Running from D:\Eigene Dateien\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Smart Security 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal Firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advertising Center (Version: 0.0.0.1 - Nero AG) Hidden
Alle meine Passworte 3.15 (HKLM\...\AllemeinePassworte) (Version: - )
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\Amazon Amazon Music) (Version: 3.1.0.570 - Amazon Services LLC)
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audible Download Manager (HKLM\...\AudibleDownloadManager) (Version: 6.6.0.13 - Audible, Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 2.28 - Piriform)
CodeStuff Starter (HKLM\...\CodeStuff Starter) (Version: 5.6.2.9 - CodeStuff)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Dupehunter Professional - Computerbild Edition (HKLM\...\Dupehunter Professional - Computerbild Edition) (Version: 8.1.0.3700 - Carsten Heidtke Software)
ESET Smart Security (HKLM\...\{1F4CBC3C-5CAE-4528-A584-C25E6CE3D7E5}) (Version: 8.0.304.4 - ESET, spol s r. o.)
EzImplant-CDViewer (HKLM\...\{B8CB4ED2-74EE-44F0-88CB-C2DD30B36EEA}) (Version: 1.5.7415 - INFINITT)
EzImplant-CDViewer (Version: 1.5.7415 - INFINITT) Hidden
Fernwartungshilfe für Kunden von PC-Blitzhelfer (HKLM\...\Fernwartungshilfe für Kunden von PC-Blitzhelfer) (Version: 1.0.1 - PC-Blitzhelfer)
Folder Guide (HKLM\...\Folder Guide) (Version: - )
Freemake Video Converter Version 4.0.3 (HKLM\...\Freemake Video Converter_is1) (Version: 4.0.3 - Ellora Assets Corporation)
Google Chrome (HKLM\...\{C3FF5ACB-174A-3E07-AE2A-62063FBCC9B1}) (Version: 66.30.49247 - Google, Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
HD Tune 2.55 (HKLM\...\HD Tune_is1) (Version: - EFD Software)
HTC Driver Installer (HKLM\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.13.0.003 - HTC Corporation)
ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden
IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LameXP (HKLM\...\{FBD7A67D-D700-4043-B54F-DD106D00F308}) (Version: - )
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Menu Templates - Starter Kit (Version: 9.4.1.0 - Nero AG) Hidden
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.6109.5003 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Movie Templates - Starter Kit (Version: 9.4.1.0 - Nero AG) Hidden
Mozilla Firefox 27.0 (x86 de) (HKLM\...\Mozilla Firefox 27.0 (x86 de)) (Version: 27.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.2.0 - Mozilla)
Mozilla Thunderbird 31.3.0 (x86 de) (HKLM\...\Mozilla Thunderbird 31.3.0 (x86 de)) (Version: 31.3.0 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NC Launcher (GameForge) (HKLM\...\NCLauncher_GameForge) (Version: - NCsoft)
Nero 9 Essentials (HKLM\...\{86bde101-32cf-471a-8575-8de7c21570d8}) (Version: - Nero AG)
Ninite Updater (HKLM\...\NiniteUpdater) (Version: - )
NVIDIA 3D Vision Controller-Treiber 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 306.97 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PC Connectivity Solution (HKLM\...\{AC599724-5755-48C1-ABE7-ABB857652930}) (Version: 8.15.0.0 - Nokia)
PDF24 Creator 6.7.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickLaunch (HKLM\...\QuickLaunch_is1) (Version: 2.3 - Oliver Frietsch)
QuickPar 0.9 (HKLM\...\QuickPar) (Version: 0.9 - Peter B. Clements)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realms of Arkania: Blade of Destiny (HKLM\...\Steam App 237550) (Version: - Crafty Studios)
ROCCAT Kone Mouse Driver (HKLM\...\{9733747E-E53D-4C17-977E-3A872AFB93E1}) (Version: - )
Seagate Manager Installer (HKLM\...\InstallShield_{E6F019F1-DFB6-4853-A87D-6E31624755A9}) (Version: 2.02.0109 - Seagate)
Seagate Manager Installer (Version: 2.02.0109 - Seagate) Hidden
ShadowProtect Desktop (HKLM\...\{8850DEC8-22FD-4F05-A3AA-49B91200C24F}) (Version: 3.5.4183 - StorageCraft)
ShadowProtect Desktop (Version: 3.5.4183 - StorageCraft) Hidden
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Flexible File Synchronizer 5.60 (HKLM\...\Super Flexible File Synchronizer_is1) (Version: 5.60 - Super Flexible Software)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version: - )
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version: - Bethesda Game Studios)
TomTom HOME (HKLM\...\{99072AB4-D795-44D5-9D65-E3C9F8322C97}) (Version: 2.9.6 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Unity Web Player (HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unlocker 1.9.0 (HKLM\...\Unlocker) (Version: 1.9.0 - Cedrick Collomb)
UseNeXT by Tangysoft (HKLM\...\UseNeXT by Tangysoft_is1) (Version: - Tangysoft Ltd.)
Visual Subst (HKLM\...\Visual Subst) (Version: 1.0.6 - NTWind Software)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Win7codecs (HKLM\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 2.1.9 - Shark007)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.2.7235.0 - Microsoft Corporation)
Windows-Treiberpaket - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0) (HKLM\...\6194C28A8F62DD817EA1B918E6E46E806A21B452) (Version: 02/23/2007 2.5.0.0 - MobileTop)
Windows-Treiberpaket - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0) (HKLM\...\65B6FE5418CE28F4D72543FB2D964C3CEC83F161) (Version: 02/23/2007 2.5.0.0 - MobileTop)
Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0) (HKLM\...\3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F) (Version: 10/12/2007 6.85.4.0 - Nokia)
WinRAR 5.20 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.57\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.69\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 -> C:\Program Files\7-Zip\7-zip.dll (Igor Pavlov)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.2.183.39\goopdate.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{3f04dadf-6ea4-44d1-a507-03cad176f443}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{4DB26476-6787-4046-B836-E8412A9E8A27}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{4E77131D-3629-431C-9818-C5679DC83E81}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{56FDF344-FD6D-11D0-958A-006097C9A090}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{b5eedee0-c06e-11cf-8c56-444553540000}\InprocServer32 -> C:\TotCmdPM-C\Progs\UltraEdit\ue32ctmn.dll ()
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> C:\Windows\system32\actxprxy.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.65\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{F8383852-FCD3-11D1-A6B9-006097DF5BD4}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0AC90BA6-D407-4A06-935C-F95E8CBB14B5} - System32\Tasks\{CD119950-AECB-4970-9DA8-F6213814FE9A} => C:\Program Files\iTunes\iTunes.exe [2014-10-15] (Apple Inc.)
Task: {1063CB4E-C6A1-49F7-AFD4-E77A616A5D08} - System32\Tasks\{2CCBD1DD-5138-4FC2-B65A-A639DB1995AB} => C:\Program Files\Ninite Updater\NiniteUpdater.exe [2013-11-14] (Secure By Design Inc.)
Task: {17D647C6-BA2C-4EE7-AA4E-CD295B7397C9} - System32\Tasks\{593FE8EE-21EC-4C14-A0B7-6F269650F7EE} => C:\Program Files\iTunes\iTunes.exe [2014-10-15] (Apple Inc.)
Task: {1BDD75B6-BB8C-42B1-BECC-601C3736FCA0} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {20CDBC76-9955-4B73-A03A-68ABB5738DBA} - System32\Tasks\{100C0DF1-7649-433E-8DBA-124AF678EF5D} => C:\Program Files\iTunes\iTunes.exe [2014-10-15] (Apple Inc.)
Task: {23AF1B7C-E5A2-4E33-8D17-5CC12BDCEBBE} - System32\Tasks\{AC64EE3F-8680-47B7-889E-8D5F82241735} => C:\Program Files\Ninite Updater\NiniteUpdater.exe [2013-11-14] (Secure By Design Inc.)
Task: {33D76DA5-57BA-4F12-9CCD-2722B3EE282B} - System32\Tasks\GoogleUpdateTaskMachineCore1cf8a4073898d18 => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-13] (Google Inc.)
Task: {3AE0A447-349B-4FA2-B97D-B6049A88D5CE} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {4F0F9E71-2380-416E-9498-34BFFB46DFE6} - System32\Tasks\{F7564B6E-1F94-45F6-8801-861FD474C13F} => pcalua.exe -a D:\Downloads\267.85_desktop_win7_winvista_32bit_international.exe -d "D:\Eigene Dateien\Desktop"
Task: {58951724-E1B5-41BA-B202-109D6978DA96} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5F8D57B7-0D18-4F4F-9484-E451F5C6E98C} - System32\Tasks\GoogleUpdateTaskMachineUA1cee2f31d07067f => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-13] (Google Inc.)
Task: {5FD37F6B-B837-498D-87FC-804AC4F661ED} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
Task: {75F1BD09-2D15-452A-B5B5-6C2A0A837DE3} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {914C6117-625F-4E12-BE29-3158EEC2E19F} - System32\Tasks\{2B2007DA-4AA5-4EFD-80C1-2164C5EE99BE} => pcalua.exe -a "D:\Eigene Dateien\Downloads\Shockwave_Installer_Slim.exe" -d "D:\Eigene Dateien\Downloads"
Task: {A0B33EA5-C94B-4745-AE8A-BE7AAD785BC8} - System32\Tasks\{07C6FB47-2689-4A31-8470-F2E2825F0942} => pcalua.exe -a "C:\Program Files-s\Codestuff\Starter\unStarter.exe"
Task: {B5D64E0D-8DAF-468D-8B28-5726C7447D2C} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {B626FA49-F9AA-41BA-A4E9-BFC9306DC923} - System32\Tasks\{8ADA1F88-BA75-4746-8AF1-4B2D4D9D4A34} => pcalua.exe -a "D:\Eigene Dateien\Downloads\AudibleDM_iTunesSetup.exe" -d "D:\Eigene Dateien\Downloads"
Task: {D3044F96-FDCB-491E-A7B3-B76F021B5B63} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {EA0A65EE-B164-412D-BB18-C1AA7AE7F78B} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {EA8E6B62-CFB3-448D-A481-A0E5096639E7} - System32\Tasks\{B57E924A-9BE1-48CA-955E-394A93E26B06} => pcalua.exe -a E:\Install.exe -d E:\
Task: {FED0C4A7-752F-4CD4-AC3F-74E82454929E} - System32\Tasks\{291ABD72-DAA7-4DC2-978E-5A78C2BD2A94} => C:\Program Files\iTunes\iTunes.exe [2014-10-15] (Apple Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8a4073898d18.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cee2f31d07067f.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2011-10-25 14:48 - 2014-07-02 20:42 - 00107992 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-12-07 17:27 - 2012-12-07 17:27 - 00167424 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2013-05-22 19:50 - 2013-05-22 19:50 - 00400704 _____ () C:\Users\ERSTERUSER\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
2014-07-29 22:22 - 2014-07-01 19:58 - 03162944 _____ () C:\Users\ERSTERUSER\AppData\Local\Amazon Music\Amazon Music Helper.exe
2010-07-04 22:32 - 2010-07-04 22:32 - 00010752 _____ () C:\Program Files-s\Unlocker\UnlockerCOM.dll
2010-02-13 22:00 - 2008-08-13 16:20 - 00153600 _____ () C:\Program Files-s\Folder Guide\FGShellExt.dll
2014-12-10 06:56 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-10 06:56 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-10 06:56 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-10 06:56 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-10 06:56 - 2014-12-06 02:50 - 14913352 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll
2013-04-19 16:10 - 2014-11-19 16:21 - 04318720 _____ () C:\Program Files\UseNeXT\UseNeXT.exe
2013-04-19 16:10 - 2014-03-06 10:24 - 00041472 _____ () C:\Program Files\UseNeXT\Par2Calc.dll
2013-04-19 16:10 - 2014-03-06 10:18 - 00160768 _____ () C:\Program Files\UseNeXT\unrar.dll
2013-08-10 12:37 - 2013-07-27 09:32 - 14447630 _____ () C:\Program Files\Freemake\COM\1.1\avcodec-54.dll
2013-08-10 12:37 - 2013-07-27 09:32 - 01078557 _____ () C:\Program Files\Freemake\COM\1.1\xvidcore.dll
2013-08-10 12:37 - 2013-07-27 09:32 - 00190990 _____ () C:\Program Files\Freemake\COM\1.1\avutil-52.dll
2013-08-10 12:37 - 2013-07-27 09:32 - 03028494 _____ () C:\Program Files\Freemake\COM\1.1\avformat-54.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:9453D700
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\Users\ERSTERUSER\AppData\Roaming\default.rss:OECustomProperty
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\Software\Classes\.exe: exefile => <===== ATTENTION!
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-3507585339-1609819653-644593918-500 - Administrator - Disabled)
ERSTERUSER (S-1-5-21-3507585339-1609819653-644593918-1000 - Administrator - Enabled) => C:\Users\ERSTERUSER
Gast (S-1-5-21-3507585339-1609819653-644593918-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3507585339-1609819653-644593918-1007 - Limited - Enabled)
UpdatusUser (S-1-5-21-3507585339-1609819653-644593918-1005 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/17/2014 07:22:03 AM) (Source: Chrome) (EventID: 1) (User: NT-AUTORITÄT)
Description: Chrome has encountered a fatal error.
ver=39.0.2171.95;lang=;guid=F2D1FBB44E12420184E9440CA877A2A0;is_machine=1;oop=1;upload=1;minidump=C:\Program Files\Google\CrashReports\a9e41c9f-f0b5-4bc3-b913-23a7a50b4574.dmp
Error: (12/14/2014 04:17:04 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (12/14/2014 10:50:15 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Picasa3.exe, Version 3.9.138.151 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: bd8
Startzeit: 01d017833e5a66dd
Endzeit: 5
Anwendungspfad: C:\Program Files-s\Google\Picasa3\Picasa3.exe
Berichts-ID: 91037292-8376-11e4-942a-90e6bac907bf
System errors:
=============
Error: (12/17/2014 02:35:51 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR11 gefunden.
Error: (12/17/2014 02:35:51 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR11 gefunden.
Error: (12/17/2014 02:35:50 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR11 gefunden.
Error: (12/17/2014 02:35:50 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR11 gefunden.
Error: (12/17/2014 02:08:27 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (12/17/2014 02:06:43 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR9 gefunden.
Error: (12/17/2014 02:06:42 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR9 gefunden.
Error: (12/17/2014 01:21:12 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (12/16/2014 06:11:20 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.
Error: (12/16/2014 06:11:18 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Microsoft Office Sessions:
=========================
Error: (12/17/2014 07:22:03 AM) (Source: Chrome) (EventID: 1) (User: NT-AUTORITÄT)
Description: Chrome has encountered a fatal error.
ver=39.0.2171.95;lang=;guid=F2D1FBB44E12420184E9440CA877A2A0;is_machine=1;oop=1;upload=1;minidump=C:\Program Files\Google\CrashReports\a9e41c9f-f0b5-4bc3-b913-23a7a50b4574.dmp
Error: (12/14/2014 04:17:04 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"J:\DPInst64.exe
Error: (12/14/2014 10:50:15 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Picasa3.exe3.9.138.151bd801d017833e5a66dd5C:\Program Files-s\Google\Picasa3\Picasa3.exe91037292-8376-11e4-942a-90e6bac907bf
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz
Percentage of memory in use: 65%
Total physical RAM: 3327.18 MB
Available physical RAM: 1161.48 MB
Total Pagefile: 6652.65 MB
Available Pagefile: 3867.22 MB
Total Virtual: 2047.88 MB
Available Virtual: 1899.07 MB
==================== Drives ================================
Drive c: (Start-C) (Fixed) (Total:110 GB) (Free:56.24 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Daten-D) (Fixed) (Total:1753.01 GB) (Free:869.89 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: DF1E9041)
Partition 1: (Active) - (Size=110 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1753 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
17.12.2014, 21:04
| #14 |
| /// the machine /// TB-Ausbilder | Trojaner-Warnung nach Steam-Update Ich sehe immer noch kein MBAM Logfile...und keine FRST.txt, dafür zweimal die Addition.txt. Genau lesen bitte
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
18.12.2014, 07:42
| #15 |
| | Trojaner-Warnung nach Steam-Update oh gott ist das peinlich FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-12-2014 01
Ran by ERSTERUSER (administrator) on CLAUDIA-PC on 17-12-2014 16:24:52
Running from D:\Eigene Dateien\Downloads
Loaded Profile: ERSTERUSER (Available profiles: ERSTERUSER & UpdatusUser)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Super Flexible Software Ltd. & Co. KG) C:\Program Files-s\SuperFlexible\ExtremeVSS.exe
(Seagate Technology LLC) C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
(Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(StorageCraft Technology Corporation) C:\Program Files-s\StorageCraft\ShadowProtect\ShadowProtectSvc.exe
(StorageCraft Technology Corporation) C:\Program Files-s\StorageCraft\ShadowProtect\ShadowProtectSvc.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(StorageCraft Technology Corporation) C:\Windows\System32\vsnapvss.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Seagate LLC) C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
(ROCCAT) C:\Program Files\ROCCAT\Kone Mouse\KoneHID.EXE
(Secure By Design Inc.) C:\Program Files\Ninite Updater\NiniteUpdater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Oliver Frietsch) C:\Program Files-s\Quicklaunch\QuickLaunch.exe
(ROCCAT) C:\Program Files\ROCCAT\Kone Mouse\OSD.exe
() C:\Users\ERSTERUSER\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
(Super Flexible Software) C:\Program Files-s\SuperFlexible\ExtremeSyncService.exe
() C:\Users\ERSTERUSER\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Audible, Inc.) C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Program Files\UseNeXT\UseNeXT.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dinotify.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Freemake) C:\Program Files\Freemake\Freemake Video Converter\FreemakeVC.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MaxMenuMgr] => C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe [185640 2009-05-01] (Seagate LLC)
HKLM\...\Run: [Kone] => C:\Program Files\ROCCAT\Kone Mouse\KoneHID.EXE [151552 2008-10-06] (ROCCAT)
HKLM\...\Run: [Malwarebytes' Anti-Malware (reboot)] => "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM\...\Run: [Ninite Updater] => C:\Program Files\Ninite Updater\NiniteUpdater.exe [265760 2013-11-14] (Secure By Design Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [1795872 2014-08-19] (NVIDIA Corporation)
HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [191528 2014-07-04] (Geek Software GmbH)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5088456 2014-10-01] (ESET)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\Run: [Quicklaunch] => C:\Program Files-s\Quicklaunch\QuickLaunch.exe [554496 2006-12-16] (Oliver Frietsch)
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\ERSTERUSER\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\Run: [ExtremeSync Background Scheduler] => C:\Program Files-s\SuperFlexible\ExtremeSyncService.exe [13941120 2011-11-18] (Super Flexible Software)
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\Run: [Amazon Music] => C:\Users\ERSTERUSER\AppData\Local\Amazon Music\Amazon Music Helper.exe [3162944 2014-07-01] ()
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\MountPoints2: F - F:\LaunchU3.exe -a
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\MountPoints2: {dac28781-b80c-11df-b978-005056c00008} - F:\LaunchU3.exe -a
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\MountPoints2: {dac2885e-b80c-11df-b978-005056c00008} - F:\LaunchU3.exe -a
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\MountPoints2: {ece483d9-462e-11e4-9966-90e6bac907bf} - J:\HTC_Sync_Manager_PC.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk
ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3507585339-1609819653-644593918-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKU\S-1-5-21-3507585339-1609819653-644593918-1000 -> No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\ERSTERUSER\AppData\Roaming\Mozilla\Firefox\Profiles\a7rjlmc2.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files-s\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.448 -> C:\Program Files-s\Win7codecs\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files-s\Win7codecs\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3507585339-1609819653-644593918-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ERSTERUSER\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3507585339-1609819653-644593918-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\ERSTERUSER\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: Freemake Video Converter Plugin - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2013-08-10]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "https://www.google.de/"
CHR Profile: C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-07-28]
CHR Extension: (Beautiful landscape) - C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ambfimhigppdidfmelpjmojccbfdoeig [2013-07-13]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-27]
CHR Extension: (Get F.B. Purity for Facebook) - C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifpbhmjbfiogpipemadffnijpbcdfkmp [2013-07-13]
CHR Extension: (F.B Purity-Clean Up Facebook) - C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdlagniojmheiklojdcpdaeepochckl [2013-07-13]
CHR Extension: (Google Wallet) - C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (ProxPrice) - C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nopgehbobniifpngnhmljfojnkkopbje [2014-07-28]
CHR Extension: (Privacy Badger) - C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2014-08-05]
CHR HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\Chrome\Extension: [ncmdmcjifbkefpaijakdbgfjbpaonjhg] - No Path
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1349576 2014-10-01] (ESET)
R2 ExtremeVSSService; C:\Program Files-S\SuperFlexible\ExtremeVSS.exe [3196800 2011-09-20] (Super Flexible Software Ltd. & Co. KG)
R2 FreeAgentGoNext Service; C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe [181544 2009-05-01] (Seagate Technology LLC)
S2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [430592 2008-04-07] (Nokia.) [File not signed]
R2 ShadowProtectSvc; C:\Program Files-s\StorageCraft\ShadowProtect\ShadowProtectSvc.exe [1497632 2009-12-17] (StorageCraft Technology Corporation)
S2 BingDesktopUpdate; "C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 catchme; C:\Users\ERSTERUSER\AppData\Local\Temp\catchme.sys [31744 2014-12-10] () [File not signed]
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [191928 2014-09-22] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [135296 2014-09-22] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [176448 2014-09-22] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [37928 2014-09-22] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [51288 2014-09-22] (ESET)
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2009-03-31] () [File not signed]
R3 KoneFltr; C:\Windows\System32\drivers\Kone.sys [13056 2008-12-11] (ROCCAT Ltd)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)
R3 mcdbus; C:\Windows\System32\DRIVERS\mcdbus.sys [116736 2009-02-24] (MagicISO, Inc.) [File not signed]
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2009-09-19] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2009-09-19] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2009-09-19] (MCCI Corporation)
R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [165376 2009-07-22] (Microsoft Corporation)
R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [55040 2009-07-22] (Microsoft Corporation)
R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2009-07-22] (Microsoft Corporation)
R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [293904 2009-07-22] (Microsoft Corporation)
S3 w800bus; C:\Windows\System32\DRIVERS\w800bus.sys [60768 2005-06-13] (MCCI)
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
U5 UnlockerDriver5; C:\Program Files-s\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-13 23:04 - 2014-12-13 23:04 - 00004264 _____ () C:\Users\ERSTERUSER\Desktop\JRT.txt
2014-12-13 23:00 - 2014-12-13 23:00 - 00000000 ____D () C:\Windows\ERUNT
2014-12-13 22:39 - 2014-12-13 22:54 - 00000000 ____D () C:\AdwCleaner
2014-12-10 13:36 - 2014-12-10 13:38 - 00000000 ___SD () C:\ComboFix
2014-12-10 09:46 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-12-10 09:46 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-12-10 09:46 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-12-10 09:46 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-12-10 09:46 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-12-10 09:46 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-12-10 09:46 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-12-10 09:46 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-12-10 09:45 - 2014-12-10 09:46 - 00000000 ____D () C:\Qoobox
2014-12-10 09:44 - 2014-12-10 09:44 - 00000000 ____D () C:\Windows\erdnt
2014-12-10 06:56 - 2014-12-10 06:56 - 00002163 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-10 03:23 - 2014-12-10 03:23 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-10 03:07 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 02:42 - 2014-12-04 05:38 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 02:42 - 2014-12-04 05:38 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 02:42 - 2014-12-04 05:38 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 02:42 - 2014-12-04 05:38 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 02:42 - 2014-12-04 05:38 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 02:42 - 2014-12-04 05:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 02:42 - 2014-12-04 05:34 - 00873984 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 02:42 - 2014-12-02 00:28 - 01160872 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 02:42 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 02:42 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 02:42 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 02:42 - 2014-11-22 03:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 02:42 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 02:42 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 02:42 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 02:42 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 02:42 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 02:42 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 02:42 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 02:42 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 02:42 - 2014-11-22 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-10 02:42 - 2014-11-22 02:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 02:42 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 02:42 - 2014-11-22 02:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 02:42 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 02:42 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 02:42 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 02:42 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 02:42 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 02:42 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 02:42 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 02:42 - 2014-11-22 02:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 02:42 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 02:42 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 02:42 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 02:42 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 02:42 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 02:42 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 02:42 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 02:42 - 2014-11-11 02:32 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 02:37 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 02:36 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 02:36 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 02:36 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 02:36 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 02:36 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 02:36 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-07 20:12 - 2014-12-14 08:29 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-07 20:11 - 2014-12-07 20:11 - 00001067 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-12-07 20:11 - 2014-12-07 20:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-12-07 20:11 - 2014-12-07 20:11 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2014-12-07 20:11 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-07 20:11 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-07 20:11 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-07 13:28 - 2014-12-17 16:24 - 00000000 ____D () C:\FRST
2014-12-06 17:33 - 2014-12-06 17:33 - 00000000 ____D () C:\Users\ERSTERUSER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-02 08:37 - 2014-12-02 10:12 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-11-28 14:43 - 2014-11-28 14:43 - 00001760 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-11-28 14:43 - 2014-11-28 14:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-11-28 14:42 - 2014-11-28 14:42 - 00000000 ____D () C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2014-11-28 14:42 - 2014-11-28 14:42 - 00000000 ____D () C:\Program Files\iTunes
2014-11-28 14:42 - 2014-11-28 14:42 - 00000000 ____D () C:\Program Files\iPod
2014-11-28 14:41 - 2014-11-28 14:41 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-11-28 14:41 - 2014-11-28 14:41 - 00000000 ____D () C:\Program Files\Apple Software Update
2014-11-28 14:40 - 2014-11-28 14:40 - 00000000 ____D () C:\Program Files\Bonjour
2014-11-21 16:16 - 2014-11-21 16:59 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-11-21 11:46 - 2014-11-21 11:46 - 00000000 __SHD () C:\Users\ERSTERUSER\AppData\Local\EmieBrowserModeList
2014-11-19 14:33 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 14:33 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 13:07 - 2014-11-19 13:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-11-19 13:07 - 2014-11-19 13:07 - 00000000 ____D () C:\ProgramData\ESET
2014-11-19 13:07 - 2014-11-19 13:07 - 00000000 ____D () C:\Program Files\ESET
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-17 16:24 - 2010-02-14 15:26 - 00000000 ____D () C:\Users\ERSTERUSER\AppData\Roaming\UseNeXT
2014-12-17 16:06 - 2013-11-16 18:41 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cee2f31d07067f.job
2014-12-17 15:40 - 2013-06-28 06:54 - 00000000 ____D () C:\Users\ERSTERUSER\AppData\Roaming\vlc
2014-12-17 15:40 - 2010-02-13 11:44 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-17 15:30 - 2009-07-14 05:39 - 00118317 _____ () C:\Windows\setupact.log
2014-12-17 15:29 - 2013-08-01 06:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-17 12:00 - 2010-02-13 21:46 - 00000000 ____D () C:\ProgramData\TEMP
2014-12-16 23:48 - 2010-02-13 11:43 - 01784045 _____ () C:\Windows\WindowsUpdate.log
2014-12-16 19:06 - 2014-06-17 16:26 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8a4073898d18.job
2014-12-13 23:04 - 2009-07-14 05:34 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-13 23:04 - 2009-07-14 05:34 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-13 22:56 - 2010-02-13 12:11 - 00529846 _____ () C:\Windows\PFRO.log
2014-12-13 22:56 - 2010-02-13 12:11 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-13 22:56 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-13 08:08 - 2012-06-25 11:49 - 00000000 ____D () C:\Users\ERSTERUSER\AppData\Roaming\Dropbox
2014-12-12 06:48 - 2014-09-12 22:42 - 00000000 ____D () C:\Users\ERSTERUSER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-10 06:58 - 2013-11-17 17:14 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-10 06:56 - 2013-08-01 06:05 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-12-10 06:56 - 2013-08-01 06:05 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-12-10 04:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-12-10 03:23 - 2014-05-02 08:32 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-10 03:23 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-12-10 03:23 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 03:06 - 2013-08-14 05:15 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 03:01 - 2010-02-13 22:18 - 109818608 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-07 20:11 - 2011-03-03 21:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-06 23:38 - 2014-04-10 08:50 - 00000000 ____D () C:\Program Files\Steam
2014-12-06 17:50 - 2014-04-10 08:50 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-12-03 06:43 - 2011-02-17 18:04 - 00000000 ____D () C:\Users\ERSTERUSER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-12-03 06:43 - 2011-02-17 18:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-12-03 06:26 - 2012-05-06 13:00 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-28 14:42 - 2014-10-10 19:26 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-11-28 14:40 - 2010-09-04 13:06 - 00000000 ____D () C:\ProgramData\Apple
2014-11-22 23:34 - 2013-04-19 16:10 - 00000000 ____D () C:\Program Files\UseNeXT
2014-11-22 23:34 - 2010-02-14 15:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2014-11-21 17:15 - 2010-10-14 20:50 - 00000000 ____D () C:\Windows\Minidump
Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.3368.dll
Some content of TEMP:
====================
C:\Users\ERSTERUSER\AppData\Local\Temp\catchme.dll
C:\Users\ERSTERUSER\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqs7ng1.dll
C:\Users\ERSTERUSER\AppData\Local\Temp\Quarantine.exe
C:\Users\ERSTERUSER\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-15 00:02
==================== End Of Log ============================
--- --- --- Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 18.12.2014 Suchlauf-Zeit: 07:13:49 Logdatei: MBAM.txt Administrator: Ja Version: 2.00.4.1028 Malware Datenbank: v2014.12.14.03 Rootkit Datenbank: v2014.12.08.03 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x86 Dateisystem: NTFS Benutzer: ERSTERUSER Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 399629 Verstrichene Zeit: 14 Min, 52 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente erkannt) Module: 0 (Keine schädliche Elemente erkannt) Registrierungsschlüssel: 0 (Keine schädliche Elemente erkannt) Registrierungswerte: 0 (Keine schädliche Elemente erkannt) Registrierungsdaten: 0 (Keine schädliche Elemente erkannt) Ordner: 0 (Keine schädliche Elemente erkannt) Dateien: 0 (Keine schädliche Elemente erkannt) Physische Sektoren: 0 (Keine schädliche Elemente erkannt) (end) |
|
| Themen zu Trojaner-Warnung nach Steam-Update |
| anwendung, appdata, brauch, c:\windows, computer, gestern, installieren, installiert, löschen, meldung, morgen, msil/injector.gps, quarantäne, rechner, stunden, update, warnung, windows, zusammen |
WARNUNG an die MITLESER: 
Linear-Darstellung
