| |
| |||||||
Log-Analyse und Auswertung: Win 8.1 64bit: Bild in Mail von unbekanntem Absender geöffnetWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
02.01.2015, 15:32
| #1 |
| |  Win 8.1 64bit: Bild in Mail von unbekanntem Absender geöffnet Hallo, ich habe ausversehen von einem fremden Absender ein jpg-Bild im Anhang geöffnet und habe jetzt etwas Bedanken, dass ich etwas eingeschlichen haben könnte. Daher habe ich mal mit dem hier zur Verfügung gestellten Tools zwei Logs erstellt und bitte um eine fachmännische Meinung dazu. Vielen Dank schon im Voraus: Zunächst der FRST-Log: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-01-2015
Ran by Patrick Wenig (administrator) on PATRICKWENIG-PC on 02-01-2015 12:30:45
Running from C:\Users\Patrick Wenig\AppData\Local\Microsoft\Windows\INetCache\IE\1KYVP97Q
Loaded Profile: Patrick Wenig (Available profiles: Patrick Wenig & DefaultAppPool)
Platform: Windows 8.1 Pro with Media Center (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
() C:\Program Files\Core Temp\Core Temp.exe
(AVM GmbH) C:\Program Files (x86)\FRITZ!Powerline\PowerlineService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files (x86)\JMRAIDManager\XSrvSetup.exe
() C:\Program Files (x86)\JMRAIDManager\HWRaidManager.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MYMOVIES\MSSQL\Binn\sqlservr.exe
() C:\Program Files (x86)\Binnerup Consult\My Movies for Windows\My Movies General Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(RapidSolution Software AG) C:\Program Files (x86)\RapidSolution\AudialsOne 4\VCDWriter\64\VCDAudioService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Akamai Technologies, Inc.) C:\Users\Patrick Wenig\AppData\Local\Akamai\netsession_win.exe
() C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe
() C:\Program Files\DriveOnWeb EasyStorage Client\easyClient.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Fieldston Software) C:\Program Files (x86)\Fieldston Software\gSyncit\gsyncit.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Audible, Inc.) C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe
(Akamai Technologies, Inc.) C:\Users\Patrick Wenig\AppData\Local\Akamai\netsession_win.exe
(Dropbox, Inc.) C:\Users\Patrick Wenig\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Adobe Systems Inc.) E:\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Binnerup Consult) C:\Program Files (x86)\Binnerup Consult\My Movies for Windows\My Movies Tray.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Online Media Technologies Ltd.) C:\Program Files (x86)\AVS4YOU\AVSVideoConverter\AVSVideoConverter.exe
(Online Media Technologies Ltd.) C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSVideoConverterHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\outlook.exe
(Online Media Technologies Ltd.) C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSVideoConverterHost.exe
(Farbar) C:\Users\Patrick Wenig\AppData\Local\Microsoft\Windows\INetCache\IE\1KYVP97Q\FRST64 (1).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-09-16] (Adobe Systems Incorporated)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2010-01-08] (Intel Corporation)
HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [607584 2014-12-16] (Copyright 2013 SAMSUNG)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-01-18] (IvoSoft)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [495616 2014-05-12] (Greenshot)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [BCSSync] => E:\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => E:\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2014-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => E:\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2014-12-03] (Adobe Systems Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-01-30] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-12] (Logitech Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [My Movies Tray] => C:\Program Files (x86)\Binnerup Consult\My Movies for Windows\My Movies Tray.exe [496160 2014-10-05] (Binnerup Consult)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-3122463138-2323845440-1474034320-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Patrick Wenig\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3122463138-2323845440-1474034320-1000\...\Run: [Allway Sync] => C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe [94416 2014-03-21] ()
HKU\S-1-5-21-3122463138-2323845440-1474034320-1000\...\Run: [DriveOnWeb easyStorage Client] => C:\Program Files\DriveOnWeb EasyStorage Client\easyClient.exe [765672 2011-05-23] ()
HKU\S-1-5-21-3122463138-2323845440-1474034320-1000\...\Run: [gSyncit] => C:\Program Files (x86)\Fieldston Software\gSyncit\gsyncit.exe [228352 2014-12-15] (Fieldston Software)
HKU\S-1-5-21-3122463138-2323845440-1474034320-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2011-06-20] (Hewlett-Packard Company)
HKU\S-1-5-21-3122463138-2323845440-1474034320-1000\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [111320 2014-11-06] (Siber Systems)
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk
ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.)
Startup: C:\Users\Patrick Wenig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Patrick Wenig\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKU\S-1-5-21-3122463138-2323845440-1474034320-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/
HKU\S-1-5-21-3122463138-2323845440-1474034320-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-3122463138-2323845440-1474034320-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.mein-deal.com/
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> E:\Adobe CS5\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> E:\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - E:\Adobe CS5\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
Toolbar: HKLM-x32 - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No File
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Toolbar: HKU\S-1-5-21-3122463138-2323845440-1474034320-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-3122463138-2323845440-1474034320-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKU\S-1-5-21-3122463138-2323845440-1474034320-1000 -> No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No File
Toolbar: HKU\S-1-5-21-3122463138-2323845440-1474034320-1000 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlcdnet.asus.com/pub/ASUS/misc/dlm-activex-2.2.5.0.cab
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpIdfPlugin.cab
DPF: HKLM-x32 {960DC750-7447-4CDE-BF1C-FB33F9129654} https://pawe820.no-ip.org:5001/webman/3rdparty/SurveillanceStation/object/SSObject3.cab?6.0-2636
DPF: HKLM-x32 {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.115.1
FireFox:
========
FF ProfilePath: C:\Users\Patrick Wenig\AppData\Roaming\Mozilla\Firefox\Profiles\jo03xe49.default
FF NewTab:
FF DefaultSearchEngine: foxsearch
FF SearchEngineOrder.1: foxsearch
FF SelectedSearchEngine: foxsearch
FF Keyword.URL: hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0-git-20120215-0402 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 -> C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> E:\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.4 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> E:\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll No File
FF user.js: detected! => C:\Users\Patrick Wenig\AppData\Roaming\Mozilla\Firefox\Profiles\jo03xe49.default\user.js
FF Extension: Avira Browser Safety - C:\Users\Patrick Wenig\AppData\Roaming\Mozilla\Firefox\Profiles\jo03xe49.default\Extensions\abs@avira.com [2014-12-18]
FF Extension: Flash and Video Download - C:\Users\Patrick Wenig\AppData\Roaming\Mozilla\Firefox\Profiles\jo03xe49.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2014-12-20]
FF HKLM-x32\...\Firefox\Extensions: [HBLite@HBLite.com] - C:\Program Files (x86)\HBLite\bin\11.0.363.0\firefox\extensions
FF Extension: Hotbar Component - C:\Program Files (x86)\HBLite\bin\11.0.363.0\firefox\extensions [2011-04-12]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - E:\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - E:\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011-04-13]
FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - E:\Adobe CS5\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - E:\Adobe CS5\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2011-04-13]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-03-14]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2014-04-23]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-09-27]
FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF Extension: RoboForm Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2014-05-03]
FF HKU\S-1-5-21-3122463138-2323845440-1474034320-1000\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF StartMenuInternet: FIREFOX.EXE - E:\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Patrick Wenig\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Patrick Wenig\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-23]
CHR Extension: (YouTube) - C:\Users\Patrick Wenig\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-10-26]
CHR Extension: (Google-Suche) - C:\Users\Patrick Wenig\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-10-26]
CHR Extension: (Avira Browser Safety) - C:\Users\Patrick Wenig\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-09-23]
CHR Extension: (Google Wallet) - C:\Users\Patrick Wenig\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-30]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\Patrick Wenig\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-10-30]
CHR Extension: (MyHarmony Chrome Plugin) - C:\Users\Patrick Wenig\AppData\Local\Google\Chrome\User Data\Default\Extensions\omaonpoimgkmbllpdihbnmgphjoipdhf [2014-05-03]
CHR Extension: (Google Mail) - C:\Users\Patrick Wenig\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-10-26]
CHR Extension: (RoboForm) - C:\Users\Patrick Wenig\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2014-05-03]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-05-03]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-02-07]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - C:\Program Files (x86)\Citavi 4\Pickers\Chrome\ChromePicker.crx [2014-02-07]
CHR HKLM-x32\...\Chrome\Extension: [omaonpoimgkmbllpdihbnmgphjoipdhf] - C:\Program Files (x86)\Logitech\Harmony Remote Driver\harmony_chrome.crx [2013-11-30]
CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-05-03]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-17] (Avira Operations GmbH & Co. KG)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [368640 2009-03-20] (AVM Berlin) [File not signed]
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [335224 2010-03-30] (AVM Berlin)
R2 AVMPowerlineService; C:\Program Files (x86)\FRITZ!Powerline\PowerlineService.exe [126976 2013-10-11] (AVM GmbH) [File not signed]
R2 BotkindSyncService; C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe [182784 2014-03-21] () [File not signed]
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143224 2010-03-30] (AVM Berlin)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3304768 2010-12-23] (devolo AG)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [145920 2010-10-25] (HP) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 JMRAIDManager; C:\Program Files (x86)\JMRAIDManager\XSrvSetup.exe [69632 2009-01-22] () [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-06-20] (Hewlett-Packard Company) [File not signed]
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S3 Microsoft SharePoint Workspace Audit Service; E:\Microsoft Office\Office14\GROOVE.EXE [30814400 2013-12-19] (Microsoft Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [25600 2013-11-08] (Microsoft Corporation)
R2 MSSQL$MYMOVIES; c:\Program Files\Microsoft SQL Server\MSSQL10_50.MYMOVIES\MSSQL\Binn\sqlservr.exe [62379184 2014-07-10] (Microsoft Corporation)
R2 My Movies General Service; C:\Program Files (x86)\Binnerup Consult\My Movies for Windows\My Movies General Service.exe [1167904 2014-10-05] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [189304 2010-03-30] (AVM Berlin)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [616288 2014-12-16] (Copyright 2013 SAMSUNG)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\RpcAgentSrv.exe [93848 2009-08-10] (SiSoftware) [File not signed]
S4 SQLAgent$MYMOVIES; c:\Program Files\Microsoft SQL Server\MSSQL10_50.MYMOVIES\MSSQL\Binn\SQLAGENT.EXE [442536 2014-07-10] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [245760 2011-02-18] () [File not signed]
R2 Virtual CDAudio Service; C:\Program Files (x86)\RapidSolution\AudialsOne 4\VCDWriter\64\VCDAudioService.exe [178552 2010-09-08] (RapidSolution Software AG)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-11-08] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [546304 2013-11-08] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-04] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2010-08-04] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-08-15] (Avira Operations GmbH & Co. KG)
S3 avmaudio; C:\Windows\System32\drivers\avmaudio.sys [116096 2010-11-09] (AVM Berlin)
R2 easycvfs; C:\Windows\system32\drivers\easycvfs.sys [105864 2010-07-10] () [File not signed]
R1 Ext2Fsd; C:\Windows\System32\Drivers\Ext2Fsd.sys [769816 2011-07-09] (www.ext2fsd.com)
S4 ithsgt; C:\Windows\System32\DRIVERS\ithsgt.sys [207872 2009-11-09] () [File not signed]
S2 lilsgt; C:\Windows\System32\DRIVERS\lilsgt.sys [21504 2009-11-09] () [File not signed]
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [173568 2013-11-08] (Microsoft Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2010-06-10] (CACE Technologies)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R1 RsFx0153; C:\Windows\System32\DRIVERS\RsFx0153.sys [322736 2014-07-10] (Microsoft Corporation)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 yukonw8; C:\Windows\system32\DRIVERS\yk63x64.sys [295216 2013-06-18] (Marvell)
R3 ALSysIO; \??\C:\Users\PATRIC~1\AppData\Local\Temp\ALSysIO64.sys [X]
U3 idsvc; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-02 11:59 - 2015-01-02 12:30 - 00000000 ____D () C:\FRST
2014-12-29 12:53 - 2014-12-29 12:53 - 00006591 _____ () C:\Users\Patrick Wenig\Desktop\Masterarbeit 2 - Verknüpfung.lnk
2014-12-29 12:43 - 2014-12-29 12:43 - 00000000 ____D () C:\Users\Patrick Wenig\Desktop\GPS
2014-12-29 09:32 - 2014-12-29 09:32 - 00003886 _____ () C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2014-12-28 11:48 - 2014-12-28 11:48 - 00002160 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2014-12-28 11:48 - 2014-12-13 01:47 - 00620176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2014-12-28 11:46 - 2014-12-13 11:08 - 32099472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 25460552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 24764232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 20465808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 13288360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 13202520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 10770120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 10710160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 10345280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-12-28 11:46 - 2014-12-13 11:08 - 03610440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 03248968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 01895056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434709.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 01556624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434709.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 00994384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 00968336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 00942400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 00928072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 00906560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 00876976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 00834880 _____ () C:\WINDOWS\system32\nvmcumd.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 00353224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 00306328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 00178632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 00165760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2014-12-28 11:46 - 2014-10-09 18:02 - 00195728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2014-12-28 11:46 - 2014-10-09 18:02 - 00030536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2014-12-28 11:46 - 2014-10-09 08:17 - 01540240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco64.dll
2014-12-28 11:11 - 2014-12-28 11:48 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-12-28 11:10 - 2014-11-22 11:46 - 00038032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2014-12-28 11:10 - 2014-11-22 11:46 - 00032400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2014-12-22 17:23 - 2014-12-22 17:23 - 00000000 ____D () C:\Users\Patrick Wenig\Documents\Outlook-Dateien
2014-12-20 18:16 - 2014-12-20 18:17 - 06126536 _____ (Tim Kosse) C:\Users\Patrick Wenig\Downloads\FileZilla_3.9.0.6_win32-setup.exe
2014-12-17 21:33 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-17 21:33 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-12-17 21:32 - 2014-12-17 21:32 - 00001125 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
2014-12-17 21:32 - 2014-12-17 21:32 - 00001113 _____ () C:\Users\Public\Desktop\TeamViewer 8.lnk
2014-12-17 21:12 - 2014-11-26 22:10 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-12-17 21:12 - 2014-11-26 22:10 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-11 22:19 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-11 22:19 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-11 22:19 - 2014-10-13 03:43 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-11 22:19 - 2014-10-13 03:43 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-11 22:19 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-11 22:19 - 2014-10-13 03:43 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-12-11 22:18 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-11 22:18 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-11 22:18 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-11 22:18 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-11 22:18 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-11 22:18 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-11 22:18 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-11 22:18 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-11 22:18 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-11 22:18 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-11 22:18 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-11 22:18 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-11 22:18 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-11 22:18 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-11 22:18 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-11 22:18 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-11 22:18 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-11 22:18 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-11 22:18 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-11 22:18 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-11 22:18 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-11 22:18 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-11 22:18 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-11 22:18 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-11 22:18 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-11 22:18 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-11 22:18 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-11 22:18 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-11 22:18 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-11 22:18 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-11 22:18 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-11 22:18 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-11 22:18 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-11 22:18 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-11 22:18 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-11 22:18 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-11 22:18 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-11 22:18 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-11 22:18 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-11 22:18 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-11 22:18 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-11 22:18 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-11 22:18 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-11 21:45 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-11 21:45 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-11 19:55 - 2014-12-11 19:55 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Roaming\mkvtoolnix
2014-12-11 19:54 - 2014-12-11 19:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix
2014-12-11 19:54 - 2014-12-11 19:55 - 00000000 ____D () C:\Program Files (x86)\MKVToolNix
2014-12-11 18:57 - 2014-12-11 18:57 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2014-12-11 18:57 - 2014-12-11 18:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TSDoctor
2014-12-11 18:57 - 2014-12-11 18:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2014-12-11 18:57 - 2014-12-11 18:57 - 00000000 ____D () C:\ProgramData\Cypheros
2014-12-11 18:57 - 2014-12-11 18:57 - 00000000 ____D () C:\Program Files (x86)\Haali
2014-12-11 18:57 - 2014-12-11 18:57 - 00000000 ____D () C:\Program Files (x86)\Cypheros
2014-12-11 18:18 - 2014-12-11 18:18 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Roaming\Greenshot
2014-12-11 18:18 - 2014-12-11 18:18 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Local\Greenshot
2014-12-11 18:18 - 2014-12-11 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Greenshot
2014-12-11 18:18 - 2014-12-11 18:18 - 00000000 ____D () C:\Program Files\Greenshot
2014-12-03 21:16 - 2014-12-03 21:16 - 00000000 __SHD () C:\Users\Patrick Wenig\AppData\Local\EmieBrowserModeList
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-07-25 03:24 - 2010-08-02 19:14 - 00000000 ____D () C:\Users\Patrick Wenig\Downloads\Guru3D.com
2015-01-02 12:31 - 2013-11-30 14:03 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Roaming\ClassicShell
2015-01-02 12:16 - 2011-02-20 21:56 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Roaming\gSyncit
2015-01-02 12:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-02 11:46 - 2012-10-26 15:36 - 00001150 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-02 11:39 - 2012-04-04 07:06 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-02 10:39 - 2009-10-26 21:52 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Roaming\vlc
2015-01-02 10:38 - 2011-09-14 06:51 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Roaming\dvdcss
2015-01-02 10:38 - 2010-02-13 20:05 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Roaming\FileZilla
2015-01-02 10:04 - 2013-11-09 01:39 - 00000000 ___DO () C:\Users\Patrick Wenig\SkyDrive
2015-01-02 09:56 - 2014-04-23 17:27 - 00000000 ____D () C:\Users\Patrick Wenig\Documents\Citavi 4
2015-01-02 09:50 - 2011-02-22 08:16 - 00000000 ___RD () C:\Users\Patrick Wenig\Dropbox
2015-01-02 09:50 - 2011-02-22 08:13 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Roaming\Dropbox
2015-01-02 09:46 - 2012-10-26 15:36 - 00001146 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-02 09:45 - 2013-11-08 19:37 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-02 09:45 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-02 09:39 - 2013-11-08 19:36 - 01796334 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-02 09:39 - 2009-10-26 23:25 - 00003990 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4E135A6E-A1E4-4B7A-99FE-A2B3982CA3CC}
2015-01-02 09:38 - 2013-03-16 22:49 - 00551936 ___SH () C:\Users\Patrick Wenig\Desktop\Thumbs.db
2015-01-02 09:35 - 2013-11-08 19:41 - 00000000 ____D () C:\Users\Patrick Wenig
2014-12-30 11:09 - 2013-04-14 10:41 - 00000000 ____D () C:\Users\Patrick Wenig\Documents\Allgemeine Dokumente
2014-12-30 08:44 - 2013-09-29 20:05 - 00313150 _____ () C:\WINDOWS\PFRO.log
2014-12-30 01:10 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-12-29 15:50 - 2009-10-26 21:11 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Local\Microsoft Help
2014-12-29 11:47 - 2012-10-26 15:03 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3122463138-2323845440-1474034320-1000
2014-12-29 10:17 - 2011-04-13 20:35 - 00002481 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2014-12-29 10:17 - 2011-04-13 20:35 - 00002469 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
2014-12-29 10:17 - 2011-04-13 20:35 - 00001668 _____ () C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
2014-12-29 10:17 - 2011-04-13 20:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2014-12-29 09:42 - 2012-06-20 20:49 - 00000000 ____D () C:\ProgramData\Freemake
2014-12-29 09:41 - 2012-06-20 20:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2014-12-29 09:41 - 2011-04-28 20:28 - 00000000 ____D () C:\Users\Patrick Wenig\Desktop\DVD Umwandler
2014-12-29 09:39 - 2011-04-28 20:28 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Roaming\XMedia Recode
2014-12-29 09:37 - 2011-04-28 20:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode
2014-12-29 09:37 - 2011-04-28 20:21 - 00000000 ____D () C:\Program Files (x86)\XMedia Recode
2014-12-28 11:48 - 2013-08-22 15:46 - 00384956 _____ () C:\WINDOWS\setupact.log
2014-12-28 11:48 - 2012-10-26 17:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-12-28 11:48 - 2009-11-09 22:37 - 00000000 ____D () C:\temp
2014-12-28 11:04 - 2009-10-26 21:11 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-28 11:02 - 2013-02-20 19:36 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-12-20 18:32 - 2013-11-08 19:37 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2014-12-20 18:32 - 2013-11-08 19:37 - 00004264 _____ () C:\WINDOWS\LkmdfCoInst.log
2014-12-20 14:02 - 2012-05-05 09:34 - 00000000 ____D () C:\ProgramData\Sonos,_Inc
2014-12-20 13:58 - 2012-05-05 09:34 - 00001966 _____ () C:\Users\Public\Desktop\Sonos.lnk
2014-12-20 13:58 - 2012-05-05 09:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonos
2014-12-20 13:58 - 2011-11-02 13:18 - 00000000 ____D () C:\Program Files (x86)\Sonos
2014-12-20 13:57 - 2011-11-15 19:53 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Local\Downloaded Installations
2014-12-19 16:31 - 2013-08-22 15:44 - 05042624 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-12-18 20:04 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-18 19:04 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-18 19:04 - 2010-05-09 10:11 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Roaming\VSO
2014-12-18 19:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-12-18 18:58 - 2013-11-30 13:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-12-18 18:56 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-18 18:56 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-15 19:29 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-15 19:28 - 2013-08-27 20:25 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-15 19:23 - 2009-10-26 22:52 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-15 18:50 - 2012-10-26 14:54 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Local\Packages
2014-12-15 18:45 - 2011-02-22 08:16 - 00001106 _____ () C:\Users\Patrick Wenig\Desktop\Dropbox.lnk
2014-12-15 18:45 - 2011-02-22 08:14 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-13 11:08 - 2014-06-01 09:58 - 00027983 _____ () C:\WINDOWS\system32\nvinfo.pb
2014-12-13 11:08 - 2013-10-27 09:12 - 18594432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2014-12-13 11:08 - 2013-10-27 09:12 - 17264312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2014-12-13 11:08 - 2013-10-27 09:12 - 16040184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2014-12-13 11:08 - 2013-10-27 09:12 - 14128496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2014-12-13 11:08 - 2013-10-27 09:12 - 03293136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2014-12-13 11:08 - 2013-10-27 09:12 - 02897824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2014-12-13 09:03 - 2013-11-08 19:36 - 06859408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-12-13 09:03 - 2013-11-08 19:36 - 03513488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2014-12-13 09:03 - 2013-11-08 19:36 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2014-12-13 09:03 - 2013-11-08 19:36 - 00935240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-12-13 09:03 - 2013-11-08 19:36 - 00386368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-12-13 09:03 - 2013-11-08 19:36 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-12-13 01:12 - 2014-06-03 20:12 - 01715224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2014-12-13 01:12 - 2014-06-03 20:12 - 01291464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2014-12-13 01:12 - 2014-02-09 13:26 - 02824504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2014-12-13 01:12 - 2014-02-09 13:26 - 02210040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2014-12-13 00:11 - 2013-11-08 19:36 - 04151176 _____ () C:\WINDOWS\system32\nvcoproc.bin
2014-12-11 18:39 - 2012-04-04 07:06 - 00003796 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-12-11 18:02 - 2014-01-29 17:37 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-07 20:41 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-07 20:41 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-07 20:41 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-12-07 20:41 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-12-07 18:35 - 2013-09-30 05:14 - 02250322 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-07 18:35 - 2013-09-30 04:58 - 00943164 _____ () C:\WINDOWS\system32\perfh007.dat
2014-12-07 18:35 - 2013-09-30 04:58 - 00226184 _____ () C:\WINDOWS\system32\perfc007.dat
2014-12-03 21:06 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-12-03 21:06 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
Some content of TEMP:
====================
C:\Users\Patrick Wenig\AppData\Local\Temp\avgnt.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\CMInstaller.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpe9ffex.dll
C:\Users\Patrick Wenig\AppData\Local\Temp\i4jdel0.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\MouseKeyboardCenterx64_1031.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Patrick Wenig\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Patrick Wenig\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Patrick Wenig\AppData\Local\Temp\nvStInst.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\SamsungAPInstaller_1390325000533.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\SamsungAPInstaller_1394278536296.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\SamsungAPInstaller_1395594156758.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\SamsungAPInstaller_1400224904149.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\SamsungAPInstaller_1400570987502.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\SamsungAPInstaller_1403885188766.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\SamsungAPInstaller_1411993701702.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\SamsungAPInstaller_1415181550782.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\SamsungAPInstaller_1415211033958.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\SamsungAPInstaller_1417371533392.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\SamsungAPInstaller_1418925300466.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\SerialDLL.dll
C:\Users\Patrick Wenig\AppData\Local\Temp\verify.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\vlc-2.0.8-win64.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\vlc-2.1.1-win64.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\vlc-2.1.2-win64.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\vlc-2.1.4-win64.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-02 10:04
==================== End Of Log ============================
Patrick |
|
02.01.2015, 15:32
| #2 |
| | Win 8.1 64bit: Bild in Mail von unbekanntem Absender geöffnet Und nun noch der Addition-Log:
__________________Code:
ATTFilter AAdditional scan result of Farbar Recovery Scan Tool (x64) Version: 01-01-2015
Ran by Patrick Wenig at 2015-01-02 12:37:59
Running from C:\Users\Patrick Wenig\AppData\Local\Microsoft\Windows\INetCache\IE\1KYVP97Q
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 4.65 (HKLM-x32\...\7-Zip) (Version: - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
AC3Filter (remove only) (HKLM-x32\...\AC3Filter) (Version: - )
AC3Filter 1.63b (HKLM-x32\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky)
AC3Filter ACM AC3/DTS codec (remove only) (HKLM-x32\...\AC3Filter.ACM) (Version: - )
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.13 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Creative Suite 5 Master Collection (HKLM-x32\...\{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe PDF iFilter 9 for 64-bit platforms (HKLM\...\{5EA12CF3-8162-47F6-ACAF-45AD03EFB08F}) (Version: 9.0.0 - Adobe)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advanced Renamer (HKLM-x32\...\Advanced Renamer_is1) (Version: 3.60 - Hulubulu Software)
Akamai NetSession Interface (HKU\S-1-5-21-3122463138-2323845440-1474034320-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Akamai NetSession Interface Service (HKLM-x32\...\Akamai) (Version: - )
AllShare Framework DMS (HKLM\...\{83232C27-8C3F-44A5-9EB2-BB7161228ADD}) (Version: 1.3.23 - Samsung)
Allway Sync version 14.1.7 (HKLM-x32\...\Allway Sync_is1) (Version: - Botkind Inc)
Amazon MP3-Downloader 1.0.9 (HKLM-x32\...\Amazon MP3-Downloader) (Version: - )
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
ASUSUpdate (HKLM-x32\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 7.17.13 - ASUSTeK Computer Inc.)
Audials TV (HKLM-x32\...\{24EE4523-711A-4BD1-95EA-F73A8A6950D3}) (Version: 1.3.10803.300 - RapidSolution Software AG)
AudialsOne (HKLM-x32\...\{30406D09-0004-4CFA-AB4C-12E30D40C960}) (Version: 4.2.13600.0 - RapidSolution Software AG)
Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.12 - Audible, Inc.)
Avira (HKLM-x32\...\{149bb302-ebda-47ae-b3e6-297cf4c356dc}) (Version: 1.1.21.40000 - Avira Operations GmbH & Co. KG)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: - AVM Berlin)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.)
AVS Video Converter 8.5 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 8.5.1.551 - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version: - Online Media Technologies Ltd.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BioShock (HKLM-x32\...\{E280923D-C5D9-4728-8C79-AC9A0DC75875}) (Version: 2.62.0000 - 2K Games)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
calibre (HKLM-x32\...\{A0E7A72E-FEFF-47BA-B893-1697CCAE5FE2}) (Version: 0.8.37 - Kovid Goyal)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.09 - Piriform)
Citavi 4 (HKLM-x32\...\{CC0A85B2-734A-45B3-B678-05F6A6499AC7}) (Version: 4.3.0.15 - Swiss Academic Software)
Classic Shell (HKLM\...\{2368907C-E8F6-4750-A023-254C3E2B5E8D}) (Version: 4.0.4 - IvoSoft)
CM Installer (HKLM-x32\...\{E8F42777-958D-4C14-9A42-8DCA1929FD26}) (Version: 1.0.0.0 - Cyanogen Inc.)
Command & Conquer 3 (HKLM-x32\...\{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}) (Version: 1.00.0000 - Ihr Firmenname)
Command & Conquer™ Alarmstufe Rot 3 (HKLM-x32\...\{296D8550-CB06-48E4-9A8B-E5034FB64715}) (Version: 1.0.1.0 - Electronic Arts)
Core Temp version 0.99.8 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 0.99.8 - Arthur Liberman)
CPUID CPU-Z 1.57.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CPUID HWMonitor 1.17 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
Crysis(R) (HKLM-x32\...\{000E79B7-E725-4F01-870A-C12942B7F8E4}) (Version: 1.00.0000 - Electronic Arts)
CrystalDiskInfo 4.1.4 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 4.1.4 - Crystal Dew World)
devolo dLAN 200 AVpro manager (HKLM-x32\...\dlanavmanager) (Version: 5.2.1.0 - devolo AG)
devolo dLAN Cockpit (HKLM-x32\...\dlancockpit) (Version: 3.0.0.0 - devolo AG)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
DivX Converter (HKLM-x32\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.1.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM-x32\...\DivX Plus DirectShow Filters) (Version: - DivX, Inc.)
dLAN Cockpit (HKLM-x32\...\Cockpit.92121A72F826FA9D0BD3A830E7F04987B31AFB22.1) (Version: 3 (23.12.2010) - devolo AG)
dLAN Cockpit (x32 Version: 3.23.12 - devolo AG) Hidden
dreamboxEDIT -- The one and only settings editor for your Dreambox (HKLM-x32\...\dreamboxEDIT) (Version: - )
DriveOnWeb EasyStorage Client Version 9.00.59 2011.05.23 (HKLM\...\DriveOnWeb EasyStorage Client_is1) (Version: - abilis GmbH)
Driver Genius Professional Edition (HKLM-x32\...\Driver Genius Professional Edition_is1) (Version: - Driver-Soft Inc.)
Dropbox (HKU\S-1-5-21-3122463138-2323845440-1474034320-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
DVDFab 8.2.2.9 (18/06/2013) Qt (HKLM-x32\...\DVDFab 8 Qt_is1) (Version: - Fengtao Software Inc.)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Ext2Fsd 0.51 (HKLM\...\Ext2Fsd_is1) (Version: 0.51 - Matt Wu)
Far Cry (HKLM-x32\...\InstallShield_{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}) (Version: 1.00.0000 - Ihr Firmenname)
Far Cry (Patch 1.3) (x32 Version: 1.00.0000 - Ubisoft) Hidden
Far Cry (Patch 1.31) (x32 Version: 1.00.0000 - Ubisoft) Hidden
Far Cry (Patch 1.33) (x32 Version: 1.00.0000 - Ubisoft) Hidden
Far Cry (Patch 1.4) (x32 Version: 1.00.0000 - Ubisoft) Hidden
Far Cry (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
FileZilla Client 3.9.0.5 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)
Freemake Audio Converter Version 1.1.0 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.0 - Ellora Assets Corporation)
Freemake Video Converter Version 4.1.5 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation)
FRITZ!Box-Fernzugang einrichten (HKLM-x32\...\{A79408B0-345D-42E8-8EB6-00597320B9E0}) (Version: 1.0.3 - AVM Berlin)
FRITZ!Fernzugang (HKLM\...\{62E685A3-1E4F-4A12-B77C-9949DE9E7DFB}) (Version: 1.2.3 - AVM Berlin)
FRITZ!Powerline (HKLM-x32\...\{66D0B88E-D0F0-4A7C-A03B-868D9DECA2C4}) (Version: 01.00.54 - AVM Berlin)
GDR 4033 für SQL Server 2008 R2 (KB2977320) (64-bit) (HKLM\...\KB2977320) (Version: 10.52.4033.0 - Microsoft Corporation)
GIMP 2.6.7 (HKLM-x32\...\WinGimp-2.0_is1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GPGNet (HKLM-x32\...\{C194D333-B84A-4BB7-B35E-060732D98DC4}) (Version: 1.0.0 - Gas Powered Games)
GPS Photo Tagger V1.2.3.h10 (HKLM-x32\...\GPS Photo Tagger_TSI) (Version: V1.2.3.h10 - iTravel Tech, Inc.)
Greenshot 1.1.9.13 (HKLM\...\Greenshot_is1) (Version: 1.1.9.13 - Greenshot)
gSyncit (HKLM-x32\...\{DF58A285-455B-4C78-B81C-9FBC53104E91}) (Version: 4.0.500 - Fieldston Software)
GTK+ 2.10.13 runtime environment (HKLM-x32\...\WinGTK-2_is1) (Version: - Tor Lillqvist)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Half-Life 2: Episode One (HKLM-x32\...\Steam App 380) (Version: - Valve)
Half-Life(R) 2 (HKLM-x32\...\{D45EC259-4A19-4656-B588-C2C360DD18EA}) (Version: 1.0.0.0 - Valve)
Hard Disk Low Level Format Tool 4.25 (HKLM-x32\...\Hard Disk Low Level Format Tool_is1) (Version: - HDDGURU)
Harmony Browser Plug-in (HKLM-x32\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 2.0 - Logitech)
Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP IDF Software (HKLM-x32\...\{974025B1-769B-49E9-817C-C638ABE8F372}) (Version: 11.15.1000 - Hewlett-Packard Company)
HP LaserJet Professional CM1410 Series (HKLM-x32\...\{0EF0EA0D-F945-4958-85CC-60FF1E86D216}) (Version: - Hewlett-Packard)
HP LJ CM1410 MFP Series HP Scan (HKLM-x32\...\{21749F4E-02A1-4828-9A1E-BBDF5929C5D0}) (Version: 1.0.302.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HPLaserJetHelp_LearnCenter (HKLM-x32\...\{22FE3793-5961-4ADE-AE66-69D9291C22B1}) (Version: 1.03.0000 - Hewlett-Packard)
hppLaserJetService (x32 Version: 002.015.00599 - Hewlett-Packard) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.5.0 - LIGHTNING UK!)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
JMicron HW RAID Manager (HKLM-x32\...\JMRAIDManager) (Version: 0.09.43 - JMicron Technology Corp.)
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
LightScribe System Software (HKLM-x32\...\{2FA75B40-17C9-4D22-88CA-80A5D52FAB13}) (Version: 1.18.24.1 - LightScribe)
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Logitech SetPoint 6.65 (HKLM\...\SP6) (Version: 6.65.62 - Logitech)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
Marketsplash Shortcuts (HKLM-x32\...\{FB0C267C-8B4F-4867-8161-A6A3B66D42C1}) (Version: 1.0.0.9 - Hewlett-Packard)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.25.4.3 - Marvell)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Live Add-in 1.4 (HKLM-x32\...\{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}) (Version: 2.0.3008.0 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95120000-0122-0407-0000-0000000FF1CE}) (Version: 12.0.6423.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{E8F7904A-4780-4F3F-B153-21BE32857120}) (Version: 10.52.4033.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{1D4A3734-9328-440F-960C-42B4CE481EB4}) (Version: 10.52.4033.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
MKVToolNix 7.3.0 (32bit) (HKLM-x32\...\MKVToolNix) (Version: 7.3.0 - Moritz Bunkus)
Mozilla Firefox 33.1.1 (x86 de) (HKU\S-1-5-21-3122463138-2323845440-1474034320-1000\...\Mozilla Firefox 33.1.1 (x86 de)) (Version: 33.1.1 - Mozilla)
Mozilla Firefox 4.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 4.0.1 (x86 de)) (Version: 4.0.1 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 0.12.1 - MusicBrainz)
My Movies for Windows (HKLM-x32\...\{5D99D2F5-59A2-4423-A13F-22EDBE44B4B4}) (Version: 5.1.1.103 - Binnerup Consult)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.6.8 - )
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PixiePack Codec Pack (HKLM-x32\...\{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}) (Version: 1.1.1200.0 - None)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
Readiris Pro 12 (HKLM-x32\...\{3AC26580-A695-4134-84AE-5121B3AAE545}) (Version: 12.00.5965 - I.R.I.S.)
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
RoboForm 7-9-10-1 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-10-1 - Siber Systems)
Samsung Link 2.0.0.1412161531 (HKLM\...\8474-7877-9059-0204) (Version: 2.0.0.1412161531 - Copyright 2013 SAMSUNG)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for SQL Server 2008 R2 (KB2630458) (64-bit) (HKLM\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version: - )
SiSoftware Sandra Lite 2010.SP2 (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1) (Version: 16.52.2010.7 - SiSoftware)
Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 28.1.83040 - Sonos, Inc.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
SQL Server 2008 R2 SP2 Common Files (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam(TM) (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
StreamTransport version: 1.0.2.2171 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version: - )
Supreme Commander - Forged Alliance (HKLM-x32\...\{31D95937-B237-405D-920C-A3EF4E482395}) (Version: 1.00.0000 - Gas Powered Games)
Supreme Commander (HKLM-x32\...\{25A1E6A4-2DBD-4AC0-8650-8EA9A45B183D}) (Version: 1.00.0000 - Gas Powered Games)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: - )
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version: - )
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.30992 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
TSDoctor (HKLM-x32\...\{7B669943-9778-495A-8828-24A02C9634B1}) (Version: 1.2.148 - Cypheros)
Unreal Tournament 3 (LG) (HKU\S-1-5-21-3122463138-2323845440-1474034320-1000\...\InstallShield_{FDBBAF14-5ED8-49B7-A5BE-1C35668B074D}) (Version: 1.00.0000 - Epic Games)
Unreal Tournament 3 (LG) (x32 Version: 1.00.0000 - Epic Games) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Virtual Volumes (HKLM-x32\...\Virtual Volumes) (Version: 0.7 - Chrysocome)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
VSO Image Resizer 3.0.1.76 (HKLM-x32\...\{3EE51BAD-9916-49C7-90BA-3D500B031E0C}_is1) (Version: 3.0.1.76 - VSO-Software)
Windows Driver Package - Palm (WinUSB) Palm Devices (10/09/2009 1.0.1) (HKLM\...\332CCC08910F1AE2E4D90D25DEDE87E3EF797832) (Version: 10/09/2009 1.0.1 - Palm)
Windows Driver Package - Palm (WinUSB) Palm Devices (10/09/2009 1.0.1) (HKLM\...\705BB4107F4B3FAEECCDB213EAD10359BBFF3BFA) (Version: 10/09/2009 1.0.1 - Palm)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live ID-Anmelde-Assistent (HKLM\...\{B0EFB716-085B-4564-8060-212E41F5CE50}) (Version: 6.500.3146.0 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter: Treiberupdate (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinSCP 4.2.9 (HKLM-x32\...\winscp3_is1) (Version: 4.2.9 - Martin Prikryl)
XMedia Recode 2.3.2.0 (HKLM-x32\...\XMedia Recode) (Version: 2.3.2.0 - Sebastian Dörfler)
XMedia Recode Version 3.2.0.4 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.2.0.4 - XMedia Recode)
yaDIS 2.3 (HKLM-x32\...\{14F44B46-A8F0-457E-AC29-4C032C899715}_is1) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3122463138-2323845440-1474034320-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Patrick Wenig\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3122463138-2323845440-1474034320-1000_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3122463138-2323845440-1474034320-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrick Wenig\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3122463138-2323845440-1474034320-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrick Wenig\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3122463138-2323845440-1474034320-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrick Wenig\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3122463138-2323845440-1474034320-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrick Wenig\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3122463138-2323845440-1474034320-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrick Wenig\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3122463138-2323845440-1474034320-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrick Wenig\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3122463138-2323845440-1474034320-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrick Wenig\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3122463138-2323845440-1474034320-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Patrick Wenig\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
20-12-2014 11:29:39 Installed gSyncit
28-12-2014 14:43:35 Geplanter Prüfpunkt
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2011-04-13 06:55 - 2011-04-13 06:55 - 00001359 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 adobe.activate.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 adobeereg.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {002A6A6A-8AEB-403D-B355-03B9F710F7E7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-15] (Microsoft Corporation)
Task: {0296CE81-CDCA-4121-B673-364CE4DA9264} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {04DA1C7B-D62E-4DA6-90A0-E1F875D8F817} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-10-07] (Microsoft Corporation)
Task: {0B88B8FA-32B0-4923-84B8-9F8BCA3CB9C6} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe
Task: {0FD383D8-6048-4945-B918-935E7B0B1A36} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {11AEE158-9AAA-43A7-93FB-51ABD862853B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {135491C9-3429-4163-9687-E659829AB636} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {19546E4E-FBB2-4C1D-B32A-29BBEEE922F8} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: {2FF12F3A-7D12-4B65-BA88-A975E6E2F877} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {365A0AA3-3BD2-4D89-ABF0-1DCE24952C0E} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {3DEB6FF9-ACAA-4956-BB86-2BFB69493AAB} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {3F7663E9-B67C-4C41-8E1D-77F7591F7A4B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {58FB3D88-FD4F-4AFD-8B90-543DC3B3941B} - System32\Tasks\AdobeAAMUpdater-1.0-PatrickWenig-PC-Patrick Wenig => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-09-16] (Adobe Systems Incorporated)
Task: {70F857CC-C171-4755-82FB-2FB94BE97627} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/test-pass.html?aaa=KICMNJJMNMOMLMMMNJKMCNJMOJIMJMCNLMHMOMNJCNHMNMOMLMCNPMKMPMKJJJMMOMMJKJLMGMKJJNJICMIMCNGMCNOMPMFMOMOMCNPMCNGMJMPMPMFMJMCNMMCNGMJMPMPMCNNMJNPICMOMFMMJBJKJLIMJFMOMHMIMJNHICMEKMICNJJCKJNBJCMPKOJLINIGJMJEJPNIKKJBJGJIJJNKJCMJNNICMJNDJCMLJKJJNMJCMPMFMIMNMFMOMJNFICMGJLJKJBJLIGJLIGJKJMIBNKJHIKJ"
Task: {72A63AAA-A68A-438C-B9F2-8A51A6E277F8} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {78542D09-C286-40EE-BE82-C663CD31A616} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {7F07E908-62F8-4554-85E5-167F7C3DE6A1} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09] (Hewlett-Packard)
Task: {807B628A-F2BF-4F95-8E47-403DD46D4125} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {825F42F8-8ED3-4431-A2CF-C4FAF2430786} - System32\Tasks\{4D365D7C-93C8-418A-8CD4-7A4691B1A925} => pcalua.exe -a J:\Documents\Downloads\avira_antivir_personal_de.exe -d J:\Documents\Downloads
Task: {9C20CC4A-7153-401E-A37B-D9DA4D97A9EA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {A8EDACB2-1093-43A6-90BD-F787807E9EE6} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {ABF33D95-1BC3-4679-9DB5-CA97EAC131DD} - System32\Tasks\{89C659CD-4D4B-4243-AD9F-3327BA4BD7B4} => pcalua.exe -a G:\FahrenheitAutoRun.exe -d G:\
Task: {AC56C36F-1646-4138-BCD9-A2BAD7A55E66} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-11] (Adobe Systems Incorporated)
Task: {CF3E54AE-C2D9-4970-B768-1DCBDA3BAE2E} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {D638C1CC-3B06-4460-8CF7-9C9E9F8B4895} - System32\Tasks\{8C996EA8-51DA-49E3-A421-DF1B93224D54} => pcalua.exe -a "C:\Users\Patrick Wenig\Desktop\WinCS5Cleanupscript\CS5InstallerDatabaseUtility.exe" -d "C:\Users\Patrick Wenig\Desktop\WinCS5Cleanupscript"
Task: {DE3A4FBE-62CB-4BA4-B640-4E9A81685FF4} - System32\Tasks\Core Temp Autostart Patrick Wenig => C:\Program Files\Core Temp\Core Temp.exe [2010-10-03] ()
Task: {F3A3D7F6-1140-4355-A315-41D3EF41F33D} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2014-11-06] (Siber Systems)
Task: {F633E424-AF1A-4014-8115-BB2C05E3C865} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-10-07] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-11-08 19:36 - 2014-12-13 09:03 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2008-10-24 16:35 - 2008-10-24 16:35 - 00128296 _____ () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
2010-03-30 10:01 - 2010-03-30 10:01 - 01288056 _____ () C:\Program Files\FRITZ!Fernzugang\LIBEAY32.dll
2011-06-22 11:57 - 2010-10-03 00:14 - 00563728 _____ () C:\Program Files\Core Temp\Core Temp.exe
2014-04-22 09:56 - 2014-03-21 11:07 - 00182784 _____ () C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe
2014-03-28 16:28 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2011-10-08 16:52 - 2009-08-03 15:32 - 00078848 _____ () C:\Program Files\DriveOnWeb EasyStorage Client\DOWSpdup.dll
2011-10-08 16:52 - 2009-07-27 13:20 - 00016896 _____ () C:\Program Files\DriveOnWeb EasyStorage Client\DOWCommon64.dll
2014-05-01 20:29 - 2014-05-01 20:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-06-04 17:51 - 2009-01-22 05:23 - 00069632 ____R () C:\Program Files (x86)\JMRAIDManager\XSrvSetup.exe
2014-06-04 17:51 - 2009-07-16 15:59 - 15218176 ____R () C:\Program Files (x86)\JMRAIDManager\HWRaidManager.exe
2014-10-05 11:46 - 2014-10-05 11:46 - 01167904 _____ () C:\Program Files (x86)\Binnerup Consult\My Movies for Windows\My Movies General Service.exe
2013-11-30 13:19 - 2014-12-16 15:31 - 00025088 _____ () C:\Program Files\Samsung\Samsung Link\JniSys.dll
2013-11-30 13:19 - 2014-12-16 15:31 - 02633728 _____ () C:\Program Files\Samsung\Samsung Link\scone_proxy.dll
2013-11-30 13:19 - 2014-12-16 15:31 - 02540544 _____ () C:\Program Files\Samsung\Samsung Link\scone_stub.dll
2013-12-21 11:25 - 2013-12-21 11:25 - 00036864 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\JNIInterface.dll
2013-12-21 11:26 - 2013-12-21 11:26 - 00144384 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\ASFAPI.dll
2013-12-21 11:27 - 2013-12-21 11:27 - 00018944 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\MediaDB_Manager.dll
2013-10-22 09:52 - 2013-10-22 09:52 - 00030720 _____ () C:\WINDOWS\SYSTEM32\MediaDB64.dll
2013-10-22 09:52 - 2013-10-22 09:52 - 00908800 _____ () C:\WINDOWS\SYSTEM32\ContentDirectoryPresenter64.dll
2013-12-21 11:27 - 2013-12-21 11:27 - 00521728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\DMS_Manager.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00049152 _____ () C:\WINDOWS\SYSTEM32\boost_date_time-vc90-mt-1_47.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00016896 _____ () C:\WINDOWS\SYSTEM32\boost_system-vc90-mt-1_47.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00058880 _____ () C:\WINDOWS\SYSTEM32\boost_thread-vc90-mt-1_47.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00299520 _____ () C:\WINDOWS\SYSTEM32\boost_serialization-vc90-mt-1_47.dll
2013-11-30 13:19 - 2014-12-16 15:31 - 00049664 _____ () C:\Program Files\Samsung\Samsung Link\JniIO.dll
2014-05-16 08:23 - 2014-05-16 08:23 - 00669696 _____ () C:\Windows\Temp\sqlite-3.7.151-amd64-sqlitejdbc.dll
2011-02-18 07:18 - 2011-02-18 07:18 - 00245760 _____ () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
2010-01-22 17:47 - 2014-03-21 11:27 - 00094416 _____ () C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe
2011-10-08 16:52 - 2011-05-23 15:58 - 00765672 _____ () C:\Program Files\DriveOnWeb EasyStorage Client\easyClient.exe
2014-06-15 18:14 - 2014-06-15 18:14 - 00777728 _____ () C:\Program Files (x86)\Binnerup Consult\My Movies for Windows\X64Dll\MyMoviesC.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 00264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2013-12-11 16:46 - 2013-12-11 16:46 - 01114624 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DMSManager.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00227840 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_serialization-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_date_time-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00012800 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_system-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00046592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_thread-vc90-mt-1_47.dll
2013-10-22 09:48 - 2013-10-22 09:48 - 00707072 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ContentDirectoryPresenter.dll
2013-10-24 16:53 - 2013-10-24 16:53 - 00107008 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMCDP.dll
2013-12-11 16:46 - 2013-12-11 16:46 - 00102400 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\FolderCDP.dll
2013-10-24 16:53 - 2013-10-24 16:53 - 00032768 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\Autobackup.dll
2013-04-19 16:38 - 2013-04-19 16:38 - 00055808 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RosettaAllShare.dll
2013-12-11 16:46 - 2013-12-11 16:46 - 00077312 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MetadataFramework.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00520234 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\sqlite3.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00450560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MoodExtractor.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 05717504 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMImgExtractor.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00028672 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AutoChaptering.dll
2013-10-25 19:49 - 2013-10-25 19:49 - 00028160 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AudioExtractor.dll
2013-12-11 16:45 - 2013-12-11 16:45 - 00017920 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoExtractor.dll
2013-10-25 19:53 - 2013-10-25 19:53 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageExtractor.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\TextExtractor.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00147456 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexpat.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoThumb.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00064000 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ID3Driver.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00023040 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RichInfoDriver.dll
2013-10-25 19:53 - 2013-10-25 19:53 - 00117248 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ThumbnailMaker.dll
2013-12-11 16:45 - 2013-12-11 16:45 - 00134144 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoMetadataDriver.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\SECMetaDriver.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\photoDriver.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 04671488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avcodec-52.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00686080 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avformat-52.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00070656 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avutil-50.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00152064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\swscale-0.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00366592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\tag.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00289792 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libThumbnail.dll
2013-10-25 19:53 - 2013-10-25 19:53 - 01033728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageMagickWrapper.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00290816 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libKeyFrame.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00399826 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexif-12.dll.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00044032 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\us.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-06-04 17:51 - 2005-01-29 23:35 - 00015960 ____R () C:\Program Files (x86)\JMRAIDManager\mingwm10.dll
2010-01-22 17:47 - 2014-03-21 11:06 - 00043520 _____ () C:\Program Files (x86)\Allway Sync\Bin\SyncHook.dll
2010-01-22 17:47 - 2014-03-21 11:07 - 08243200 _____ () C:\Program Files (x86)\Allway Sync\Bin\syncapp.dll
2011-10-08 16:52 - 2005-10-27 16:14 - 00184320 _____ () C:\Program Files\DriveOnWeb EasyStorage Client\bigint.dll
2011-10-08 16:52 - 2011-03-03 16:37 - 00761856 _____ () C:\Program Files\DriveOnWeb EasyStorage Client\DOWCommon.dll
2011-10-08 16:52 - 2011-04-15 12:36 - 00200704 _____ () C:\Program Files\DriveOnWeb EasyStorage Client\wdfsResDe.dll
2014-09-27 11:28 - 2014-09-27 11:56 - 00122024 _____ () C:\Program Files\Microsoft Office 15\root\Office15\JitV.dll
2014-11-27 19:40 - 2014-11-27 19:40 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\Office15\AppVIsvStream32.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00750080 _____ () C:\Users\Patrick Wenig\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-01-02 09:50 - 2015-01-02 09:50 - 00043008 _____ () c:\Users\Patrick Wenig\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpe9ffex.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00047616 _____ () C:\Users\Patrick Wenig\AppData\Roaming\Dropbox\bin\libEGL.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00863744 _____ () C:\Users\Patrick Wenig\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00200704 _____ () C:\Users\Patrick Wenig\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2014-12-03 19:07 - 2014-12-03 19:07 - 00019968 _____ () E:\Adobe\Acrobat 10.0\Acrobat\locale\de_de\acrotray.deu
2012-09-12 23:38 - 2012-09-12 23:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2012-09-12 23:39 - 2012-09-12 23:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2011-05-08 13:29 - 2007-08-18 08:54 - 00380928 _____ () C:\WINDOWS\SYSTEM32\ac3filter.acm
2011-08-01 17:23 - 2013-05-27 16:53 - 00859056 _____ () C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\RMBin\tools\encsession.dll
2011-08-01 17:23 - 2013-05-27 16:53 - 00056264 _____ () C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\RMBin\tools\audiofmtconverter.dll
2011-08-01 17:23 - 2013-05-27 16:53 - 00056248 _____ () C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\RMBin\tools\audiometer.dll
2011-08-01 17:23 - 2013-05-27 16:53 - 00330688 _____ () C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\RMBin\tools\audioresampler.dll
2011-08-01 17:23 - 2013-05-27 16:53 - 00056248 _____ () C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\RMBin\tools\eventpack.dll
2011-08-01 17:23 - 2013-05-27 16:53 - 00056248 _____ () C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\RMBin\tools\mediasink.dll
2011-08-01 17:23 - 2013-05-27 16:53 - 00060368 _____ () C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\RMBin\tools\mpeg4audiopacketizer.dll
2011-08-01 17:23 - 2013-05-27 16:53 - 00089032 _____ () C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\RMBin\tools\rmsessionformat.dll
2011-08-01 17:23 - 2013-05-27 16:53 - 00244656 _____ () C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\RMBin\tools\rmwriter.dll
2011-08-01 17:23 - 2013-05-27 16:53 - 00072640 _____ () C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\RMBin\tools\rnaudiocodec.dll
2011-08-01 17:23 - 2013-05-27 16:53 - 00080840 _____ () C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\RMBin\tools\rnaudiopacketizer.dll
2011-08-01 17:23 - 2013-05-27 16:53 - 00109504 _____ () C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\RMBin\tools\rnvideocodec.dll
2011-08-01 17:23 - 2013-05-27 16:53 - 00052176 _____ () C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\RMBin\tools\videocolorconverter.dll
2011-08-01 17:23 - 2013-05-27 16:53 - 00048064 _____ () C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\RMBin\tools\videolumaadj.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-11-27 19:40 - 2014-11-27 19:40 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2014-12-28 10:55 - 2014-12-28 10:56 - 01754296 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\tmpod.dll
2014-12-28 10:57 - 2014-11-18 15:26 - 01032360 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\ADDINS\UmOutlookAddin.dll
2014-05-01 11:52 - 2014-05-01 12:16 - 10506240 _____ () C:\Program Files\WindowsApps\USM.Catan_1.3.0.89_x86__7hvb7npg24jfc\CatanView.exe
2014-12-29 03:07 - 2014-12-29 03:07 - 00063488 _____ () C:\Users\Patrick Wenig\AppData\Local\Packages\USM.Catan_7hvb7npg24jfc\AC\Microsoft\CLR_v4.0_32\NativeImages\CatanInAppPurchase\477549da201e2093bc8e0837a79687b7\CatanInAppPurchase.ni.dll
2014-12-29 03:06 - 2014-12-29 03:06 - 01130496 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.App640a3541#\6e37f358bf8363dad51e2333292d61a9\Windows.ApplicationModel.ni.dll
2014-12-29 03:06 - 2014-12-29 03:06 - 00228864 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\f7e726805e56676bd7b8662a3d842b0e\Windows.Foundation.ni.dll
2014-12-29 03:07 - 2014-12-29 03:07 - 00102400 _____ () C:\Users\Patrick Wenig\AppData\Local\Packages\USM.Catan_7hvb7npg24jfc\AC\Microsoft\CLR_v4.0_32\NativeImages\XOZSoundComponent\df4cc327ba7d2622c764ebb12b673333\XOZSoundComponent.ni.dll
2014-12-29 03:06 - 2014-12-29 03:06 - 00808448 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Storage\f0a2c10499402eff632a7a7df0b4afef\Windows.Storage.ni.dll
2014-12-29 03:07 - 2014-12-29 03:07 - 00414208 _____ () C:\Users\Patrick Wenig\AppData\Local\Packages\USM.Catan_7hvb7npg24jfc\AC\Microsoft\CLR_v4.0_32\NativeImages\CatanWinRTUtilities\4d0fe31cde7ed1d8af2c7c8e06e09ca7\CatanWinRTUtilities.ni.dll
2014-12-29 03:06 - 2014-12-29 03:06 - 03530752 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.UI.Xaml\90a4331ab5b5bb3ead23d75d4349a491\Windows.UI.Xaml.ni.dll
2014-12-29 03:06 - 2014-12-29 03:06 - 00960000 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.UI\6c2169e34bfb3814fa44f267572335f6\Windows.UI.ni.dll
2014-12-29 03:07 - 2014-12-29 03:07 - 00337920 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Data\fe565d34d4335337c06264bb0d85e3b0\Windows.Data.ni.dll
2014-12-29 03:07 - 2014-12-29 03:07 - 00225792 _____ () C:\Users\Patrick Wenig\AppData\Local\Packages\USM.Catan_7hvb7npg24jfc\AC\Microsoft\CLR_v4.0_32\NativeImages\AppPromo\4d75c5e6bf5d1d8d24b64066a1623f9c\AppPromo.ni.dll
2014-12-29 03:07 - 2014-12-29 03:07 - 01282048 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Devices\bf5509cf3a0d2e3afbd0c33e9153ecbd\Windows.Devices.ni.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Patrick Wenig\Cookies:002sTq4Bm6GMwCcqOex
AlternateDataStreams: C:\Users\Patrick Wenig\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
HKU\S-1-5-21-3122463138-2323845440-1474034320-1000\Software\Classes\.exe: => <===== ATTENTION!
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Users^Patrick Wenig^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Produktregistrierung.lnk => C:\Windows\pss\Logitech . Produktregistrierung.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "E:\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "E:\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AVMWlanClient => C:\Program Files (x86)\avmwlanstick\wlangui.exe
MSCONFIG\startupreg: BCSSync => "E:\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: IntelliPoint => "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
MSCONFIG\startupreg: iTunesHelper => "E:\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: itype => "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Steam => E:\Valve\Steam\\Steam.exe -silent
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe
HKLM\...\StartupApproved\Run32: => "DivXUpdate"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive"
HKLM\...\StartupApproved\Run32: => "Adobe Acrobat Speed Launcher"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "DivXMediaServer"
HKU\S-1-5-21-3122463138-2323845440-1474034320-1000\...\StartupApproved\Run: => "LightScribe Control Panel"
HKU\S-1-5-21-3122463138-2323845440-1474034320-1000\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
========================= Accounts: ==========================
Administrator (S-1-5-21-3122463138-2323845440-1474034320-500 - Administrator - Disabled)
Gast (S-1-5-21-3122463138-2323845440-1474034320-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3122463138-2323845440-1474034320-1014 - Limited - Enabled)
Patrick Wenig (S-1-5-21-3122463138-2323845440-1474034320-1000 - Administrator - Enabled) => C:\Users\Patrick Wenig
==================== Faulty Device Manager Devices =============
Name: Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter
Description: Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTL8187
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: AVM Audio
Description: AVM Audio
Class Guid: {5f87e721-8ba2-4307-aede-1135fcf04a80}
Manufacturer: AVM Berlin
Service: avmaudio
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: =========================
Application errors:
==================
Error: (01/02/2015 10:23:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DVDFab.exe, Version: 8.2.2.9, Zeitstempel: 0x51cd0459
Name des fehlerhaften Moduls: qtcore4.dll, Version: 4.8.0.0, Zeitstempel: 0x4ef9997f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000416fa
ID des fehlerhaften Prozesses: 0x2c4
Startzeit der fehlerhaften Anwendung: 0xDVDFab.exe0
Pfad der fehlerhaften Anwendung: DVDFab.exe1
Pfad des fehlerhaften Moduls: DVDFab.exe2
Berichtskennung: DVDFab.exe3
Vollständiger Name des fehlerhaften Pakets: DVDFab.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DVDFab.exe5
Error: (01/02/2015 10:22:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DVDFab.exe, Version: 8.2.2.9, Zeitstempel: 0x51cd0459
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0xa8c71240
ID des fehlerhaften Prozesses: 0x2c4
Startzeit der fehlerhaften Anwendung: 0xDVDFab.exe0
Pfad der fehlerhaften Anwendung: DVDFab.exe1
Pfad des fehlerhaften Moduls: DVDFab.exe2
Berichtskennung: DVDFab.exe3
Vollständiger Name des fehlerhaften Pakets: DVDFab.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DVDFab.exe5
Error: (01/02/2015 10:17:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DVDFab.exe, Version: 8.2.2.9, Zeitstempel: 0x51cd0459
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0xa8c71240
ID des fehlerhaften Prozesses: 0x1a10
Startzeit der fehlerhaften Anwendung: 0xDVDFab.exe0
Pfad der fehlerhaften Anwendung: DVDFab.exe1
Pfad des fehlerhaften Moduls: DVDFab.exe2
Berichtskennung: DVDFab.exe3
Vollständiger Name des fehlerhaften Pakets: DVDFab.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DVDFab.exe5
Error: (01/02/2015 10:13:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DVDFab.exe, Version: 8.2.2.9, Zeitstempel: 0x51cd0459
Name des fehlerhaften Moduls: qtcore4.dll, Version: 4.8.0.0, Zeitstempel: 0x4ef9997f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000416f4
ID des fehlerhaften Prozesses: 0x2730
Startzeit der fehlerhaften Anwendung: 0xDVDFab.exe0
Pfad der fehlerhaften Anwendung: DVDFab.exe1
Pfad des fehlerhaften Moduls: DVDFab.exe2
Berichtskennung: DVDFab.exe3
Vollständiger Name des fehlerhaften Pakets: DVDFab.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DVDFab.exe5
Error: (01/02/2015 10:13:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DVDFab.exe, Version: 8.2.2.9, Zeitstempel: 0x51cd0459
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0xa8c71240
ID des fehlerhaften Prozesses: 0x2730
Startzeit der fehlerhaften Anwendung: 0xDVDFab.exe0
Pfad der fehlerhaften Anwendung: DVDFab.exe1
Pfad des fehlerhaften Moduls: DVDFab.exe2
Berichtskennung: DVDFab.exe3
Vollständiger Name des fehlerhaften Pakets: DVDFab.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DVDFab.exe5
Error: (01/02/2015 10:07:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DVDFab.exe, Version: 8.2.2.9, Zeitstempel: 0x51cd0459
Name des fehlerhaften Moduls: qtcore4.dll, Version: 4.8.0.0, Zeitstempel: 0x4ef9997f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000416fa
ID des fehlerhaften Prozesses: 0x21e8
Startzeit der fehlerhaften Anwendung: 0xDVDFab.exe0
Pfad der fehlerhaften Anwendung: DVDFab.exe1
Pfad des fehlerhaften Moduls: DVDFab.exe2
Berichtskennung: DVDFab.exe3
Vollständiger Name des fehlerhaften Pakets: DVDFab.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DVDFab.exe5
Error: (01/02/2015 10:07:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DVDFab.exe, Version: 8.2.2.9, Zeitstempel: 0x51cd0459
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0xa8c71240
ID des fehlerhaften Prozesses: 0x21e8
Startzeit der fehlerhaften Anwendung: 0xDVDFab.exe0
Pfad der fehlerhaften Anwendung: DVDFab.exe1
Pfad des fehlerhaften Moduls: DVDFab.exe2
Berichtskennung: DVDFab.exe3
Vollständiger Name des fehlerhaften Pakets: DVDFab.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DVDFab.exe5
Error: (01/02/2015 09:50:52 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: ad8
Startzeit: 01d026687dc447f3
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID: 71043e7e-925c-11e4-bf03-0018f3a2659b
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (01/02/2015 09:47:00 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (01/02/2015 09:37:32 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
System errors:
=============
Error: (01/02/2015 09:54:04 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 20.
Error: (01/02/2015 09:49:40 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.
Error: (01/02/2015 09:48:54 AM) (Source: DCOM) (EventID: 10016) (User: PATRICKWENIG-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}PatrickWenig-PCPatrick WenigS-1-5-21-3122463138-2323845440-1474034320-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (01/02/2015 09:48:54 AM) (Source: DCOM) (EventID: 10016) (User: PATRICKWENIG-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}PatrickWenig-PCPatrick WenigS-1-5-21-3122463138-2323845440-1474034320-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (01/02/2015 09:48:53 AM) (Source: DCOM) (EventID: 10016) (User: PATRICKWENIG-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}PatrickWenig-PCPatrick WenigS-1-5-21-3122463138-2323845440-1474034320-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (01/02/2015 09:48:53 AM) (Source: DCOM) (EventID: 10016) (User: PATRICKWENIG-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}PatrickWenig-PCPatrick WenigS-1-5-21-3122463138-2323845440-1474034320-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (01/02/2015 09:48:53 AM) (Source: DCOM) (EventID: 10016) (User: PATRICKWENIG-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}PatrickWenig-PCPatrick WenigS-1-5-21-3122463138-2323845440-1474034320-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (01/02/2015 09:48:53 AM) (Source: DCOM) (EventID: 10016) (User: PATRICKWENIG-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}PatrickWenig-PCPatrick WenigS-1-5-21-3122463138-2323845440-1474034320-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (01/02/2015 09:48:53 AM) (Source: DCOM) (EventID: 10016) (User: PATRICKWENIG-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}PatrickWenig-PCPatrick WenigS-1-5-21-3122463138-2323845440-1474034320-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (01/02/2015 09:48:49 AM) (Source: DCOM) (EventID: 10010) (User: PATRICKWENIG-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Microsoft Office Sessions:
=========================
Error: (01/02/2015 10:23:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: DVDFab.exe8.2.2.951cd0459qtcore4.dll4.8.0.04ef9997fc0000005000416fa2c401d0266d91d1e1c5C:\PROGRA~2\DVDFAB~2\DVDFab.exeC:\PROGRA~2\DVDFAB~2\qtcore4.dllf9ca1b52-9260-11e4-bf03-0018f3a2659b
Error: (01/02/2015 10:22:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: DVDFab.exe8.2.2.951cd0459unknown0.0.0.000000000c0000005a8c712402c401d0266d91d1e1c5C:\PROGRA~2\DVDFAB~2\DVDFab.exeunknownd0ab57bc-9260-11e4-bf03-0018f3a2659b
Error: (01/02/2015 10:17:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: DVDFab.exe8.2.2.951cd0459unknown0.0.0.000000000c0000005a8c712401a1001d0266cf54a3bf2C:\PROGRA~2\DVDFAB~2\DVDFab.exeunknown345c927e-9260-11e4-bf03-0018f3a2659b
Error: (01/02/2015 10:13:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: DVDFab.exe8.2.2.951cd0459qtcore4.dll4.8.0.04ef9997fc0000005000416f4273001d0266c568dd87aC:\PROGRA~2\DVDFAB~2\DVDFab.exeC:\PROGRA~2\DVDFAB~2\qtcore4.dlla95504f5-925f-11e4-bf03-0018f3a2659b
Error: (01/02/2015 10:13:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: DVDFab.exe8.2.2.951cd0459unknown0.0.0.000000000c0000005a8c71240273001d0266c568dd87aC:\PROGRA~2\DVDFAB~2\DVDFab.exeunknown946a31da-925f-11e4-bf03-0018f3a2659b
Error: (01/02/2015 10:07:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: DVDFab.exe8.2.2.951cd0459qtcore4.dll4.8.0.04ef9997fc0000005000416fa21e801d0266b7786e436C:\PROGRA~2\DVDFAB~2\DVDFab.exeC:\PROGRA~2\DVDFAB~2\qtcore4.dllcf413d0d-925e-11e4-bf03-0018f3a2659b
Error: (01/02/2015 10:07:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: DVDFab.exe8.2.2.951cd0459unknown0.0.0.000000000c0000005a8c7124021e801d0266b7786e436C:\PROGRA~2\DVDFAB~2\DVDFab.exeunknownb7a1cecb-925e-11e4-bf03-0018f3a2659b
Error: (01/02/2015 09:50:52 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20689ad801d026687dc447f34294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe71043e7e-925c-11e4-bf03-0018f3a2659bmicrosoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
Error: (01/02/2015 09:47:00 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (01/02/2015 09:37:32 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
CodeIntegrity Errors:
===================================
Date: 2015-01-02 09:47:49.565
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\lilsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-01-02 09:34:58.620
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\lilsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-30 08:45:23.285
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\lilsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-29 09:27:41.650
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\lilsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-29 03:06:37.135
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll that did not meet the Microsoft signing level requirements.
Date: 2014-12-29 03:06:37.026
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll that did not meet the Microsoft signing level requirements.
Date: 2014-12-29 03:06:36.932
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll that did not meet the Microsoft signing level requirements.
Date: 2014-12-29 03:06:36.807
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll that did not meet the Microsoft signing level requirements.
Date: 2014-12-29 03:06:36.729
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll that did not meet the Microsoft signing level requirements.
Date: 2014-12-29 03:06:36.620
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Quad CPU Q9550 @ 2.83GHz
Percentage of memory in use: 70%
Total physical RAM: 7167.14 MB
Available physical RAM: 2089.45 MB
Total Pagefile: 8319.14 MB
Available Pagefile: 1667.34 MB
Total Virtual: 131072 MB
Available Virtual: 131071.85 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:377.76 GB) (Free:118.19 GB) NTFS
Drive d: (PATSTORE) (Removable) (Total:57.62 GB) (Free:38.64 GB) NTFS
Drive e: (Anwendungen) (Fixed) (Total:357.59 GB) (Free:136.79 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 1 (Size: 57.6 GB) (Disk ID: 45FD2EBA)
Partition 1: (Active) - (Size=57.6 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
02.01.2015, 19:28
| #3 |
| /// the machine /// TB-Ausbilder    | Win 8.1 64bit: Bild in Mail von unbekanntem Absender geöffnet hi,
__________________hast Du die Mail noch?
__________________ |
|
02.01.2015, 19:48
| #4 |
| | Win 8.1 64bit: Bild in Mail von unbekanntem Absender geöffnet Nein, leider nicht. Habe sie dann gleich gelöscht. |
|
02.01.2015, 21:28
| #5 |
| /// the machine /// TB-Ausbilder | Win 8.1 64bit: Bild in Mail von unbekanntem Absender geöffnet Ok. Unsere Tools immer auf dem Desktop speichern, nicht aus den Temps ausführen. Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.01.2015, 13:42
| #6 |
| | Win 8.1 64bit: Bild in Mail von unbekanntem Absender geöffnet Hier zunächst der mbar log. Im zweiten Durchgang wurde nichts mehr gefunden! Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.08.2.1001
www.malwarebytes.org
Database version: v2015.01.03.04
Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17498
Patrick Wenig :: PATRICKWENIG-PC [administrator]
03.01.2015 09:50:11
mbar-log-2015-01-03 (09-50-11).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 438108
Time elapsed: 1 hour(s), 35 minute(s), 8 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 7
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Delete on reboot. [e31de60d4544a096f679c837f80a847c]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{4D1EC4CA-4B92-4324-B8F8-C9A6ED06A8AE} (Adware.Hotbar) -> Delete on reboot. [3bc59f54ccbd3600874643b99f634bb5]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{4E674574-3F0B-491d-8AE3-F90B43A34FD6} (Adware.Hotbar) -> Delete on reboot. [bd43a44f3d4c86b00cc234c88c76a25e]
HKLM\SOFTWARE\WOW6432NODE\HBLite (Adware.HotBar) -> Delete on reboot. [8d738e658ffae650beaad25017ed19e7]
HKLM\SOFTWARE\WOW6432NODE\ShoppingReport2 (Adware.ShoppingReport2) -> Delete on reboot. [3fc1a94ab0d92d09bf6693a6000409f7]
HKU\S-1-5-21-3122463138-2323845440-1474034320-1000\SOFTWARE\hblitesa (Adware.HotBar) -> Delete on reboot. [23dd52a13554d363717a17fd54b024dc]
HKU\S-1-5-21-3122463138-2323845440-1474034320-1000\SOFTWARE\ShoppingReport2 (Adware.ShoppingReport2) -> Delete on reboot. [cb359162ec9d63d351be5ec29b690000]
Registry Values Detected: 1
HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|HBLite@HBLite.com (Adware.HotBar) -> Data: C:\Program Files (x86)\HBLite\bin\11.0.363.0\firefox\extensions -> Delete on reboot. [9a6613e039505ed8f0678cac13f14eb2]
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 13
C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> Delete on reboot. [e41cbf340188a294ed1c61bc15eecf31]
C:\Users\Patrick Wenig\AppData\Roaming\HBLite (Adware.Hotbar) -> Delete on reboot. [9d63a94a3851999d21619f7eee1534cc]
C:\ProgramData\HBLiteSA (Adware.Hotbar) -> Delete on reboot. [33cdb53ea6e3a591602345d838cb956b]
C:\Program Files (x86)\HBLite (Adware.Hotbar) -> Delete on reboot. [34cc6e85890061d53b6c8799f1127888]
C:\Program Files (x86)\HBLite\bin (Adware.Hotbar) -> Delete on reboot. [34cc6e85890061d53b6c8799f1127888]
C:\Program Files (x86)\HBLite\bin\11.0.363.0 (Adware.Hotbar) -> Delete on reboot. [34cc6e85890061d53b6c8799f1127888]
C:\Program Files (x86)\HBLite\bin\11.0.363.0\firefox (Adware.Hotbar) -> Delete on reboot. [34cc6e85890061d53b6c8799f1127888]
C:\Program Files (x86)\HBLite\bin\11.0.363.0\firefox\extensions (Adware.Hotbar) -> Delete on reboot. [34cc6e85890061d53b6c8799f1127888]
C:\Program Files (x86)\HBLite\bin\11.0.363.0\firefox\extensions\plugins (Adware.Hotbar) -> Delete on reboot. [34cc6e85890061d53b6c8799f1127888]
C:\Program Files (x86)\ShoppingReport2 (Adware.ShoppingReport2) -> Delete on reboot. [57a96291f1985bdb7a5023ff778c7090]
C:\Program Files (x86)\ShoppingReport2\Bin (Adware.ShoppingReport2) -> Delete on reboot. [57a96291f1985bdb7a5023ff778c7090]
C:\Program Files (x86)\ShoppingReport2\Bin\2.7.34 (Adware.ShoppingReport2) -> Delete on reboot. [57a96291f1985bdb7a5023ff778c7090]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotbar (Adware.Hotbar) -> Delete on reboot. [847c5f944742df57c946d451d92a53ad]
Files Detected: 6
C:\ProgramData\HBLiteSA\HBLiteSA.dat (Adware.Hotbar) -> Delete on reboot. [33cdb53ea6e3a591602345d838cb956b]
C:\ProgramData\HBLiteSA\HBLiteSAAbout.mht (Adware.Hotbar) -> Delete on reboot. [33cdb53ea6e3a591602345d838cb956b]
C:\ProgramData\HBLiteSA\HBLiteSAau.dat (Adware.Hotbar) -> Delete on reboot. [33cdb53ea6e3a591602345d838cb956b]
C:\ProgramData\HBLiteSA\HBLiteSAEULA.mht (Adware.Hotbar) -> Delete on reboot. [33cdb53ea6e3a591602345d838cb956b]
C:\ProgramData\HBLiteSA\HBLiteSA_kyf.dat (Adware.Hotbar) -> Delete on reboot. [33cdb53ea6e3a591602345d838cb956b]
C:\Program Files (x86)\HBLite\bin\11.0.363.0\firefox\extensions\install.rdf (Adware.Hotbar) -> Delete on reboot. [34cc6e85890061d53b6c8799f1127888]
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 12:04:58.0899 0x22bc TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
12:05:02.0353 0x22bc ============================================================
12:05:02.0353 0x22bc Current date / time: 2015/01/03 12:05:02.0353
12:05:02.0353 0x22bc SystemInfo:
12:05:02.0353 0x22bc
12:05:02.0353 0x22bc OS Version: 6.3.9600 ServicePack: 0.0
12:05:02.0353 0x22bc Product type: Workstation
12:05:02.0353 0x22bc ComputerName: PATRICKWENIG-PC
12:05:02.0353 0x22bc UserName: Patrick Wenig
12:05:02.0353 0x22bc Windows directory: C:\WINDOWS
12:05:02.0353 0x22bc System windows directory: C:\WINDOWS
12:05:02.0353 0x22bc Running under WOW64
12:05:02.0353 0x22bc Processor architecture: Intel x64
12:05:02.0353 0x22bc Number of processors: 4
12:05:02.0353 0x22bc Page size: 0x1000
12:05:02.0353 0x22bc Boot type: Normal boot
12:05:02.0353 0x22bc ============================================================
12:05:03.0415 0x22bc KLMD registered as C:\WINDOWS\system32\drivers\00866018.sys
12:05:05.0134 0x22bc System UUID: {96448252-758C-212D-5D65-11064C64DC0B}
12:05:06.0009 0x22bc Drive \Device\Harddisk0\DR0 - Size: 0xBA4DF00000 ( 745.22 Gb ), SectorSize: 0x200, Cylinders: 0x17C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:05:06.0040 0x22bc Drive \Device\Harddisk1\DR1 - Size: 0xE67E7E800 ( 57.62 Gb ), SectorSize: 0x200, Cylinders: 0x1D62, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:05:06.0040 0x22bc ============================================================
12:05:06.0040 0x22bc \Device\Harddisk0\DR0:
12:05:06.0040 0x22bc MBR partitions:
12:05:06.0040 0x22bc \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:05:06.0040 0x22bc \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x2F385000
12:05:06.0040 0x22bc \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x2F3B7800, BlocksNum 0x2CB2F800
12:05:06.0040 0x22bc \Device\Harddisk1\DR1:
12:05:06.0040 0x22bc MBR partitions:
12:05:06.0040 0x22bc \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x733F2E1
12:05:06.0040 0x22bc ============================================================
12:05:06.0119 0x22bc C: <-> \Device\Harddisk0\DR0\Partition2
12:05:06.0212 0x22bc E: <-> \Device\Harddisk0\DR0\Partition3
12:05:06.0212 0x22bc ============================================================
12:05:06.0212 0x22bc Initialize success
12:05:06.0212 0x22bc ============================================================
12:05:22.0199 0x09fc ============================================================
12:05:22.0199 0x09fc Scan started
12:05:22.0199 0x09fc Mode: Manual; SigCheck; TDLFS;
12:05:22.0199 0x09fc ============================================================
12:05:22.0199 0x09fc KSN ping started
12:05:24.0746 0x09fc KSN ping finished: true
12:05:33.0685 0x09fc ================ Scan system memory ========================
12:05:33.0685 0x09fc System memory - ok
12:05:33.0685 0x09fc ================ Scan services =============================
12:05:34.0028 0x09fc [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
12:05:34.0138 0x09fc 1394ohci - ok
12:05:34.0169 0x09fc [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
12:05:34.0185 0x09fc 3ware - ok
12:05:34.0263 0x09fc [ 7EEB488346FBFA3731276C3EE8A8FD9E, 97D2E49C2E615E38E8176F1C1551BF452CC6A00787FF90845EFF27A4E6E20B1F ] AAV UpdateService C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
12:05:34.0263 0x09fc AAV UpdateService - ok
12:05:34.0325 0x09fc [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
12:05:34.0357 0x09fc ACPI - ok
12:05:34.0372 0x09fc [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
12:05:34.0372 0x09fc acpiex - ok
12:05:34.0388 0x09fc [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
12:05:34.0419 0x09fc acpipagr - ok
12:05:34.0450 0x09fc [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
12:05:34.0497 0x09fc AcpiPmi - ok
12:05:34.0513 0x09fc [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
12:05:34.0528 0x09fc acpitime - ok
12:05:34.0653 0x09fc [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:05:34.0669 0x09fc AdobeARMservice - ok
12:05:34.0950 0x09fc [ 749F94C424524285DCDA84D695ABC12F, E5AD194AF5B8B4FDB3976D3E3F9EF942DECFEC4EBAA9881A8EF7707BB781E4AD ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:05:34.0966 0x09fc AdobeFlashPlayerUpdateSvc - ok
12:05:34.0997 0x09fc [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
12:05:35.0028 0x09fc ADP80XX - ok
12:05:35.0075 0x09fc [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
12:05:35.0122 0x09fc AeLookupSvc - ok
12:05:35.0153 0x09fc [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\WINDOWS\system32\drivers\afd.sys
12:05:35.0216 0x09fc AFD - ok
12:05:35.0232 0x09fc [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
12:05:35.0247 0x09fc agp440 - ok
12:05:35.0278 0x09fc [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
12:05:35.0357 0x09fc ahcache - ok
12:05:35.0388 0x09fc [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG C:\WINDOWS\System32\alg.exe
12:05:35.0450 0x09fc ALG - ok
12:05:35.0560 0x09fc [ 5EE5E5DF9E92B3A5581B9DE7DCC05972, 6AD4D98F00C2B454807450EDB9ED3545BA91B608A853A59BDE7282808CBFF6B0 ] AllShare Framework DMS C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
12:05:35.0575 0x09fc AllShare Framework DMS - detected UnsignedFile.Multi.Generic ( 1 )
12:05:38.0076 0x09fc Detect skipped due to KSN trusted
12:05:38.0076 0x09fc AllShare Framework DMS - ok
12:05:38.0357 0x09fc ALSysIO - ok
12:05:38.0576 0x09fc [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
12:05:38.0639 0x09fc AmdK8 - ok
12:05:38.0654 0x09fc [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
12:05:38.0701 0x09fc AmdPPM - ok
12:05:38.0717 0x09fc [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
12:05:38.0732 0x09fc amdsata - ok
12:05:38.0748 0x09fc [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
12:05:38.0764 0x09fc amdsbs - ok
12:05:38.0779 0x09fc [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
12:05:38.0795 0x09fc amdxata - ok
12:05:38.0951 0x09fc [ C2700D35AA42311A32DF7EA09630B401, 35B305916DB91EBC86CA70AF23140684F57CF527A0ADE099A79610335C61E861 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
12:05:39.0045 0x09fc AntiVirSchedulerService - ok
12:05:39.0076 0x09fc [ C2700D35AA42311A32DF7EA09630B401, 35B305916DB91EBC86CA70AF23140684F57CF527A0ADE099A79610335C61E861 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
12:05:39.0092 0x09fc AntiVirService - ok
12:05:39.0123 0x09fc [ 9DCB42905F1EBF9CEC57EE5DF0BDA965, 4C888AAD0DDE01565FD7FBB6B70A500158CF2E4CECF9ADD4AFD302A993587269 ] AppHostSvc C:\WINDOWS\system32\inetsrv\apphostsvc.dll
12:05:39.0154 0x09fc AppHostSvc - ok
12:05:39.0201 0x09fc [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID C:\WINDOWS\system32\drivers\appid.sys
12:05:39.0248 0x09fc AppID - ok
12:05:39.0295 0x09fc [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
12:05:39.0311 0x09fc AppIDSvc - ok
12:05:39.0326 0x09fc [ 034ED41F13D9C1845C1E081F05B640DB, E4E17BA0B22C464DE60A6BF68D4D035D1B838DE4F0361029DED1AE00503E135C ] Appinfo C:\WINDOWS\System32\appinfo.dll
12:05:39.0358 0x09fc Appinfo - ok
12:05:39.0420 0x09fc [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:05:39.0420 0x09fc Apple Mobile Device - ok
12:05:39.0451 0x09fc [ 8176FBA685178FB0F52D46693474FA50, 69FE3692C7FE24289A479ADD74F2C782B59A099B7B07FE5ACFC4DA899E40BFDE ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
12:05:39.0498 0x09fc AppMgmt - ok
12:05:39.0529 0x09fc [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
12:05:39.0592 0x09fc AppReadiness - ok
12:05:39.0670 0x09fc [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
12:05:39.0717 0x09fc AppXSvc - ok
12:05:39.0748 0x09fc [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
12:05:39.0764 0x09fc arcsas - ok
12:05:39.0889 0x09fc [ A82C01606DC27D05D9D3BFB6BB807E32, CE231637422709D927FB6FA0C4F2215B9C0E3EBBD951FB2FA97B8E64DA479B96 ] AsIO C:\WINDOWS\syswow64\drivers\AsIO.sys
12:05:39.0904 0x09fc AsIO - ok
12:05:40.0014 0x09fc [ AA2E8C6B8D7EA7BAF04C988801927F48, 4B82043F1B9C67CDCDC71102F7AEE05EEA8F9775A5CB33AE80F4DCDB42521C40 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:05:40.0045 0x09fc aspnet_state - ok
12:05:40.0045 0x09fc [ 26D66E32E78D3059715B3A17BC679CD9, 5039CB81CE0829C5F3DED16A4005FEB10141C6C9B473CC319E81BAF6D1DA33E3 ] AsUpIO C:\WINDOWS\syswow64\drivers\AsUpIO.sys
12:05:40.0061 0x09fc AsUpIO - ok
12:05:40.0077 0x09fc [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:05:40.0108 0x09fc AsyncMac - ok
12:05:40.0124 0x09fc [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
12:05:40.0139 0x09fc atapi - ok
12:05:40.0170 0x09fc [ 7F70B1044272982AAEA7C16E83424770, A7694D38DF5A0E1040688017DB811EF0788874FE505ADD572DE4D4647073DC12 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
12:05:40.0217 0x09fc AudioEndpointBuilder - ok
12:05:40.0264 0x09fc [ C0484CA5C7F87E38909746B63C7FC868, 65159639E2300AEA886184E9D47D449350DAF69A8AA2F9DBD6BD8A474BA73177 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
12:05:40.0327 0x09fc Audiosrv - ok
12:05:40.0374 0x09fc [ 1B87A1F2FA5B91AC1A7D171B8D952441, 4CB21F6567021DAE6B2E35B9BA84D015580E2DDFEBEB1AA9637BD93F42883DD2 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
12:05:40.0389 0x09fc avgntflt - ok
12:05:40.0389 0x09fc [ AF61774060F277FE45CBD3A9A8E7D45A, 2F96DC9735BAF017603D72A258BF7A772BF8C4AFECB5AA0CAD8F8E3CCAA0F2B5 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
12:05:40.0405 0x09fc avipbb - ok
12:05:40.0420 0x09fc [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
12:05:40.0420 0x09fc avkmgr - ok
12:05:40.0483 0x09fc [ D1A9AE485FFF7C72CA50D8949B2210B9, 937E02439519E3837DBEFE3D17123104BA5B1636E7AC322B634DC135B3024B50 ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
12:05:40.0499 0x09fc AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic ( 1 )
12:05:42.0968 0x09fc Detect skipped due to KSN trusted
12:05:42.0968 0x09fc AVM WLAN Connection Service - ok
12:05:42.0999 0x09fc [ BD39D7CFD9D6A73396B618113A8E8D57, E78FC40AE8107F9E65D484332B1AB3FE3BB21BE0D723B31EE869CA82D678CBE1 ] avmaudio C:\WINDOWS\System32\drivers\avmaudio.sys
12:05:43.0062 0x09fc avmaudio - ok
12:05:43.0140 0x09fc [ 540ED42C7554E1507FD25BBE430F1D1E, B63D9EAB51E1BC63FDE08AFDAACB6739B55A739326B25CC83407CF57A2A15E0E ] avmike C:\Program Files\FRITZ!Fernzugang\avmike.exe
12:05:43.0156 0x09fc avmike - ok
12:05:43.0202 0x09fc [ 60B2860855135A033CD49B9D1F6BA735, B2C1703EB35CB5A8D95DE85E2243AD88F55B71AFF5C4F866FA6EBB010DD106AE ] AVMPowerlineService C:\Program Files (x86)\FRITZ!Powerline\PowerlineService.exe
12:05:43.0234 0x09fc AVMPowerlineService - detected UnsignedFile.Multi.Generic ( 1 )
12:05:45.0718 0x09fc Detect skipped due to KSN trusted
12:05:45.0718 0x09fc AVMPowerlineService - ok
12:05:45.0765 0x09fc [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
12:05:45.0812 0x09fc AxInstSV - ok
12:05:45.0859 0x09fc [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
12:05:45.0875 0x09fc b06bdrv - ok
12:05:45.0890 0x09fc [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
12:05:45.0969 0x09fc BasicDisplay - ok
12:05:46.0000 0x09fc [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
12:05:46.0078 0x09fc BasicRender - ok
12:05:46.0094 0x09fc [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
12:05:46.0109 0x09fc bcmfn2 - ok
12:05:46.0156 0x09fc [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
12:05:46.0203 0x09fc BDESVC - ok
12:05:46.0234 0x09fc [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys
12:05:46.0265 0x09fc Beep - ok
12:05:46.0328 0x09fc [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE C:\WINDOWS\System32\bfe.dll
12:05:46.0375 0x09fc BFE - ok
12:05:46.0453 0x09fc [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS C:\WINDOWS\System32\qmgr.dll
12:05:46.0531 0x09fc BITS - ok
12:05:46.0562 0x09fc [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:05:46.0578 0x09fc Bonjour Service - ok
12:05:46.0609 0x09fc BotkindSyncService - ok
12:05:46.0625 0x09fc [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
12:05:46.0656 0x09fc bowser - ok
12:05:46.0703 0x09fc [ E325BCD68EC0CF2E2EDD0AB7CC17C698, 4DEDEF91F6BD1CC8DBE118AC28CA6BD874449A053B9CDE9FFEB1C7B98501D938 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
12:05:46.0750 0x09fc BrokerInfrastructure - ok
12:05:46.0781 0x09fc [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser C:\WINDOWS\System32\browser.dll
12:05:46.0828 0x09fc Browser - ok
12:05:46.0828 0x09fc [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
12:05:46.0890 0x09fc BthAvrcpTg - ok
12:05:46.0906 0x09fc [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
12:05:46.0922 0x09fc BthHFEnum - ok
12:05:46.0937 0x09fc [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
12:05:46.0969 0x09fc bthhfhid - ok
12:05:46.0984 0x09fc [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
12:05:47.0000 0x09fc BTHMODEM - ok
12:05:47.0031 0x09fc [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv C:\WINDOWS\system32\bthserv.dll
12:05:47.0062 0x09fc bthserv - ok
12:05:47.0062 0x09fc [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
12:05:47.0078 0x09fc cdfs - ok
12:05:47.0109 0x09fc [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
12:05:47.0140 0x09fc cdrom - ok
12:05:47.0187 0x09fc [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
12:05:47.0234 0x09fc CertPropSvc - ok
12:05:47.0281 0x09fc [ D29433E418DFB9C5745C6061C4589EE8, 85763A2C26127FAE973F3094B82237371E6DD259F7926ED22C3765D0A9B519E7 ] certsrv C:\Program Files\FRITZ!Fernzugang\certsrv.exe
12:05:47.0281 0x09fc certsrv - ok
12:05:47.0312 0x09fc [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
12:05:47.0328 0x09fc circlass - ok
12:05:47.0375 0x09fc [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
12:05:47.0390 0x09fc CLFS - ok
12:05:47.0500 0x09fc [ 7E526C5B4DD233EBCF1EA3EC211E2913, 9DC99F18454001AF5462C773C174E2D6E503316550C7E9D7824E9CBC503FCA3B ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
12:05:47.0562 0x09fc ClickToRunSvc - ok
12:05:47.0594 0x09fc [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
12:05:47.0625 0x09fc CmBatt - ok
12:05:47.0672 0x09fc [ 4E1207CE16E615B0B7A70DC889F4500E, 1778D5AC0AF5F5DD1551192F4CDBCCB9878995155CF337EBB03460A6FD5C6B78 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
12:05:47.0703 0x09fc CNG - ok
12:05:47.0750 0x09fc [ 81F2B52C47B8AD32CC4FF967FC8D73DA, 13D84B4096E0F9AB9D04F6CD9E9C0DE4B6DF6F11D63C797266D719FD2429A655 ] CompFilter64 C:\WINDOWS\System32\drivers\lvbflt64.sys
12:05:47.0765 0x09fc CompFilter64 - ok
12:05:47.0765 0x09fc [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
12:05:47.0812 0x09fc CompositeBus - ok
12:05:47.0812 0x09fc COMSysApp - ok
12:05:47.0812 0x09fc [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
12:05:47.0844 0x09fc condrv - ok
12:05:47.0875 0x09fc [ 262969A3FAB32B9E17E63E2D17A57744, 1EE59EB28688E73D10838C66E0D8E011C8DF45B6B43A4AC5D0B75795CA3EB512 ] cpuz135 C:\Windows\system32\drivers\cpuz135_x64.sys
12:05:47.0875 0x09fc cpuz135 - ok
12:05:47.0937 0x09fc [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
12:05:47.0969 0x09fc CryptSvc - ok
12:05:48.0000 0x09fc [ EE2F3C0D6ADBC975D6B621EC15ACF4E2, D158C0FACA6344BCD77616EC3D23212F9FD76D7D0C834ACA51998B80162106D5 ] CSC C:\WINDOWS\system32\drivers\csc.sys
12:05:48.0078 0x09fc CSC - ok
12:05:48.0125 0x09fc [ 936D9E2871CEEFF6A33695D98374367B, C30D42E870F196C4FA20AF95C7B9D9C9C5414D6DDE71268F88C3FC5BF372E61B ] CscService C:\WINDOWS\System32\cscsvc.dll
12:05:48.0172 0x09fc CscService - ok
12:05:48.0203 0x09fc [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys
12:05:48.0203 0x09fc dam - ok
12:05:48.0281 0x09fc [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
12:05:48.0344 0x09fc DcomLaunch - ok
12:05:48.0390 0x09fc [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
12:05:48.0453 0x09fc defragsvc - ok
12:05:48.0484 0x09fc [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\WINDOWS\system32\das.dll
12:05:48.0531 0x09fc DeviceAssociationService - ok
12:05:48.0562 0x09fc [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
12:05:48.0640 0x09fc DeviceInstall - ok
12:05:48.0797 0x09fc [ D17845A5385BFCB838CDC532AF5E3E47, 2FC6E23267F8DF4B78FD8DE011184A26AD92DE8D0CCD4C2E4BF067F49A3989FB ] DevoloNetworkService C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
12:05:48.0890 0x09fc DevoloNetworkService - ok
12:05:48.0922 0x09fc [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
12:05:48.0953 0x09fc Dfsc - ok
12:05:49.0000 0x09fc [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
12:05:49.0015 0x09fc dg_ssudbus - ok
12:05:49.0062 0x09fc [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
12:05:49.0109 0x09fc Dhcp - ok
12:05:49.0140 0x09fc [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys
12:05:49.0156 0x09fc disk - ok
12:05:49.0172 0x09fc [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
12:05:49.0219 0x09fc dmvsc - ok
12:05:49.0265 0x09fc [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
12:05:49.0297 0x09fc Dnscache - ok
12:05:49.0359 0x09fc [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc C:\WINDOWS\System32\dot3svc.dll
12:05:49.0390 0x09fc dot3svc - ok
12:05:49.0406 0x09fc [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS C:\WINDOWS\system32\dps.dll
12:05:49.0437 0x09fc DPS - ok
12:05:49.0484 0x09fc [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
12:05:49.0500 0x09fc drmkaud - ok
12:05:49.0562 0x09fc [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
12:05:49.0609 0x09fc DsmSvc - ok
12:05:49.0687 0x09fc [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
12:05:49.0750 0x09fc DXGKrnl - ok
12:05:49.0781 0x09fc [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost C:\WINDOWS\System32\eapsvc.dll
12:05:49.0812 0x09fc Eaphost - ok
12:05:49.0844 0x09fc [ 20DA90051333152AAFBD329CF09E4ADF, E322BA8A460311A727E2AED871520BDCAA9BCC4075896097A5704A1A780AEF57 ] easycvfs C:\Windows\system32\drivers\easycvfs.sys
12:05:49.0859 0x09fc easycvfs - detected UnsignedFile.Multi.Generic ( 1 )
12:05:52.0344 0x09fc Detect skipped due to KSN trusted
12:05:52.0344 0x09fc easycvfs - ok
12:05:52.0469 0x09fc [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
12:05:52.0594 0x09fc ebdrv - ok
12:05:52.0625 0x09fc [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS C:\WINDOWS\System32\lsass.exe
12:05:52.0641 0x09fc EFS - ok
12:05:52.0704 0x09fc [ 44C5F3F4B70D1C8D21C90E724E249796, 49B31B9E7E45A2E42BDA803D9CDC3837E0CB73A1E1E6DA00CF4282573D60526F ] ehRecvr C:\WINDOWS\ehome\ehRecvr.exe
12:05:52.0766 0x09fc ehRecvr - ok
12:05:52.0766 0x09fc [ 8EFB35A528A48D682C5322A5A07D4352, 5886991ECA449C48A89A3BB2950468EA7CCBD0998774C4C77A1194866827D267 ] ehSched C:\WINDOWS\ehome\ehsched.exe
12:05:52.0797 0x09fc ehSched - ok
12:05:52.0813 0x09fc [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
12:05:52.0829 0x09fc EhStorClass - ok
12:05:52.0860 0x09fc [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
12:05:52.0875 0x09fc EhStorTcgDrv - ok
12:05:52.0907 0x09fc [ A05FC7ECA0966EBB70E4D17B855A853B, 16A0C8138A3BBD8BE2658261131F9777940CFB1431018A10710E5C1A88AB70EA ] ElbyCDIO C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
12:05:52.0922 0x09fc ElbyCDIO - ok
12:05:52.0922 0x09fc [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
12:05:52.0954 0x09fc ErrDev - ok
12:05:53.0032 0x09fc [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem C:\WINDOWS\system32\es.dll
12:05:53.0063 0x09fc EventSystem - ok
12:05:53.0110 0x09fc [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
12:05:53.0125 0x09fc exfat - ok
12:05:53.0172 0x09fc [ 9E18478A691A62CB3187361476D5195E, AD2A14E4781B5193B3947C0476BE4FF34BDDDF66FA57B5C9D9525057CB296B03 ] Ext2Fsd C:\WINDOWS\system32\drivers\Ext2Fsd.sys
12:05:53.0204 0x09fc Ext2Fsd - ok
12:05:53.0219 0x09fc [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
12:05:53.0235 0x09fc fastfat - ok
12:05:53.0282 0x09fc [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax C:\WINDOWS\system32\fxssvc.exe
12:05:53.0344 0x09fc Fax - ok
12:05:53.0344 0x09fc [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
12:05:53.0360 0x09fc fdc - ok
12:05:53.0407 0x09fc [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost C:\WINDOWS\system32\fdPHost.dll
12:05:53.0438 0x09fc fdPHost - ok
12:05:53.0454 0x09fc [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub C:\WINDOWS\system32\fdrespub.dll
12:05:53.0485 0x09fc FDResPub - ok
12:05:53.0500 0x09fc [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc C:\WINDOWS\system32\fhsvc.dll
12:05:53.0532 0x09fc fhsvc - ok
12:05:53.0563 0x09fc [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
12:05:53.0579 0x09fc FileInfo - ok
12:05:53.0594 0x09fc [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
12:05:53.0610 0x09fc Filetrace - ok
12:05:53.0610 0x09fc [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
12:05:53.0625 0x09fc flpydisk - ok
12:05:53.0672 0x09fc [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
12:05:53.0688 0x09fc FltMgr - ok
12:05:53.0766 0x09fc [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache C:\WINDOWS\system32\FntCache.dll
12:05:53.0813 0x09fc FontCache - ok
12:05:53.0922 0x09fc [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:05:53.0938 0x09fc FontCache3.0.0.0 - ok
12:05:53.0938 0x09fc [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
12:05:53.0954 0x09fc FsDepends - ok
12:05:53.0985 0x09fc [ 53DAB1791917A72738539AD25C4EED7F, 3DE667E8B894EE1A1A814AF2153901AFE2A320BDB3B2A51330D987636B1BC6BE ] fssfltr C:\WINDOWS\system32\DRIVERS\fssfltr.sys
12:05:54.0001 0x09fc fssfltr - ok
12:05:54.0063 0x09fc [ 206AD9A89BF05DFA1621F1FC7B82592D, EAEE557535D865232237898858F5AE35F868065A1F79BBB48A2173124E2B6F63 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
12:05:54.0095 0x09fc fsssvc - ok
12:05:54.0095 0x09fc [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:05:54.0110 0x09fc Fs_Rec - ok
12:05:54.0173 0x09fc [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
12:05:54.0204 0x09fc fvevol - ok
12:05:54.0220 0x09fc [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
12:05:54.0235 0x09fc FxPPM - ok
12:05:54.0251 0x09fc [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
12:05:54.0266 0x09fc gagp30kx - ok
12:05:54.0298 0x09fc [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
12:05:54.0298 0x09fc GEARAspiWDM - ok
12:05:54.0345 0x09fc [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
12:05:54.0360 0x09fc gencounter - ok
12:05:54.0470 0x09fc [ 0C52567F023D0F05F4EFC26F607D415B, 168D2AAB2F9CF8DE4A894DE3B2A5C67F1DAD758DBEC95FCFF4D752645BB37C38 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
12:05:54.0501 0x09fc GfExperienceService - ok
12:05:54.0548 0x09fc [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
12:05:54.0563 0x09fc GPIOClx0101 - ok
12:05:54.0626 0x09fc [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
12:05:54.0704 0x09fc gpsvc - ok
12:05:54.0782 0x09fc [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:05:54.0798 0x09fc gupdate - ok
12:05:54.0798 0x09fc [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:05:54.0813 0x09fc gupdatem - ok
12:05:54.0845 0x09fc [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
12:05:54.0876 0x09fc HdAudAddService - ok
12:05:54.0907 0x09fc [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
12:05:55.0001 0x09fc HDAudBus - ok
12:05:55.0032 0x09fc [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
12:05:55.0048 0x09fc HidBatt - ok
12:05:55.0079 0x09fc [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
12:05:55.0110 0x09fc HidBth - ok
12:05:55.0126 0x09fc [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
12:05:55.0141 0x09fc hidi2c - ok
12:05:55.0157 0x09fc [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
12:05:55.0173 0x09fc HidIr - ok
12:05:55.0188 0x09fc [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv C:\WINDOWS\system32\hidserv.dll
12:05:55.0220 0x09fc hidserv - ok
12:05:55.0251 0x09fc [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
12:05:55.0313 0x09fc HidUsb - ok
12:05:55.0345 0x09fc [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
12:05:55.0376 0x09fc hkmsvc - ok
12:05:55.0407 0x09fc [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
12:05:55.0454 0x09fc HomeGroupListener - ok
12:05:55.0485 0x09fc [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
12:05:55.0516 0x09fc HomeGroupProvider - ok
12:05:55.0579 0x09fc [ D1E9CB573A9EDF7BE12E9C57F32E97F7, E7E75401F52154EB6328B2064FBCFEA2853D0F7DE0C95F0BDE7071A8FF92E8D8 ] HP LaserJet Service C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
12:05:55.0610 0x09fc HP LaserJet Service - detected UnsignedFile.Multi.Generic ( 1 )
12:05:58.0064 0x09fc Detect skipped due to KSN trusted
12:05:58.0064 0x09fc HP LaserJet Service - ok
12:05:58.0095 0x09fc [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
12:05:58.0095 0x09fc HpSAMD - ok
12:05:58.0189 0x09fc [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
12:05:58.0220 0x09fc HTTP - ok
12:05:58.0282 0x09fc [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
12:05:58.0282 0x09fc hwpolicy - ok
12:05:58.0314 0x09fc [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
12:05:58.0314 0x09fc hyperkbd - ok
12:05:58.0345 0x09fc [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
12:05:58.0361 0x09fc HyperVideo - ok
12:05:58.0392 0x09fc [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
12:05:58.0407 0x09fc i8042prt - ok
12:05:58.0486 0x09fc [ D782F0C741EE2D50AC8D38774597FB2B, 298CC6D317F87DF6F1D1E779FABA28C3471BE4DCCC93304AE9B673AD4760EF32 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
12:05:58.0501 0x09fc IAANTMON - ok
12:05:58.0532 0x09fc [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
12:05:58.0532 0x09fc iaLPSSi_GPIO - ok
12:05:58.0564 0x09fc [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
12:05:58.0579 0x09fc iaLPSSi_I2C - ok
12:05:58.0611 0x09fc [ DC0B4553D089E2BD07AEBD9EA30BEAFB, 00DC33968248CA6C9653B6FAFC60CA2F2EF7CB00A04CC376BDBB694CC01EE5BD ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
12:05:58.0626 0x09fc iaStor - ok
12:05:58.0673 0x09fc [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
12:05:58.0689 0x09fc iaStorAV - ok
12:05:58.0720 0x09fc [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
12:05:58.0736 0x09fc iaStorV - ok
12:05:58.0829 0x09fc [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
12:05:58.0861 0x09fc IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
12:06:01.0330 0x09fc Detect skipped due to KSN trusted
12:06:01.0330 0x09fc IDriverT - ok
12:06:01.0330 0x09fc IEEtwCollectorService - ok
12:06:01.0408 0x09fc [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT C:\WINDOWS\System32\ikeext.dll
12:06:01.0455 0x09fc IKEEXT - ok
12:06:01.0486 0x09fc [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
12:06:01.0502 0x09fc intelide - ok
12:06:01.0533 0x09fc [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
12:06:01.0549 0x09fc intelpep - ok
12:06:01.0564 0x09fc [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
12:06:01.0580 0x09fc intelppm - ok
12:06:01.0611 0x09fc [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:06:01.0643 0x09fc IpFilterDriver - ok
12:06:01.0705 0x09fc [ ACFEE9487693C2BD573DFCA71D98E17C, A347FD476147CD3568EEE6993B46AFC05A66A4269094CA51572D0FD013FCB535 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
12:06:01.0752 0x09fc iphlpsvc - ok
12:06:01.0783 0x09fc [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
12:06:01.0846 0x09fc IPMIDRV - ok
12:06:01.0877 0x09fc [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
12:06:01.0924 0x09fc IPNAT - ok
12:06:01.0971 0x09fc [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:06:02.0002 0x09fc iPod Service - ok
12:06:02.0018 0x09fc [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
12:06:02.0033 0x09fc IRENUM - ok
12:06:02.0049 0x09fc [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
12:06:02.0064 0x09fc isapnp - ok
12:06:02.0096 0x09fc [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
12:06:02.0111 0x09fc iScsiPrt - ok
12:06:02.0143 0x09fc [ 74FB083B2C5FA0E9545EF211E5A01B1D, 352E5AD68F0133AB12CFE99B7200E292E96DF9BD7CD90358EF9D1AEC1384B9EB ] ithsgt C:\WINDOWS\system32\DRIVERS\ithsgt.sys
12:06:02.0158 0x09fc ithsgt - detected UnsignedFile.Multi.Generic ( 1 )
12:06:04.0690 0x09fc ithsgt ( UnsignedFile.Multi.Generic ) - warning
12:06:07.0347 0x09fc [ 13D55980A7C1561E04ECFDAF1B62FFB5, F2043BA9526CD55FE07FB3DB913E8039F990D20445DA555C4C5E753F752296F7 ] JMRAIDManager C:\Program Files (x86)\JMRAIDManager\XSrvSetup.exe
12:06:07.0441 0x09fc JMRAIDManager - detected UnsignedFile.Multi.Generic ( 1 )
12:06:09.0894 0x09fc Detect skipped due to KSN trusted
12:06:09.0894 0x09fc JMRAIDManager - ok
12:06:09.0941 0x09fc [ 1C368C1A2733DCC5B8E15420AA2B0F6D, C43A3534E33CEAEB8359D493FDB4663CB7C1E9286862B2CEE2788E9EA060DF1D ] JRAID C:\WINDOWS\system32\drivers\jraid.sys
12:06:09.0941 0x09fc JRAID - ok
12:06:09.0972 0x09fc [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
12:06:09.0988 0x09fc kbdclass - ok
12:06:10.0004 0x09fc [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
12:06:10.0019 0x09fc kbdhid - ok
12:06:10.0051 0x09fc [ DB7A09BC90DF20F44F16F8B0F9ED3491, 2DF5E042284D61368A5801B2557351B2C4B1044AA6F966DF4DDCE7B453D1B9AE ] kbldfltr C:\WINDOWS\system32\drivers\kbldfltr.sys
12:06:10.0066 0x09fc kbldfltr - ok
12:06:10.0066 0x09fc [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
12:06:10.0113 0x09fc kdnic - ok
12:06:10.0129 0x09fc [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso C:\WINDOWS\system32\lsass.exe
12:06:10.0144 0x09fc KeyIso - ok
12:06:10.0160 0x09fc [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
12:06:10.0176 0x09fc KSecDD - ok
12:06:10.0207 0x09fc [ 6D2EE96150E35B9EA49F2B481DE0369A, AC5915219FD81D89E444F6E86D71F7C495108FC35E7BD683321FC7006161AFE1 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
12:06:10.0222 0x09fc KSecPkg - ok
12:06:10.0222 0x09fc [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
12:06:10.0254 0x09fc ksthunk - ok
12:06:10.0285 0x09fc [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
12:06:10.0301 0x09fc KtmRm - ok
12:06:10.0363 0x09fc [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
12:06:10.0410 0x09fc LanmanServer - ok
12:06:10.0457 0x09fc [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
12:06:10.0488 0x09fc LanmanWorkstation - ok
12:06:10.0582 0x09fc [ 1D5C6790425CB6DBB1B3C2722C34E199, D8BCC31A443B77711A7CA468E754A73137C1CC47D6F3DA5BEE3735B654327B0C ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
12:06:10.0597 0x09fc LBTServ - ok
12:06:10.0629 0x09fc [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
12:06:10.0660 0x09fc lfsvc - ok
12:06:10.0676 0x09fc [ 96EB043E2843B5A87A486D0BC6921094, 0B339A18B2F536F12B2C1B4FEDEB3A815DC7F8E7B082144EE084B3E6ED067FBC ] LHidFilt C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
12:06:10.0691 0x09fc LHidFilt - ok
12:06:10.0754 0x09fc [ 71C6A95A5F0CCC87298C4DD0F2C3635A, F8C9DE947A9650F1000EEF783942610FB38F06F4F453E2C7E1383611FDF96F23 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
12:06:10.0769 0x09fc LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
12:06:13.0426 0x09fc Detect skipped due to KSN trusted
12:06:13.0426 0x09fc LightScribeService - ok
12:06:13.0457 0x09fc [ E94E1002BD96578AE63F5F70D4457F3E, 65C13D05DB701E169B12E0458D3C48ACB4B71FE9A45B9E83154042D7BE57289E ] lilsgt C:\WINDOWS\system32\DRIVERS\lilsgt.sys
12:06:13.0489 0x09fc lilsgt - detected UnsignedFile.Multi.Generic ( 1 )
12:06:15.0942 0x09fc lilsgt ( UnsignedFile.Multi.Generic ) - warning
12:06:18.0333 0x09fc [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
12:06:18.0349 0x09fc lltdio - ok
12:06:18.0396 0x09fc [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
12:06:18.0427 0x09fc lltdsvc - ok
12:06:18.0458 0x09fc [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
12:06:18.0489 0x09fc lmhosts - ok
12:06:18.0505 0x09fc [ A5C1DA229B3B660BBF3BDC30ADBFBB61, B657092424C6BF418A6FA56353370C195D9CA67999B355E8EDD6AFCFD9FEF8E5 ] LMouFilt C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
12:06:18.0521 0x09fc LMouFilt - ok
12:06:18.0567 0x09fc [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
12:06:18.0583 0x09fc LSI_SAS - ok
12:06:18.0599 0x09fc [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
12:06:18.0614 0x09fc LSI_SAS2 - ok
12:06:18.0646 0x09fc [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
12:06:18.0661 0x09fc LSI_SAS3 - ok
12:06:18.0677 0x09fc [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
12:06:18.0692 0x09fc LSI_SSS - ok
12:06:18.0739 0x09fc [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM C:\WINDOWS\System32\lsm.dll
12:06:18.0786 0x09fc LSM - ok
12:06:18.0833 0x09fc [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
12:06:18.0849 0x09fc luafv - ok
12:06:18.0880 0x09fc [ 9659AA75AC920EF6393B8CF77E21D1B9, 76706516DF281B48ABB2A43CA81B6EA0551937BE1C21AEA0A522AA717C27FD0A ] LUsbFilt C:\WINDOWS\System32\Drivers\LUsbFilt.Sys
12:06:18.0880 0x09fc LUsbFilt - ok
12:06:18.0958 0x09fc [ A0A527569856B9814E8920F52EBB67F5, 4347277C84B47E4CC048850BDEFB258CFB3B476AA99FD503FD71FBB70FFF5ACF ] LVRS64 C:\WINDOWS\system32\DRIVERS\lvrs64.sys
12:06:18.0974 0x09fc LVRS64 - ok
12:06:19.0286 0x09fc [ 415E344294D1C0D04627B29146F68481, B4A1A05BDF07E8F226A98E51F62BE18BE2C046A084C495BD8A95CABC79FD0614 ] LVUVC64 C:\WINDOWS\system32\DRIVERS\lvuvc64.sys
12:06:19.0411 0x09fc LVUVC64 - ok
12:06:19.0505 0x09fc [ 3540DDFAC8A076B983F86EB2A79D8FBD, 3BFAEB3A4C3AA8D4E7A085D1686E6392AECC4F53CBCF33D6FF7235473C7CF96C ] mbamchameleon C:\WINDOWS\system32\drivers\mbamchameleon.sys
12:06:19.0521 0x09fc mbamchameleon - ok
12:06:19.0567 0x09fc [ 9D2252224DF2213E1B44FA608E6A1D14, E2C644C5FDCCA7BD2547ADC110FDDB26EA91C734AB53CD4196266C746BFDFAA4 ] Mcx2Svc C:\WINDOWS\system32\Mcx2Svc.dll
12:06:19.0599 0x09fc Mcx2Svc - ok
12:06:19.0646 0x09fc [ 7CF1B716372B89568AE4C0FE769F5869, 0D70A7A594BCFBB26D7249C0F4B0AF9EF874F2318B3FDCE44648CC61279594ED ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
12:06:19.0677 0x09fc MDM - detected UnsignedFile.Multi.Generic ( 1 )
12:06:22.0131 0x09fc Detect skipped due to KSN trusted
12:06:22.0146 0x09fc MDM - ok
12:06:22.0177 0x09fc [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys
12:06:22.0193 0x09fc megasas - ok
12:06:22.0224 0x09fc [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
12:06:22.0256 0x09fc megasr - ok
12:06:22.0427 0x09fc Microsoft SharePoint Workspace Audit Service - ok
12:06:22.0474 0x09fc [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS C:\WINDOWS\system32\mmcss.dll
12:06:22.0521 0x09fc MMCSS - ok
12:06:22.0552 0x09fc [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys
12:06:22.0568 0x09fc Modem - ok
12:06:22.0584 0x09fc [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
12:06:22.0646 0x09fc monitor - ok
12:06:22.0662 0x09fc [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
12:06:22.0677 0x09fc mouclass - ok
12:06:22.0677 0x09fc [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
12:06:22.0693 0x09fc mouhid - ok
12:06:22.0709 0x09fc [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
12:06:22.0709 0x09fc mountmgr - ok
12:06:22.0724 0x09fc [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
12:06:22.0740 0x09fc mpsdrv - ok
12:06:22.0803 0x09fc [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
12:06:22.0849 0x09fc MpsSvc - ok
12:06:22.0881 0x09fc [ 9054B51D656282CFF395F9F22E369DCC, 26ED08ADCEA48FC263AE58525B9FB7ED47DE58FD0E09BB89EC60EB68A265BDBF ] MQAC C:\WINDOWS\system32\drivers\mqac.sys
12:06:22.0896 0x09fc MQAC - ok
12:06:22.0959 0x09fc [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
12:06:23.0006 0x09fc MRxDAV - ok
12:06:23.0053 0x09fc [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:06:23.0162 0x09fc mrxsmb - ok
12:06:23.0193 0x09fc [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
12:06:23.0224 0x09fc mrxsmb10 - ok
12:06:23.0271 0x09fc [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
12:06:23.0334 0x09fc mrxsmb20 - ok
12:06:23.0365 0x09fc [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
12:06:23.0396 0x09fc MsBridge - ok
12:06:23.0443 0x09fc [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC C:\WINDOWS\System32\msdtc.exe
12:06:23.0490 0x09fc MSDTC - ok
12:06:23.0506 0x09fc [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
12:06:23.0521 0x09fc Msfs - ok
12:06:23.0568 0x09fc [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
12:06:23.0584 0x09fc msgpiowin32 - ok
12:06:23.0599 0x09fc [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
12:06:23.0615 0x09fc mshidkmdf - ok
12:06:23.0631 0x09fc [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
12:06:23.0646 0x09fc mshidumdf - ok
12:06:23.0678 0x09fc [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
12:06:23.0678 0x09fc msisadrv - ok
12:06:23.0724 0x09fc [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
12:06:23.0756 0x09fc MSiSCSI - ok
12:06:23.0771 0x09fc msiserver - ok
12:06:23.0803 0x09fc [ D22AE5313F6B7EFDDD8C117B5501F4A3, 1937EEE33BF9C4485F172B10FB17AEF3F3B8978371307F49C3338D74D96A8389 ] MsKeyboardFilter C:\WINDOWS\System32\KeyboardFilterSvc.dll
12:06:23.0834 0x09fc MsKeyboardFilter - ok
12:06:23.0849 0x09fc [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:06:23.0881 0x09fc MSKSSRV - ok
12:06:23.0896 0x09fc [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
|
|
03.01.2015, 13:43
| #7 |
| | Win 8.1 64bit: Bild in Mail von unbekanntem Absender geöffnet Und die Hälfte zwei: Code:
ATTFilter 12:06:23.0928 0x09fc MsLldp - ok
12:06:23.0943 0x09fc [ 8DB47E205BB11C2B9A9949DF369ADBCF, 93A6D757C7BFD9E18065B4B52E9DD382F2FAE8683DE290AE2DD2A0D9E82459A3 ] MSMQ C:\WINDOWS\system32\mqsvc.exe
12:06:23.0959 0x09fc MSMQ - ok
12:06:23.0975 0x09fc [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:06:24.0006 0x09fc MSPCLOCK - ok
12:06:24.0022 0x09fc [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
12:06:24.0022 0x09fc MSPQM - ok
12:06:24.0037 0x09fc [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
12:06:24.0053 0x09fc MsRPC - ok
12:06:24.0069 0x09fc [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
12:06:24.0084 0x09fc mssmbios - ok
12:06:24.0162 0x09fc MSSQL$MYMOVIES - ok
12:06:24.0287 0x09fc [ 04EF36EAF5C4DBCE424D81B76F1E9231, ABA97C3004903852357264291613649D823F5BB24806E6CF9952AB3AA0E97C15 ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
12:06:24.0303 0x09fc MSSQLServerADHelper100 - ok
12:06:24.0303 0x09fc [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
12:06:24.0319 0x09fc MSTEE - ok
12:06:24.0334 0x09fc [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
12:06:24.0350 0x09fc MTConfig - ok
12:06:24.0381 0x09fc [ 640617B6E682A150C36BE39D78547F6C, 784F712E9DC3EEE81F07946BBA08AA2BEAC7B3961E430B75043645EF7ECA715C ] MTsensor C:\WINDOWS\system32\DRIVERS\ASACPI.sys
12:06:24.0381 0x09fc MTsensor - ok
12:06:24.0412 0x09fc [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys
12:06:24.0412 0x09fc Mup - ok
12:06:24.0444 0x09fc [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
12:06:24.0444 0x09fc mvumis - ok
12:06:24.0647 0x09fc [ 22C5960EEEF0D8D577292DB47CC7BFEA, 7966FD0B613D9878D4F9FFC037A782C63D54B466E6F7E16D240A94B4F1FB9827 ] My Movies General Service C:\Program Files (x86)\Binnerup Consult\My Movies for Windows\My Movies General Service.exe
12:06:24.0756 0x09fc My Movies General Service - ok
12:06:24.0787 0x09fc [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent C:\WINDOWS\system32\qagentRT.dll
12:06:24.0819 0x09fc napagent - ok
12:06:24.0865 0x09fc [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
12:06:24.0912 0x09fc NativeWifiP - ok
12:06:24.0944 0x09fc [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
12:06:24.0975 0x09fc NcaSvc - ok
12:06:24.0975 0x09fc [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService C:\WINDOWS\System32\ncbservice.dll
12:06:25.0006 0x09fc NcbService - ok
12:06:25.0006 0x09fc [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
12:06:25.0069 0x09fc NcdAutoSetup - ok
12:06:25.0131 0x09fc [ E4B4BE2D7750849C07589DA0B0AABA01, BB5AA727BA018A94B5DE2C4E0B594DD2E7A2B3457885446EE568F3A1E18AB3B0 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
12:06:25.0162 0x09fc NDIS - ok
12:06:25.0194 0x09fc [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
12:06:25.0209 0x09fc NdisCap - ok
12:06:25.0225 0x09fc [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
12:06:25.0256 0x09fc NdisImPlatform - ok
12:06:25.0272 0x09fc [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:06:25.0287 0x09fc NdisTapi - ok
12:06:25.0303 0x09fc [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:06:25.0319 0x09fc Ndisuio - ok
12:06:25.0334 0x09fc [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
12:06:25.0365 0x09fc NdisVirtualBus - ok
12:06:25.0397 0x09fc [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:06:25.0412 0x09fc NdisWan - ok
12:06:25.0412 0x09fc [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:06:25.0428 0x09fc NdisWanLegacy - ok
12:06:25.0459 0x09fc [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
12:06:25.0490 0x09fc NDProxy - ok
12:06:25.0506 0x09fc [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
12:06:25.0522 0x09fc Ndu - ok
12:06:25.0569 0x09fc [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
12:06:25.0600 0x09fc Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
12:06:28.0053 0x09fc Detect skipped due to KSN trusted
12:06:28.0053 0x09fc Net Driver HPZ12 - ok
12:06:28.0084 0x09fc [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
12:06:28.0116 0x09fc NetBIOS - ok
12:06:28.0147 0x09fc [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
12:06:28.0209 0x09fc NetBT - ok
12:06:28.0241 0x09fc [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon C:\WINDOWS\system32\lsass.exe
12:06:28.0256 0x09fc Netlogon - ok
12:06:28.0288 0x09fc [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman C:\WINDOWS\System32\netman.dll
12:06:28.0319 0x09fc Netman - ok
12:06:28.0444 0x09fc [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:06:28.0506 0x09fc NetMsmqActivator - ok
12:06:28.0506 0x09fc [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:06:28.0522 0x09fc NetPipeActivator - ok
12:06:28.0631 0x09fc [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
12:06:28.0678 0x09fc netprofm - ok
12:06:28.0694 0x09fc [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:06:28.0694 0x09fc NetTcpPortSharing - ok
12:06:28.0709 0x09fc [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc C:\WINDOWS\system32\DRIVERS\netvsc63.sys
12:06:28.0725 0x09fc netvsc - ok
12:06:28.0756 0x09fc [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
12:06:28.0819 0x09fc NlaSvc - ok
12:06:28.0850 0x09fc [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] npf C:\WINDOWS\system32\drivers\npf.sys
12:06:28.0850 0x09fc npf - ok
12:06:28.0866 0x09fc [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
12:06:28.0881 0x09fc Npfs - ok
12:06:29.0038 0x09fc [ 49697C2C761ACB5C0DE99CC8FE93E95B, 02EEA7FB21D28B235A05FE0A6061170F366470EF6E45C9B21D7C8C0E7C728FC5 ] NPF_devolo C:\WINDOWS\sysWOW64\drivers\npf_devolo.sys
12:06:29.0038 0x09fc NPF_devolo - ok
12:06:29.0085 0x09fc [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
12:06:29.0116 0x09fc npsvctrig - ok
12:06:29.0132 0x09fc [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi C:\WINDOWS\system32\nsisvc.dll
12:06:29.0147 0x09fc nsi - ok
12:06:29.0147 0x09fc [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
12:06:29.0179 0x09fc nsiproxy - ok
12:06:29.0257 0x09fc [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
12:06:29.0319 0x09fc Ntfs - ok
12:06:29.0335 0x09fc [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys
12:06:29.0382 0x09fc Null - ok
12:06:29.0429 0x09fc [ 7E4355930B28C2798D9F09AB9F81151F, 941C730F3B75BDF99639E76350031EDD15F18D8D860F3B1282C28B62096E7717 ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys
12:06:29.0444 0x09fc NVHDA - ok
12:06:30.0116 0x09fc [ ED4D88A04D22E6B00DB6BC8FACDBAFED, 38DDB9B353D3A24DD8390C6FB58FD513B46F9F715BC7E68D0958E78EACC3D3FA ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
12:06:30.0382 0x09fc nvlddmkm - ok
12:06:30.0694 0x09fc [ DDF6920EBE96B0304279834F2EE2193E, F631974EE3659EC01863C2502FD26A45A237A59B9B005E5B1F9F78357CCBB974 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
12:06:30.0741 0x09fc NvNetworkService - ok
12:06:30.0788 0x09fc [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
12:06:30.0804 0x09fc nvraid - ok
12:06:30.0835 0x09fc [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
12:06:30.0850 0x09fc nvstor - ok
12:06:30.0929 0x09fc [ 0C4A0D577A6EF1B9D353851668779944, 70E866AD50809CC80F167796C516190918A542F7767A8841948E656F36877AFE ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
12:06:30.0960 0x09fc NvStreamKms - ok
12:06:31.0945 0x09fc [ BC00A5B3A9F759F7B1DD0A5868C4492F, 23058E56016B836339AACDB0D42E074FB4EF560C27831F6228A455D70585D1EE ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
12:06:32.0367 0x09fc NvStreamSvc - ok
12:06:32.0585 0x09fc [ B7CD89EFA562A991F2864EFD3147473A, D38BAE7883BC073562C3C77DF59663B820CFE8305A3319C6E5CF8E48752E18C1 ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
12:06:32.0601 0x09fc nvsvc - ok
12:06:32.0648 0x09fc [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
12:06:32.0663 0x09fc nvvad_WaveExtensible - ok
12:06:32.0726 0x09fc [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
12:06:32.0742 0x09fc nv_agp - ok
12:06:32.0804 0x09fc [ 36E8D01DCEB189B849BFD76F3CA1E5C8, BDB77D07C7DD3A31FAD6812BB45AF57708C8CEA17A4B6E2204124DB60B064591 ] nwtsrv C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
12:06:32.0820 0x09fc nwtsrv - ok
12:06:32.0913 0x09fc [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:06:32.0929 0x09fc ose - ok
12:06:33.0148 0x09fc [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:06:33.0273 0x09fc osppsvc - ok
12:06:33.0367 0x09fc [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
12:06:33.0398 0x09fc p2pimsvc - ok
12:06:33.0430 0x09fc [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
12:06:33.0492 0x09fc p2psvc - ok
12:06:33.0555 0x09fc [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys
12:06:33.0586 0x09fc Parport - ok
12:06:33.0601 0x09fc [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
12:06:33.0617 0x09fc partmgr - ok
12:06:33.0648 0x09fc [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
12:06:33.0680 0x09fc PcaSvc - ok
12:06:33.0742 0x09fc [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys
12:06:33.0758 0x09fc pci - ok
12:06:33.0773 0x09fc [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
12:06:33.0773 0x09fc pciide - ok
12:06:33.0805 0x09fc [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
12:06:33.0820 0x09fc pcmcia - ok
12:06:33.0836 0x09fc [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
12:06:33.0836 0x09fc pcw - ok
12:06:33.0883 0x09fc [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
12:06:33.0883 0x09fc pdc - ok
12:06:33.0945 0x09fc [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
12:06:33.0992 0x09fc PEAUTH - ok
12:06:34.0086 0x09fc [ 084DE525DFE82AE7453DD527390FA110, 8216AE63AE740D97204CDED6543B66FC1FB55DB86D42FBA0EC629361C40F9EC0 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
12:06:34.0164 0x09fc PeerDistSvc - ok
12:06:34.0305 0x09fc [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
12:06:34.0351 0x09fc PerfHost - ok
12:06:34.0445 0x09fc [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla C:\WINDOWS\system32\pla.dll
12:06:34.0508 0x09fc pla - ok
12:06:34.0539 0x09fc [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
12:06:34.0555 0x09fc PlugPlay - ok
12:06:34.0601 0x09fc [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
12:06:34.0617 0x09fc Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
12:06:37.0071 0x09fc Detect skipped due to KSN trusted
12:06:37.0071 0x09fc Pml Driver HPZ12 - ok
12:06:37.0071 0x09fc [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
12:06:37.0102 0x09fc PNRPAutoReg - ok
12:06:37.0133 0x09fc [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
12:06:37.0149 0x09fc PNRPsvc - ok
12:06:37.0180 0x09fc [ 4F0878FD62D5F7444C5F1C4C66D9D293, B381217D6202C06EE992EBDE061FA20376FF71F698022D0A80168CCD1059453C ] Point64 C:\WINDOWS\System32\drivers\point64.sys
12:06:37.0196 0x09fc Point64 - ok
12:06:37.0227 0x09fc [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
12:06:37.0243 0x09fc PolicyAgent - ok
12:06:37.0305 0x09fc [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power C:\WINDOWS\system32\umpo.dll
12:06:37.0321 0x09fc Power - ok
12:06:37.0383 0x09fc [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:06:37.0415 0x09fc PptpMiniport - ok
12:06:37.0602 0x09fc [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
12:06:37.0743 0x09fc PrintNotify - ok
12:06:37.0774 0x09fc [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys
12:06:37.0790 0x09fc Processor - ok
12:06:37.0852 0x09fc [ EF1F8B57323E5D3FC6A0A25F98F90DBC, F50E81151604DCD59BB647FD6767C1631AE48B5FCA6D3423C4E32535C94D6369 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
12:06:37.0883 0x09fc ProfSvc - ok
12:06:37.0915 0x09fc [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
12:06:37.0930 0x09fc Psched - ok
12:06:37.0977 0x09fc [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64 C:\WINDOWS\system32\Drivers\PxHlpa64.sys
12:06:37.0993 0x09fc PxHlpa64 - ok
12:06:38.0040 0x09fc [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE C:\WINDOWS\system32\qwave.dll
12:06:38.0055 0x09fc QWAVE - ok
12:06:38.0071 0x09fc [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
12:06:38.0087 0x09fc QWAVEdrv - ok
12:06:38.0102 0x09fc [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:06:38.0118 0x09fc RasAcd - ok
12:06:38.0149 0x09fc [ 674A4702E4E144E8710ED1A2EC6DD049, 613A921101A6815C9185D5EF3E251A592604E56FADE945BB7E256885CAD473BC ] RasAgileVpn C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
12:06:38.0196 0x09fc RasAgileVpn - ok
12:06:38.0212 0x09fc [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
12:06:38.0227 0x09fc RasAuto - ok
12:06:38.0259 0x09fc [ BBB6272B7F46C4640A8CDB8A70C3450F, 4266C3ABD0D1D0219F715EA0F155744F7C1E3A7B722BE863831B57AE785419A2 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:06:38.0290 0x09fc Rasl2tp - ok
12:06:38.0321 0x09fc [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan C:\WINDOWS\System32\rasmans.dll
12:06:38.0368 0x09fc RasMan - ok
12:06:38.0384 0x09fc [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:06:38.0415 0x09fc RasPppoe - ok
12:06:38.0430 0x09fc [ 2B0F1677CDD08967005F34488559BC6F, FFF168EBD171C0B85A448AD1A04F66534E889AE1DC128F68EA3F35D5996C8D39 ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys
12:06:38.0462 0x09fc RasSstp - ok
12:06:38.0509 0x09fc [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:06:38.0555 0x09fc rdbss - ok
12:06:38.0571 0x09fc [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
12:06:38.0618 0x09fc rdpbus - ok
12:06:38.0618 0x09fc [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
12:06:38.0649 0x09fc RDPDR - ok
12:06:38.0680 0x09fc [ 9F08A6608F98B5407E7DDBCF306573EF, 92812F97CFDB2EC128BC48143DE215B7D012B15D3FB4D2199222AD8C31DA5016 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
12:06:38.0696 0x09fc RdpVideoMiniport - ok
12:06:38.0743 0x09fc [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
12:06:38.0759 0x09fc rdyboost - ok
12:06:38.0805 0x09fc [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
12:06:38.0852 0x09fc ReFS - ok
12:06:38.0915 0x09fc [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
12:06:38.0946 0x09fc RemoteAccess - ok
12:06:38.0993 0x09fc [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
12:06:39.0025 0x09fc RemoteRegistry - ok
12:06:39.0040 0x09fc [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
12:06:39.0056 0x09fc RpcEptMapper - ok
12:06:39.0087 0x09fc [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator C:\WINDOWS\system32\locator.exe
12:06:39.0103 0x09fc RpcLocator - ok
12:06:39.0181 0x09fc [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs C:\WINDOWS\system32\rpcss.dll
12:06:39.0212 0x09fc RpcSs - ok
12:06:39.0275 0x09fc [ 8415D92661B147BA54BE05AD18B82186, EA1A31887332273D81CF0C1D4C1AD3D735A6EB24E80B838F6D7B501439BD49B5 ] RsFx0153 C:\WINDOWS\system32\DRIVERS\RsFx0153.sys
12:06:39.0290 0x09fc RsFx0153 - ok
12:06:39.0290 0x09fc [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
12:06:39.0321 0x09fc rspndr - ok
12:06:39.0353 0x09fc [ 333224D4D25F9BCCA488E08345083E1C, 368CA50C6791849A029F0E55036D0F2952922D5D17BE3C35D1195C6AFED0D94F ] RTL8187 C:\WINDOWS\system32\DRIVERS\rtl8187.sys
12:06:39.0384 0x09fc RTL8187 - ok
12:06:39.0415 0x09fc [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
12:06:39.0431 0x09fc s3cap - ok
12:06:39.0462 0x09fc [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs C:\WINDOWS\system32\lsass.exe
12:06:39.0462 0x09fc SamSs - ok
12:06:39.0650 0x09fc [ 73031850BC68F3379096C032006A416B, 78657D0B476C817DE829CB3FC89BC1B1F5645532A2082546B594E380AB7F6983 ] Samsung Link Service C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
12:06:39.0681 0x09fc Samsung Link Service - ok
12:06:39.0806 0x09fc [ 5EFBBFCC6ADAC121C8E2FE76641ED329, 0EAB16C7F54B61620277977F8C332737081A46BC6BBDE50742B6904BDD54F502 ] SANDRA C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\WNt500x64\Sandra.sys
12:06:39.0821 0x09fc SANDRA - ok
12:06:39.0853 0x09fc [ 5779E6D075D9976C7FAE79FD1A3DFAC9, 076C9A864DE6D892A89578617B262BAEF774BC4819F4FD85A6A82AD954FA2A5C ] SandraAgentSrv C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\RpcAgentSrv.exe
12:06:39.0868 0x09fc SandraAgentSrv - detected UnsignedFile.Multi.Generic ( 1 )
12:06:42.0353 0x09fc Detect skipped due to KSN trusted
12:06:42.0353 0x09fc SandraAgentSrv - ok
12:06:42.0400 0x09fc [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
12:06:42.0416 0x09fc sbp2port - ok
12:06:42.0463 0x09fc [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
12:06:42.0478 0x09fc SCardSvr - ok
12:06:42.0478 0x09fc [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
12:06:42.0494 0x09fc ScDeviceEnum - ok
12:06:42.0541 0x09fc [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
12:06:42.0572 0x09fc scfilter - ok
12:06:42.0697 0x09fc [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule C:\WINDOWS\system32\schedsvc.dll
12:06:42.0760 0x09fc Schedule - ok
12:06:42.0806 0x09fc [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
12:06:42.0822 0x09fc SCPolicySvc - ok
12:06:42.0885 0x09fc [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
12:06:42.0900 0x09fc sdbus - ok
12:06:42.0931 0x09fc [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
12:06:42.0947 0x09fc sdstor - ok
12:06:42.0963 0x09fc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
12:06:42.0963 0x09fc secdrv - ok
12:06:42.0978 0x09fc [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon C:\WINDOWS\system32\seclogon.dll
12:06:42.0994 0x09fc seclogon - ok
12:06:43.0010 0x09fc [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS C:\WINDOWS\System32\sens.dll
12:06:43.0025 0x09fc SENS - ok
12:06:43.0056 0x09fc [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
12:06:43.0103 0x09fc SensrSvc - ok
12:06:43.0119 0x09fc [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
12:06:43.0135 0x09fc SerCx - ok
12:06:43.0150 0x09fc [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
12:06:43.0166 0x09fc SerCx2 - ok
12:06:43.0181 0x09fc [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
12:06:43.0197 0x09fc Serenum - ok
12:06:43.0213 0x09fc [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys
12:06:43.0244 0x09fc Serial - ok
12:06:43.0260 0x09fc [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
12:06:43.0275 0x09fc sermouse - ok
12:06:43.0353 0x09fc [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
12:06:43.0416 0x09fc SessionEnv - ok
12:06:43.0431 0x09fc [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
12:06:43.0447 0x09fc sfloppy - ok
12:06:43.0494 0x09fc [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
12:06:43.0541 0x09fc SharedAccess - ok
12:06:43.0572 0x09fc [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:06:43.0619 0x09fc ShellHWDetection - ok
12:06:43.0635 0x09fc [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
12:06:43.0650 0x09fc SiSRaid2 - ok
12:06:43.0666 0x09fc [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
12:06:43.0681 0x09fc SiSRaid4 - ok
12:06:43.0697 0x09fc [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost C:\WINDOWS\System32\smphost.dll
12:06:43.0713 0x09fc smphost - ok
12:06:43.0744 0x09fc [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
12:06:43.0760 0x09fc SNMPTRAP - ok
12:06:43.0806 0x09fc [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
12:06:43.0822 0x09fc spaceport - ok
12:06:43.0853 0x09fc [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
12:06:43.0853 0x09fc SpbCx - ok
12:06:43.0963 0x09fc [ 7455ED832A33FEF453407F5411C3342D, 88FB0A846F52C3B680C695CD349BF56151A53A75A07B8B0B4FE026AB8AA0A9AF ] speedfan C:\WINDOWS\syswow64\speedfan.sys
12:06:43.0994 0x09fc speedfan - ok
12:06:44.0056 0x09fc [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler C:\WINDOWS\System32\spoolsv.exe
12:06:44.0103 0x09fc Spooler - ok
12:06:44.0416 0x09fc [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe
12:06:44.0619 0x09fc sppsvc - ok
12:06:44.0838 0x09fc [ F6057BCA087F571DE25267C7FC0FCB7E, 7D804277F3615CB759A62431906F5ABFC0C30DFD4AC42F3EE22735063B15E8AE ] SQLAgent$MYMOVIES c:\Program Files\Microsoft SQL Server\MSSQL10_50.MYMOVIES\MSSQL\Binn\SQLAGENT.EXE
12:06:44.0853 0x09fc SQLAgent$MYMOVIES - ok
12:06:44.0931 0x09fc [ D2A6E9DBC3247613568D86DAC599DB52, 69B0DFD7C02FCF1FE0EA2A91EDE7F15843846A97EA91DB895143CF8D7693C1F5 ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
12:06:44.0947 0x09fc SQLBrowser - ok
12:06:44.0979 0x09fc [ F98DDFBFE0EE66D4C4B00693512B9527, 322FF75D1CA460368FD72ADCD93273F1D5AA5CF2C4DF65A94BF9ABAA2E695150 ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
12:06:44.0995 0x09fc SQLWriter - ok
12:06:45.0073 0x09fc [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
12:06:45.0104 0x09fc srv - ok
12:06:45.0151 0x09fc [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
12:06:45.0182 0x09fc srv2 - ok
12:06:45.0198 0x09fc [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
12:06:45.0229 0x09fc srvnet - ok
12:06:45.0276 0x09fc [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
12:06:45.0291 0x09fc SSDPSRV - ok
12:06:45.0338 0x09fc [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
12:06:45.0354 0x09fc SstpSvc - ok
12:06:45.0385 0x09fc [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
12:06:45.0401 0x09fc ssudmdm - ok
12:06:45.0416 0x09fc Steam Client Service - ok
12:06:45.0541 0x09fc [ E7AF8F82C69A5E9B2CC46633BCBBAAEE, D7FC81DB72A1A96219335AFF861ADD82BEC115CBCB70C6765058E1D76702403C ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
12:06:45.0557 0x09fc Stereo Service - ok
12:06:45.0588 0x09fc [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
12:06:45.0588 0x09fc stexstor - ok
12:06:45.0620 0x09fc [ 2A997C64F9B2584D81FA6749FE36A887, D26F5BC591ED46B96B2ACFDF555C2BF42F4915A22B12E4139ACEF7DE7AC303A7 ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
12:06:45.0651 0x09fc StillCam - ok
12:06:45.0713 0x09fc [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc C:\WINDOWS\System32\wiaservc.dll
12:06:45.0776 0x09fc stisvc - ok
12:06:45.0807 0x09fc [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
12:06:45.0807 0x09fc storahci - ok
12:06:45.0854 0x09fc [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
12:06:45.0854 0x09fc storflt - ok
12:06:45.0885 0x09fc [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
12:06:45.0901 0x09fc stornvme - ok
12:06:45.0916 0x09fc [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc C:\WINDOWS\system32\storsvc.dll
12:06:45.0948 0x09fc StorSvc - ok
12:06:45.0963 0x09fc [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
12:06:45.0963 0x09fc storvsc - ok
12:06:46.0011 0x09fc [ 03618F935379614837F915D04C45FC0E, 9CC0CBA7AFC58E7F921C13FA3F5269714F1F827535A311E11EA48689C4D539DE ] storvsp C:\WINDOWS\System32\drivers\storvsp.sys
12:06:46.0042 0x09fc storvsp - ok
12:06:46.0042 0x09fc [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc C:\WINDOWS\system32\svsvc.dll
12:06:46.0073 0x09fc svsvc - ok
12:06:46.0073 0x09fc [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
12:06:46.0089 0x09fc swenum - ok
12:06:46.0198 0x09fc [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:06:46.0230 0x09fc SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
12:06:48.0683 0x09fc Detect skipped due to KSN trusted
12:06:48.0683 0x09fc SwitchBoard - ok
12:06:48.0746 0x09fc [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv C:\WINDOWS\System32\swprv.dll
12:06:48.0793 0x09fc swprv - ok
12:06:48.0839 0x09fc [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain C:\WINDOWS\system32\sysmain.dll
12:06:48.0886 0x09fc SysMain - ok
12:06:48.0949 0x09fc [ FD4EA8E9232ADD51DC31C295DDEF2768, 3EA40D7376AB5AA5DA2BCF4745C79F7BF819363466967ECC3CD15ADECBFD7244 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
12:06:48.0996 0x09fc SystemEventsBroker - ok
12:06:49.0011 0x09fc [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
12:06:49.0027 0x09fc TabletInputService - ok
12:06:49.0043 0x09fc [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
12:06:49.0089 0x09fc TapiSrv - ok
12:06:49.0214 0x09fc [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
12:06:49.0293 0x09fc Tcpip - ok
12:06:49.0355 0x09fc [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:06:49.0433 0x09fc TCPIP6 - ok
12:06:49.0480 0x09fc [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
12:06:49.0543 0x09fc tcpipreg - ok
12:06:49.0558 0x09fc [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
12:06:49.0589 0x09fc tdx - ok
12:06:49.0886 0x09fc [ 0F2A43DB0A4A70EF400295F413527293, D67D78CFB47E9EA1C1D9B37BFFFB44320A6ECC2D0C029768517C64F3A1882E19 ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
12:06:49.0996 0x09fc TeamViewer8 - ok
12:06:50.0043 0x09fc [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
12:06:50.0059 0x09fc terminpt - ok
12:06:50.0137 0x09fc [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService C:\WINDOWS\System32\termsrv.dll
12:06:50.0184 0x09fc TermService - ok
12:06:50.0230 0x09fc [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes C:\WINDOWS\system32\themeservice.dll
12:06:50.0262 0x09fc Themes - ok
12:06:50.0293 0x09fc [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER C:\WINDOWS\system32\mmcss.dll
12:06:50.0309 0x09fc THREADORDER - ok
12:06:50.0309 0x09fc [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
12:06:50.0340 0x09fc TimeBroker - ok
12:06:50.0387 0x09fc [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\WINDOWS\system32\drivers\tpm.sys
12:06:50.0402 0x09fc TPM - ok
12:06:50.0402 0x09fc [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks C:\WINDOWS\System32\trkwks.dll
12:06:50.0418 0x09fc TrkWks - ok
12:06:50.0480 0x09fc [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
12:06:50.0512 0x09fc TrustedInstaller - ok
12:06:50.0527 0x09fc [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
12:06:50.0543 0x09fc TsUsbFlt - ok
12:06:50.0559 0x09fc [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
12:06:50.0574 0x09fc TsUsbGD - ok
12:06:50.0605 0x09fc [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
12:06:50.0621 0x09fc tunnel - ok
12:06:50.0637 0x09fc [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
12:06:50.0637 0x09fc uagp35 - ok
12:06:50.0668 0x09fc [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
12:06:50.0684 0x09fc UASPStor - ok
12:06:50.0715 0x09fc [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
12:06:50.0730 0x09fc UCX01000 - ok
12:06:50.0762 0x09fc [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
12:06:50.0777 0x09fc udfs - ok
12:06:50.0793 0x09fc [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
12:06:50.0809 0x09fc UEFI - ok
12:06:50.0855 0x09fc [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
12:06:50.0887 0x09fc UI0Detect - ok
12:06:50.0902 0x09fc [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
12:06:50.0918 0x09fc uliagpkx - ok
12:06:50.0934 0x09fc [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
12:06:50.0934 0x09fc umbus - ok
12:06:50.0965 0x09fc [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
12:06:50.0965 0x09fc UmPass - ok
12:06:51.0059 0x09fc [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
12:06:51.0074 0x09fc UmRdpService - ok
12:06:51.0105 0x09fc [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost C:\WINDOWS\System32\upnphost.dll
12:06:51.0137 0x09fc upnphost - ok
12:06:51.0168 0x09fc [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys
12:06:51.0184 0x09fc USBAAPL64 - ok
12:06:51.0230 0x09fc [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
12:06:51.0277 0x09fc usbaudio - ok
12:06:51.0324 0x09fc [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
12:06:51.0340 0x09fc usbccgp - ok
12:06:51.0371 0x09fc [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
12:06:51.0402 0x09fc usbcir - ok
12:06:51.0434 0x09fc [ 6AF12011C88C80920D0543616E107CFF, 952A824119A4FC97BB5E62E4710607FE3988E3612A8412302CD6DB2250BCA902 ] UsbClientService C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
12:06:51.0465 0x09fc UsbClientService - detected UnsignedFile.Multi.Generic ( 1 )
12:06:53.0919 0x09fc Detect skipped due to KSN trusted
12:06:53.0919 0x09fc UsbClientService - ok
12:06:53.0997 0x09fc [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
12:06:54.0013 0x09fc usbehci - ok
12:06:54.0028 0x09fc [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
12:06:54.0059 0x09fc usbhub - ok
12:06:54.0122 0x09fc [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
12:06:54.0153 0x09fc USBHUB3 - ok
12:06:54.0200 0x09fc [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
12:06:54.0263 0x09fc usbohci - ok
12:06:54.0294 0x09fc [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
12:06:54.0309 0x09fc usbprint - ok
12:06:54.0341 0x09fc [ 029DFB6E5B38ADD45561A8CE0F60B331, 09F616C1F17CB8D51D19017D6AD02479B709A713349AC69CFFED695ABFD753D2 ] usbser C:\WINDOWS\system32\DRIVERS\usbser.sys
12:06:54.0356 0x09fc usbser - ok
12:06:54.0388 0x09fc [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
12:06:54.0403 0x09fc USBSTOR - ok
12:06:54.0434 0x09fc [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
12:06:54.0466 0x09fc usbuhci - ok
12:06:54.0513 0x09fc [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
12:06:54.0544 0x09fc USBXHCI - ok
12:06:54.0575 0x09fc [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc C:\WINDOWS\system32\lsass.exe
12:06:54.0575 0x09fc VaultSvc - ok
12:06:54.0591 0x09fc [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
12:06:54.0606 0x09fc vdrvroot - ok
12:06:54.0653 0x09fc [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds C:\WINDOWS\System32\vds.exe
12:06:54.0700 0x09fc vds - ok
12:06:54.0731 0x09fc [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
12:06:54.0747 0x09fc VerifierExt - ok
12:06:54.0825 0x09fc [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
12:06:54.0856 0x09fc vhdmp - ok
12:06:54.0872 0x09fc [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
12:06:54.0872 0x09fc viaide - ok
12:06:54.0903 0x09fc [ 3CE922E34DB12D9F3C0EA856BC09687C, E50A1885FBC775E49614989ECFEA4ACBBDDA16AF459CC5361EED9E23CC7CD42C ] Vid C:\WINDOWS\System32\drivers\Vid.sys
12:06:54.0919 0x09fc Vid - ok
12:06:54.0966 0x09fc [ BE7DEF782A68EDF477BADF6BED204280, 7A34F2DB00ED2E49DB6BBAE5FA251052A425DB70436CBC8CCBDAFBB58D7FF142 ] Virtual CDAudio Service C:\Program Files (x86)\RapidSolution\AudialsOne 4\VCDWriter\64\VCDAudioService.exe
12:06:54.0982 0x09fc Virtual CDAudio Service - ok
12:06:54.0997 0x09fc [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
12:06:55.0013 0x09fc vmbus - ok
12:06:55.0029 0x09fc [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
12:06:55.0044 0x09fc VMBusHID - ok
12:06:55.0060 0x09fc [ 68F8C26DEA2D42E8DEC0778943433C80, 81E8F9D62815F94952CEEABD0689473CC330F7890F66872DCD35A43C06ED33CD ] vmbusr C:\WINDOWS\System32\drivers\vmbusr.sys
12:06:55.0076 0x09fc vmbusr - ok
12:06:55.0107 0x09fc [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
12:06:55.0138 0x09fc vmicguestinterface - ok
12:06:55.0154 0x09fc [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
12:06:55.0169 0x09fc vmicheartbeat - ok
12:06:55.0185 0x09fc [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
12:06:55.0201 0x09fc vmickvpexchange - ok
12:06:55.0216 0x09fc [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
12:06:55.0247 0x09fc vmicrdv - ok
12:06:55.0247 0x09fc [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
12:06:55.0279 0x09fc vmicshutdown - ok
12:06:55.0294 0x09fc [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
12:06:55.0310 0x09fc vmictimesync - ok
12:06:55.0326 0x09fc [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
12:06:55.0341 0x09fc vmicvss - ok
12:06:55.0372 0x09fc [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
12:06:55.0388 0x09fc volmgr - ok
12:06:55.0388 0x09fc [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
12:06:55.0419 0x09fc volmgrx - ok
12:06:55.0466 0x09fc [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
12:06:55.0482 0x09fc volsnap - ok
12:06:55.0513 0x09fc [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
12:06:55.0529 0x09fc vpci - ok
12:06:55.0544 0x09fc [ ADBE96C33D1A5BB1BBAF90B4BC84F523, 6E9C9ED3D51E4B6E494D42ECA6F824AD86D676C12C39BBE6B8BD96366BCB02DA ] vpcivsp C:\WINDOWS\System32\drivers\vpcivsp.sys
12:06:55.0560 0x09fc vpcivsp - ok
12:06:55.0591 0x09fc [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
12:06:55.0607 0x09fc vsmraid - ok
12:06:55.0669 0x09fc [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS C:\WINDOWS\system32\vssvc.exe
12:06:55.0732 0x09fc VSS - ok
12:06:55.0763 0x09fc [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
12:06:55.0779 0x09fc VSTXRAID - ok
12:06:55.0794 0x09fc [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
12:06:55.0841 0x09fc vwifibus - ok
12:06:55.0888 0x09fc [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
12:06:55.0919 0x09fc vwififlt - ok
12:06:55.0966 0x09fc [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time C:\WINDOWS\system32\w32time.dll
12:06:55.0982 0x09fc W32Time - ok
12:06:56.0045 0x09fc [ 8E553C859C83784DEC08B10AFC3EAC92, 41D8DBA1500DBD3AC9783169ACF545805EF05069F12866238992A30794369254 ] w3logsvc C:\WINDOWS\system32\inetsrv\w3logsvc.dll
12:06:56.0060 0x09fc w3logsvc - ok
12:06:56.0123 0x09fc [ 9BAE40BD31E3EE0B0C70BEF167E0A2BC, 2419AC815C95F2629E1832973501983D06F788728755605D42D6C8565C3CBBF1 ] W3SVC C:\WINDOWS\system32\inetsrv\iisw3adm.dll
12:06:56.0154 0x09fc W3SVC - ok
12:06:56.0170 0x09fc [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
12:06:56.0185 0x09fc WacomPen - ok
12:06:56.0201 0x09fc [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:06:56.0216 0x09fc Wanarp - ok
12:06:56.0232 0x09fc [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:06:56.0232 0x09fc Wanarpv6 - ok
12:06:56.0248 0x09fc [ 9BAE40BD31E3EE0B0C70BEF167E0A2BC, 2419AC815C95F2629E1832973501983D06F788728755605D42D6C8565C3CBBF1 ] WAS C:\WINDOWS\system32\inetsrv\iisw3adm.dll
12:06:56.0279 0x09fc WAS - ok
12:06:56.0373 0x09fc [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine C:\WINDOWS\system32\wbengine.exe
12:06:56.0451 0x09fc wbengine - ok
12:06:56.0498 0x09fc [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
12:06:56.0529 0x09fc WbioSrvc - ok
12:06:56.0591 0x09fc [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
12:06:56.0623 0x09fc Wcmsvc - ok
12:06:56.0670 0x09fc [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
12:06:56.0701 0x09fc wcncsvc - ok
12:06:56.0716 0x09fc [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
12:06:56.0732 0x09fc WcsPlugInService - ok
12:06:56.0795 0x09fc [ 0359607177E5E9F6041136CC0A5CB0B6, 16687BE2639648CF46E8768BA1798030472C525612C629BF134D053240E2195B ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
12:06:56.0795 0x09fc WdBoot - ok
12:06:56.0857 0x09fc [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
12:06:56.0888 0x09fc Wdf01000 - ok
12:06:56.0935 0x09fc [ DE8D12B4C3F55FA2C5E9774314F6C58A, C3E835DC066A94E1431BCDC90D7EA27AAC6F82826F4A5527B37D865241D7A366 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
12:06:56.0951 0x09fc WdFilter - ok
12:06:56.0966 0x09fc [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
12:06:56.0982 0x09fc WdiServiceHost - ok
12:06:56.0998 0x09fc [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
12:06:57.0013 0x09fc WdiSystemHost - ok
12:06:57.0060 0x09fc [ 4AD874CDC812EC156265E451B6B09DAB, 6E3E05B8301841425E9BB0D54B35EF386B78EEB307B5A6153FD1F366D30F23FA ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
12:06:57.0060 0x09fc WdNisDrv - ok
12:06:57.0091 0x09fc WdNisSvc - ok
12:06:57.0107 0x09fc [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient C:\WINDOWS\System32\webclnt.dll
12:06:57.0138 0x09fc WebClient - ok
12:06:57.0154 0x09fc [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
12:06:57.0170 0x09fc Wecsvc - ok
12:06:57.0185 0x09fc [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
12:06:57.0201 0x09fc WEPHOSTSVC - ok
12:06:57.0248 0x09fc [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
12:06:57.0279 0x09fc wercplsupport - ok
12:06:57.0326 0x09fc [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
12:06:57.0357 0x09fc WerSvc - ok
12:06:57.0404 0x09fc [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
12:06:57.0420 0x09fc WFPLWFS - ok
12:06:57.0435 0x09fc [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
12:06:57.0435 0x09fc WiaRpc - ok
12:06:57.0466 0x09fc [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
12:06:57.0466 0x09fc WIMMount - ok
12:06:57.0482 0x09fc WinDefend - ok
12:06:57.0529 0x09fc [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
12:06:57.0560 0x09fc WinHttpAutoProxySvc - ok
12:06:57.0638 0x09fc [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
12:06:57.0654 0x09fc Winmgmt - ok
12:06:57.0748 0x09fc [ 9CE162EB9057CF079736F4DD00FC0D6C, 412C34557866D2A3B3CDAFA5A03B87C01AACF75E349802E511098B20137028D9 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
12:06:57.0857 0x09fc WinRM - ok
12:06:57.0920 0x09fc [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\WINDOWS\system32\DRIVERS\WinUsb.sys
12:06:57.0935 0x09fc WinUsb - ok
12:06:57.0998 0x09fc [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
12:06:58.0045 0x09fc WlanSvc - ok
12:06:58.0123 0x09fc [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
12:06:58.0202 0x09fc wlidsvc - ok
12:06:58.0217 0x09fc [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
12:06:58.0264 0x09fc WmiAcpi - ok
12:06:58.0311 0x09fc [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
12:06:58.0358 0x09fc wmiApSrv - ok
12:06:58.0373 0x09fc WMPNetworkSvc - ok
12:06:58.0420 0x09fc [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys
12:06:58.0436 0x09fc Wof - ok
12:06:58.0545 0x09fc [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
12:06:58.0592 0x09fc workfolderssvc - ok
12:06:58.0623 0x09fc [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
12:06:58.0639 0x09fc wpcfltr - ok
12:06:58.0686 0x09fc [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
12:06:58.0702 0x09fc WPCSvc - ok
12:06:58.0780 0x09fc [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
12:06:58.0795 0x09fc WPDBusEnum - ok
12:06:58.0842 0x09fc [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
12:06:58.0858 0x09fc WpdUpFltr - ok
12:06:58.0873 0x09fc [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
12:06:58.0905 0x09fc ws2ifsl - ok
12:06:58.0936 0x09fc [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc C:\WINDOWS\System32\wscsvc.dll
12:06:58.0983 0x09fc wscsvc - ok
12:06:58.0998 0x09fc [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys
12:06:59.0014 0x09fc WSDPrintDevice - ok
12:06:59.0014 0x09fc WSearch - ok
12:06:59.0186 0x09fc [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService C:\WINDOWS\System32\WSService.dll
12:06:59.0311 0x09fc WSService - ok
12:06:59.0452 0x09fc [ DCD090318EC800CF6275C6835900B0C6, 9E72762EEE46CC0606B909850E6D22E9C8E5C88E82F7C974B2B7C1E5160BEBA7 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
12:06:59.0577 0x09fc wuauserv - ok
12:06:59.0608 0x09fc [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
12:06:59.0655 0x09fc WudfPf - ok
12:06:59.0686 0x09fc [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
12:06:59.0717 0x09fc WUDFRd - ok
12:06:59.0717 0x09fc [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFSensorLP C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
12:06:59.0733 0x09fc WUDFSensorLP - ok
12:06:59.0748 0x09fc [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
12:06:59.0764 0x09fc wudfsvc - ok
12:06:59.0764 0x09fc [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
12:06:59.0780 0x09fc WUDFWpdFs - ok
12:06:59.0795 0x09fc [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
12:06:59.0811 0x09fc WUDFWpdMtp - ok
12:06:59.0858 0x09fc [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
12:06:59.0889 0x09fc WwanSvc - ok
12:06:59.0936 0x09fc [ 90C662D649FFDB3D43199528C8C0E81D, 3BFDC04054864971CE8C9B515CCE335F45F91868E28339C498EBEE3FD4AC6AB4 ] yukonw8 C:\WINDOWS\system32\DRIVERS\yk63x64.sys
12:06:59.0952 0x09fc yukonw8 - ok
12:06:59.0952 0x09fc ================ Scan global ===============================
12:07:00.0014 0x09fc [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
12:07:00.0061 0x09fc [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\WINDOWS\system32\winsrv.dll
12:07:00.0092 0x09fc [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
12:07:00.0155 0x09fc [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\WINDOWS\system32\services.exe
12:07:00.0171 0x09fc [ Global ] - ok
12:07:00.0171 0x09fc ================ Scan MBR ==================================
12:07:00.0171 0x09fc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:07:00.0639 0x09fc \Device\Harddisk0\DR0 - ok
12:07:00.0639 0x09fc [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk1\DR1
12:07:00.0780 0x09fc \Device\Harddisk1\DR1 - ok
12:07:00.0780 0x09fc ================ Scan VBR ==================================
12:07:00.0811 0x09fc [ 7368CA988362142FB22E730E1C7C04D2 ] \Device\Harddisk0\DR0\Partition1
12:07:00.0858 0x09fc \Device\Harddisk0\DR0\Partition1 - ok
12:07:00.0858 0x09fc [ 6CD7528110BE751C5D71CA6212BA2322 ] \Device\Harddisk0\DR0\Partition2
12:07:00.0889 0x09fc \Device\Harddisk0\DR0\Partition2 - ok
12:07:00.0889 0x09fc [ 7A4215832B4D866D2DA6B6F97671A741 ] \Device\Harddisk0\DR0\Partition3
12:07:00.0936 0x09fc \Device\Harddisk0\DR0\Partition3 - ok
12:07:00.0936 0x09fc [ A77BFB703B73C5E43D6D67EC09497929 ] \Device\Harddisk1\DR1\Partition1
12:07:00.0936 0x09fc \Device\Harddisk1\DR1\Partition1 - ok
12:07:00.0936 0x09fc ================ Scan generic autorun ======================
12:07:01.0030 0x09fc [ 3429E299485DAA041082DB099D5367E8, 4C3A1030954CC8E3DCFDAE7DF37EC2B4604974EDDE4B954A66F87BB987999AD4 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
12:07:01.0061 0x09fc AdobeAAMUpdater-1.0 - ok
12:07:01.0124 0x09fc [ 75B2B53A5A75087D48ADE7C1CEBC3687, 1BA5B45E76EFA059D0CB3DC2670F63CCAD7557093087B3F01EF2409215C9068D ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
12:07:01.0139 0x09fc IAAnotif - ok
12:07:01.0249 0x09fc [ 37CDB51861F8939FE743CE7ACEC91158, C032F2567AC2F05D7520C22EFCD04D2B6C4D5968126347CD8BCE876CBDA1A1A4 ] C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
12:07:01.0280 0x09fc Samsung Link - ok
12:07:01.0358 0x09fc [ 7304E21B92E538E2CC793EDF478AC034, 39992D4541E100E5D8199B2FB5B7C7DD7213F8BC84AEA1924C6EC46E8711BF28 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
12:07:01.0421 0x09fc NvBackend - ok
12:07:01.0467 0x09fc [ 6E0BDFBEEED65B017F2E4C2C910B0520, 54D798C2E2804DCDB84E9650EA4A032C669B10C586B396D5505F16235D83882C ] C:\WINDOWS\system32\rundll32.exe
12:07:01.0483 0x09fc ShadowPlay - ok
12:07:01.0530 0x09fc [ C4642DD25768D4F8088DF9D2FC4EC380, CDC1F6A66E638F63C40DBD061AFC71AE2A5FD6CC4C2FDCE3BD9E71892213AC34 ] C:\Program Files\Classic Shell\ClassicStartMenu.exe
12:07:01.0546 0x09fc Classic Start Menu - ok
12:07:01.0717 0x09fc [ 2433692BFC2631DC28B0705C1B760FF2, BBDE902F984E0968A3062F3EEA624E804B03095C67C280CDA4E85D02F46B7CDC ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
12:07:01.0796 0x09fc EvtMgr6 - ok
12:07:01.0889 0x09fc [ AB391D6DC2B80C46F218910AD5EACAF1, 3833D3B7AA4A2E2DB230715FEEDD6B31525A827DC5973B93B38356529747436E ] C:\Program Files\Greenshot\Greenshot.exe
12:07:01.0921 0x09fc Greenshot - detected UnsignedFile.Multi.Generic ( 1 )
12:07:04.0375 0x09fc Detect skipped due to KSN trusted
12:07:04.0375 0x09fc Greenshot - ok
12:07:04.0437 0x09fc [ 09E60B4FE341A94A300830C008907099, 5F07868953FAA8FFA9E6477F6BAC52DEEDF3EA4A3F8AF5B4E15878D8240223AB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
12:07:04.0453 0x09fc APSDaemon - ok
12:07:04.0484 0x09fc [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] E:\Microsoft Office\Office14\BCSSync.exe
12:07:04.0515 0x09fc BCSSync - ok
12:07:04.0593 0x09fc [ 2A21FE60A9BC5247BD8C57409A2B97F8, 6C9851684FB90AB6038A326F4B362C1948DF2173063CA198DCEAEA6BFAC636E0 ] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
12:07:04.0609 0x09fc VirtualCloneDrive - ok
12:07:04.0703 0x09fc [ 39F6F8493668D6A3A05F4107E1E7CF16, 6DFA8363830FC1915785754697BDC112C5063B4EB4DCF8AE4B66644A6A10EE0D ] E:\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe
12:07:04.0718 0x09fc Adobe Acrobat Speed Launcher - ok
12:07:04.0781 0x09fc [ 58CF2F32D0F35337F338714EFACE3C36, E51488B104380F6CBEF02D498BCD81774797489D656F3B017C071845AFD88F2C ] E:\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe
12:07:04.0812 0x09fc Acrobat Assistant 8.0 - ok
12:07:04.0906 0x09fc [ 054C3D63885B2360EC834B9C3497867E, 278E2D65A1D400C6B952C9C0167A4FE36C571522008AB48BCDEBDC8D522F53E8 ] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
12:07:04.0937 0x09fc DivXMediaServer - detected UnsignedFile.Multi.Generic ( 1 )
12:07:07.0406 0x09fc Detect skipped due to KSN trusted
12:07:07.0406 0x09fc DivXMediaServer - ok
12:07:07.0516 0x09fc [ 81800928E0F713DF31F3393CC26F4013, 0ABCC70297C83C01BCCAF03083BE67EB7A50A28557B2F9578EDB73B382F54182 ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
12:07:07.0547 0x09fc DivXUpdate - ok
12:07:07.0641 0x09fc [ 8FFDB89A0FB7C8ABC3A8825E38047341, B9107FAA3A885CD9A08C20F78D31C3642FA76812E417F41C4F2ADF7D90CA8C72 ] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
12:07:07.0656 0x09fc LWS - ok
12:07:07.0703 0x09fc [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
12:07:07.0719 0x09fc SunJavaUpdateSched - ok
12:07:07.0813 0x09fc [ D658AB1B55127D18DCFBCAC8CAAEA522, 9FB818F3899542CB7F1B979644423A66842D98D1762B1C38AE04AEE23320DA8E ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
12:07:07.0828 0x09fc HP Software Update - ok
12:07:08.0079 0x09fc [ D6E2ED7F1F7BE7CCB8676491BF950B57, CBF07EE746F2C27ACC532E83ADC43FBE954DC3C598C4333F13B1A7615AEA9AD5 ] C:\Users\Patrick Wenig\AppData\Local\Akamai\netsession_win.exe
12:07:08.0172 0x09fc Akamai NetSession Interface - ok
12:07:08.0282 0x09fc [ 6100669363F8FCC701F28A6BC18A68B1, 954703ADB1F594E9B40A4725FF774BF9195A20F656C08DDBFD27006C51EAFD3D ] C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe
12:07:08.0297 0x09fc Allway Sync - ok
12:07:08.0407 0x09fc [ ACB4807598A8CE4A924109319D5F53E4, 34CB66D5C149C0ED58758103110C543701B1A2B767609F9315EDF54F103D13C2 ] C:\Program Files\DriveOnWeb EasyStorage Client\easyClient.exe
12:07:08.0438 0x09fc DriveOnWeb easyStorage Client - ok
12:07:08.0485 0x09fc [ 86B8DC4037458A63365C028D1BFD3F41, AC8480D61954D8DC881CAD612391755F5D1ADE40F531123AFAC699EC921D782A ] C:\Program Files (x86)\Fieldston Software\gSyncit\gsyncit.exe
12:07:08.0500 0x09fc gSyncit - detected UnsignedFile.Multi.Generic ( 1 )
12:07:10.0970 0x09fc Detect skipped due to KSN trusted
12:07:10.0970 0x09fc gSyncit - ok
12:07:11.0158 0x09fc [ C16858984A8BEC0DF5E46D8C6D591F85, 4FA744767882E05383C613051A5D6141B07BD260E168A39642B0FC709A5E752E ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
12:07:11.0220 0x09fc LightScribe Control Panel - detected UnsignedFile.Multi.Generic ( 1 )
12:07:13.0674 0x09fc Detect skipped due to KSN trusted
12:07:13.0674 0x09fc LightScribe Control Panel - ok
12:07:13.0752 0x09fc [ BDC28D69C3AB3AD7C3188CF2843F6927, EC7D422E4BCE106047AAAA81E5F965061EEA9F3FD52FC645E241F1E24690D3FC ] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
12:07:13.0767 0x09fc RoboForm - ok
12:07:13.0767 0x09fc Waiting for KSN requests completion. In queue: 13
12:07:14.0783 0x09fc Waiting for KSN requests completion. In queue: 13
12:07:15.0783 0x09fc Waiting for KSN requests completion. In queue: 1
12:07:16.0846 0x09fc AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.7.440 ), 0x41000 ( enabled : updated )
12:07:16.0877 0x09fc AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.6.305.0 ), 0x60100 ( disabled : updated )
12:07:16.0877 0x09fc Win FW state via NFP2: enabled
12:07:19.0237 0x09fc ============================================================
12:07:19.0237 0x09fc Scan finished
12:07:19.0237 0x09fc ============================================================
12:07:19.0237 0x21c4 Detected object count: 2
12:07:19.0237 0x21c4 Actual detected object count: 2
13:38:34.0804 0x21c4 ithsgt ( UnsignedFile.Multi.Generic ) - skipped by user
13:38:34.0836 0x21c4 ithsgt ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:38:34.0836 0x21c4 lilsgt ( UnsignedFile.Multi.Generic ) - skipped by user
13:38:34.0836 0x21c4 lilsgt ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
03.01.2015, 14:34
| #8 |
| /// the machine /// TB-Ausbilder | Win 8.1 64bit: Bild in Mail von unbekanntem Absender geöffnet Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.01.2015, 16:07
| #9 |
| | Win 8.1 64bit: Bild in Mail von unbekanntem Absender geöffnet Zunächst der AdwCleaner Log: Code:
ATTFilter # AdwCleaner v4.106 - Bericht erstellt am 03/01/2015 um 15:06:19
# Aktualisiert 21/12/2014 von Xplode
# Database : 2015-01-03.1 [Live]
# Betriebssystem : Windows 8.1 Pro with Media Center (64 bits)
# Benutzername : Patrick Wenig - PATRICKWENIG-PC
# Gestartet von : C:\Users\Patrick Wenig\Desktop\AdwCleaner_4.106.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\Program Files (x86)\driver-soft
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Tobit
Ordner Gelöscht : C:\Users\Patrick Wenig\AppData\Local\Ilivid Player
Ordner Gelöscht : C:\Users\Patrick Wenig\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Patrick Wenig\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\Patrick Wenig\AppData\LocalLow\ShoppingReport2
Ordner Gelöscht : C:\Users\Patrick Wenig\AppData\Roaming\Gutscheinmieze
Ordner Gelöscht : C:\Users\Patrick Wenig\AppData\Roaming\Tobit
Ordner Gelöscht : C:\Users\Patrick Wenig\AppData\Roaming\Uniblue
Ordner Gelöscht : C:\Users\Patrick Wenig\Documents\drivergenius
Datei Gelöscht : C:\Users\Patrick Wenig\AppData\Roaming\Mozilla\Firefox\Profiles\jo03xe49.default\user.js
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A1CCCE0D-AE21-42A2-BE58-8E6109410995}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0EB3F101-224A-4B2B-9E5B-DF720857529C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{30B15818-E110-4527-9C05-46ACE5A3460D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{618AAD04-921F-44C2-BE38-C0818AF69861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A1F1ECD3-4806-44C6-A869-F0DADF11C57C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B5D2ED96-62F9-4C2C-956D-E425B1F67337}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D3A412E8-1E4B-47D2-9B12-F88291F5AFBB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0EB3F101-224A-4B2B-9E5B-DF720857529C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{30B15818-E110-4527-9C05-46ACE5A3460D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{618AAD04-921F-44C2-BE38-C0818AF69861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A1F1ECD3-4806-44C6-A869-F0DADF11C57C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B5D2ED96-62F9-4C2C-956D-E425B1F67337}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D3A412E8-1E4B-47D2-9B12-F88291F5AFBB}
Schlüssel Gelöscht : HKCU\Software\Headlight
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\SweetIM
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ShoppingReport2
Schlüssel Gelöscht : HKLM\SOFTWARE\Driver-Soft
Schlüssel Gelöscht : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\SweetIM
Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Driver Genius Professional Edition_is1
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17416
-\\ Mozilla Firefox v4.0.1 (de)
[jo03xe49.default\prefs.js] - Zeile gelöscht : user_pref("keyword.URL", "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q=");
-\\ Google Chrome v39.0.2171.95
*************************
AdwCleaner[R0].txt - [4045 octets] - [03/01/2015 15:03:52]
AdwCleaner[S0].txt - [3690 octets] - [03/01/2015 15:06:19]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3750 octets] ##########
Dann der JRT Log: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 8.1 Pro with Media Center x64
Ran by Patrick Wenig on 03.01.2015 at 15:14:52,47
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Patrick Wenig\AppData\Roaming\getrighttogo"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.01.2015 at 15:17:45,52
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-01-2015 01
Ran by Patrick Wenig (administrator) on PATRICKWENIG-PC on 03-01-2015 15:48:55
Running from C:\Users\Patrick Wenig\Desktop
Loaded Profile: Patrick Wenig (Available profiles: Patrick Wenig & DefaultAppPool)
Platform: Windows 8.1 Pro with Media Center (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(AVM GmbH) C:\Program Files (x86)\FRITZ!Powerline\PowerlineService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files (x86)\JMRAIDManager\XSrvSetup.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files (x86)\JMRAIDManager\HWRaidManager.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MYMOVIES\MSSQL\Binn\sqlservr.exe
() C:\Program Files\Core Temp\Core Temp.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
() C:\Program Files (x86)\Binnerup Consult\My Movies for Windows\My Movies General Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(RapidSolution Software AG) C:\Program Files (x86)\RapidSolution\AudialsOne 4\VCDWriter\64\VCDAudioService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Akamai Technologies, Inc.) C:\Users\Patrick Wenig\AppData\Local\Akamai\netsession_win.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
() C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe
() C:\Program Files\DriveOnWeb EasyStorage Client\easyClient.exe
(Akamai Technologies, Inc.) C:\Users\Patrick Wenig\AppData\Local\Akamai\netsession_win.exe
(Fieldston Software) C:\Program Files (x86)\Fieldston Software\gSyncit\gsyncit.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Audible, Inc.) C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe
(Dropbox, Inc.) C:\Users\Patrick Wenig\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Inc.) E:\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Binnerup Consult) C:\Program Files (x86)\Binnerup Consult\My Movies for Windows\My Movies Tray.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-09-16] (Adobe Systems Incorporated)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2010-01-08] (Intel Corporation)
HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [607584 2014-12-16] (Copyright 2013 SAMSUNG)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-01-18] (IvoSoft)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [495616 2014-05-12] (Greenshot)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [BCSSync] => E:\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => E:\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2014-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => E:\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2014-12-03] (Adobe Systems Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-01-30] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-12] (Logitech Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [My Movies Tray] => C:\Program Files (x86)\Binnerup Consult\My Movies for Windows\My Movies Tray.exe [496160 2014-10-05] (Binnerup Consult)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-3122463138-2323845440-1474034320-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Patrick Wenig\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3122463138-2323845440-1474034320-1000\...\Run: [Allway Sync] => C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe [94416 2014-03-21] ()
HKU\S-1-5-21-3122463138-2323845440-1474034320-1000\...\Run: [DriveOnWeb easyStorage Client] => C:\Program Files\DriveOnWeb EasyStorage Client\easyClient.exe [765672 2011-05-23] ()
HKU\S-1-5-21-3122463138-2323845440-1474034320-1000\...\Run: [gSyncit] => C:\Program Files (x86)\Fieldston Software\gSyncit\gsyncit.exe [228352 2014-12-15] (Fieldston Software)
HKU\S-1-5-21-3122463138-2323845440-1474034320-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2011-06-20] (Hewlett-Packard Company)
HKU\S-1-5-21-3122463138-2323845440-1474034320-1000\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [111320 2014-11-06] (Siber Systems)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk
ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.)
Startup: C:\Users\Patrick Wenig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Patrick Wenig\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3122463138-2323845440-1474034320-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/
HKU\S-1-5-21-3122463138-2323845440-1474034320-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-3122463138-2323845440-1474034320-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.mein-deal.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> E:\Adobe CS5\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> E:\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - E:\Adobe CS5\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
Toolbar: HKLM-x32 - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No File
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Toolbar: HKU\S-1-5-21-3122463138-2323845440-1474034320-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-3122463138-2323845440-1474034320-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKU\S-1-5-21-3122463138-2323845440-1474034320-1000 -> No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No File
Toolbar: HKU\S-1-5-21-3122463138-2323845440-1474034320-1000 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlcdnet.asus.com/pub/ASUS/misc/dlm-activex-2.2.5.0.cab
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpIdfPlugin.cab
DPF: HKLM-x32 {960DC750-7447-4CDE-BF1C-FB33F9129654} https://pawe820.no-ip.org:5001/webman/3rdparty/SurveillanceStation/object/SSObject3.cab?6.0-2636
DPF: HKLM-x32 {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.115.1
FireFox:
========
FF ProfilePath: C:\Users\Patrick Wenig\AppData\Roaming\Mozilla\Firefox\Profiles\jo03xe49.default
FF NewTab:
FF DefaultSearchEngine: foxsearch
FF SearchEngineOrder.1: foxsearch
FF SelectedSearchEngine: foxsearch
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0-git-20120215-0402 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 -> C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> E:\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.4 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> E:\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll No File
FF Extension: Avira Browser Safety - C:\Users\Patrick Wenig\AppData\Roaming\Mozilla\Firefox\Profiles\jo03xe49.default\Extensions\abs@avira.com [2014-12-18]
FF Extension: Flash and Video Download - C:\Users\Patrick Wenig\AppData\Roaming\Mozilla\Firefox\Profiles\jo03xe49.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2014-12-20]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - E:\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - E:\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011-04-13]
FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - E:\Adobe CS5\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - E:\Adobe CS5\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2011-04-13]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-03-14]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2014-04-23]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-09-27]
FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF Extension: RoboForm Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2014-05-03]
FF HKU\S-1-5-21-3122463138-2323845440-1474034320-1000\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF StartMenuInternet: FIREFOX.EXE - E:\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Patrick Wenig\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Patrick Wenig\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-23]
CHR Extension: (YouTube) - C:\Users\Patrick Wenig\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-10-26]
CHR Extension: (Google-Suche) - C:\Users\Patrick Wenig\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-10-26]
CHR Extension: (Avira Browser Safety) - C:\Users\Patrick Wenig\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-09-23]
CHR Extension: (Google Wallet) - C:\Users\Patrick Wenig\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-30]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\Patrick Wenig\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-10-30]
CHR Extension: (MyHarmony Chrome Plugin) - C:\Users\Patrick Wenig\AppData\Local\Google\Chrome\User Data\Default\Extensions\omaonpoimgkmbllpdihbnmgphjoipdhf [2014-05-03]
CHR Extension: (Google Mail) - C:\Users\Patrick Wenig\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-10-26]
CHR Extension: (RoboForm) - C:\Users\Patrick Wenig\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2014-05-03]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-05-03]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-02-07]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - C:\Program Files (x86)\Citavi 4\Pickers\Chrome\ChromePicker.crx [2014-02-07]
CHR HKLM-x32\...\Chrome\Extension: [omaonpoimgkmbllpdihbnmgphjoipdhf] - C:\Program Files (x86)\Logitech\Harmony Remote Driver\harmony_chrome.crx [2013-11-30]
CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-05-03]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-17] (Avira Operations GmbH & Co. KG)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [368640 2009-03-20] (AVM Berlin) [File not signed]
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [335224 2010-03-30] (AVM Berlin)
R2 AVMPowerlineService; C:\Program Files (x86)\FRITZ!Powerline\PowerlineService.exe [126976 2013-10-11] (AVM GmbH) [File not signed]
R2 BotkindSyncService; C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe [182784 2014-03-21] () [File not signed]
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143224 2010-03-30] (AVM Berlin)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3304768 2010-12-23] (devolo AG)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [145920 2010-10-25] (HP) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 JMRAIDManager; C:\Program Files (x86)\JMRAIDManager\XSrvSetup.exe [69632 2009-01-22] () [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-06-20] (Hewlett-Packard Company) [File not signed]
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S3 Microsoft SharePoint Workspace Audit Service; E:\Microsoft Office\Office14\GROOVE.EXE [30814400 2013-12-19] (Microsoft Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [25600 2013-11-08] (Microsoft Corporation)
R2 MSSQL$MYMOVIES; c:\Program Files\Microsoft SQL Server\MSSQL10_50.MYMOVIES\MSSQL\Binn\sqlservr.exe [62379184 2014-07-10] (Microsoft Corporation)
R2 My Movies General Service; C:\Program Files (x86)\Binnerup Consult\My Movies for Windows\My Movies General Service.exe [1167904 2014-10-05] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [189304 2010-03-30] (AVM Berlin)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [616288 2014-12-16] (Copyright 2013 SAMSUNG)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\RpcAgentSrv.exe [93848 2009-08-10] (SiSoftware) [File not signed]
S4 SQLAgent$MYMOVIES; c:\Program Files\Microsoft SQL Server\MSSQL10_50.MYMOVIES\MSSQL\Binn\SQLAGENT.EXE [442536 2014-07-10] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [245760 2011-02-18] () [File not signed]
R2 Virtual CDAudio Service; C:\Program Files (x86)\RapidSolution\AudialsOne 4\VCDWriter\64\VCDAudioService.exe [178552 2010-09-08] (RapidSolution Software AG)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-11-08] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [546304 2013-11-08] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-04] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2010-08-04] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-08-15] (Avira Operations GmbH & Co. KG)
S3 avmaudio; C:\Windows\System32\drivers\avmaudio.sys [116096 2010-11-09] (AVM Berlin)
R2 easycvfs; C:\Windows\system32\drivers\easycvfs.sys [105864 2010-07-10] () [File not signed]
R1 Ext2Fsd; C:\Windows\System32\Drivers\Ext2Fsd.sys [769816 2011-07-09] (www.ext2fsd.com)
S4 ithsgt; C:\Windows\System32\DRIVERS\ithsgt.sys [207872 2009-11-09] () [File not signed]
S2 lilsgt; C:\Windows\System32\DRIVERS\lilsgt.sys [21504 2009-11-09] () [File not signed]
S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [96472 2015-01-03] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [173568 2013-11-08] (Microsoft Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2010-06-10] (CACE Technologies)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R1 RsFx0153; C:\Windows\System32\DRIVERS\RsFx0153.sys [322736 2014-07-10] (Microsoft Corporation)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 yukonw8; C:\Windows\system32\DRIVERS\yk63x64.sys [295216 2013-06-18] (Marvell)
R3 ALSysIO; \??\C:\Users\PATRIC~1\AppData\Local\Temp\ALSysIO64.sys [X]
U3 idsvc; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-03 15:48 - 2015-01-03 15:49 - 00035955 _____ () C:\Users\Patrick Wenig\Desktop\FRST.txt
2015-01-03 15:48 - 2015-01-03 15:48 - 02123776 _____ (Farbar) C:\Users\Patrick Wenig\Desktop\FRST64.exe
2015-01-03 15:17 - 2015-01-03 15:17 - 00000732 _____ () C:\Users\Patrick Wenig\Desktop\JRT.txt
2015-01-03 15:14 - 2015-01-03 15:14 - 00000000 ____D () C:\WINDOWS\ERUNT
2015-01-03 15:12 - 2015-01-03 15:12 - 01707939 _____ (Thisisu) C:\Users\Patrick Wenig\Desktop\JRT.exe
2015-01-03 15:11 - 2015-01-03 15:11 - 00003854 _____ () C:\Users\Patrick Wenig\Desktop\AdwCleaner[S0].txt
2015-01-03 15:03 - 2015-01-03 15:06 - 00000000 ____D () C:\AdwCleaner
2015-01-03 15:02 - 2015-01-03 15:02 - 02173952 _____ () C:\Users\Patrick Wenig\Desktop\AdwCleaner_4.106.exe
2015-01-03 09:50 - 2015-01-03 09:50 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-03 09:49 - 2015-01-03 15:07 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-01-03 09:49 - 2015-01-03 11:35 - 00135384 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-03 09:47 - 2015-01-03 12:03 - 00000000 ____D () C:\Users\Patrick Wenig\Desktop\mbar
2015-01-03 09:47 - 2015-01-03 11:35 - 00096472 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-01-03 09:46 - 2015-01-03 09:46 - 04187592 _____ (Kaspersky Lab ZAO) C:\Users\Patrick Wenig\Desktop\tdsskiller.exe
2015-01-02 11:59 - 2015-01-03 15:48 - 00000000 ____D () C:\FRST
2014-12-29 12:53 - 2014-12-29 12:53 - 00006591 _____ () C:\Users\Patrick Wenig\Desktop\Masterarbeit 2 - Verknüpfung.lnk
2014-12-29 12:43 - 2014-12-29 12:43 - 00000000 ____D () C:\Users\Patrick Wenig\Desktop\GPS
2014-12-29 09:32 - 2014-12-29 09:32 - 00003886 _____ () C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2014-12-28 11:48 - 2014-12-28 11:48 - 00002160 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2014-12-28 11:48 - 2014-12-13 01:47 - 00620176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2014-12-28 11:46 - 2014-12-13 11:08 - 32099472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 25460552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 24764232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 20465808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 13288360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 13202520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 10770120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 10710160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 10345280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-12-28 11:46 - 2014-12-13 11:08 - 03610440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 03248968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 01895056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434709.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 01556624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434709.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 00994384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 00968336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 00942400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 00928072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 00906560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 00876976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 00834880 _____ () C:\WINDOWS\system32\nvmcumd.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 00353224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 00306328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 00178632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 00165760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2014-12-28 11:46 - 2014-10-09 18:02 - 00195728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2014-12-28 11:46 - 2014-10-09 18:02 - 00030536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2014-12-28 11:46 - 2014-10-09 08:17 - 01540240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco64.dll
2014-12-28 11:11 - 2014-12-28 11:48 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-12-28 11:10 - 2014-11-22 11:46 - 00038032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2014-12-28 11:10 - 2014-11-22 11:46 - 00032400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2014-12-22 17:23 - 2014-12-22 17:23 - 00000000 ____D () C:\Users\Patrick Wenig\Documents\Outlook-Dateien
2014-12-20 18:16 - 2014-12-20 18:17 - 06126536 _____ (Tim Kosse) C:\Users\Patrick Wenig\Downloads\FileZilla_3.9.0.6_win32-setup.exe
2014-12-17 21:33 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-17 21:33 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-12-17 21:32 - 2014-12-17 21:32 - 00001125 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
2014-12-17 21:32 - 2014-12-17 21:32 - 00001113 _____ () C:\Users\Public\Desktop\TeamViewer 8.lnk
2014-12-17 21:12 - 2014-11-26 22:10 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-12-17 21:12 - 2014-11-26 22:10 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-11 22:19 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-11 22:19 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-11 22:19 - 2014-10-13 03:43 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-11 22:19 - 2014-10-13 03:43 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-11 22:19 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-11 22:19 - 2014-10-13 03:43 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-12-11 22:18 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-11 22:18 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-11 22:18 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-11 22:18 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-11 22:18 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-11 22:18 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-11 22:18 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-11 22:18 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-11 22:18 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-11 22:18 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-11 22:18 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-11 22:18 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-11 22:18 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-11 22:18 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-11 22:18 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-11 22:18 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-11 22:18 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-11 22:18 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-11 22:18 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-11 22:18 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-11 22:18 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-11 22:18 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-11 22:18 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-11 22:18 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-11 22:18 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-11 22:18 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-11 22:18 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-11 22:18 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-11 22:18 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-11 22:18 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-11 22:18 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-11 22:18 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-11 22:18 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-11 22:18 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-11 22:18 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-11 22:18 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-11 22:18 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-11 22:18 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-11 22:18 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-11 22:18 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-11 22:18 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-11 22:18 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-11 22:18 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-11 21:45 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-11 21:45 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-11 19:55 - 2014-12-11 19:55 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Roaming\mkvtoolnix
2014-12-11 19:54 - 2014-12-11 19:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix
2014-12-11 19:54 - 2014-12-11 19:55 - 00000000 ____D () C:\Program Files (x86)\MKVToolNix
2014-12-11 18:57 - 2014-12-11 18:57 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2014-12-11 18:57 - 2014-12-11 18:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TSDoctor
2014-12-11 18:57 - 2014-12-11 18:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2014-12-11 18:57 - 2014-12-11 18:57 - 00000000 ____D () C:\ProgramData\Cypheros
2014-12-11 18:57 - 2014-12-11 18:57 - 00000000 ____D () C:\Program Files (x86)\Haali
2014-12-11 18:57 - 2014-12-11 18:57 - 00000000 ____D () C:\Program Files (x86)\Cypheros
2014-12-11 18:18 - 2014-12-11 18:18 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Roaming\Greenshot
2014-12-11 18:18 - 2014-12-11 18:18 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Local\Greenshot
2014-12-11 18:18 - 2014-12-11 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Greenshot
2014-12-11 18:18 - 2014-12-11 18:18 - 00000000 ____D () C:\Program Files\Greenshot
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-07-25 03:24 - 2010-08-02 19:14 - 00000000 ____D () C:\Users\Patrick Wenig\Downloads\Guru3D.com
2015-01-03 15:46 - 2012-10-26 15:36 - 00001150 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-03 15:39 - 2012-04-04 07:06 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-03 15:12 - 2011-02-20 21:56 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Roaming\gSyncit
2015-01-03 15:11 - 2011-02-22 08:16 - 00000000 ___RD () C:\Users\Patrick Wenig\Dropbox
2015-01-03 15:11 - 2011-02-22 08:13 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Roaming\Dropbox
2015-01-03 15:10 - 2013-11-09 01:39 - 00000000 __RDO () C:\Users\Patrick Wenig\SkyDrive
2015-01-03 15:09 - 2012-10-26 15:36 - 00001146 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-03 15:08 - 2013-11-08 19:37 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-03 15:08 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-03 15:07 - 2013-09-29 20:05 - 00318160 _____ () C:\WINDOWS\PFRO.log
2015-01-03 15:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-03 14:44 - 2009-10-26 21:52 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Roaming\vlc
2015-01-03 14:12 - 2010-07-08 21:40 - 00000000 ____D () C:\Users\Patrick Wenig\Downloads\Crysis
2015-01-03 14:12 - 2009-10-26 21:39 - 00000000 ____D () C:\Users\Patrick Wenig\Downloads\Grafik 8800gtx
2015-01-03 14:10 - 2009-05-04 20:54 - 00000000 ____D () C:\Radioaufnahmen
2015-01-03 13:52 - 2013-11-30 14:03 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Roaming\ClassicShell
2015-01-03 12:15 - 2009-10-26 23:25 - 00003990 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4E135A6E-A1E4-4B7A-99FE-A2B3982CA3CC}
2015-01-03 12:04 - 2010-08-04 20:37 - 00000000 ____D () C:\Users\Patrick Wenig\Desktop\Systemtools
2015-01-03 11:30 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-03 10:37 - 2014-04-23 17:27 - 00000000 ____D () C:\Users\Patrick Wenig\Documents\Citavi 4
2015-01-03 10:21 - 2013-11-08 19:36 - 01852310 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-03 10:00 - 2010-02-13 20:05 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Roaming\FileZilla
2015-01-03 09:35 - 2013-11-08 19:41 - 00000000 ____D () C:\Users\Patrick Wenig
2015-01-02 10:38 - 2011-09-14 06:51 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Roaming\dvdcss
2015-01-02 09:38 - 2013-03-16 22:49 - 00551936 ___SH () C:\Users\Patrick Wenig\Desktop\Thumbs.db
2014-12-30 11:09 - 2013-04-14 10:41 - 00000000 ____D () C:\Users\Patrick Wenig\Documents\Allgemeine Dokumente
2014-12-29 15:50 - 2009-10-26 21:11 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Local\Microsoft Help
2014-12-29 11:47 - 2012-10-26 15:03 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3122463138-2323845440-1474034320-1000
2014-12-29 10:17 - 2011-04-13 20:35 - 00002481 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2014-12-29 10:17 - 2011-04-13 20:35 - 00002469 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
2014-12-29 10:17 - 2011-04-13 20:35 - 00001668 _____ () C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
2014-12-29 10:17 - 2011-04-13 20:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2014-12-29 09:42 - 2012-06-20 20:49 - 00000000 ____D () C:\ProgramData\Freemake
2014-12-29 09:41 - 2012-06-20 20:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2014-12-29 09:41 - 2011-04-28 20:28 - 00000000 ____D () C:\Users\Patrick Wenig\Desktop\DVD Umwandler
2014-12-29 09:39 - 2011-04-28 20:28 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Roaming\XMedia Recode
2014-12-29 09:37 - 2011-04-28 20:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode
2014-12-29 09:37 - 2011-04-28 20:21 - 00000000 ____D () C:\Program Files (x86)\XMedia Recode
2014-12-28 11:48 - 2013-08-22 15:46 - 00384956 _____ () C:\WINDOWS\setupact.log
2014-12-28 11:48 - 2012-10-26 17:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-12-28 11:48 - 2009-11-09 22:37 - 00000000 ____D () C:\temp
2014-12-28 11:04 - 2009-10-26 21:11 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-28 11:02 - 2013-02-20 19:36 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-12-20 18:32 - 2013-11-08 19:37 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2014-12-20 18:32 - 2013-11-08 19:37 - 00004264 _____ () C:\WINDOWS\LkmdfCoInst.log
2014-12-20 14:02 - 2012-05-05 09:34 - 00000000 ____D () C:\ProgramData\Sonos,_Inc
2014-12-20 13:58 - 2012-05-05 09:34 - 00001966 _____ () C:\Users\Public\Desktop\Sonos.lnk
2014-12-20 13:58 - 2012-05-05 09:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonos
2014-12-20 13:58 - 2011-11-02 13:18 - 00000000 ____D () C:\Program Files (x86)\Sonos
2014-12-20 13:57 - 2011-11-15 19:53 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Local\Downloaded Installations
2014-12-19 16:31 - 2013-08-22 15:44 - 05042624 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-12-18 20:04 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-18 19:04 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-18 19:04 - 2010-05-09 10:11 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Roaming\VSO
2014-12-18 19:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-12-18 18:58 - 2013-11-30 13:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-12-18 18:56 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-18 18:56 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-15 19:29 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-15 19:28 - 2013-08-27 20:25 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-15 19:23 - 2009-10-26 22:52 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-15 18:50 - 2012-10-26 14:54 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Local\Packages
2014-12-15 18:45 - 2011-02-22 08:16 - 00001106 _____ () C:\Users\Patrick Wenig\Desktop\Dropbox.lnk
2014-12-15 18:45 - 2011-02-22 08:14 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-13 11:08 - 2014-06-01 09:58 - 00027983 _____ () C:\WINDOWS\system32\nvinfo.pb
2014-12-13 11:08 - 2013-10-27 09:12 - 18594432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2014-12-13 11:08 - 2013-10-27 09:12 - 17264312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2014-12-13 11:08 - 2013-10-27 09:12 - 16040184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2014-12-13 11:08 - 2013-10-27 09:12 - 14128496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2014-12-13 11:08 - 2013-10-27 09:12 - 03293136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2014-12-13 11:08 - 2013-10-27 09:12 - 02897824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2014-12-13 09:03 - 2013-11-08 19:36 - 06859408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-12-13 09:03 - 2013-11-08 19:36 - 03513488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2014-12-13 09:03 - 2013-11-08 19:36 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2014-12-13 09:03 - 2013-11-08 19:36 - 00935240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-12-13 09:03 - 2013-11-08 19:36 - 00386368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-12-13 09:03 - 2013-11-08 19:36 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-12-13 01:12 - 2014-06-03 20:12 - 01715224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2014-12-13 01:12 - 2014-06-03 20:12 - 01291464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2014-12-13 01:12 - 2014-02-09 13:26 - 02824504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2014-12-13 01:12 - 2014-02-09 13:26 - 02210040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2014-12-13 00:11 - 2013-11-08 19:36 - 04151176 _____ () C:\WINDOWS\system32\nvcoproc.bin
2014-12-11 18:39 - 2012-04-04 07:06 - 00003796 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-12-11 18:02 - 2014-01-29 17:37 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-07 20:41 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-07 20:41 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-07 20:41 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-12-07 20:41 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-12-07 18:35 - 2013-09-30 05:14 - 02250322 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-07 18:35 - 2013-09-30 04:58 - 00943164 _____ () C:\WINDOWS\system32\perfh007.dat
2014-12-07 18:35 - 2013-09-30 04:58 - 00226184 _____ () C:\WINDOWS\system32\perfc007.dat
Some content of TEMP:
====================
C:\Users\Patrick Wenig\AppData\Local\Temp\avgnt.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\CMInstaller.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpdacgir.dll
C:\Users\Patrick Wenig\AppData\Local\Temp\i4jdel0.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\MouseKeyboardCenterx64_1031.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Patrick Wenig\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Patrick Wenig\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Patrick Wenig\AppData\Local\Temp\nvStInst.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\Quarantine.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\SamsungAPInstaller_1390325000533.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\SamsungAPInstaller_1394278536296.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\SamsungAPInstaller_1395594156758.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\SamsungAPInstaller_1400224904149.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\SamsungAPInstaller_1400570987502.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\SamsungAPInstaller_1403885188766.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\SamsungAPInstaller_1411993701702.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\SamsungAPInstaller_1415181550782.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\SamsungAPInstaller_1415211033958.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\SamsungAPInstaller_1417371533392.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\SamsungAPInstaller_1418925300466.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\SerialDLL.dll
C:\Users\Patrick Wenig\AppData\Local\Temp\sqlite3.dll
C:\Users\Patrick Wenig\AppData\Local\Temp\verify.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\vlc-2.0.8-win64.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\vlc-2.1.1-win64.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\vlc-2.1.2-win64.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\vlc-2.1.4-win64.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-03 15:22
==================== End Of Log ============================
--- --- --- |
|
03.01.2015, 16:23
| #10 |
| /// the machine /// TB-Ausbilder | Win 8.1 64bit: Bild in Mail von unbekanntem Absender geöffnetESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.01.2015, 09:53
| #11 |
| | Win 8.1 64bit: Bild in Mail von unbekanntem Absender geöffnet Oh je, da scheine ich mir was ganz Schönes eingefangen zu haben. Auf jeden Fall schon mal ein riesen Zwischen-Danke-Schön! Hier nur die Logs: Der Log von ESET: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=dc2c94dbc1471b428df990d62a7169fd
# engine=21806
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-01-03 11:52:31
# local_time=2015-01-04 12:52:31 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 99 32985 12237748 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 2347875 10633470 0 0
# scanned=621923
# found=3
# cleaned=0
# scan_time=14554
sh=44F60AFE167D05C8430EFE72CFC942063D907399 ft=1 fh=63026b1a5122f89b vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Patrick Wenig\AppData\Local\Temp\DMR\dmr_72.exe"
sh=3C2CE2D7A3F8537ADA14E3760AA5A6B6F13A2354 ft=1 fh=89471b043199622f vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Patrick Wenig\Downloads\SoftonicDownloader51882.exe"
sh=CE4FA6F89A158AE6D5EE67EC5DE1998E49C91223 ft=1 fh=a094c59bf7ca9b4f vn="Win32/Toolbar.AskSBar evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Patrick Wenig\Downloads\Nero7\Nero-7.8.5.0_deu_update.exe"
Code:
ATTFilter Results of screen317's Security Check version 0.99.93
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Windows Defender
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 55
Java version 32-bit out of Date!
Adobe Flash Player 15.0.0.246 Flash Player out of Date!
Adobe Reader XI
Mozilla Firefox (4.0.1)
Google Chrome (39.0.2171.71)
Google Chrome (39.0.2171.95)
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-01-2015 01
Ran by Patrick Wenig (administrator) on PATRICKWENIG-PC on 04-01-2015 09:40:44
Running from C:\Users\Patrick Wenig\Desktop
Loaded Profile: Patrick Wenig (Available profiles: Patrick Wenig & DefaultAppPool)
Platform: Windows 8.1 Pro with Media Center (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(AVM GmbH) C:\Program Files (x86)\FRITZ!Powerline\PowerlineService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files (x86)\JMRAIDManager\XSrvSetup.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files (x86)\JMRAIDManager\HWRaidManager.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
() C:\Program Files\Core Temp\Core Temp.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MYMOVIES\MSSQL\Binn\sqlservr.exe
() C:\Program Files (x86)\Binnerup Consult\My Movies for Windows\My Movies General Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(RapidSolution Software AG) C:\Program Files (x86)\RapidSolution\AudialsOne 4\VCDWriter\64\VCDAudioService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Akamai Technologies, Inc.) C:\Users\Patrick Wenig\AppData\Local\Akamai\netsession_win.exe
() C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe
() C:\Program Files\DriveOnWeb EasyStorage Client\easyClient.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Fieldston Software) C:\Program Files (x86)\Fieldston Software\gSyncit\gsyncit.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Akamai Technologies, Inc.) C:\Users\Patrick Wenig\AppData\Local\Akamai\netsession_win.exe
(Audible, Inc.) C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe
(Dropbox, Inc.) C:\Users\Patrick Wenig\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Inc.) E:\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Binnerup Consult) C:\Program Files (x86)\Binnerup Consult\My Movies for Windows\My Movies Tray.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-09-16] (Adobe Systems Incorporated)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2010-01-08] (Intel Corporation)
HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [607584 2014-12-16] (Copyright 2013 SAMSUNG)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-01-18] (IvoSoft)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [495616 2014-05-12] (Greenshot)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [BCSSync] => E:\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => E:\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2014-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => E:\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2014-12-03] (Adobe Systems Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-01-30] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-12] (Logitech Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [My Movies Tray] => C:\Program Files (x86)\Binnerup Consult\My Movies for Windows\My Movies Tray.exe [496160 2014-10-05] (Binnerup Consult)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-3122463138-2323845440-1474034320-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Patrick Wenig\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3122463138-2323845440-1474034320-1000\...\Run: [Allway Sync] => C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe [94416 2014-03-21] ()
HKU\S-1-5-21-3122463138-2323845440-1474034320-1000\...\Run: [DriveOnWeb easyStorage Client] => C:\Program Files\DriveOnWeb EasyStorage Client\easyClient.exe [765672 2011-05-23] ()
HKU\S-1-5-21-3122463138-2323845440-1474034320-1000\...\Run: [gSyncit] => C:\Program Files (x86)\Fieldston Software\gSyncit\gsyncit.exe [228352 2014-12-15] (Fieldston Software)
HKU\S-1-5-21-3122463138-2323845440-1474034320-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2011-06-20] (Hewlett-Packard Company)
HKU\S-1-5-21-3122463138-2323845440-1474034320-1000\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [111320 2014-11-06] (Siber Systems)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk
ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.)
Startup: C:\Users\Patrick Wenig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Patrick Wenig\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3122463138-2323845440-1474034320-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/
HKU\S-1-5-21-3122463138-2323845440-1474034320-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-3122463138-2323845440-1474034320-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.mein-deal.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> E:\Adobe CS5\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> E:\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - E:\Adobe CS5\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
Toolbar: HKLM-x32 - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No File
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Toolbar: HKU\S-1-5-21-3122463138-2323845440-1474034320-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-3122463138-2323845440-1474034320-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKU\S-1-5-21-3122463138-2323845440-1474034320-1000 -> No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No File
Toolbar: HKU\S-1-5-21-3122463138-2323845440-1474034320-1000 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlcdnet.asus.com/pub/ASUS/misc/dlm-activex-2.2.5.0.cab
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpIdfPlugin.cab
DPF: HKLM-x32 {960DC750-7447-4CDE-BF1C-FB33F9129654} https://pawe820.no-ip.org:5001/webman/3rdparty/SurveillanceStation/object/SSObject3.cab?6.0-2636
DPF: HKLM-x32 {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.115.1
FireFox:
========
FF ProfilePath: C:\Users\Patrick Wenig\AppData\Roaming\Mozilla\Firefox\Profiles\jo03xe49.default
FF NewTab:
FF DefaultSearchEngine: foxsearch
FF SearchEngineOrder.1: foxsearch
FF SelectedSearchEngine: foxsearch
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0-git-20120215-0402 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 -> C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> E:\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.4 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> E:\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll No File
FF Extension: Avira Browser Safety - C:\Users\Patrick Wenig\AppData\Roaming\Mozilla\Firefox\Profiles\jo03xe49.default\Extensions\abs@avira.com [2014-12-18]
FF Extension: Flash and Video Download - C:\Users\Patrick Wenig\AppData\Roaming\Mozilla\Firefox\Profiles\jo03xe49.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2014-12-20]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - E:\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - E:\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011-04-13]
FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - E:\Adobe CS5\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - E:\Adobe CS5\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2011-04-13]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-03-14]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2014-04-23]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-09-27]
FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF Extension: RoboForm Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2014-05-03]
FF HKU\S-1-5-21-3122463138-2323845440-1474034320-1000\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF StartMenuInternet: FIREFOX.EXE - E:\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Patrick Wenig\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Patrick Wenig\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-23]
CHR Extension: (YouTube) - C:\Users\Patrick Wenig\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-10-26]
CHR Extension: (Google-Suche) - C:\Users\Patrick Wenig\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-10-26]
CHR Extension: (Avira Browser Safety) - C:\Users\Patrick Wenig\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-09-23]
CHR Extension: (Google Wallet) - C:\Users\Patrick Wenig\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-30]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\Patrick Wenig\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-10-30]
CHR Extension: (MyHarmony Chrome Plugin) - C:\Users\Patrick Wenig\AppData\Local\Google\Chrome\User Data\Default\Extensions\omaonpoimgkmbllpdihbnmgphjoipdhf [2014-05-03]
CHR Extension: (Google Mail) - C:\Users\Patrick Wenig\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-10-26]
CHR Extension: (RoboForm) - C:\Users\Patrick Wenig\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2014-05-03]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-05-03]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-02-07]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - C:\Program Files (x86)\Citavi 4\Pickers\Chrome\ChromePicker.crx [2014-02-07]
CHR HKLM-x32\...\Chrome\Extension: [omaonpoimgkmbllpdihbnmgphjoipdhf] - C:\Program Files (x86)\Logitech\Harmony Remote Driver\harmony_chrome.crx [2013-11-30]
CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-05-03]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-17] (Avira Operations GmbH & Co. KG)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [368640 2009-03-20] (AVM Berlin) [File not signed]
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [335224 2010-03-30] (AVM Berlin)
R2 AVMPowerlineService; C:\Program Files (x86)\FRITZ!Powerline\PowerlineService.exe [126976 2013-10-11] (AVM GmbH) [File not signed]
R2 BotkindSyncService; C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe [182784 2014-03-21] () [File not signed]
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143224 2010-03-30] (AVM Berlin)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3304768 2010-12-23] (devolo AG)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [145920 2010-10-25] (HP) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 JMRAIDManager; C:\Program Files (x86)\JMRAIDManager\XSrvSetup.exe [69632 2009-01-22] () [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-06-20] (Hewlett-Packard Company) [File not signed]
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S3 Microsoft SharePoint Workspace Audit Service; E:\Microsoft Office\Office14\GROOVE.EXE [30814400 2013-12-19] (Microsoft Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [25600 2013-11-08] (Microsoft Corporation)
R2 MSSQL$MYMOVIES; c:\Program Files\Microsoft SQL Server\MSSQL10_50.MYMOVIES\MSSQL\Binn\sqlservr.exe [62379184 2014-07-10] (Microsoft Corporation)
R2 My Movies General Service; C:\Program Files (x86)\Binnerup Consult\My Movies for Windows\My Movies General Service.exe [1167904 2014-10-05] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [189304 2010-03-30] (AVM Berlin)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [616288 2014-12-16] (Copyright 2013 SAMSUNG)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\RpcAgentSrv.exe [93848 2009-08-10] (SiSoftware) [File not signed]
S4 SQLAgent$MYMOVIES; c:\Program Files\Microsoft SQL Server\MSSQL10_50.MYMOVIES\MSSQL\Binn\SQLAGENT.EXE [442536 2014-07-10] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [245760 2011-02-18] () [File not signed]
R2 Virtual CDAudio Service; C:\Program Files (x86)\RapidSolution\AudialsOne 4\VCDWriter\64\VCDAudioService.exe [178552 2010-09-08] (RapidSolution Software AG)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-11-08] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [546304 2013-11-08] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-04] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2010-08-04] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-08-15] (Avira Operations GmbH & Co. KG)
S3 avmaudio; C:\Windows\System32\drivers\avmaudio.sys [116096 2010-11-09] (AVM Berlin)
R2 easycvfs; C:\Windows\system32\drivers\easycvfs.sys [105864 2010-07-10] () [File not signed]
R1 Ext2Fsd; C:\Windows\System32\Drivers\Ext2Fsd.sys [769816 2011-07-09] (www.ext2fsd.com)
S4 ithsgt; C:\Windows\System32\DRIVERS\ithsgt.sys [207872 2009-11-09] () [File not signed]
S2 lilsgt; C:\Windows\System32\DRIVERS\lilsgt.sys [21504 2009-11-09] () [File not signed]
S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [96472 2015-01-03] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [173568 2013-11-08] (Microsoft Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2010-06-10] (CACE Technologies)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R1 RsFx0153; C:\Windows\System32\DRIVERS\RsFx0153.sys [322736 2014-07-10] (Microsoft Corporation)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 yukonw8; C:\Windows\system32\DRIVERS\yk63x64.sys [295216 2013-06-18] (Marvell)
R3 ALSysIO; \??\C:\Users\PATRIC~1\AppData\Local\Temp\ALSysIO64.sys [X]
U3 idsvc; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-04 09:40 - 2015-01-04 09:41 - 00036156 _____ () C:\Users\Patrick Wenig\Desktop\FRST.txt
2015-01-04 09:40 - 2015-01-04 09:40 - 00000905 _____ () C:\Users\Patrick Wenig\Desktop\checkup.txt
2015-01-04 09:35 - 2015-01-04 09:36 - 00852505 _____ () C:\Users\Patrick Wenig\Desktop\SecurityCheck.exe
2015-01-03 20:35 - 2015-01-03 20:35 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-01-03 20:34 - 2015-01-03 20:34 - 02347384 _____ (ESET) C:\Users\Patrick Wenig\Desktop\esetsmartinstaller_deu.exe
2015-01-03 15:48 - 2015-01-03 15:48 - 02123776 _____ (Farbar) C:\Users\Patrick Wenig\Desktop\FRST64.exe
2015-01-03 15:17 - 2015-01-03 15:17 - 00000732 _____ () C:\Users\Patrick Wenig\Desktop\JRT.txt
2015-01-03 15:14 - 2015-01-03 15:14 - 00000000 ____D () C:\WINDOWS\ERUNT
2015-01-03 15:12 - 2015-01-03 15:12 - 01707939 _____ (Thisisu) C:\Users\Patrick Wenig\Desktop\JRT.exe
2015-01-03 15:11 - 2015-01-03 15:11 - 00003854 _____ () C:\Users\Patrick Wenig\Desktop\AdwCleaner[S0].txt
2015-01-03 15:03 - 2015-01-03 15:06 - 00000000 ____D () C:\AdwCleaner
2015-01-03 15:02 - 2015-01-03 15:02 - 02173952 _____ () C:\Users\Patrick Wenig\Desktop\AdwCleaner_4.106.exe
2015-01-03 09:50 - 2015-01-03 09:50 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-03 09:49 - 2015-01-03 15:07 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-01-03 09:49 - 2015-01-03 11:35 - 00135384 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-03 09:47 - 2015-01-03 12:03 - 00000000 ____D () C:\Users\Patrick Wenig\Desktop\mbar
2015-01-03 09:47 - 2015-01-03 11:35 - 00096472 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-01-03 09:46 - 2015-01-03 09:46 - 04187592 _____ (Kaspersky Lab ZAO) C:\Users\Patrick Wenig\Desktop\tdsskiller.exe
2015-01-02 11:59 - 2015-01-04 09:40 - 00000000 ____D () C:\FRST
2014-12-29 12:53 - 2014-12-29 12:53 - 00006591 _____ () C:\Users\Patrick Wenig\Desktop\Masterarbeit 2 - Verknüpfung.lnk
2014-12-29 12:43 - 2014-12-29 12:43 - 00000000 ____D () C:\Users\Patrick Wenig\Desktop\GPS
2014-12-29 09:32 - 2014-12-29 09:32 - 00003886 _____ () C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2014-12-28 11:48 - 2014-12-28 11:48 - 00002160 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2014-12-28 11:48 - 2014-12-13 01:47 - 00620176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2014-12-28 11:46 - 2014-12-13 11:08 - 32099472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 25460552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 24764232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 20465808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 13288360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 13202520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 10770120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 10710160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 10345280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-12-28 11:46 - 2014-12-13 11:08 - 03610440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 03248968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 01895056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434709.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 01556624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434709.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 00994384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 00968336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 00942400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 00928072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 00906560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 00876976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 00834880 _____ () C:\WINDOWS\system32\nvmcumd.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 00353224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 00306328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 00178632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2014-12-28 11:46 - 2014-12-13 11:08 - 00165760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2014-12-28 11:46 - 2014-10-09 18:02 - 00195728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2014-12-28 11:46 - 2014-10-09 18:02 - 00030536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2014-12-28 11:46 - 2014-10-09 08:17 - 01540240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco64.dll
2014-12-28 11:11 - 2014-12-28 11:48 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-12-28 11:10 - 2014-11-22 11:46 - 00038032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2014-12-28 11:10 - 2014-11-22 11:46 - 00032400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2014-12-22 17:23 - 2014-12-22 17:23 - 00000000 ____D () C:\Users\Patrick Wenig\Documents\Outlook-Dateien
2014-12-20 18:16 - 2014-12-20 18:17 - 06126536 _____ (Tim Kosse) C:\Users\Patrick Wenig\Downloads\FileZilla_3.9.0.6_win32-setup.exe
2014-12-17 21:33 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-17 21:33 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-12-17 21:32 - 2014-12-17 21:32 - 00001125 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
2014-12-17 21:32 - 2014-12-17 21:32 - 00001113 _____ () C:\Users\Public\Desktop\TeamViewer 8.lnk
2014-12-17 21:12 - 2014-11-26 22:10 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-12-17 21:12 - 2014-11-26 22:10 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-11 22:19 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-11 22:19 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-11 22:19 - 2014-10-13 03:43 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-11 22:19 - 2014-10-13 03:43 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-11 22:19 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-11 22:19 - 2014-10-13 03:43 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-12-11 22:18 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-11 22:18 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-11 22:18 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-11 22:18 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-11 22:18 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-11 22:18 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-11 22:18 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-11 22:18 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-11 22:18 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-11 22:18 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-11 22:18 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-11 22:18 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-11 22:18 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-11 22:18 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-11 22:18 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-11 22:18 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-11 22:18 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-11 22:18 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-11 22:18 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-11 22:18 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-11 22:18 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-11 22:18 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-11 22:18 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-11 22:18 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-11 22:18 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-11 22:18 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-11 22:18 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-11 22:18 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-11 22:18 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-11 22:18 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-11 22:18 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-11 22:18 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-11 22:18 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-11 22:18 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-11 22:18 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-11 22:18 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-11 22:18 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-11 22:18 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-11 22:18 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-11 22:18 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-11 22:18 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-11 22:18 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-11 22:18 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-11 21:45 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-11 21:45 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-11 19:55 - 2014-12-11 19:55 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Roaming\mkvtoolnix
2014-12-11 19:54 - 2014-12-11 19:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix
2014-12-11 19:54 - 2014-12-11 19:55 - 00000000 ____D () C:\Program Files (x86)\MKVToolNix
2014-12-11 18:57 - 2014-12-11 18:57 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2014-12-11 18:57 - 2014-12-11 18:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TSDoctor
2014-12-11 18:57 - 2014-12-11 18:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2014-12-11 18:57 - 2014-12-11 18:57 - 00000000 ____D () C:\ProgramData\Cypheros
2014-12-11 18:57 - 2014-12-11 18:57 - 00000000 ____D () C:\Program Files (x86)\Haali
2014-12-11 18:57 - 2014-12-11 18:57 - 00000000 ____D () C:\Program Files (x86)\Cypheros
2014-12-11 18:18 - 2014-12-11 18:18 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Roaming\Greenshot
2014-12-11 18:18 - 2014-12-11 18:18 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Local\Greenshot
2014-12-11 18:18 - 2014-12-11 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Greenshot
2014-12-11 18:18 - 2014-12-11 18:18 - 00000000 ____D () C:\Program Files\Greenshot
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-07-25 03:24 - 2010-08-02 19:14 - 00000000 ____D () C:\Users\Patrick Wenig\Downloads\Guru3D.com
2015-01-04 09:40 - 2010-02-13 20:05 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Roaming\FileZilla
2015-01-04 09:39 - 2012-04-04 07:06 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-04 09:20 - 2011-02-20 21:56 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Roaming\gSyncit
2015-01-04 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-04 08:46 - 2012-10-26 15:36 - 00001150 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-04 06:24 - 2009-10-26 23:25 - 00003990 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4E135A6E-A1E4-4B7A-99FE-A2B3982CA3CC}
2015-01-04 05:14 - 2013-11-08 19:36 - 01905786 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-03 20:42 - 2011-02-22 08:16 - 00000000 ___RD () C:\Users\Patrick Wenig\Dropbox
2015-01-03 20:42 - 2011-02-22 08:13 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Roaming\Dropbox
2015-01-03 20:40 - 2013-11-30 14:03 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Roaming\ClassicShell
2015-01-03 20:40 - 2013-11-09 01:39 - 00000000 __RDO () C:\Users\Patrick Wenig\SkyDrive
2015-01-03 20:39 - 2013-11-08 19:37 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-03 20:39 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-03 20:39 - 2012-10-26 15:36 - 00001146 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-03 16:15 - 2014-04-23 17:27 - 00000000 ____D () C:\Users\Patrick Wenig\Documents\Citavi 4
2015-01-03 15:07 - 2013-09-29 20:05 - 00318160 _____ () C:\WINDOWS\PFRO.log
2015-01-03 14:44 - 2009-10-26 21:52 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Roaming\vlc
2015-01-03 14:12 - 2010-07-08 21:40 - 00000000 ____D () C:\Users\Patrick Wenig\Downloads\Crysis
2015-01-03 14:12 - 2009-10-26 21:39 - 00000000 ____D () C:\Users\Patrick Wenig\Downloads\Grafik 8800gtx
2015-01-03 14:10 - 2009-05-04 20:54 - 00000000 ____D () C:\Radioaufnahmen
2015-01-03 12:04 - 2010-08-04 20:37 - 00000000 ____D () C:\Users\Patrick Wenig\Desktop\Systemtools
2015-01-03 11:30 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-03 09:35 - 2013-11-08 19:41 - 00000000 ____D () C:\Users\Patrick Wenig
2015-01-02 10:38 - 2011-09-14 06:51 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Roaming\dvdcss
2015-01-02 09:38 - 2013-03-16 22:49 - 00551936 ___SH () C:\Users\Patrick Wenig\Desktop\Thumbs.db
2014-12-30 11:09 - 2013-04-14 10:41 - 00000000 ____D () C:\Users\Patrick Wenig\Documents\Allgemeine Dokumente
2014-12-29 15:50 - 2009-10-26 21:11 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Local\Microsoft Help
2014-12-29 11:47 - 2012-10-26 15:03 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3122463138-2323845440-1474034320-1000
2014-12-29 10:17 - 2011-04-13 20:35 - 00002481 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2014-12-29 10:17 - 2011-04-13 20:35 - 00002469 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
2014-12-29 10:17 - 2011-04-13 20:35 - 00001668 _____ () C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
2014-12-29 10:17 - 2011-04-13 20:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2014-12-29 09:42 - 2012-06-20 20:49 - 00000000 ____D () C:\ProgramData\Freemake
2014-12-29 09:41 - 2012-06-20 20:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2014-12-29 09:41 - 2011-04-28 20:28 - 00000000 ____D () C:\Users\Patrick Wenig\Desktop\DVD Umwandler
2014-12-29 09:39 - 2011-04-28 20:28 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Roaming\XMedia Recode
2014-12-29 09:37 - 2011-04-28 20:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode
2014-12-29 09:37 - 2011-04-28 20:21 - 00000000 ____D () C:\Program Files (x86)\XMedia Recode
2014-12-28 11:48 - 2013-08-22 15:46 - 00384956 _____ () C:\WINDOWS\setupact.log
2014-12-28 11:48 - 2012-10-26 17:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-12-28 11:48 - 2009-11-09 22:37 - 00000000 ____D () C:\temp
2014-12-28 11:04 - 2009-10-26 21:11 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-28 11:02 - 2013-02-20 19:36 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-12-20 18:32 - 2013-11-08 19:37 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2014-12-20 18:32 - 2013-11-08 19:37 - 00004264 _____ () C:\WINDOWS\LkmdfCoInst.log
2014-12-20 14:02 - 2012-05-05 09:34 - 00000000 ____D () C:\ProgramData\Sonos,_Inc
2014-12-20 13:58 - 2012-05-05 09:34 - 00001966 _____ () C:\Users\Public\Desktop\Sonos.lnk
2014-12-20 13:58 - 2012-05-05 09:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonos
2014-12-20 13:58 - 2011-11-02 13:18 - 00000000 ____D () C:\Program Files (x86)\Sonos
2014-12-20 13:57 - 2011-11-15 19:53 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Local\Downloaded Installations
2014-12-19 16:31 - 2013-08-22 15:44 - 05042624 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-12-18 20:04 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-18 19:04 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-18 19:04 - 2010-05-09 10:11 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Roaming\VSO
2014-12-18 19:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-12-18 18:58 - 2013-11-30 13:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-12-18 18:56 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-18 18:56 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-15 19:29 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-15 19:28 - 2013-08-27 20:25 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-15 19:23 - 2009-10-26 22:52 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-15 18:50 - 2012-10-26 14:54 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Local\Packages
2014-12-15 18:45 - 2011-02-22 08:16 - 00001106 _____ () C:\Users\Patrick Wenig\Desktop\Dropbox.lnk
2014-12-15 18:45 - 2011-02-22 08:14 - 00000000 ____D () C:\Users\Patrick Wenig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-13 11:08 - 2014-06-01 09:58 - 00027983 _____ () C:\WINDOWS\system32\nvinfo.pb
2014-12-13 11:08 - 2013-10-27 09:12 - 18594432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2014-12-13 11:08 - 2013-10-27 09:12 - 17264312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2014-12-13 11:08 - 2013-10-27 09:12 - 16040184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2014-12-13 11:08 - 2013-10-27 09:12 - 14128496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2014-12-13 11:08 - 2013-10-27 09:12 - 03293136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2014-12-13 11:08 - 2013-10-27 09:12 - 02897824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2014-12-13 09:03 - 2013-11-08 19:36 - 06859408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-12-13 09:03 - 2013-11-08 19:36 - 03513488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2014-12-13 09:03 - 2013-11-08 19:36 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2014-12-13 09:03 - 2013-11-08 19:36 - 00935240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-12-13 09:03 - 2013-11-08 19:36 - 00386368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-12-13 09:03 - 2013-11-08 19:36 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-12-13 01:12 - 2014-06-03 20:12 - 01715224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2014-12-13 01:12 - 2014-06-03 20:12 - 01291464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2014-12-13 01:12 - 2014-02-09 13:26 - 02824504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2014-12-13 01:12 - 2014-02-09 13:26 - 02210040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2014-12-13 00:11 - 2013-11-08 19:36 - 04151176 _____ () C:\WINDOWS\system32\nvcoproc.bin
2014-12-11 18:39 - 2012-04-04 07:06 - 00003796 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-12-11 18:02 - 2014-01-29 17:37 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-07 20:41 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-07 20:41 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-07 20:41 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-12-07 20:41 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-12-07 18:35 - 2013-09-30 05:14 - 02250322 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-07 18:35 - 2013-09-30 04:58 - 00943164 _____ () C:\WINDOWS\system32\perfh007.dat
2014-12-07 18:35 - 2013-09-30 04:58 - 00226184 _____ () C:\WINDOWS\system32\perfc007.dat
Some content of TEMP:
====================
C:\Users\Patrick Wenig\AppData\Local\Temp\avgnt.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\CMInstaller.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyg1206.dll
C:\Users\Patrick Wenig\AppData\Local\Temp\i4jdel0.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\MouseKeyboardCenterx64_1031.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Patrick Wenig\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Patrick Wenig\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Patrick Wenig\AppData\Local\Temp\nvStInst.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\Quarantine.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\SamsungAPInstaller_1390325000533.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\SamsungAPInstaller_1394278536296.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\SamsungAPInstaller_1395594156758.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\SamsungAPInstaller_1400224904149.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\SamsungAPInstaller_1400570987502.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\SamsungAPInstaller_1403885188766.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\SamsungAPInstaller_1411993701702.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\SamsungAPInstaller_1415181550782.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\SamsungAPInstaller_1415211033958.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\SamsungAPInstaller_1417371533392.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\SamsungAPInstaller_1418925300466.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\SerialDLL.dll
C:\Users\Patrick Wenig\AppData\Local\Temp\sqlite3.dll
C:\Users\Patrick Wenig\AppData\Local\Temp\verify.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\vlc-2.0.8-win64.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\vlc-2.1.1-win64.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\vlc-2.1.2-win64.exe
C:\Users\Patrick Wenig\AppData\Local\Temp\vlc-2.1.4-win64.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-04 00:52
==================== End Of Log ============================
|
|
04.01.2015, 11:53
| #12 |
| /// the machine /// TB-Ausbilder | Win 8.1 64bit: Bild in Mail von unbekanntem Absender geöffnet Java und Flash updaten. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Users\Patrick Wenig\AppData\Local\Temp\DMR\dmr_72.exe
C:\Users\Patrick Wenig\Downloads\SoftonicDownloader51882.exe
C:\Users\Patrick Wenig\Downloads\Nero7\Nero-7.8.5.0_deu_update.exe
Emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.01.2015, 18:35
| #13 |
| | Win 8.1 64bit: Bild in Mail von unbekanntem Absender geöffnet Habe deinen letzten Post abgearbeitet. Leider kann ich jetzt die Fixlog.txt nicht mehr posten, da sie mit aufgeräumt wurde  Ich hoffe, dass das jetzt nicht so schlimm ist und wir wieder von vorne anfangen müssen  Deine Tipps werde ich auf jeden Fall befolgen. Vielen Dank nochmal! Gruß Patrick |
|
04.01.2015, 20:02
| #14 |
| /// the machine /// TB-Ausbilder | Win 8.1 64bit: Bild in Mail von unbekanntem Absender geöffnet Passt schon. Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Win 8.1 64bit: Bild in Mail von unbekanntem Absender geöffnet |
| .dll, administrator, adobe, akamai, antivir, avira, bonjour, browser, defender, desktop, explorer, flash player, homepage, mozilla, newtab, registry, rundll, scan, server, services.exe, software, stick, synology, system, temp, windows, winlogon.exe |
Linear-Darstellung
