| |
| |||||||
Log-Analyse und Auswertung: langsamer computerWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
19.05.2015, 18:48
| #1 |
 |  langsamer computer HALLO ZUSAMMEN SO ICH BIN IN SACHEN COMPUTER TOTAL UNERFAHREN UND LEIDER MACHT MIR MEIN COMPUTER NUR PROBLEME ER LAEDT INTERNETSEITEN SEHR SEHR LANGSAM FILME ANZUSCHAUEN IST FAST UNMOEGLICH UND SEIT EINIGEM VERSCHWINDET IMMER MEIN HINTERGRUNDBILD HABE SCHON GEWECHSELT ABER VERSCHWINDET TROTZDEM IMMER WIEDER DAS SCHLIMMSTE IST ABER DAS ER SO LANGSAM IST WAS AM ANFANG NICHT DER FALL WAHR LAUT DER AUSSAGE EINES FREUNDES MEINES BRUDERS SOLL DER COMPUTER EIN RECHT GUTER COMPUTER SEIN ER HATTE IHN MIR ZUSAMMEN GESTELLT KANN MIR BITTE JEMAND HELFEN ?????  |
|
19.05.2015, 19:07
| #2 |
| /// the machine /// TB-Ausbilder    |  langsamer computer hi,
__________________und deine Tastatur klemmt auch? Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
19.05.2015, 22:08
| #3 |
| | langsamer computer nein die Tastatur ist ok hahaha
__________________ok ich folge mal deinen anweisungen [CODEFRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-05-2015
Ran by Zeus at 2015-05-20 00:05:17
Running from C:\Users\Zeus\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-65031845-1434384236-1651786591-500 - Administrator - Disabled)
Gast (S-1-5-21-65031845-1434384236-1651786591-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-65031845-1434384236-1651786591-1004 - Limited - Enabled)
Zeus (S-1-5-21-65031845-1434384236-1651786591-1000 - Administrator - Enabled) => C:\Users\Zeus
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Ad-Aware Web Companion (x32 Version: 1.1.922.1860 - Lavasoft) Hidden
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\AmUStor) (Version: 20.22.2217.13862 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver (x32 Version: 20.22.2217.13862 - Alcor Micro Corp.) Hidden
ATI Catalyst Install Manager (HKLM\...\{DDD72DB8-BB69-1AE3-9E21-BFD1CB87AEDF}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
AutoGreen B10.1021.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B10.1021.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Avira (HKLM-x32\...\{d8490d5d-0f24-4000-b2e4-4b500a9a704d}) (Version: 1.1.35.25717 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.35.25717 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.10.434 - Avira Operations GmbH & Co. KG)
Avira Savings Advisor (HKLM-x32\...\{A18A516C-AA41-46A9-92DB-60208917E442}) (Version: 1.5.14 - Avira)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Easy Tune 6 B11.0704.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B11.0704.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
FLV and Media Player 4.2.1.1 (HKLM-x32\...\FLV and Media Player) (Version: 4.2.1.1 - Applian Technologies)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free FLV Converter V 7.6.2 (HKLM-x32\...\Free FLV Converter_is1) (Version: 7.6.2.0 - Koyote Lab Inc.)
Free M4a to MP3 Converter 8.2 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
Free YouTube Download version 3.2.55.301 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.55.301 - DVDVideoSoft Ltd.)
Gameforge Live 2.0.5 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.152 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
LavasoftTcpService (x32 Version: 2.3.3.0 - Lavasoft) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MyDriveConnect 4.0.2.2123 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.2.2123 - TomTom)
ON_OFF Charge B11.0110.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6392 - Realtek Semiconductor Corp.)
S.K.I.L.L. - Special Force 2 (HKLM-x32\...\Special Force 2 Beta_is1) (Version: - )
Samsung AllShare (HKLM-x32\...\InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}) (Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.)
Samsung AllShare (x32 Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.) Hidden
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.1.19.0 - Lenovo Group Limited)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Splashtop Connect for Firefox (HKLM-x32\...\{45D49CA7-D7D8-4659-B35A-EBD98C30AF28}) (Version: 1.1.8.4 - Splashtop Inc.)
Splashtop Connect IE (HKLM-x32\...\{3B983EFD-6E37-4AD9-9A7D-8C83E61674F7}) (Version: 1.1.13.1 - Splashtop Inc.)
TP-LINK TL-WN8200ND Treiber (HKLM-x32\...\{FDA7E907-6539-42C1-9721-0239C281B336}) (Version: 1.3.1 - TP-LINK)
TP-LINK-Konfigurationstool (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.340 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Web Companion (HKLM-x32\...\{902C3D36-9254-437D-98AC-913B78E60864}_WebCompanion) (Version: 1.1.922.1860 - Lavasoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
12-05-2015 02:30:42 Geplanter Prüfpunkt
17-05-2015 19:58:59 TuneUp Utilities 2014 wird installiert
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 05:34 - 2014-06-22 16:01 - 00000864 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 validation.sls.microsoft.com
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0303E63D-3BC5-494E-8459-E3A93974D34B} - System32\Tasks\FreeDriverScout => C:\Program Files\Covus Freemium\Free Driver Scout\1Click.exe
Task: {191367D4-F00C-44A2-A017-0FCC8371B805} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-17] (Adobe Systems Incorporated)
Task: {223510EB-2B6C-464C-A4CB-B89A7F849BE9} - System32\Tasks\Software Updater => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe [2014-02-26] () <==== ATTENTION
Task: {2A6679B7-6C96-453A-B354-EA3595422F92} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {34291951-AB4F-490B-AE70-A37914A51A4C} - System32\Tasks\{DD5BC084-286B-40E6-8F3F-DD5960FAE55A} => pcalua.exe -a C:\Users\Zeus\AppData\Local\Temp\Temp1_TL-WN821N_100428_DE.zip\Setup-win7.exe
Task: {5192145D-CD85-4787-804E-5F8840185308} - System32\Tasks\{1F1D1F9D-37B7-4D69-81CE-56BD484D8CD9} => pcalua.exe -a C:\Users\Zeus\AppData\Local\Temp\Temp1_TL-WN821N_V4_Driver.zip\TL-WN821N_v4_Driver\Setup.exe
Task: {7C8CEB7D-19E5-401F-86C0-D0F2899D8C28} - System32\Tasks\Opera scheduled Autoupdate 1410268254 => C:\Program Files (x86)\Opera\launcher.exe [2014-09-25] (Opera Software)
Task: {93D4F73C-37CC-452E-948C-88D06F645F5E} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-07-16] (TuneUp Software)
Task: {AB13EBFC-1999-4629-887C-D11C7FD608D5} - System32\Tasks\aviraSWU => Cscript.exe "C:\Program Files (x86)\avira\Internet Explorer\swu.vbs"
Task: {ACFA591D-C425-4D03-B274-018A7DC8C16E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-03] (Google Inc.)
Task: {D65BDFB8-5C77-4B48-98DC-4CDFC8DF5D08} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-03] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2014-07-16 10:24 - 2014-07-16 10:24 - 00699704 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2014-09-11 12:42 - 2013-04-09 11:55 - 00846848 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe
2011-06-07 23:11 - 2011-06-07 23:11 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-09-11 12:42 - 2013-04-09 11:55 - 01401856 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\nicLan.dll
2014-09-11 12:42 - 2013-04-09 11:55 - 00193024 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\DC_WFF.dll
2014-09-11 12:42 - 2013-04-09 11:55 - 00297472 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\WJRtl.dll
2015-05-14 19:52 - 2015-05-05 07:06 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\libglesv2.dll
2015-05-14 19:52 - 2015-05-05 07:06 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\libegl.dll
2015-05-14 19:52 - 2015-05-05 07:06 - 14982472 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-65031845-1434384236-1651786591-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Zeus\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [TCP Query User{8C7A61EE-7833-4F77-9377-B7C4A7B7609E}C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [UDP Query User{96490CE0-1C32-40D3-971F-E0992116D9B2}C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [{FDB93697-5175-4B8E-A6F5-058E434A44B9}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{94BB7645-CF74-4264-886D-CBED8032B54F}] => (Allow) LPort=2869
FirewallRules: [{DC6B9843-FA71-4362-8713-EC6FB7F66F9C}] => (Allow) LPort=1900
FirewallRules: [{6C98B2AC-47C1-4345-9AFE-E005F502A36B}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [{36D112A2-FF2C-4134-8A2C-565C6E67AD92}] => (Allow) C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\S.K.I.L.L\Binaries\Win32\sf2.exe
FirewallRules: [{FD7EFE41-AB56-4E3A-B540-C8D59C0EC4A5}] => (Allow) C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\S.K.I.L.L\Binaries\Win32\sf2.exe
FirewallRules: [{CE95C921-9B90-40AD-B5BA-B58D2E52F6EF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C3110DA2-4795-41B2-ADEE-7E09309EE610}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{09FFFB11-B658-4E1A-9A89-44A226A23717}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
FirewallRules: [{8BED0B5D-1EFA-45B2-BD68-285FEB45C7C2}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShare.exe
FirewallRules: [{D3ED4C06-1BCA-40B2-A3BC-233C0B81FBC0}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
FirewallRules: [TCP Query User{4647FFA1-838C-4126-8952-D7FBC5BDD6A9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{47D1648E-A8E8-4DD6-8373-F3F572AC3895}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{9FF0DC4A-C1D3-4A33-8DB9-526FEF98EF7D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7F278949-5A85-4856-8E32-657FD17F3F25}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{35F63927-47FB-49C7-8E0E-AA70C5401B25}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{DA97C151-AE21-4185-BE39-AD016B0EDBE6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/14/2015 07:17:13 PM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Der Dienstprozess konnte keine Verbindung mit dem Dienstcontroller herstellen
Error: (04/23/2015 05:40:06 PM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: Fehler bei der Erfassung des authentischen Tickets (hr=0x80072EFD) für die Vorlagen-ID 66c92734-d682-4d71-983e-d6ec3f16059f.
Error: (04/23/2015 05:40:06 PM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )
Description: Lizenzerwerb-Fehlerdetails.
hr=0x80072EFD
Error: (04/21/2015 10:22:40 PM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: Fehler bei der Erfassung des authentischen Tickets (hr=0x80072EFD) für die Vorlagen-ID 66c92734-d682-4d71-983e-d6ec3f16059f.
Error: (04/21/2015 10:22:40 PM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )
Description: Lizenzerwerb-Fehlerdetails.
hr=0x80072EFD
Error: (04/20/2015 10:08:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TWCU.exe, Version: 0.0.0.0, Zeitstempel: 0x516270de
Name des fehlerhaften Moduls: RtlLib.dll, Version: 700.1067.330.2011, Zeitstempel: 0x4d93eea6
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00002849
ID des fehlerhaften Prozesses: 0xbf8
Startzeit der fehlerhaften Anwendung: 0xTWCU.exe0
Pfad der fehlerhaften Anwendung: TWCU.exe1
Pfad des fehlerhaften Moduls: TWCU.exe2
Berichtskennung: TWCU.exe3
Error: (04/19/2015 07:56:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17514 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: fc0
Startzeit: 01d07a8da6ba6e4a
Endzeit: 30905
Anwendungspfad: C:\Windows\Explorer.EXE
Berichts-ID: f8d2e9da-e6b4-11e4-b7c1-50e5495b3fda
Error: (04/13/2015 07:55:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TWCU.exe, Version: 0.0.0.0, Zeitstempel: 0x516270de
Name des fehlerhaften Moduls: RtlLib.dll, Version: 700.1067.330.2011, Zeitstempel: 0x4d93eea6
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001df9
ID des fehlerhaften Prozesses: 0xb18
Startzeit der fehlerhaften Anwendung: 0xTWCU.exe0
Pfad der fehlerhaften Anwendung: TWCU.exe1
Pfad des fehlerhaften Moduls: TWCU.exe2
Berichtskennung: TWCU.exe3
Error: (04/11/2015 07:51:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Skype.exe, Version: 7.3.0.101, Zeitstempel: 0x5512b3c5
Name des fehlerhaften Moduls: Skype.exe, Version: 7.3.0.101, Zeitstempel: 0x5512b3c5
Ausnahmecode: 0xc0000094
Fehleroffset: 0x00e64c4c
ID des fehlerhaften Prozesses: 0x610
Startzeit der fehlerhaften Anwendung: 0xSkype.exe0
Pfad der fehlerhaften Anwendung: Skype.exe1
Pfad des fehlerhaften Moduls: Skype.exe2
Berichtskennung: Skype.exe3
Error: (03/27/2015 10:21:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Skype.exe, Version: 7.2.0.103, Zeitstempel: 0x54ef0c1d
Name des fehlerhaften Moduls: Skype.exe, Version: 7.2.0.103, Zeitstempel: 0x54ef0c1d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00002e16
ID des fehlerhaften Prozesses: 0x1ee0
Startzeit der fehlerhaften Anwendung: 0xSkype.exe0
Pfad der fehlerhaften Anwendung: Skype.exe1
Pfad des fehlerhaften Moduls: Skype.exe2
Berichtskennung: Skype.exe3
System errors:
=============
Error: (05/20/2015 00:03:49 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (05/20/2015 00:03:45 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (05/20/2015 00:01:26 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (05/19/2015 11:59:29 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (05/19/2015 09:12:09 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:
Error: (05/19/2015 09:10:01 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126
Error: (05/19/2015 09:09:56 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 19.05.2015 um 21:08:40 unerwartet heruntergefahren.
Error: (05/19/2015 02:29:19 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:
Error: (05/19/2015 02:26:22 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126
Error: (05/19/2015 00:30:54 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Microsoft Office Sessions:
=========================
Error: (05/14/2015 07:17:13 PM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Der Dienstprozess konnte keine Verbindung mit dem Dienstcontroller herstellen
Error: (04/23/2015 05:40:06 PM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: hr=0x80072EFD66c92734-d682-4d71-983e-d6ec3f16059f
Error: (04/23/2015 05:40:06 PM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )
Description: hr=0x80072EFD00010001(0x00000000, 17:39:55:366 - hxxp://go.microsoft.com/fwlink/?LinkId=151642)
00020001(0x00000000, 17:39:55:367)
00030001(0x00000000, 17:39:55:368 - hxxp://go.microsoft.com)
00030002(0x00000000, 17:39:55:368 - 0)
00040001(0x00000000, 17:39:55:368 - hxxp://go.microsoft.com)
00040002(0x00000000, 17:39:55:374 - 1, <NULL>, <NULL>, <NULL>)
00040004(0x80072F94, 17:40:02:449 - <NULL>)
00040006(0x00000000, 17:40:02:449 - 1, hxxp://go.microsoft.com, <NULL>, <local>)
00020005(0x00000000, 17:40:02:449 - 0)
0002000C(0x00000000, 17:40:02:677 - 302)
0002000E(0x00000000, 17:40:02:677 - https://validation.sls.microsoft.com/SLWGA/slwga.asmx)
00020001(0x00000000, 17:40:02:677)
00030001(0x00000000, 17:40:02:677 - https://validation.sls.microsoft.com)
00030002(0x00000000, 17:40:02:677 - 0)
00040001(0x00000000, 17:40:02:677 - https://validation.sls.microsoft.com)
00040002(0x00000000, 17:40:02:697 - 1, <NULL>, <NULL>, <NULL>)
00040004(0x80072F94, 17:40:05:259 - <NULL>)
00040006(0x00000000, 17:40:05:259 - 1, https://validation.sls.microsoft.com, <NULL>, <local>)
00020005(0x00000000, 17:40:05:259 - 0)
00020008(0x80072EFD, 17:40:06:262 - SOAPAction: "hxxp://microsoft.com/SL/GenuineAdvantageService/IssueToken"
Content-Type: text/xml; charset=utf-8
, <soap:Envelope xmlns:soap="hxxp://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="hxxp://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="hxxp://www.w3.org/2001/XMLSchema" xmlns:soapenc="hxxp://schemas.xmlsoap.org/soap/encoding/"><soap:Body><RequestSecurityToken xmlns="hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust"><TokenType>SLWGA</TokenType><RequestType>hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue</RequestType><UseKey><Values xsi:nil="1"/></UseKey><Claims><Values xmlns:q1="hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust" soapenc:arrayType="q1:TokenEntry[5]"><TokenEntry><Name>GenuineAdvantagePhase</Name><Value>GenuineAdvantagePhase1</Value></TokenEntry><TokenEntry><Name>GenuineAdvantageVersion</Name><Value>1.0</Value></TokenEntry><TokenEntry><Name>GenuineAdvantageTemplateId</Name><Value>66c92734-d682-4d71-983e-d6ec3f16059f</Value></TokenEntry><TokenEntry><Name>GenuineAdvantageClientTransactionId</Name><Value>237bd71b-b3a2-4f1d-bb78-df7f8aec3f5b</Value></TokenEntry><TokenEntry><Name>GenuineAdvantageClientToken</Name><Value><clienttoken><token><name>ClientEvent</name><type>EventType</type><value>0x00000012</value></token><token><name>ADMIN:FirstValidation</name><type>Info</type><value>1</value></token><token><name>ADMIN:MachineId</name><type>Info</type><value>68nHrEQXmoShpceO+X1EdeJxmRUHvz6NYBgo82FT/lk=</value></token><token><name>ADMIN:NumberTimesNonGenuine</name><type>Info</type><value>0</value></token><token><name>ADMIN:RemainingRearmCount</name><type>Info</type><value>4</value></token><token><name>ADMIN:TimeNonGenuine</name><type>Info</type><value>0</value></token><token><name>ADMIN:TotalValidations</name><type>Info</type><value>0</value></token><token><name>ADMIN:UGUID</name><type>Info</type><value>83194d9d-2864-4f51-b5d9-95d1c2a6cd16</value></token><token><name>AUOptionsLocal</name><type>Info</type><value>2</value></token><token><name>ActiveSkuDescription</name><type>Info</type><value>Windows Operating System - Windows(R) 7, OEM_SLP channel</value></token><token><name>ActiveSkuId</name><type>Info</type><value>7cfd4696-69a9-4af7-af36-ff3d12b6b6c8</value></token><token><name>CodeSigning</name><type>Info</type><value>SIGNED_INFO_PRS_SIGNED</value></token><token><name>DomainJoined</name><type>Info</type><value>false</value></token><token><name>EditionId</name><type>Info</type><value>Ultimate</value></token><token><name>HROffline</name><type>Info</type><value>0x00000000</value></token><token><name>OSVersion</name><type>Info</type><value>6.1.7601.2.00010100.1.0.001</value></token><token><name>OfflineGenuineBlob</name><type>Info</type><value>zv4KvSFwbZ7G46SSImjYQ6rG1rd1/lGD8wrqsSKhsMl6kammAbskXR69a9a60dy//TozcFAMykAEB3wjtSnCo24E6G5hwCWclngHjpEVA/Qyz4j5w35IrK9L3HQLik6F69icRX+LuLm/hRPi89Euc/ywiaYCrXvUACd9xnUANik1xaUYQmfnMeWaidsaYNEExEu/FR6YdtpWtUnNiz19uX8AoIePXwtcqzCwrF8wST4jIkp81qriwvZPu6XkeaaZE3E095vrqqktCqSnzfRfR+kNHzvmvRu7kojviuCvkhRf+q9Ey3yD5cgbuPzQoWHYp8/6Fqc8B+D3fOJN0Rml2P1a7yh6KSqzweqPWtJa++fFC5la+davQRCtq9VNaMGLuZdvwnrKETrlM41ToaTG//76kjGCwPE78EeBBY/em9QUHkGN6gQQYugdFSPn1BBe66MfENEEjXnQc2Nd5Ar92+rxSxNIt063vQDndYUNzMy6Nt9l8D8xbWSM1t7gLQVgVtRIuKvMNwJUztQKekPHsLOSOWV7wFPxQpqUh02MtpCN16dpy96hNWANARwmZ+tW/s2rDFkK5r3aq/qU84+IlWvfm5mOrzT3t5M1fB7WhkaHK/xCCUIMfuT3ukrgxzQCugq1JyYOKuAlrGtBSy55jwpOcbh7WTVnTgkCSFMeXkVAs7vrGzFUx1cGQVkO37HTBYgnX1FpaluMaM0pNLjwQ3QEs/7vF5kGKh9cztVSl5QPt0iKq4GUekCrkn/Y1Fk+it8H1UrRP7nzjkEYu1x5fBaXx8fqTksB36xT+xk+STlUJky326/KKwT1UUqpHEImh0qPsfINE/16gw8nVCluPtiCibcvvGxq/Itf9HNZY89W50csLRrfxZKKae2m+ISQq7w+gLSiJjSjqQ+3bb56F0s+VywGABsi6X4zlhzGj2xa+yRHuvt8qr+rTO8zVPRWr7jrSsXGRwaT1rv1gVl/aMu2Owu95AdWMQGIaHCCuyezhw2E7Pp/qaBvVCRC2hKqcQD5FvjEKj8T38E2f26N+oMCwIxJacZxclHln0Df3gYtdh5cHDJ+ecKCZvRV/gUgygW7AUG7JQga35A7D5PlM0yhng6oMNVQLgFes2dkxeghGMErauAqTlZoicOATO09iQ7gpkWNyK3/7W3BqFaQt2pRkiqKlwveNpji/VXes+dRqUf5y9o+qsA/t4bIA0s7vtu1El1gzY7+hyy9US6FXf89CP+VZoVtWfSaFaYYvOIm2R1fvjG8VOJaDrlvNMXTptXO5yzgGZyLTw77xGuFT4Qox8IHE8LCLx+V1n4+aHdi0ATHIK3YBDgidIk2RfTZHDyIJ0S4OKrdXzrAT/PK/U+nP4YdkfA95+ohSuAuho3MgGuAKeBcyhScXsQShPfOVp9QCyYpagOL0uO1UxMsWYw/hrwvZeUwzepQDe/RKjcq3sW5GpUrRYrpD1KS8PP4h6XbF7x2yt70Fu+VnuLyKcBJ/5n6y0c8NDtPu+F+NKOl+Hj2LVR/NK2OdJ61+pZCFCtyyQQJbq1YqcfUO8hobZtESiA+Ffi5/p3xkDlQB16iCYkKGOFYr9DWzmkzu5QVr4dYcsgznXOPh7kIqlS3iClEZ0EhVHxk95NdhmoFQ/5XrQ93vSOM3vcPqxr0ffMLC5xgVm0N8rdBH1o84eEddfeYGygsR+r4asjD6RgK82gM+ZmFRJd6nnzKI9yi6qhs2uty62lYsXF594pPi/fnefptcra+EVY+z1cIcoXi40HUvFsJeD8jOjCbmefvEZIibBvVq8+30Z+hYHmYpISs/v4Y19T9OdiD8xRpaDSu9kjL6PsbxdJx54dQZ3neGX43B5LAvRb0pQHP1kG0VCosLm74tuSueJdK/kjOiKCdLj0zkYsd2wNX1IbLQ+y+gHYd7CpfwJl033pKXxyolCsS+9chliPpazoH/AORGvvUAb43PG+jnjrnLTK2B9uj5bati+xAniY32ZQtEVsMm5ikIm5bZAownhdQUBiKJzvRfmjNO87VdcXzu8mvLNBSMjMufH8dWtYbuGy/Kl2VDcefpbzRIm7XuukI5NDbTMoBVTXQKgg8ypmev+6UrcVTwabXvxnhso8J+igFKwrmCBwZARW1UT4NtDjG2yC/43wavBp2C2TCbe4hz0bny58mHHHgoMO/78KwdwLgYwlhkViKKRo2ov/JMegCkU+f/1r64SaIV09TSqiyCKPKify69DraZjozv1Y3MSN/6f7cZaltYX/jH2pW4J1yjyvPXnGjp0iTVoMF53YTlurycuFs+JZFbbGggEnw5D823I1kWpc3X22BxiJsp2LKZPIhpij/Ad4FKQki2JcN4s5HAfbxXo+iqdDY7VfFSjxidgm10baGh6IaO0hW4YA0cg6NHn5191aBS9Q4xpgBWCEpnzULNS5re76HbgoW7iJPWnmX7Ps0vZYdto41GFN1wxlI6jq/pN5Sl0N+uy0M8pCx0oo1pkgLTHmMkPp+dGzgjg5DQnc37pYZtLcclowN80ofXsNubMre0XYair2pbgckymXWKatT5AzKexo4V8zSRXbXKC4YF91sfPnDDLJrT02EFJkyGbSo4JVRgoPngEzYdw5M6nYThhgww7HBgkuHzehBsJjXxM6rbj1cw6553WbDhJTUM3gFOPD3vlggCb+7aJUeROAbxB7Yikx5uJwYe+micnajJW2OEKinqzDwvratS/x9weZ49N2zJJRYYel0cteRF4sV14XY/0CiD8wGvfgLOn8hfV0zGpmN15uRLGZmzlvvWRrSs/Doa/AdZw/CfqPTtcf1NYTnWnuy9VKMIEBVzkePK7gztmUIGFTtrAK42CcnaQZ/6aUOGDP4/OwWhIHNQD6Sis8dEALTqYyFIdrLY77j5y9/9XPbL0Lmsh0oKAfhoWduBFr6wK/3V4vF8m0V8LjgOCosV9ynxHGGIxezcbax31d/26KhLoK0cKJwnNMaWpoTZsT7C8UGGs4vZwve5Pv5</value></token><token><name>OfflineInstallationId</name><type>Info</type><value>006134351525108221474195581264706331605336839035988556</value></token><token><name>PackageFlavor</name><type>Info</type><value>Windows</value></token><token><name>PackageVersion</name><type>Info</type><value>7.1.7600.16395</value></token><token><name>PartnerId</name><type>Info</type><value>Windows</value></token><token><name>ProcessorArchitecture</name><type>Info</type><value>x64</value></token><token><name>ProductLCID</name><type>Info</type><value>1031</value></token><token><name>ProductName</name><type>Info</type><value>Windows 7 Ultimate</value></token><token><name>ProductUniquenessGroups</name><type>Info</type><value>66c92734-d682-4d71-983e-d6ec3f16059f</value></token><token><name>ServiceAvailable</name><type>Info</type><value>true</value></token><token><name>SystemLCID</name><type>Info</type><value>1031</value></token><token><name>UserLCID</name><type>Info</type><value>1031</value></token><token><name>WMI:Win32_ComputerSystem:Manufacturer</name><type>Info</type><value>Gigabyte Technology Co., Ltd.</value></token><token><name>WMI:Win32_ComputerSystem:Model</name><type>Info</type><value>GA-A75M-S2V</value></token><token><name>WMI:Win32_OperatingSystem:InstallDate</name><type>Info</type><value>20140622155009.000000+180</value></token></clienttoken></Value></TokenEntry></Values></Claims></RequestSecurityToken></soap:Body></soap:Envelope>)
00010002(0x80072EFD, 17:40:06:271 - <NULL>)
00010003(0x80072EFD, 17:40:06:271)
Error: (04/21/2015 10:22:40 PM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: hr=0x80072EFD66c92734-d682-4d71-983e-d6ec3f16059f
Error: (04/21/2015 10:22:40 PM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )
Description: hr=0x80072EFD00010001(0x00000000, 22:22:33:679 - hxxp://go.microsoft.com/fwlink/?LinkId=151642)
00020001(0x00000000, 22:22:33:741)
00030001(0x00000000, 22:22:33:741 - hxxp://go.microsoft.com)
00030002(0x00000000, 22:22:33:741 - 0)
00040001(0x00000000, 22:22:33:741 - hxxp://go.microsoft.com)
00040002(0x00000000, 22:22:33:772 - 1, <NULL>, <NULL>, <NULL>)
00040004(0x80072F94, 22:22:36:393 - <NULL>)
00040006(0x00000000, 22:22:36:393 - 1, hxxp://go.microsoft.com, <NULL>, <local>)
00020005(0x00000000, 22:22:36:393 - 0)
0002000C(0x00000000, 22:22:36:611 - 302)
0002000E(0x00000000, 22:22:36:611 - https://validation.sls.microsoft.com/SLWGA/slwga.asmx)
00020001(0x00000000, 22:22:36:611)
00030001(0x00000000, 22:22:36:611 - https://validation.sls.microsoft.com)
00030002(0x00000000, 22:22:36:611 - 0)
00040001(0x00000000, 22:22:36:611 - https://validation.sls.microsoft.com)
00040002(0x00000000, 22:22:36:627 - 1, <NULL>, <NULL>, <NULL>)
00040004(0x80072F94, 22:22:39:221 - <NULL>)
00040006(0x00000000, 22:22:39:221 - 1, https://validation.sls.microsoft.com, <NULL>, <local>)
00020005(0x00000000, 22:22:39:221 - 0)
00020008(0x80072EFD, 22:22:40:235 - SOAPAction: "hxxp://microsoft.com/SL/GenuineAdvantageService/IssueToken"
Content-Type: text/xml; charset=utf-8
, <soap:Envelope xmlns:soap="hxxp://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="hxxp://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="hxxp://www.w3.org/2001/XMLSchema" xmlns:soapenc="hxxp://schemas.xmlsoap.org/soap/encoding/"><soap:Body><RequestSecurityToken xmlns="hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust"><TokenType>SLWGA</TokenType><RequestType>hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue</RequestType><UseKey><Values xsi:nil="1"/></UseKey><Claims><Values xmlns:q1="hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust" soapenc:arrayType="q1:TokenEntry[5]"><TokenEntry><Name>GenuineAdvantagePhase</Name><Value>GenuineAdvantagePhase1</Value></TokenEntry><TokenEntry><Name>GenuineAdvantageVersion</Name><Value>1.0</Value></TokenEntry><TokenEntry><Name>GenuineAdvantageTemplateId</Name><Value>66c92734-d682-4d71-983e-d6ec3f16059f</Value></TokenEntry><TokenEntry><Name>GenuineAdvantageClientTransactionId</Name><Value>a4d91656-f6ee-48d8-b931-56f49388c7bc</Value></TokenEntry><TokenEntry><Name>GenuineAdvantageClientToken</Name><Value><clienttoken><token><name>ClientEvent</name><type>EventType</type><value>0x00000012</value></token><token><name>ADMIN:FirstValidation</name><type>Info</type><value>1</value></token><token><name>ADMIN:MachineId</name><type>Info</type><value>68nHrEQXmoShpceO+X1EdeJxmRUHvz6NYBgo82FT/lk=</value></token><token><name>ADMIN:NumberTimesNonGenuine</name><type>Info</type><value>0</value></token><token><name>ADMIN:RemainingRearmCount</name><type>Info</type><value>4</value></token><token><name>ADMIN:TimeNonGenuine</name><type>Info</type><value>0</value></token><token><name>ADMIN:TotalValidations</name><type>Info</type><value>0</value></token><token><name>ADMIN:UGUID</name><type>Info</type><value>0f0d54e9-f3d0-4ead-9754-9bb8338c781e</value></token><token><name>AUOptionsLocal</name><type>Info</type><value>2</value></token><token><name>ActiveSkuDescription</name><type>Info</type><value>Windows Operating System - Windows(R) 7, OEM_SLP channel</value></token><token><name>ActiveSkuId</name><type>Info</type><value>7cfd4696-69a9-4af7-af36-ff3d12b6b6c8</value></token><token><name>CodeSigning</name><type>Info</type><value>SIGNED_INFO_PRS_SIGNED</value></token><token><name>DomainJoined</name><type>Info</type><value>false</value></token><token><name>EditionId</name><type>Info</type><value>Ultimate</value></token><token><name>HROffline</name><type>Info</type><value>0x00000000</value></token><token><name>OSVersion</name><type>Info</type><value>6.1.7601.2.00010100.1.0.001</value></token><token><name>OemMarkerVersion</name><type>Info</type><value>0x00020001</value></token><token><name>OemTableId</name><type>Info</type><value>GBTUACPI</value></token><token><name>OfflineGenuineBlob</name><type>Info</type><value>uiah/6pVCNnxPNH73rirkCwBLyqLIR7Rf6Jf5plZ9cd+BUdaetqGLlsdBCqPGPrDqGpmAvmiN7mUbHAZVBR7H+Tlja6xdk3LUC2Ib87pdAclckTlwZN1kEqna5r7yrWwIufil+tyFwRjl/BYfe8uXleuCbWvLRcEKjpnD+GQvhpXnk0EquMZAyo578Pq4+pWzsqesghU6p8jZGPDLavwCLV6DCi/skxDH+SeUBb/sJhYO3NIiK1/xLifse8eaD8BpRAyB8jdN9n3Ij6xs5ucmg3F2Z1AZPysb10uR5koDm9QcRGygz34T4tEqwxKEOb6tQwkjKsMsx5NO7JLXtx01xJgHkHlCbKNlpdgCsRHTNoLteF+Q3K+Gs3y2DakInebSTMohztpfXq7U2zANglSmj0rf06uURvvE6qLgt8Qa0u+KQ8QuqjeTcSEp3QWJM+nGFwzBv/1c6vnZhMiSvli6cQC51WIXfT3CBblOFMCAiCmU1bOiEN7GfviH7zo+n9TpzUToZiAZMKlEQ+tYb51zhHypSW9lgt8BEwFHZSINSWtVrqpJ0rsId4zwrGFIAXuRZPE1zkB6LOiQQfTN5+OkcYNqfdieKussPiIDt451def1IL7Qx7mb2xBVGLAOOzf8sEWD+/bT+mooh3eqooUFKBY5wQ2+474bDpQOq8SS4Pwq1ULahtbdQGAzDyoD0WE/LZbNmFNe6w7trhKPMBpRkFCpr7Ee5b0lr06nZlcR24IIXazBm7h1xvSFWbq+TzSGyTbTdcytXLu/pd0nbtAI6OPahRl0kIgZR6TU1pDYNU6/G6ymEjGPoPUJEGhYBQKYA2xPS8L6Y924trzKYLmxm7/P4P0MDKXdIRGfgfcLKmMLqvpkGBxads3r8AhZFBEq7wiirO0NDZRrq7GCJ8qGb8T4p22gV50ql92A2Vea5cz8UiuQwYVRv9NF2/0IZF8OiNY6xoKZpiek1j5h+0nQa7yslZ2qyRBv1TZW//oPqJd6KRaunEelrVxtKiSMnjk0bhnf5Cmrc3Ntt0zUnjE/ExBy0tVIu/Eb2CtZ0y+TD1+PvklSQB1cDMbcYcA/iYu6MSeS+riPye4UQatZQz4sAe97hxOBFNM70WCoSaB/H7EnRUVHYS9erPDyjv+WEMwDJYpZ//x4F8ZMqv2tLcHvN8JNkMs9kO4MKPUzgeSYPS1k09XfSaT6He7cx4sUzv9Hwy7Uyhw3Zy3pNxKZHo4GUi7PWGA9I407xAXEFwpZ0GYEwyeC6MAJY2ElQjEiWKLqQ8T7FJLUgB3SMqptF7tksdfiHy2KdKPJmPbAMON6LJ1o66XYig+2148PIc7Yvob7QRuC8PYkc9P2ie0Jd16QpF1rh5qjgm9fkWX8y8JD9kT6iFxP4r+t5nKSLESUQtCcoARxIBZWzPDVUL6XhlXepTWYDmSO1Lzjr3Yie2UhWxtC5f/wUCB06XAg175PVV9tuDk6k424MVEFAdDOAn5OD+LnuxlhmD+4ibi7B32Xdxn/328Az5HybyPp4fBd3OVIRpM9YQ+msSqrQ6PqyL944ZDfVS7MgrghKiT8dQG8QmxK4BOI3wr+bFxxADAmIYX0yjG3rNgVm2o6bhIt4Gwv9egeTioEcko9WMeVHs4BB2U3OwAwpWGZjL+XUUvC/d2+FZ0djN9bslMaU/zYFIJvrijj9WGMuRw+7lBxVURFwwqdc9St+L3xUVzmVh68uUnXv9KnLIV/MTt6adql2gBjA1IWEOMNclM5UhYNx3NsCkIyF2Vc6/sLZ38T9gE9UkKeK1jdl2E1ctV2kTzQ/rJzPjkmNoJwSQltEVBOo/EDkm7kTdwdLWmoKILEGi2qDbuz1TVpQQJ9sSg4wVoWj+XPx0d4ScTmrOU884ca+wiaLEzxuaZZncHjbRQ/s4AEZamXDABiUAQtbxap5WnLOk3ftOO3Vf+KBtYCBHJcn6Yn5LWoqFtnK+ZhQeTRaAjxf6o8tWV6dVVd5SelI5Xaa6Sev31rNWRRNOzylGcRlor4UicLkbFKZJQVTcRZxgQduWpGuu//V5o6ISNKBWnlk/2vQgHKEWXSVRBmjNpzwKEbL6/XIqXgZtD6lECBp+BBW1Y6ZTJENLP/nAdg1QhVowm+EjqGPQzx4oGEY0ML95E8IFakJIaMQgGAZdhYI1W5ThSEk5M5CvvmZrIKGmg0iSrdUHL0pHePlYll7xnPyL/k+3aRR9n8OHiI2fiGegNNtWFvwWfXDgfaqnL7e7p8imgRUo5Luzhtz0WpZ2U0zjNYkHapPaFnpww5Xc1VZ4BbgY8iXaAmQ6HT4rMStJe8UXXJJEqjYu0zCnJ8fwD60yy/IxdR5KXfnFk4bwqhPXTfh76bM7Qmyn7gELyWuatThLm9wc8e3Gw9uHMstQ4jBdN7m1hFS8gIG7gw6leJEQDznvrTx7mSvOLKq3XiUdUSondInz1e4/HRCaodMqw3UNp5geBUwcOOikR9R8KGRMPOLbRAYuFlbKHi1a38BZfyyeN4kJL8D4kAGwOTUhRhRauB6jjJtQE1dUyDwmtbWv9IPdjxMJtCSQUMn0N0A9O3BI9vaFfUc7WVq3VbGridbznIe1HtscduO4sQiZgEM0NgPzL1f3qe7waPiOy+X/V7bY1Zs4cJ1JV/R0NcHA5QxaTXuSTNFAwh7+aoBynhQzfAPvD/Q4ugq875bCZYDJORS7Otq4UJ/Ome4IrlT2r/7/JPgoNwSwwq/IhmDatdecm6N16vjwPKw6yE/9YVfSfXDtjUMH7YHOrExvvFIG8lBlDAGjGzsGrH22BJJIda1/TSLLtvbEVS2iKv1M13MVHlnAJrHx7905EM4IpA/Uho5bdNEh/E2+ggkxBWxPtMUV+b1FiQz6RsmAp/ae2c+lxuLzI5YETDa081e1DaHXVzQLfcry3Nkq7DD3TszGdhPpaNirnccfnBuFAGktcJ+GyX5ho6u+FTREh75Sopic9GD4/QV3URPqUADcNkNf5OmeaUewf</value></token><token><name>OfflineInstallationId</name><type>Info</type><value>006134351525108221474195581264706331605336839035988556</value></token><token><name>PackageFlavor</name><type>Info</type><value>Windows</value></token><token><name>PackageVersion</name><type>Info</type><value>7.1.7600.16395</value></token><token><name>PartnerId</name><type>Info</type><value>Windows</value></token><token><name>ProcessorArchitecture</name><type>Info</type><value>x64</value></token><token><name>ProductLCID</name><type>Info</type><value>1031</value></token><token><name>ProductName</name><type>Info</type><value>Windows 7 Ultimate</value></token><token><name>ProductUniquenessGroups</name><type>Info</type><value>66c92734-d682-4d71-983e-d6ec3f16059f</value></token><token><name>ServiceAvailable</name><type>Info</type><value>true</value></token><token><name>SystemLCID</name><type>Info</type><value>1031</value></token><token><name>UserLCID</name><type>Info</type><value>1031</value></token><token><name>WMI:Win32_ComputerSystem:Manufacturer</name><type>Info</type><value>Gigabyte Technology Co., Ltd.</value></token><token><name>WMI:Win32_ComputerSystem:Model</name><type>Info</type><value>GA-A75M-S2V</value></token><token><name>WMI:Win32_OperatingSystem:InstallDate</name><type>Info</type><value>20140622155009.000000+180</value></token></clienttoken></Value></TokenEntry></Values></Claims></RequestSecurityToken></soap:Body></soap:Envelope>)
00010002(0x80072EFD, 22:22:40:235 - <NULL>)
00010003(0x80072EFD, 22:22:40:235)
Error: (04/20/2015 10:08:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TWCU.exe0.0.0.0516270deRtlLib.dll700.1067.330.20114d93eea6c000000500002849bf801d07b522235c57bC:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exeC:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RtlLib.dlla641571d-e790-11e4-87e2-50e5495b3fda
Error: (04/19/2015 07:56:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.1.7601.17514fc001d07a8da6ba6e4a30905C:\Windows\Explorer.EXEf8d2e9da-e6b4-11e4-b7c1-50e5495b3fda
Error: (04/13/2015 07:55:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TWCU.exe0.0.0.0516270deRtlLib.dll700.1067.330.20114d93eea6c000000500001df9b1801d075de6675c65dC:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exeC:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RtlLib.dllf37cf366-e1fd-11e4-88fb-50e5495b3fda
Error: (04/11/2015 07:51:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Skype.exe7.3.0.1015512b3c5Skype.exe7.3.0.1015512b3c5c000009400e64c4c61001d0746d09be91a1C:\Program Files (x86)\Skype\Phone\Skype.exeC:\Program Files (x86)\Skype\Phone\Skype.exef3a70aeb-e06a-11e4-a832-50e5495b3fda
Error: (03/27/2015 10:21:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Skype.exe7.2.0.10354ef0c1dSkype.exe7.2.0.10354ef0c1dc000000500002e161ee001d068be021cb799C:\Program Files (x86)\Skype\Phone\Skype.exeC:\Program Files (x86)\Skype\Phone\Skype.exe6ae9b6bd-d4b6-11e4-a8b2-50e5495b3fda
CodeIntegrity Errors:
===================================
Date: 2014-06-22 16:12:52.056
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Zeus\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-06-22 16:12:52.056
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Zeus\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-06-22 16:12:45.207
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-06-22 16:12:45.207
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: AMD A6-3670 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 54%
Total physical RAM: 3581.37 MB
Available physical RAM: 1634.67 MB
Total Pagefile: 7160.93 MB
Available Pagefile: 4406.79 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:386.83 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: F32986E2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== End Of Log ============================
][/CODE] FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-05-2015
Ran by Zeus (administrator) on ZEUS-PC on 20-05-2015 00:04:18
Running from C:\Users\Zeus\Downloads
Loaded Profiles: Zeus (Available profiles: Zeus)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [728312 2015-05-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-06-07] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [130048 2015-04-10] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-65031845-1434384236-1651786591-1000\...\Run: [GoogleChromeAutoLaunch_8C08A43057843DCE2F430EE89329B7BA] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [812872 2015-05-05] (Google Inc.)
HKU\S-1-5-21-65031845-1434384236-1651786591-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1303872 2015-03-12] (Lavasoft)
HKU\S-1-5-21-65031845-1434384236-1651786591-1000\...\MountPoints2: I - I:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-65031845-1434384236-1651786591-1000\...\MountPoints2: {57fe2496-32a4-11e4-ace6-f8d1110da23c} - I:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-65031845-1434384236-1651786591-1000\...\MountPoints2: {90af9175-fa0b-11e3-a24b-a11107839df7} - I:\LaunchU3.exe -a
HKU\S-1-5-21-65031845-1434384236-1651786591-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-10-14] (Microsoft Corporation)
IFEO\allshare.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\shareit.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK-Konfigurationstool.lnk [2014-09-11]
ShortcutTarget: TP-LINK-Konfigurationstool.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-65031845-1434384236-1651786591-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://gr.yahoo.com/?fr=vmn&type=vmn__webcompa__1_0__ya__hp_WCYID10099_swoc_campaign_150314__yaie
HKU\S-1-5-21-65031845-1434384236-1651786591-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
URLSearchHook: HKU\S-1-5-21-65031845-1434384236-1651786591-1000 - Splashtop Connect SearchHook - {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\AddressBarSearch.dll (Splashtop Inc.)
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://www.default-search.net/search?sid=503&aid=100&itype=n&ver=13898&tm=465&src=ds&p={searchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://www.default-search.net/search?sid=503&aid=100&itype=n&ver=13898&tm=465&src=ds&p={searchTerms}
SearchScopes: HKU\S-1-5-21-65031845-1434384236-1651786591-1000 -> DefaultScope {9EF5C81A-FEB0-422e-8180-0B2F4BFE1E0A} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-65031845-1434384236-1651786591-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-65031845-1434384236-1651786591-1000 -> {8C4AAEDA-F9FF-44d4-BA7F-DB7F55AE47D3} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
SearchScopes: HKU\S-1-5-21-65031845-1434384236-1651786591-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://www.default-search.net/search?sid=503&aid=100&itype=n&ver=13898&tm=465&src=ds&p={searchTerms}
SearchScopes: HKU\S-1-5-21-65031845-1434384236-1651786591-1000 -> {9EF5C81A-FEB0-422e-8180-0B2F4BFE1E0A} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-65031845-1434384236-1651786591-1000 -> {B5906189-5FA6-4151-9547-065BDAE0B0B3} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
SearchScopes: HKU\S-1-5-21-65031845-1434384236-1651786591-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = https://gr.search.yahoo.com/search?fr=vmn&type=vmn__webcompa__1_0__ya__ch_WCYID10099_swoc_campaign_150314__yaie&p={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-05-27] (DVDVideoSoft Ltd.)
BHO-x32: Splashtop Connect VisualBookmark -> {0E5680D1-BF44-4929-94AF-FD30D784AD1D} -> C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll [2011-03-04] (Splashtop Inc.)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Avira Savings Advisor BHO -> {A18A516C-AA41-46A9-92DB-60208917E442} -> C:\Program Files (x86)\avira\Internet Explorer\avira32.dll [2013-12-11] ()
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2014-06-06] (DVDVideoSoft Ltd.)
Winsock: Catalog9 01 C:\Windows\SysWOW64\LavasoftTcpService.dll [326288 2015-03-14] (Lavasoft Limited)
Winsock: Catalog9 02 C:\Windows\SysWOW64\LavasoftTcpService.dll [326288 2015-03-14] (Lavasoft Limited)
Winsock: Catalog9 03 C:\Windows\SysWOW64\LavasoftTcpService.dll [326288 2015-03-14] (Lavasoft Limited)
Winsock: Catalog9 04 C:\Windows\SysWOW64\LavasoftTcpService.dll [326288 2015-03-14] (Lavasoft Limited)
Winsock: Catalog9 15 C:\Windows\SysWOW64\LavasoftTcpService.dll [326288 2015-03-14] (Lavasoft Limited)
Winsock: Catalog9-x64 01 C:\Windows\system32\LavasoftTcpService64.dll [373864 2015-03-14] (Lavasoft Limited)
Winsock: Catalog9-x64 02 C:\Windows\system32\LavasoftTcpService64.dll [373864 2015-03-14] (Lavasoft Limited)
Winsock: Catalog9-x64 03 C:\Windows\system32\LavasoftTcpService64.dll [373864 2015-03-14] (Lavasoft Limited)
Winsock: Catalog9-x64 04 C:\Windows\system32\LavasoftTcpService64.dll [373864 2015-03-14] (Lavasoft Limited)
Winsock: Catalog9-x64 15 C:\Windows\system32\LavasoftTcpService64.dll [373864 2015-03-14] (Lavasoft Limited)
Hosts: 127.0.0.1 validation.sls.microsoft.com
FireFox:
========
FF ProfilePath: C:\Users\Zeus\AppData\Roaming\Mozilla\Firefox\Profiles\iehuq9xm.default
FF NewTab: https://safesearch.avira.com/#?source=newtab
FF SearchEngineOrder.1: default-search.net
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Yahoo
FF Homepage: https://gr.yahoo.com/?fr=vmn&type=vmn__webcompa__1_0__ya__hp_WCYID10099_swoc_campaign_150314__yaff
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-17] ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-04-22] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-17] ()
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-04-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF user.js: detected! => C:\Users\Zeus\AppData\Roaming\Mozilla\Firefox\Profiles\iehuq9xm.default\user.js [2015-05-18]
FF Extension: Avira Browser Safety - C:\Users\Zeus\AppData\Roaming\Mozilla\Firefox\Profiles\iehuq9xm.default\Extensions\abs@avira.com [2015-04-30]
FF Extension: Bing Search Engine - C:\Users\Zeus\AppData\Roaming\Mozilla\Firefox\Profiles\iehuq9xm.default\Extensions\bingsearch.full@microsoft.com [2015-03-08]
FF Extension: Avira SafeSearch - C:\Users\Zeus\AppData\Roaming\Mozilla\Firefox\Profiles\iehuq9xm.default\Extensions\safesearch@avira.com [2015-04-30]
FF Extension: Video Downloader Professional - C:\Users\Zeus\AppData\Roaming\Mozilla\Firefox\Profiles\iehuq9xm.default\Extensions\ffext_basicvideoext@startpage24.xpi [2015-03-03]
FF Extension: Roll Around - C:\Users\Zeus\AppData\Roaming\Mozilla\Firefox\Profiles\iehuq9xm.default\Extensions\{6c50e8fc-4fe8-4084-b216-9031e7319203}.xpi [2015-03-14]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Zeus\AppData\Roaming\Mozilla\Firefox\Profiles\iehuq9xm.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-03-12]
FF Extension: Video DownloadHelper - C:\Users\Zeus\AppData\Roaming\Mozilla\Firefox\Profiles\iehuq9xm.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-15]
FF Extension: Roll Around - C:\Users\Zeus\AppData\Roaming\Mozilla\Firefox\Profiles\iehuq9xm.default\Extensions\{c9c8f370-8dff-4fc1-99e4-8495d1aa79c4}.xpi [2015-03-12]
FF Extension: Adblock Plus - C:\Users\Zeus\AppData\Roaming\Mozilla\Firefox\Profiles\iehuq9xm.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-22]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-10]
FF HKLM-x32\...\Firefox\Extensions: [{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}] - C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}
FF Extension: Splashtop Connect Companion - C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1} [2014-06-22]
FF HKLM-x32\...\Firefox\Extensions: [{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}] - C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}
FF Extension: Splashtop Connect - C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0} [2014-06-22]
FF HKLM-x32\...\Firefox\Extensions: [{d9284e50-81fc-11da-a72b-0800200c9a66}] - C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{d9284e50-81fc-11da-a72b-0800200c9a66}
FF Extension: Yoono - C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{d9284e50-81fc-11da-a72b-0800200c9a66} [2014-06-22]
FF HKU\S-1-5-21-65031845-1434384236-1651786591-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: No Name - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-06-22]
Chrome:
=======
CHR HomePage: Default -> hxxp://search.conduit.com/?gd=&ctid=CT3318001&octid=EB_ORIGINAL_CTID&ISID=&SearchSource=55&CUI=&UM=5&UP=SP0AC95814-B408-4148-942D-6DA1DB0EDED4&SSPV=
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-03]
CHR Extension: (Google Docs) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-03]
CHR Extension: (Google Drive) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-03]
CHR Extension: (Brushed) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjgbcjfpbbfepcccpaffkjofcmglifg [2015-04-20]
CHR Extension: (YouTube) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-03]
CHR Extension: (Adblock Plus) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-04]
CHR Extension: (Google Search) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-03]
CHR Extension: (Avira SafeSearch) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\eglgfnfolcgijipffhlhbbnefdcbjbml [2015-04-20]
CHR Extension: (Video Downloader professional) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2015-03-03]
CHR Extension: (Google Sheets) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-03]
CHR Extension: (Avira Browser Safety) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-03-03]
CHR Extension: (Links Checker) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh [2015-03-04]
CHR Extension: (Bookmark Manager) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-21]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Speed Check) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo [2015-03-04]
CHR Extension: (AVG Secure Search) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2015-03-04]
CHR Extension: (Google Wallet) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-12]
CHR Extension: (Battlelog Emblem Editor Extended) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\noagedoiolkfaoaknohhepocfeooibjb [2015-03-04]
CHR Extension: (Gmail) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-03]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827640 2015-05-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-05-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-05-19] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1185584 2015-05-19] (Avira Operations GmbH & Co. KG)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [205104 2015-04-10] (Avira Operations GmbH & Co. KG)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S4 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.3.0\LavasoftTcpService.exe [836984 2015-03-12] (Lavasoft Limited)
S4 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [619776 2015-01-15] (Lenovo)
S4 SCBackService; C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe [477000 2010-11-15] (Splashtop Inc.)
S4 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [17768 2015-03-12] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software)
S4 WCUService_STC_FF; C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe [493384 2011-03-24] (Splashtop Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11832 2010-06-30] (Advanced Micro Devices Inc.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
S3 AR9271; C:\Windows\System32\DRIVERS\athuwx.sys [2224160 2011-07-29] (Atheros Communications, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [152744 2015-05-19] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-05-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-05] (Avira Operations GmbH & Co. KG)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-07-30] ()
R3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [990864 2013-04-09] (Realtek Semiconductor Corporation )
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-06-23] (TuneUp Software)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-20 00:04 - 2015-05-20 00:04 - 00023134 _____ () C:\Users\Zeus\Downloads\FRST.txt
2015-05-20 00:04 - 2015-05-20 00:04 - 00000000 ____D () C:\FRST
2015-05-19 23:58 - 2015-05-19 23:58 - 02107904 _____ (Farbar) C:\Users\Zeus\Downloads\FRST64.exe
2015-05-19 23:55 - 2015-05-19 23:55 - 01146880 _____ (Farbar) C:\Users\Zeus\Downloads\FRST.exe
2015-05-19 21:02 - 2015-05-19 21:02 - 01219529 _____ () C:\Users\Zeus\Downloads\dmt3d.zip
2015-05-18 13:08 - 2015-05-18 13:08 - 00002770 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2015-05-17 20:01 - 2015-05-17 20:01 - 00002201 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk
2015-05-17 20:01 - 2015-05-17 20:01 - 00000000 ____D () C:\Users\Zeus\AppData\Roaming\TuneUp Software
2015-05-17 20:01 - 2015-05-17 20:01 - 00000000 ____D () C:\Users\Zeus\AppData\Local\TuneUp Software
2015-05-17 20:01 - 2015-05-17 20:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
2015-05-17 20:01 - 2014-07-16 10:24 - 00040760 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2015-05-17 20:01 - 2014-07-16 10:24 - 00029496 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2015-05-17 20:01 - 2014-07-16 10:24 - 00025400 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2015-05-17 20:00 - 2015-05-17 20:01 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2015-05-17 19:58 - 2015-05-17 20:09 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2015-05-17 19:58 - 2015-05-17 20:01 - 00000000 ____D () C:\ProgramData\TuneUp Software
2015-05-17 19:50 - 2015-05-17 19:57 - 28598072 _____ (TuneUp Software) C:\Users\Zeus\Downloads\TuneUpUtilities2014_34de-DE.exe
2015-05-12 22:08 - 2015-05-12 22:08 - 00000000 __SHD () C:\Users\Zeus\AppData\Local\EmieUserList
2015-05-12 22:08 - 2015-05-12 22:08 - 00000000 __SHD () C:\Users\Zeus\AppData\Local\EmieSiteList
2015-05-12 22:08 - 2015-05-12 22:08 - 00000000 __SHD () C:\Users\Zeus\AppData\Local\EmieBrowserModeList
2015-05-10 13:48 - 2015-05-10 13:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-10 13:44 - 2015-05-10 13:44 - 00000000 ____D () C:\Users\Zeus\AppData\Local\TomTom
2015-05-10 13:44 - 2015-05-10 13:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2015-05-10 13:44 - 2015-05-10 13:44 - 00000000 ____D () C:\Program Files (x86)\TomTom International B.V
2015-05-10 13:44 - 2015-05-10 13:44 - 00000000 ____D () C:\Program Files (x86)\MyDrive Connect
2015-05-10 13:40 - 2015-05-10 13:42 - 23308160 _____ (TomTom International B.V.) C:\Users\Zeus\Downloads\InstallMyDriveConnect.exe
2015-04-30 08:21 - 2015-04-30 08:21 - 00000025 _____ () C:\Users\Zeus\Desktop\speicher.vbs
2015-04-30 01:29 - 2015-04-30 01:29 - 00146145 _____ () C:\Users\Zeus\AppData\Local\708F4E7A_stp.CIS
2015-04-30 01:29 - 2015-04-30 01:29 - 00000274 _____ () C:\Users\Zeus\AppData\Local\708F4E7A_stp.CIS.part
2015-04-30 01:28 - 2015-04-30 01:28 - 00385602 _____ () C:\Users\Zeus\AppData\Local\5D515C96_stp.CIS
2015-04-30 01:28 - 2015-04-30 01:28 - 00000220 _____ () C:\Users\Zeus\AppData\Local\5D515C96_stp.CIS.part
2015-04-30 01:17 - 2015-04-30 01:19 - 00007609 _____ () C:\Users\Zeus\AppData\Local\Resmon.ResmonCfg
2015-04-30 00:26 - 2015-04-30 00:26 - 00000027 _____ () C:\Users\Zeus\Documents\vbs.txt
2015-04-22 18:38 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2015-04-22 18:26 - 2015-04-22 18:26 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-22 18:26 - 2015-04-22 18:26 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-22 18:26 - 2015-04-22 18:26 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-22 18:26 - 2015-04-22 18:26 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2015-04-22 18:26 - 2015-04-22 18:26 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-22 18:26 - 2015-04-22 18:26 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2015-04-22 18:26 - 2015-04-22 18:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2015-04-22 18:26 - 2015-04-22 18:26 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-22 18:26 - 2015-04-22 18:26 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2015-04-22 18:26 - 2015-04-22 18:26 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-04-22 18:26 - 2015-04-22 18:26 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-04-22 18:26 - 2015-04-22 18:26 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2015-04-22 18:26 - 2015-04-22 18:26 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-04-22 18:26 - 2015-04-22 18:26 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-04-22 18:25 - 2015-04-22 18:25 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-22 18:25 - 2015-04-22 18:25 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-22 18:25 - 2015-04-22 18:25 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-22 18:25 - 2015-04-22 18:25 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-22 18:25 - 2015-04-22 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-22 18:25 - 2015-04-22 18:25 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-22 18:25 - 2015-04-22 18:25 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-22 18:25 - 2015-04-22 18:25 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-22 18:25 - 2015-04-22 18:25 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-22 18:25 - 2015-04-22 18:25 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2015-04-22 18:25 - 2015-04-22 18:25 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-22 18:25 - 2015-04-22 18:25 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-22 18:25 - 2015-04-22 18:25 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-22 18:25 - 2015-04-22 18:25 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-22 18:25 - 2015-04-22 18:25 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-22 18:25 - 2015-04-22 18:25 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-22 18:25 - 2015-04-22 18:25 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2015-04-22 18:25 - 2015-04-22 18:25 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-22 18:25 - 2015-04-22 18:25 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-22 18:25 - 2015-04-22 18:25 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-22 18:25 - 2015-04-22 18:25 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-22 18:25 - 2015-04-22 18:25 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-22 18:25 - 2015-04-22 18:25 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2015-04-22 18:25 - 2015-04-22 18:25 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-04-22 18:25 - 2015-04-22 18:25 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-04-22 18:25 - 2015-04-22 18:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-22 18:25 - 2015-04-22 18:25 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-04-22 18:25 - 2015-04-22 18:25 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-04-22 18:25 - 2015-04-22 18:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-22 18:25 - 2015-04-22 18:25 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-04-22 18:25 - 2015-04-22 18:25 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-04-22 18:25 - 2015-04-22 18:25 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-04-22 18:25 - 2015-04-22 18:25 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-22 18:25 - 2015-04-22 18:25 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-04-22 18:25 - 2015-04-22 18:25 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-04-22 18:25 - 2015-04-22 18:25 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-22 18:25 - 2015-04-22 18:25 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2015-04-22 18:25 - 2015-04-22 18:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-22 18:25 - 2015-04-22 18:25 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-04-22 18:25 - 2015-04-22 18:25 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2015-04-22 18:25 - 2015-04-22 18:25 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-22 18:25 - 2015-04-22 18:25 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-04-22 18:25 - 2015-04-22 18:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-22 18:25 - 2015-04-22 18:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-04-22 18:25 - 2015-04-22 18:25 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-22 18:25 - 2015-04-22 18:25 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-04-22 18:25 - 2015-04-22 18:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2015-04-22 18:25 - 2015-04-22 18:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-22 18:25 - 2015-04-22 18:25 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-04-22 18:25 - 2015-04-22 18:25 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-22 18:25 - 2015-04-22 18:25 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-04-22 18:25 - 2015-04-22 18:25 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-04-22 18:25 - 2015-04-22 18:25 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-04-22 18:25 - 2015-04-22 18:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-22 18:23 - 2015-04-22 18:23 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-04-22 18:23 - 2015-04-22 18:23 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-04-22 18:23 - 2015-04-22 18:23 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-04-22 18:23 - 2015-04-22 18:23 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-04-22 18:22 - 2015-04-22 18:22 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2015-04-22 18:22 - 2015-04-22 18:22 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-04-22 18:18 - 2015-04-22 18:18 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-04-22 18:16 - 2015-04-22 18:16 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2015-04-22 18:16 - 2015-04-22 18:16 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2015-04-22 18:13 - 2015-04-22 18:38 - 00014787 _____ () C:\Windows\IE11_main.log
2015-04-22 16:25 - 2014-07-01 01:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-04-22 16:25 - 2014-07-01 01:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2015-04-22 16:25 - 2014-06-06 09:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-04-22 16:25 - 2014-06-06 09:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-04-22 16:25 - 2014-03-10 00:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-04-22 16:25 - 2014-03-10 00:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-04-22 16:25 - 2014-03-10 00:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2015-04-22 16:25 - 2014-03-10 00:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2015-04-22 16:16 - 2014-07-16 06:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-04-22 16:16 - 2014-07-16 05:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-04-22 16:15 - 2014-12-06 07:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-04-22 16:15 - 2014-12-06 06:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-04-22 16:15 - 2014-12-06 06:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-04-22 16:15 - 2014-08-12 05:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-04-22 16:15 - 2014-08-12 04:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2015-04-22 16:15 - 2013-07-26 05:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2015-04-22 16:15 - 2013-07-26 04:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2015-04-22 16:15 - 2013-07-04 15:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-04-22 16:15 - 2013-07-04 14:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-04-22 16:15 - 2012-10-03 20:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-04-22 16:15 - 2012-10-03 20:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-04-22 16:14 - 2015-02-25 06:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-22 16:14 - 2014-10-25 04:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-04-22 16:14 - 2014-10-25 04:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-04-22 16:14 - 2014-10-18 05:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-04-22 16:14 - 2014-10-18 04:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-04-22 16:14 - 2014-04-25 05:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-04-22 16:14 - 2014-04-25 05:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-04-22 16:14 - 2013-04-26 08:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-04-22 16:14 - 2013-04-26 07:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2015-04-22 16:09 - 2013-07-20 13:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-04-22 16:09 - 2013-07-20 13:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-04-22 15:23 - 2015-04-22 15:23 - 00159144 _____ (Microsoft Corporation) C:\Users\Zeus\Downloads\WindowsActivationUpdate(1).exe
2015-04-21 21:32 - 2015-04-21 21:32 - 00159144 _____ (Microsoft Corporation) C:\Users\Zeus\Downloads\WindowsActivationUpdate.exe
2015-04-20 17:55 - 2015-04-20 17:55 - 04636584 _____ (Avira Operations GmbH & Co. KG) C:\Users\Zeus\Downloads\avira_de_av_55350e0bb06bd__ws.exe
2015-04-20 17:55 - 2015-04-20 17:55 - 00001207 _____ () C:\Users\Public\Desktop\Avira.lnk
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-20 00:05 - 2015-04-16 18:24 - 00000433 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2015-05-20 00:00 - 2015-03-03 15:45 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-19 23:17 - 2014-06-23 15:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-19 22:00 - 2014-06-22 15:47 - 01617956 _____ () C:\Windows\WindowsUpdate.log
2015-05-19 21:19 - 2009-07-14 07:45 - 00014336 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-19 21:19 - 2009-07-14 07:45 - 00014336 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-19 21:14 - 2014-06-22 16:56 - 00004196 _____ () C:\Windows\System32\Tasks\Software Updater
2015-05-19 21:10 - 2015-03-03 15:45 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-19 21:10 - 2009-07-14 08:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-19 21:09 - 2009-07-14 07:51 - 00046192 _____ () C:\Windows\setupact.log
2015-05-19 16:44 - 2015-04-07 17:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-05-19 16:43 - 2014-06-22 16:39 - 00152744 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-05-19 16:43 - 2014-06-22 16:39 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-05-19 00:30 - 2015-03-03 17:29 - 00000000 ____D () C:\Users\Zeus\Desktop\KINOFILME
2015-05-18 23:03 - 2014-10-11 19:09 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2015-05-18 21:56 - 2014-06-22 17:19 - 00351494 _____ () C:\Windows\PFRO.log
2015-05-18 11:55 - 2015-03-03 15:45 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-18 11:55 - 2015-03-03 15:45 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-17 20:19 - 2014-06-22 19:23 - 00000000 ____D () C:\Users\Zeus\Desktop\Programme
2015-05-17 20:09 - 2015-03-01 20:52 - 00000000 ____D () C:\Users\Zeus\AppData\Local\Downloaded Installations
2015-05-17 20:09 - 2014-06-22 17:15 - 00000000 ___HD () C:\ProgramData\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3}
2015-05-17 20:09 - 2014-06-22 17:10 - 00000000 ____D () C:\ProgramData\DriverGenius
2015-05-14 01:22 - 2014-06-22 17:54 - 00000000 ____D () C:\Users\Zeus\Desktop\Bilder
2015-05-11 22:55 - 2009-07-14 20:58 - 00696832 _____ () C:\Windows\system32\perfh007.dat
2015-05-11 22:55 - 2009-07-14 20:58 - 00148128 _____ () C:\Windows\system32\perfc007.dat
2015-05-11 22:55 - 2009-07-14 08:13 - 01613340 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-11 20:40 - 2015-03-08 19:08 - 00000000 ____D () C:\Users\Zeus\AppData\Roaming\Skype
2015-05-11 13:21 - 2014-06-22 16:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-30 09:03 - 2014-06-23 15:48 - 00000000 ___RD () C:\Users\Zeus\Desktop\musik
2015-04-30 07:39 - 2014-06-22 15:50 - 00000000 ____D () C:\Users\Zeus
2015-04-30 07:38 - 2015-03-12 22:37 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack
2015-04-30 07:38 - 2015-03-03 17:44 - 00000000 ____D () C:\Users\Zeus\AppData\Roaming\FreeFLVConverter
2015-04-30 07:38 - 2015-03-03 15:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-04-30 07:38 - 2014-06-22 18:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-04-30 07:38 - 2014-06-22 18:07 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2015-04-30 07:38 - 2014-06-22 18:05 - 00000000 ____D () C:\Users\Zeus\AppData\Roaming\DVDVideoSoft
2015-04-30 07:37 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\registration
2015-04-27 00:56 - 2009-07-14 08:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-04-23 17:45 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\rescache
2015-04-22 19:20 - 2014-06-22 15:50 - 00001421 _____ () C:\Users\Zeus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-04-22 19:14 - 2009-07-14 07:45 - 00268536 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-22 19:09 - 2009-07-14 21:18 - 00000000 ____D () C:\Program Files\Windows Journal
2015-04-22 19:09 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2015-04-22 19:09 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2015-04-22 19:09 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-04-22 19:09 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2015-04-22 19:09 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2015-04-22 19:09 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-04-22 19:09 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-22 19:08 - 2009-07-14 08:32 - 00000000 ____D () C:\Program Files\Windows Defender
2015-04-22 19:08 - 2009-07-14 08:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-04-22 17:24 - 2014-10-12 18:10 - 01590298 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-22 16:57 - 2014-06-22 20:22 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-22 16:40 - 2014-06-22 19:00 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-20 18:21 - 2015-03-03 17:28 - 00000000 ____D () C:\Users\Zeus\AppData\Roaming\FLV and Media Player
2015-04-20 17:55 - 2014-08-29 19:11 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-20 17:55 - 2014-06-22 16:39 - 00000000 ____D () C:\Program Files (x86)\Avira
==================== Files in the root of some directories =======
2015-04-30 01:28 - 2015-04-30 01:28 - 0385602 _____ () C:\Users\Zeus\AppData\Local\5D515C96_stp.CIS
2015-04-30 01:28 - 2015-04-30 01:28 - 0000220 _____ () C:\Users\Zeus\AppData\Local\5D515C96_stp.CIS.part
2015-04-30 01:29 - 2015-04-30 01:29 - 0146145 _____ () C:\Users\Zeus\AppData\Local\708F4E7A_stp.CIS
2015-04-30 01:29 - 2015-04-30 01:29 - 0000274 _____ () C:\Users\Zeus\AppData\Local\708F4E7A_stp.CIS.part
2015-04-30 01:17 - 2015-04-30 01:19 - 0007609 _____ () C:\Users\Zeus\AppData\Local\Resmon.ResmonCfg
Some content of TEMP:
====================
C:\Users\Zeus\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-14 00:45
==================== End Of Log ============================
--- --- --- |
|
20.05.2015, 12:31
| #4 |
| /// the machine /// TB-Ausbilder | langsamer computer hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
20.05.2015, 12:50
| #5 |
| | langsamer computer ok mache ich avira hat mir einen sicherhinweis gesendet waehrend den scan 'PUA/SeaSuite.Gen/ wurde blokiert was sol ich tun ? entfernen oder auf details ? TDSSKiller hat nicht gefunden Code:
ATTFilter 14:37:43.0231 0x03e0 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
14:37:47.0860 0x03e0 ============================================================
14:37:47.0860 0x03e0 Current date / time: 2015/05/20 14:37:47.0860
14:37:47.0860 0x03e0 SystemInfo:
14:37:47.0860 0x03e0
14:37:47.0860 0x03e0 OS Version: 6.1.7601 ServicePack: 1.0
14:37:47.0860 0x03e0 Product type: Workstation
14:37:47.0860 0x03e0 ComputerName: ZEUS-PC
14:37:47.0860 0x03e0 UserName: Zeus
14:37:47.0860 0x03e0 Windows directory: C:\Windows
14:37:47.0860 0x03e0 System windows directory: C:\Windows
14:37:47.0860 0x03e0 Running under WOW64
14:37:47.0860 0x03e0 Processor architecture: Intel x64
14:37:47.0860 0x03e0 Number of processors: 4
14:37:47.0860 0x03e0 Page size: 0x1000
14:37:47.0860 0x03e0 Boot type: Normal boot
14:37:47.0860 0x03e0 ============================================================
14:37:49.0467 0x03e0 KLMD registered as C:\Windows\system32\drivers\75613705.sys
14:37:49.0872 0x03e0 System UUID: {BEF84F9F-AD33-B8AF-6277-4306B56A7B64}
14:37:50.0450 0x03e0 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
14:37:50.0481 0x03e0 ============================================================
14:37:50.0481 0x03e0 \Device\Harddisk0\DR0:
14:37:50.0481 0x03e0 MBR partitions:
14:37:50.0481 0x03e0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:37:50.0481 0x03e0 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
14:37:50.0481 0x03e0 ============================================================
14:37:50.0512 0x03e0 C: <-> \Device\Harddisk0\DR0\Partition2
14:37:50.0512 0x03e0 ============================================================
14:37:50.0512 0x03e0 Initialize success
14:37:50.0512 0x03e0 ============================================================
14:38:05.0735 0x16d8 ============================================================
14:38:05.0735 0x16d8 Scan started
14:38:05.0735 0x16d8 Mode: Manual;
14:38:05.0735 0x16d8 ============================================================
14:38:05.0735 0x16d8 KSN ping started
14:38:08.0685 0x16d8 KSN ping finished: true
14:38:09.0806 0x16d8 ================ Scan system memory ========================
14:38:09.0806 0x16d8 System memory - ok
14:38:09.0806 0x16d8 ================ Scan services =============================
14:38:09.0963 0x16d8 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:38:09.0963 0x16d8 1394ohci - ok
14:38:10.0010 0x16d8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:38:10.0010 0x16d8 ACPI - ok
14:38:10.0041 0x16d8 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:38:10.0041 0x16d8 AcpiPmi - ok
14:38:10.0181 0x16d8 [ B04A4810C6CC205F9DC72DC22E4AB236, 547321F5C28C80D4818372D65E2A33D4BAC593015DD6613B24586FE4B4A95D5D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:38:10.0181 0x16d8 AdobeFlashPlayerUpdateSvc - ok
14:38:10.0228 0x16d8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:38:10.0228 0x16d8 adp94xx - ok
14:38:10.0259 0x16d8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:38:10.0259 0x16d8 adpahci - ok
14:38:10.0306 0x16d8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:38:10.0306 0x16d8 adpu320 - ok
14:38:10.0337 0x16d8 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:38:10.0337 0x16d8 AeLookupSvc - ok
14:38:10.0431 0x16d8 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
14:38:10.0446 0x16d8 AFD - ok
14:38:10.0462 0x16d8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
14:38:10.0462 0x16d8 agp440 - ok
14:38:10.0478 0x16d8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
14:38:10.0478 0x16d8 ALG - ok
14:38:10.0509 0x16d8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
14:38:10.0509 0x16d8 aliide - ok
14:38:10.0540 0x16d8 [ 2F2E91FD092811353C3BC968BEC274D8, F71D4C1C54FF5163AFB5603529F7F9950BBBC09FBDFEB24E404AEF77F416691A ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:38:10.0556 0x16d8 AMD External Events Utility - ok
14:38:10.0587 0x16d8 [ 30BFEEE0DFFD5BD79D29157CF080DEED, D3176AA5CFD43CAE7180E9E51A2C76DC2AC02897CA730391A54F647D263ED4E0 ] amdhub30 C:\Windows\system32\DRIVERS\amdhub30.sys
14:38:10.0587 0x16d8 amdhub30 - ok
14:38:10.0602 0x16d8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
14:38:10.0602 0x16d8 amdide - ok
14:38:10.0634 0x16d8 [ 4249DA806451D394712B4D66C8652DBB, 36756510F31B3C7FD1E3D89ADA69996CE3BE307C24F0A7CACA90E6F21871A53A ] amdide64 C:\Windows\system32\DRIVERS\amdide64.sys
14:38:10.0634 0x16d8 amdide64 - ok
14:38:10.0649 0x16d8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:38:10.0649 0x16d8 AmdK8 - ok
14:38:11.0164 0x16d8 [ 194D76D2083318A2E7071A988E02ECF4, DC989BBA41446EB5306C876AE3301A7E67F03EBA43C7FDBE9AB01784895514F6 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
14:38:11.0336 0x16d8 amdkmdag - ok
14:38:11.0398 0x16d8 [ 1EEFFCE9A3A65A56A28793EAA3F57026, 9ED49D049713813A69131D0E06DBF13F08D227BD4348A505A5AAB4763C4C7CBE ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
14:38:11.0414 0x16d8 amdkmdap - ok
14:38:11.0429 0x16d8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:38:11.0429 0x16d8 AmdPPM - ok
14:38:11.0460 0x16d8 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:38:11.0460 0x16d8 amdsata - ok
14:38:11.0538 0x16d8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:38:11.0538 0x16d8 amdsbs - ok
14:38:11.0554 0x16d8 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:38:11.0554 0x16d8 amdxata - ok
14:38:11.0616 0x16d8 [ 321533578132C811EC834A1B741C994C, 82B62C52018655B8A596E1E503CB31F0FA581780425A9FF44BE1248C0F3D4B3E ] amdxhc C:\Windows\system32\DRIVERS\amdxhc.sys
14:38:11.0616 0x16d8 amdxhc - ok
14:38:11.0819 0x16d8 [ D908096B873B940BB438CE63BA35BD1E, F1C79C907E6CDBC2770C16AFFAE0D6F9B9B7DA21F5074D602AC5FE1597975748 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
14:38:11.0835 0x16d8 AntiVirMailService - ok
14:38:11.0866 0x16d8 [ EC705D6ED3A7F3D9AE42F6239707D9FE, B50F6BB0FC308E7403B1807DF2AAF87BEDE0B044128C580970A26801CCABC43F ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
14:38:11.0897 0x16d8 AntiVirSchedulerService - ok
14:38:11.0960 0x16d8 [ EC705D6ED3A7F3D9AE42F6239707D9FE, B50F6BB0FC308E7403B1807DF2AAF87BEDE0B044128C580970A26801CCABC43F ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
14:38:11.0975 0x16d8 AntiVirService - ok
14:38:12.0116 0x16d8 [ 0F3D12E5FAE0082DB3F306095CA6B027, 726D054357031F45B43C87D798E84FA93439ECA6C691EB8C76FE524B50C25B32 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
14:38:12.0131 0x16d8 AntiVirWebService - ok
14:38:12.0162 0x16d8 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
14:38:12.0162 0x16d8 AppID - ok
14:38:12.0180 0x16d8 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:38:12.0180 0x16d8 AppIDSvc - ok
14:38:12.0211 0x16d8 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
14:38:12.0211 0x16d8 Appinfo - ok
14:38:12.0242 0x16d8 [ 6BE11AD81D4527D299F0CB5F3731AABC, 9C01278D3336CD74B9672A2A9EF7AF836CB0E7F2EA5BC310E9ADDD1238B92229 ] AppleCharger C:\Windows\system32\DRIVERS\AppleCharger.sys
14:38:12.0242 0x16d8 AppleCharger - ok
14:38:12.0274 0x16d8 [ 95EF7247C50C7241FDAE39A9B3AFF4AE, 6E08FB095C04B2E217B139D6431336C0F24C128A2A83082A3085DC8C44AA247D ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
14:38:12.0274 0x16d8 AppleChargerSrv - ok
14:38:12.0289 0x16d8 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
14:38:12.0305 0x16d8 AppMgmt - ok
14:38:12.0414 0x16d8 [ 1319A2AED20E1FF5C60BA7E69A2C8BED, C053073BDA074584863DAD73A404D6D579039AFF3223FD65CB3397EF6BA39339 ] AR9271 C:\Windows\system32\DRIVERS\athuwx.sys
14:38:12.0461 0x16d8 AR9271 - ok
14:38:12.0492 0x16d8 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
14:38:12.0492 0x16d8 arc - ok
14:38:12.0508 0x16d8 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:38:12.0523 0x16d8 arcsas - ok
14:38:12.0632 0x16d8 [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:38:12.0632 0x16d8 aspnet_state - ok
14:38:12.0648 0x16d8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:38:12.0648 0x16d8 AsyncMac - ok
14:38:12.0679 0x16d8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
14:38:12.0679 0x16d8 atapi - ok
14:38:12.0726 0x16d8 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:38:12.0742 0x16d8 AudioEndpointBuilder - ok
14:38:12.0757 0x16d8 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:38:12.0773 0x16d8 AudioSrv - ok
14:38:12.0804 0x16d8 [ 43B6D229C7DBA9F0FC0FC0C318DB5350, F5A525DBD71FC4A323E92839C6D27F323FB304B7E9FFA35E89E9B419570AA4C8 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
14:38:12.0804 0x16d8 avgntflt - ok
14:38:12.0820 0x16d8 [ 626D1BAD7A1975A8FEE8876A8AD0EEA7, 59772746A2DF3B7E8D021756B8A64569AC8468CA1C802EB594494224354F1E60 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
14:38:12.0835 0x16d8 avipbb - ok
14:38:12.0929 0x16d8 [ A33384A5CA1CE308ABF16815AFE1873D, 54AD83AEC416EDC13BD6CE53072E9E0A1510E332186975F7E577D0385981FB40 ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
14:38:12.0944 0x16d8 Avira.OE.ServiceHost - ok
14:38:12.0976 0x16d8 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
14:38:12.0976 0x16d8 avkmgr - ok
14:38:12.0991 0x16d8 [ 13253E5E3B6BDF945B63B336A8C9489B, 671C716E43F89D4BDDAA2BE045CDEBBB569C85BC2BA334E1F550187B79A7740D ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
14:38:13.0007 0x16d8 avnetflt - ok
14:38:13.0054 0x16d8 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:38:13.0054 0x16d8 AxInstSV - ok
14:38:13.0100 0x16d8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:38:13.0116 0x16d8 b06bdrv - ok
14:38:13.0147 0x16d8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:38:13.0147 0x16d8 b57nd60a - ok
14:38:13.0194 0x16d8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
14:38:13.0194 0x16d8 BDESVC - ok
14:38:13.0210 0x16d8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
14:38:13.0210 0x16d8 Beep - ok
14:38:13.0256 0x16d8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
14:38:13.0272 0x16d8 BFE - ok
14:38:13.0350 0x16d8 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
14:38:13.0366 0x16d8 BITS - ok
14:38:13.0397 0x16d8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:38:13.0397 0x16d8 blbdrive - ok
14:38:13.0428 0x16d8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:38:13.0444 0x16d8 bowser - ok
14:38:13.0444 0x16d8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:38:13.0444 0x16d8 BrFiltLo - ok
14:38:13.0459 0x16d8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:38:13.0459 0x16d8 BrFiltUp - ok
14:38:13.0490 0x16d8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
14:38:13.0490 0x16d8 Browser - ok
14:38:13.0522 0x16d8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:38:13.0522 0x16d8 Brserid - ok
14:38:13.0537 0x16d8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:38:13.0537 0x16d8 BrSerWdm - ok
14:38:13.0553 0x16d8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:38:13.0553 0x16d8 BrUsbMdm - ok
14:38:13.0568 0x16d8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:38:13.0568 0x16d8 BrUsbSer - ok
14:38:13.0615 0x16d8 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
14:38:13.0615 0x16d8 BthEnum - ok
14:38:13.0631 0x16d8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:38:13.0631 0x16d8 BTHMODEM - ok
14:38:13.0678 0x16d8 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
14:38:13.0678 0x16d8 BthPan - ok
14:38:13.0740 0x16d8 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
14:38:13.0756 0x16d8 BTHPORT - ok
14:38:13.0787 0x16d8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
14:38:13.0787 0x16d8 bthserv - ok
14:38:13.0818 0x16d8 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
14:38:13.0818 0x16d8 BTHUSB - ok
14:38:13.0849 0x16d8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:38:13.0849 0x16d8 cdfs - ok
14:38:13.0903 0x16d8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
14:38:13.0906 0x16d8 cdrom - ok
14:38:13.0941 0x16d8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
14:38:13.0943 0x16d8 CertPropSvc - ok
14:38:13.0959 0x16d8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:38:13.0960 0x16d8 circlass - ok
14:38:14.0014 0x16d8 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
14:38:14.0014 0x16d8 CLFS - ok
14:38:14.0107 0x16d8 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:38:14.0107 0x16d8 clr_optimization_v2.0.50727_32 - ok
14:38:14.0185 0x16d8 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:38:14.0185 0x16d8 clr_optimization_v2.0.50727_64 - ok
14:38:14.0279 0x16d8 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:38:14.0294 0x16d8 clr_optimization_v4.0.30319_32 - ok
14:38:14.0326 0x16d8 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:38:14.0326 0x16d8 clr_optimization_v4.0.30319_64 - ok
14:38:14.0342 0x16d8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:38:14.0342 0x16d8 CmBatt - ok
14:38:14.0358 0x16d8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:38:14.0358 0x16d8 cmdide - ok
14:38:14.0420 0x16d8 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
14:38:14.0420 0x16d8 CNG - ok
14:38:14.0436 0x16d8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:38:14.0436 0x16d8 Compbatt - ok
14:38:14.0467 0x16d8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:38:14.0467 0x16d8 CompositeBus - ok
14:38:14.0483 0x16d8 COMSysApp - ok
14:38:14.0498 0x16d8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:38:14.0498 0x16d8 crcdisk - ok
14:38:14.0561 0x16d8 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:38:14.0561 0x16d8 CryptSvc - ok
14:38:14.0592 0x16d8 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
14:38:14.0607 0x16d8 CSC - ok
14:38:14.0685 0x16d8 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
14:38:14.0685 0x16d8 CscService - ok
14:38:14.0753 0x16d8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:38:14.0765 0x16d8 DcomLaunch - ok
14:38:14.0798 0x16d8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
14:38:14.0801 0x16d8 defragsvc - ok
14:38:14.0832 0x16d8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:38:14.0832 0x16d8 DfsC - ok
14:38:14.0879 0x16d8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
14:38:14.0895 0x16d8 Dhcp - ok
14:38:14.0910 0x16d8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
14:38:14.0910 0x16d8 discache - ok
14:38:14.0942 0x16d8 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:38:14.0942 0x16d8 Disk - ok
14:38:14.0973 0x16d8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:38:14.0973 0x16d8 Dnscache - ok
14:38:15.0004 0x16d8 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
14:38:15.0004 0x16d8 dot3svc - ok
14:38:15.0053 0x16d8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
14:38:15.0068 0x16d8 DPS - ok
14:38:15.0118 0x16d8 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:38:15.0118 0x16d8 drmkaud - ok
14:38:15.0307 0x16d8 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:38:15.0323 0x16d8 DXGKrnl - ok
14:38:15.0354 0x16d8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
14:38:15.0354 0x16d8 EapHost - ok
14:38:15.0731 0x16d8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:38:15.0792 0x16d8 ebdrv - ok
14:38:15.0835 0x16d8 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] EFS C:\Windows\System32\lsass.exe
14:38:15.0843 0x16d8 EFS - ok
14:38:15.0936 0x16d8 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:38:15.0950 0x16d8 ehRecvr - ok
14:38:15.0953 0x16d8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
14:38:15.0968 0x16d8 ehSched - ok
14:38:15.0999 0x16d8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:38:15.0999 0x16d8 elxstor - ok
14:38:16.0031 0x16d8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:38:16.0031 0x16d8 ErrDev - ok
14:38:16.0046 0x16d8 [ 84486624268E078255BC7AA47F0960BC, EC2540698B974572F0AC4A93D57C63295BAF66BF50F7416B9DFF5DE790EBDBE7 ] etdrv C:\Windows\etdrv.sys
14:38:16.0046 0x16d8 etdrv - ok
14:38:16.0109 0x16d8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
14:38:16.0109 0x16d8 EventSystem - ok
14:38:16.0140 0x16d8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
14:38:16.0140 0x16d8 exfat - ok
14:38:16.0171 0x16d8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:38:16.0171 0x16d8 fastfat - ok
14:38:16.0249 0x16d8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
14:38:16.0274 0x16d8 Fax - ok
14:38:16.0284 0x16d8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:38:16.0284 0x16d8 fdc - ok
14:38:16.0315 0x16d8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
14:38:16.0315 0x16d8 fdPHost - ok
14:38:16.0330 0x16d8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
14:38:16.0330 0x16d8 FDResPub - ok
14:38:16.0346 0x16d8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:38:16.0363 0x16d8 FileInfo - ok
14:38:16.0379 0x16d8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:38:16.0380 0x16d8 Filetrace - ok
14:38:16.0411 0x16d8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:38:16.0411 0x16d8 flpydisk - ok
14:38:16.0489 0x16d8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:38:16.0504 0x16d8 FltMgr - ok
14:38:16.0582 0x16d8 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
14:38:16.0614 0x16d8 FontCache - ok
14:38:16.0692 0x16d8 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:38:16.0692 0x16d8 FontCache3.0.0.0 - ok
14:38:16.0707 0x16d8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:38:16.0723 0x16d8 FsDepends - ok
14:38:16.0754 0x16d8 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:38:16.0754 0x16d8 Fs_Rec - ok
14:38:16.0815 0x16d8 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:38:16.0818 0x16d8 fvevol - ok
14:38:16.0833 0x16d8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:38:16.0833 0x16d8 gagp30kx - ok
14:38:16.0896 0x16d8 [ 7907E14F9BCF3A4689C9A74A1A873CB6, 17927B93B2D6AB4271C158F039CAE2D60591D6A14458F5A5690AEC86F5D54229 ] gdrv C:\Windows\gdrv.sys
14:38:16.0896 0x16d8 gdrv - ok
14:38:16.0943 0x16d8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
14:38:16.0958 0x16d8 gpsvc - ok
14:38:17.0021 0x16d8 [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:38:17.0021 0x16d8 gupdate - ok
14:38:17.0067 0x16d8 [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:38:17.0067 0x16d8 gupdatem - ok
14:38:17.0099 0x16d8 [ 8126331FBD4ED29EB3B356F9C905064D, A58BCE904591DD762410E99960FD956FB579C2CE78FA7BF1406075D29537EF82 ] GVTDrv64 C:\Windows\GVTDrv64.sys
14:38:17.0099 0x16d8 GVTDrv64 - ok
14:38:17.0114 0x16d8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:38:17.0114 0x16d8 hcw85cir - ok
14:38:17.0161 0x16d8 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:38:17.0161 0x16d8 HdAudAddService - ok
14:38:17.0208 0x16d8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
14:38:17.0208 0x16d8 HDAudBus - ok
14:38:17.0223 0x16d8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:38:17.0223 0x16d8 HidBatt - ok
14:38:17.0239 0x16d8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:38:17.0239 0x16d8 HidBth - ok
14:38:17.0255 0x16d8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:38:17.0255 0x16d8 HidIr - ok
14:38:17.0301 0x16d8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
14:38:17.0301 0x16d8 hidserv - ok
14:38:17.0338 0x16d8 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
14:38:17.0340 0x16d8 HidUsb - ok
14:38:17.0367 0x16d8 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:38:17.0367 0x16d8 hkmsvc - ok
14:38:17.0413 0x16d8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:38:17.0429 0x16d8 HomeGroupListener - ok
14:38:17.0491 0x16d8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:38:17.0491 0x16d8 HomeGroupProvider - ok
14:38:17.0523 0x16d8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:38:17.0523 0x16d8 HpSAMD - ok
14:38:17.0585 0x16d8 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:38:17.0601 0x16d8 HTTP - ok
14:38:17.0632 0x16d8 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:38:17.0632 0x16d8 hwpolicy - ok
14:38:17.0663 0x16d8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:38:17.0679 0x16d8 i8042prt - ok
14:38:17.0725 0x16d8 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:38:17.0725 0x16d8 iaStorV - ok
14:38:17.0772 0x16d8 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
14:38:17.0772 0x16d8 IDriverT - ok
14:38:17.0915 0x16d8 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:38:17.0946 0x16d8 idsvc - ok
14:38:17.0961 0x16d8 IEEtwCollectorService - ok
14:38:18.0008 0x16d8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:38:18.0008 0x16d8 iirsp - ok
14:38:18.0071 0x16d8 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
14:38:18.0086 0x16d8 IKEEXT - ok
14:38:18.0227 0x16d8 [ 718A4008EE5DA174400396B27509EF82, 01F563AFF8156B3B72FB0ED1F25F6F451157FE0C4C5671072FD62FD1ED7F73AA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:38:18.0273 0x16d8 IntcAzAudAddService - ok
14:38:18.0305 0x16d8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
14:38:18.0305 0x16d8 intelide - ok
14:38:18.0320 0x16d8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:38:18.0320 0x16d8 intelppm - ok
14:38:18.0351 0x16d8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:38:18.0351 0x16d8 IPBusEnum - ok
14:38:18.0397 0x16d8 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:38:18.0399 0x16d8 IpFilterDriver - ok
14:38:18.0434 0x16d8 [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:38:18.0449 0x16d8 iphlpsvc - ok
14:38:18.0480 0x16d8 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:38:18.0480 0x16d8 IPMIDRV - ok
14:38:18.0496 0x16d8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:38:18.0496 0x16d8 IPNAT - ok
14:38:18.0527 0x16d8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:38:18.0527 0x16d8 IRENUM - ok
14:38:18.0558 0x16d8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:38:18.0558 0x16d8 isapnp - ok
14:38:18.0574 0x16d8 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:38:18.0590 0x16d8 iScsiPrt - ok
14:38:18.0605 0x16d8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:38:18.0605 0x16d8 kbdclass - ok
14:38:18.0621 0x16d8 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:38:18.0621 0x16d8 kbdhid - ok
14:38:18.0636 0x16d8 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] KeyIso C:\Windows\system32\lsass.exe
14:38:18.0636 0x16d8 KeyIso - ok
14:38:18.0668 0x16d8 [ 063C09DB965E3DFD6F4F08416F6DB8F5, 0BE015C59288397536B3941BA55EFE0CF06714BC43FF3A33A1D844B4E0F16097 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:38:18.0668 0x16d8 KSecDD - ok
14:38:18.0683 0x16d8 [ 1FA627E63195BF3BF636BFEF0D7190D4, 794456605303F4916E81BE899E0B05CB070094E719ADA8BE8072A761E35CA8E9 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:38:18.0699 0x16d8 KSecPkg - ok
14:38:18.0730 0x16d8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:38:18.0730 0x16d8 ksthunk - ok
14:38:18.0792 0x16d8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
14:38:18.0792 0x16d8 KtmRm - ok
14:38:18.0886 0x16d8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:38:18.0886 0x16d8 LanmanServer - ok
14:38:18.0949 0x16d8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:38:18.0951 0x16d8 LanmanWorkstation - ok
14:38:19.0154 0x16d8 [ 3E60770485DC96E1E6442745EDB10381, DAA1B275A2ED2817317C0F2C292F19F5B2DF03A4476BD87AB17E8324B1DCD91C ] LavasoftTcpService C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.3.0\LavasoftTcpService.exe
14:38:19.0170 0x16d8 LavasoftTcpService - ok
14:38:19.0294 0x16d8 [ B28F352952FC7B77A06DCFF01CBF8131, DAC90126613D2BE9E95E8884444A984D08BAC8A1B37571C54EB9B228EF7EEA24 ] Lenovo EasyPlus Hotspot C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe
14:38:19.0294 0x16d8 Lenovo EasyPlus Hotspot - ok
14:38:19.0326 0x16d8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:38:19.0326 0x16d8 lltdio - ok
14:38:19.0419 0x16d8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:38:19.0419 0x16d8 lltdsvc - ok
14:38:19.0441 0x16d8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:38:19.0443 0x16d8 lmhosts - ok
14:38:19.0464 0x16d8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:38:19.0467 0x16d8 LSI_FC - ok
14:38:19.0484 0x16d8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:38:19.0484 0x16d8 LSI_SAS - ok
14:38:19.0499 0x16d8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:38:19.0499 0x16d8 LSI_SAS2 - ok
14:38:19.0515 0x16d8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:38:19.0515 0x16d8 LSI_SCSI - ok
14:38:19.0546 0x16d8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
14:38:19.0546 0x16d8 luafv - ok
14:38:19.0577 0x16d8 [ 5C3FF68267A5D242EE79EE01B993D6CE, 853637AC30A16698F2F583693E98B67104ECE5B8F80C6FB88266665162623B92 ] LVUSBS64 C:\Windows\system32\DRIVERS\LVUSBS64.sys
14:38:19.0577 0x16d8 LVUSBS64 - ok
14:38:19.0640 0x16d8 [ 0307CF4184F4F22DB75F36ACCCEF7ED1, 32EAC5DADDD70175EA7AD4FC0A8624BECB138B9ED9E66AF74AC4A06EEB3EB4B7 ] mbamchameleon C:\Windows\system32\drivers\mbamchameleon.sys
14:38:19.0655 0x16d8 mbamchameleon - ok
14:38:19.0702 0x16d8 [ E9CD058C79EA15B4AA93E259FA713B07, 2B09F65188D8782F9C797545F2F791EC7EAB85D8914B2C0B30BD869C412E3980 ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
14:38:19.0702 0x16d8 MBAMSwissArmy - ok
14:38:19.0733 0x16d8 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:38:19.0733 0x16d8 Mcx2Svc - ok
14:38:19.0749 0x16d8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:38:19.0749 0x16d8 megasas - ok
14:38:19.0780 0x16d8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:38:19.0780 0x16d8 MegaSR - ok
14:38:19.0811 0x16d8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
14:38:19.0811 0x16d8 MMCSS - ok
14:38:19.0827 0x16d8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
14:38:19.0827 0x16d8 Modem - ok
14:38:19.0843 0x16d8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:38:19.0843 0x16d8 monitor - ok
14:38:19.0889 0x16d8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:38:19.0889 0x16d8 mouclass - ok
14:38:19.0905 0x16d8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:38:19.0921 0x16d8 mouhid - ok
14:38:19.0952 0x16d8 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:38:19.0952 0x16d8 mountmgr - ok
14:38:20.0033 0x16d8 [ 03D14BF1DC59130002F6B8BA3AD89DB9, 1729CCD8AAF51CDB86ED67569974D0B6B1CFFA5F90EF6E6004B0D8A305D88C27 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:38:20.0033 0x16d8 MozillaMaintenance - ok
14:38:20.0079 0x16d8 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
14:38:20.0079 0x16d8 mpio - ok
14:38:20.0095 0x16d8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:38:20.0095 0x16d8 mpsdrv - ok
14:38:20.0235 0x16d8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:38:20.0251 0x16d8 MpsSvc - ok
14:38:20.0298 0x16d8 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:38:20.0298 0x16d8 MRxDAV - ok
14:38:20.0376 0x16d8 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:38:20.0376 0x16d8 mrxsmb - ok
14:38:20.0407 0x16d8 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:38:20.0407 0x16d8 mrxsmb10 - ok
14:38:20.0423 0x16d8 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:38:20.0423 0x16d8 mrxsmb20 - ok
14:38:20.0454 0x16d8 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
14:38:20.0454 0x16d8 msahci - ok
14:38:20.0469 0x16d8 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:38:20.0469 0x16d8 msdsm - ok
14:38:20.0485 0x16d8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
14:38:20.0503 0x16d8 MSDTC - ok
14:38:20.0566 0x16d8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:38:20.0566 0x16d8 Msfs - ok
14:38:20.0566 0x16d8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:38:20.0566 0x16d8 mshidkmdf - ok
14:38:20.0582 0x16d8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:38:20.0582 0x16d8 msisadrv - ok
14:38:20.0629 0x16d8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:38:20.0629 0x16d8 MSiSCSI - ok
14:38:20.0644 0x16d8 msiserver - ok
14:38:20.0660 0x16d8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:38:20.0660 0x16d8 MSKSSRV - ok
14:38:20.0660 0x16d8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:38:20.0660 0x16d8 MSPCLOCK - ok
14:38:20.0691 0x16d8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:38:20.0691 0x16d8 MSPQM - ok
14:38:20.0738 0x16d8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:38:20.0738 0x16d8 MsRPC - ok
14:38:20.0769 0x16d8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:38:20.0769 0x16d8 mssmbios - ok
14:38:20.0785 0x16d8 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:38:20.0785 0x16d8 MSTEE - ok
14:38:20.0800 0x16d8 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:38:20.0800 0x16d8 MTConfig - ok
14:38:20.0816 0x16d8 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
14:38:20.0816 0x16d8 Mup - ok
14:38:20.0863 0x16d8 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
14:38:20.0878 0x16d8 napagent - ok
14:38:20.0910 0x16d8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:38:20.0910 0x16d8 NativeWifiP - ok
14:38:20.0941 0x16d8 [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS C:\Windows\system32\drivers\ndis.sys
14:38:20.0956 0x16d8 NDIS - ok
14:38:20.0972 0x16d8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:38:20.0972 0x16d8 NdisCap - ok
14:38:20.0988 0x16d8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:38:21.0003 0x16d8 NdisTapi - ok
14:38:21.0036 0x16d8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:38:21.0038 0x16d8 Ndisuio - ok
14:38:21.0073 0x16d8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:38:21.0077 0x16d8 NdisWan - ok
14:38:21.0099 0x16d8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:38:21.0099 0x16d8 NDProxy - ok
14:38:21.0115 0x16d8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:38:21.0115 0x16d8 NetBIOS - ok
14:38:21.0177 0x16d8 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:38:21.0177 0x16d8 NetBT - ok
14:38:21.0208 0x16d8 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] Netlogon C:\Windows\system32\lsass.exe
14:38:21.0208 0x16d8 Netlogon - ok
14:38:21.0255 0x16d8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
14:38:21.0271 0x16d8 Netman - ok
14:38:21.0333 0x16d8 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:38:21.0333 0x16d8 NetMsmqActivator - ok
14:38:21.0349 0x16d8 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:38:21.0349 0x16d8 NetPipeActivator - ok
14:38:21.0364 0x16d8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
14:38:21.0364 0x16d8 netprofm - ok
14:38:21.0380 0x16d8 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:38:21.0380 0x16d8 NetTcpActivator - ok
14:38:21.0473 0x16d8 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:38:21.0489 0x16d8 NetTcpPortSharing - ok
14:38:21.0505 0x16d8 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:38:21.0505 0x16d8 nfrd960 - ok
14:38:21.0536 0x16d8 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
14:38:21.0551 0x16d8 NlaSvc - ok
14:38:21.0567 0x16d8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:38:21.0567 0x16d8 Npfs - ok
14:38:21.0617 0x16d8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
14:38:21.0617 0x16d8 nsi - ok
14:38:21.0632 0x16d8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:38:21.0632 0x16d8 nsiproxy - ok
14:38:21.0710 0x16d8 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:38:21.0741 0x16d8 Ntfs - ok
14:38:21.0929 0x16d8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
14:38:21.0929 0x16d8 Null - ok
14:38:21.0960 0x16d8 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:38:21.0960 0x16d8 nvraid - ok
14:38:21.0979 0x16d8 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:38:21.0983 0x16d8 nvstor - ok
14:38:21.0997 0x16d8 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:38:22.0000 0x16d8 nv_agp - ok
14:38:22.0012 0x16d8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:38:22.0028 0x16d8 ohci1394 - ok
14:38:22.0090 0x16d8 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:38:22.0090 0x16d8 ose - ok
14:38:22.0122 0x16d8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:38:22.0141 0x16d8 p2pimsvc - ok
14:38:22.0214 0x16d8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
14:38:22.0245 0x16d8 p2psvc - ok
14:38:22.0260 0x16d8 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:38:22.0260 0x16d8 Parport - ok
14:38:22.0292 0x16d8 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:38:22.0307 0x16d8 partmgr - ok
14:38:22.0354 0x16d8 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:38:22.0354 0x16d8 PcaSvc - ok
14:38:22.0416 0x16d8 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
14:38:22.0416 0x16d8 pci - ok
14:38:22.0448 0x16d8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
14:38:22.0463 0x16d8 pciide - ok
14:38:22.0494 0x16d8 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:38:22.0494 0x16d8 pcmcia - ok
14:38:22.0510 0x16d8 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
14:38:22.0526 0x16d8 pcw - ok
14:38:22.0604 0x16d8 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:38:22.0619 0x16d8 PEAUTH - ok
14:38:22.0716 0x16d8 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
14:38:22.0747 0x16d8 PeerDistSvc - ok
14:38:22.0905 0x16d8 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:38:22.0905 0x16d8 PerfHost - ok
14:38:23.0092 0x16d8 [ 087A343DFC337F37723DD7912DE6B6CD, AE11C28A01D4FC2CCB36C5956D9414AEBA8AFC4A868047CC691F32CF31E44AAC ] PID_PEPI C:\Windows\system32\DRIVERS\LV302V64.SYS
14:38:23.0155 0x16d8 PID_PEPI - ok
14:38:23.0241 0x16d8 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
14:38:23.0260 0x16d8 pla - ok
14:38:23.0323 0x16d8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:38:23.0323 0x16d8 PlugPlay - ok
14:38:23.0338 0x16d8 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:38:23.0338 0x16d8 PNRPAutoReg - ok
14:38:23.0354 0x16d8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:38:23.0369 0x16d8 PNRPsvc - ok
14:38:23.0401 0x16d8 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:38:23.0432 0x16d8 PolicyAgent - ok
14:38:23.0447 0x16d8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
14:38:23.0479 0x16d8 Power - ok
14:38:23.0494 0x16d8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:38:23.0494 0x16d8 PptpMiniport - ok
14:38:23.0525 0x16d8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:38:23.0525 0x16d8 Processor - ok
14:38:23.0541 0x16d8 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
14:38:23.0557 0x16d8 ProfSvc - ok
14:38:23.0572 0x16d8 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:38:23.0572 0x16d8 ProtectedStorage - ok
14:38:23.0619 0x16d8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:38:23.0635 0x16d8 Psched - ok
14:38:23.0681 0x16d8 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:38:23.0728 0x16d8 ql2300 - ok
14:38:23.0752 0x16d8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:38:23.0761 0x16d8 ql40xx - ok
14:38:23.0810 0x16d8 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
14:38:23.0810 0x16d8 QWAVE - ok
14:38:23.0826 0x16d8 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:38:23.0826 0x16d8 QWAVEdrv - ok
14:38:23.0842 0x16d8 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:38:23.0873 0x16d8 RasAcd - ok
14:38:23.0904 0x16d8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:38:23.0920 0x16d8 RasAgileVpn - ok
14:38:23.0920 0x16d8 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
14:38:23.0935 0x16d8 RasAuto - ok
14:38:23.0951 0x16d8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:38:23.0966 0x16d8 Rasl2tp - ok
14:38:23.0998 0x16d8 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
14:38:24.0013 0x16d8 RasMan - ok
14:38:24.0029 0x16d8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:38:24.0044 0x16d8 RasPppoe - ok
14:38:24.0060 0x16d8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:38:24.0060 0x16d8 RasSstp - ok
14:38:24.0091 0x16d8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:38:24.0091 0x16d8 rdbss - ok
14:38:24.0107 0x16d8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:38:24.0107 0x16d8 rdpbus - ok
14:38:24.0122 0x16d8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:38:24.0122 0x16d8 RDPCDD - ok
14:38:24.0154 0x16d8 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
14:38:24.0154 0x16d8 RDPDR - ok
14:38:24.0169 0x16d8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:38:24.0169 0x16d8 RDPENCDD - ok
14:38:24.0169 0x16d8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:38:24.0169 0x16d8 RDPREFMP - ok
14:38:24.0284 0x16d8 [ 76D8CC526512ECAE2AEF63B1A6D018A1, 7281AFEBA5455BB879D4BA2DBADDCF6DAC87C1040605907CC907142609985B17 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:38:24.0285 0x16d8 RdpVideoMiniport - ok
14:38:24.0317 0x16d8 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:38:24.0332 0x16d8 RDPWD - ok
14:38:24.0379 0x16d8 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:38:24.0395 0x16d8 rdyboost - ok
14:38:24.0426 0x16d8 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:38:24.0426 0x16d8 RemoteAccess - ok
14:38:24.0457 0x16d8 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:38:24.0457 0x16d8 RemoteRegistry - ok
14:38:24.0551 0x16d8 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
14:38:24.0551 0x16d8 RFCOMM - ok
14:38:24.0566 0x16d8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:38:24.0566 0x16d8 RpcEptMapper - ok
14:38:24.0582 0x16d8 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
14:38:24.0582 0x16d8 RpcLocator - ok
14:38:24.0644 0x16d8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
14:38:24.0644 0x16d8 RpcSs - ok
14:38:24.0676 0x16d8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:38:24.0676 0x16d8 rspndr - ok
14:38:24.0738 0x16d8 [ D787F86566F6EA23053D9C5F401E33B7, 82B1952A57FB800425E12FEFF5B326C7B7815980646F5359673CBC8BBB4C46CF ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
14:38:24.0769 0x16d8 RTL8167 - ok
14:38:24.0897 0x16d8 [ 52D33FBC67562C8FE82EFCD15FD79B1E, 02C86EE44679400752966DC76391AD566165E776430282B20CC7F91EC072B63A ] RTL8192cu C:\Windows\system32\DRIVERS\rtwlanu.sys
14:38:24.0928 0x16d8 RTL8192cu - ok
14:38:25.0022 0x16d8 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
14:38:25.0022 0x16d8 s3cap - ok
14:38:25.0038 0x16d8 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] SamSs C:\Windows\system32\lsass.exe
14:38:25.0038 0x16d8 SamSs - ok
14:38:25.0116 0x16d8 [ 328100AF2EFD951EAB657384EC361B6F, 2DECBF74E13511395AA13F931F06F4D557E67654DA3314D0095C332FB758B4D9 ] SamsungAllShareV2.0 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
14:38:25.0131 0x16d8 SamsungAllShareV2.0 - ok
14:38:25.0162 0x16d8 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:38:25.0162 0x16d8 sbp2port - ok
14:38:25.0209 0x16d8 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:38:25.0209 0x16d8 SCardSvr - ok
14:38:25.0303 0x16d8 [ 8475E746EB72D04F1015E6F091F50E09, 98EDC0966AD10E5EC750660824DA22ECE8D0B9D9A8AA21F61BC4FD23ACF6BA3A ] SCBackService C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe
14:38:25.0318 0x16d8 SCBackService - ok
14:38:25.0352 0x16d8 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:38:25.0353 0x16d8 scfilter - ok
14:38:25.0436 0x16d8 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
14:38:25.0451 0x16d8 Schedule - ok
14:38:25.0498 0x16d8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
14:38:25.0498 0x16d8 SCPolicySvc - ok
14:38:25.0545 0x16d8 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:38:25.0545 0x16d8 SDRSVC - ok
14:38:25.0701 0x16d8 [ E3B41B1EACED9CB457BED1776FEECBAD, A99D34CA4350A78FF734F6401A8EC4FBE62D0982058DBB713716EAA0FB70E9C0 ] SearchProtectionService C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
14:38:25.0701 0x16d8 SearchProtectionService - ok
14:38:25.0717 0x16d8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:38:25.0717 0x16d8 secdrv - ok
14:38:25.0748 0x16d8 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
14:38:25.0748 0x16d8 seclogon - ok
14:38:25.0763 0x16d8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
14:38:25.0763 0x16d8 SENS - ok
14:38:25.0795 0x16d8 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:38:25.0795 0x16d8 SensrSvc - ok
14:38:25.0826 0x16d8 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:38:25.0826 0x16d8 Serenum - ok
14:38:25.0857 0x16d8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:38:25.0857 0x16d8 Serial - ok
14:38:25.0875 0x16d8 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:38:25.0875 0x16d8 sermouse - ok
14:38:25.0916 0x16d8 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
14:38:25.0916 0x16d8 SessionEnv - ok
14:38:25.0947 0x16d8 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:38:25.0947 0x16d8 sffdisk - ok
14:38:25.0979 0x16d8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:38:25.0979 0x16d8 sffp_mmc - ok
14:38:25.0994 0x16d8 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:38:25.0994 0x16d8 sffp_sd - ok
14:38:26.0010 0x16d8 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:38:26.0025 0x16d8 sfloppy - ok
14:38:26.0103 0x16d8 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:38:26.0119 0x16d8 SharedAccess - ok
14:38:26.0181 0x16d8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:38:26.0197 0x16d8 ShellHWDetection - ok
14:38:26.0246 0x16d8 [ 1980FE1F5A32067DAD1D8776B63C2669, 26B53EAF89CDBBA8FFA154DBB1F1DA348F894FE1F1D0CA4060E32496464DD5D2 ] SimpleSlideShowServer C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe
14:38:26.0261 0x16d8 SimpleSlideShowServer - ok
14:38:26.0277 0x16d8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:38:26.0277 0x16d8 SiSRaid2 - ok
14:38:26.0293 0x16d8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:38:26.0293 0x16d8 SiSRaid4 - ok
14:38:26.0402 0x16d8 [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:38:26.0402 0x16d8 SkypeUpdate - ok
14:38:26.0432 0x16d8 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:38:26.0435 0x16d8 Smb - ok
14:38:26.0466 0x16d8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:38:26.0466 0x16d8 SNMPTRAP - ok
14:38:26.0482 0x16d8 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
14:38:26.0482 0x16d8 spldr - ok
14:38:26.0560 0x16d8 [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler C:\Windows\System32\spoolsv.exe
14:38:26.0576 0x16d8 Spooler - ok
14:38:26.0716 0x16d8 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
14:38:26.0783 0x16d8 sppsvc - ok
14:38:26.0845 0x16d8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:38:26.0845 0x16d8 sppuinotify - ok
14:38:26.0908 0x16d8 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:38:26.0923 0x16d8 srv - ok
14:38:26.0939 0x16d8 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:38:26.0955 0x16d8 srv2 - ok
14:38:27.0016 0x16d8 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:38:27.0016 0x16d8 srvnet - ok
14:38:27.0047 0x16d8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:38:27.0063 0x16d8 SSDPSRV - ok
14:38:27.0078 0x16d8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:38:27.0078 0x16d8 SstpSvc - ok
14:38:27.0094 0x16d8 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:38:27.0094 0x16d8 stexstor - ok
14:38:27.0188 0x16d8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
14:38:27.0203 0x16d8 stisvc - ok
14:38:27.0234 0x16d8 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
14:38:27.0234 0x16d8 storflt - ok
14:38:27.0256 0x16d8 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
14:38:27.0269 0x16d8 storvsc - ok
14:38:27.0284 0x16d8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
14:38:27.0285 0x16d8 swenum - ok
14:38:27.0333 0x16d8 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
14:38:27.0346 0x16d8 swprv - ok
14:38:27.0369 0x16d8 Synth3dVsc - ok
14:38:27.0482 0x16d8 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
14:38:27.0520 0x16d8 SysMain - ok
14:38:27.0552 0x16d8 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:38:27.0556 0x16d8 TabletInputService - ok
14:38:27.0579 0x16d8 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
14:38:27.0586 0x16d8 TapiSrv - ok
14:38:27.0604 0x16d8 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
14:38:27.0604 0x16d8 TBS - ok
14:38:27.0713 0x16d8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:38:27.0760 0x16d8 Tcpip - ok
14:38:27.0806 0x16d8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:38:27.0853 0x16d8 TCPIP6 - ok
14:38:27.0884 0x16d8 [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:38:27.0884 0x16d8 tcpipreg - ok
14:38:27.0916 0x16d8 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:38:27.0916 0x16d8 TDPIPE - ok
14:38:27.0931 0x16d8 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:38:28.0025 0x16d8 TDTCP - ok
14:38:28.0062 0x16d8 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:38:28.0066 0x16d8 tdx - ok
14:38:28.0098 0x16d8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
14:38:28.0098 0x16d8 TermDD - ok
14:38:28.0207 0x16d8 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
14:38:28.0207 0x16d8 TermService - ok
14:38:28.0254 0x16d8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
14:38:28.0254 0x16d8 Themes - ok
14:38:28.0269 0x16d8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
14:38:28.0269 0x16d8 THREADORDER - ok
14:38:28.0300 0x16d8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
14:38:28.0316 0x16d8 TrkWks - ok
14:38:28.0363 0x16d8 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:38:28.0363 0x16d8 TrustedInstaller - ok
14:38:28.0394 0x16d8 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:38:28.0394 0x16d8 tssecsrv - ok
14:38:28.0441 0x16d8 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:38:28.0441 0x16d8 TsUsbFlt - ok
14:38:28.0456 0x16d8 tsusbhub - ok
14:38:28.0576 0x16d8 [ 258C050D197D923668B36C8D3F6A2353, 9A8CDC8FDCF24986FE963566591E2B535653837A8A63EE462126D336E6F94E97 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
14:38:28.0617 0x16d8 TuneUp.UtilitiesSvc - ok
14:38:28.0656 0x16d8 [ 45427C4B8CAC6B241478F149B935CD80, 7F772D6D00D1ADD394F5907804661C75780EE9F8DF21EF0719D3E4ABA00092B7 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys
14:38:28.0657 0x16d8 TuneUpUtilitiesDrv - ok
14:38:28.0682 0x16d8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:38:28.0698 0x16d8 tunnel - ok
14:38:28.0729 0x16d8 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:38:28.0729 0x16d8 uagp35 - ok
14:38:28.0776 0x16d8 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:38:28.0791 0x16d8 udfs - ok
14:38:28.0807 0x16d8 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:38:28.0807 0x16d8 UI0Detect - ok
14:38:28.0838 0x16d8 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:38:28.0854 0x16d8 uliagpkx - ok
14:38:28.0869 0x16d8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
14:38:28.0869 0x16d8 umbus - ok
14:38:28.0885 0x16d8 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:38:28.0885 0x16d8 UmPass - ok
14:38:28.0916 0x16d8 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
14:38:28.0932 0x16d8 UmRdpService - ok
14:38:28.0947 0x16d8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
14:38:28.0963 0x16d8 upnphost - ok
14:38:29.0010 0x16d8 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
14:38:29.0010 0x16d8 usbaudio - ok
14:38:29.0025 0x16d8 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:38:29.0025 0x16d8 usbccgp - ok
14:38:29.0057 0x16d8 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:38:29.0057 0x16d8 usbcir - ok
14:38:29.0072 0x16d8 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:38:29.0072 0x16d8 usbehci - ok
14:38:29.0103 0x16d8 [ 573D192E268F0C5B486B7E96F661E538, 0F32BD82CA7B5D4DE234EFC6527EF4C854BD15B3057FE4A0151C70115493FFDC ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
14:38:29.0119 0x16d8 usbfilter - ok
14:38:29.0165 0x16d8 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:38:29.0165 0x16d8 usbhub - ok
14:38:29.0181 0x16d8 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
14:38:29.0181 0x16d8 usbohci - ok
14:38:29.0196 0x16d8 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:38:29.0196 0x16d8 usbprint - ok
14:38:29.0228 0x16d8 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
14:38:29.0228 0x16d8 USBSTOR - ok
14:38:29.0259 0x16d8 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:38:29.0274 0x16d8 usbuhci - ok
14:38:29.0306 0x16d8 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
14:38:29.0306 0x16d8 usb_rndisx - ok
14:38:29.0352 0x16d8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
14:38:29.0352 0x16d8 UxSms - ok
14:38:29.0368 0x16d8 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] VaultSvc C:\Windows\system32\lsass.exe
14:38:29.0368 0x16d8 VaultSvc - ok
14:38:29.0399 0x16d8 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:38:29.0399 0x16d8 vdrvroot - ok
14:38:29.0477 0x16d8 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
14:38:29.0493 0x16d8 vds - ok
14:38:29.0508 0x16d8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:38:29.0508 0x16d8 vga - ok
14:38:29.0540 0x16d8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
14:38:29.0540 0x16d8 VgaSave - ok
14:38:29.0555 0x16d8 VGPU - ok
14:38:29.0586 0x16d8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:38:29.0602 0x16d8 vhdmp - ok
14:38:29.0633 0x16d8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
14:38:29.0656 0x16d8 viaide - ok
14:38:29.0700 0x16d8 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
14:38:29.0700 0x16d8 vmbus - ok
14:38:29.0731 0x16d8 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
14:38:29.0731 0x16d8 VMBusHID - ok
14:38:29.0747 0x16d8 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:38:29.0747 0x16d8 volmgr - ok
14:38:29.0825 0x16d8 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:38:29.0856 0x16d8 volmgrx - ok
14:38:29.0887 0x16d8 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:38:29.0903 0x16d8 volsnap - ok
14:38:29.0965 0x16d8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:38:29.0965 0x16d8 vsmraid - ok
14:38:30.0090 0x16d8 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
14:38:30.0121 0x16d8 VSS - ok
14:38:30.0121 0x16d8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:38:30.0137 0x16d8 vwifibus - ok
14:38:30.0152 0x16d8 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] VWiFiFlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:38:30.0152 0x16d8 VWiFiFlt - ok
14:38:30.0192 0x16d8 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
14:38:30.0193 0x16d8 vwifimp - ok
14:38:30.0218 0x16d8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
14:38:30.0226 0x16d8 W32Time - ok
14:38:30.0233 0x16d8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:38:30.0233 0x16d8 WacomPen - ok
14:38:30.0265 0x16d8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:38:30.0280 0x16d8 WANARP - ok
14:38:30.0280 0x16d8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:38:30.0280 0x16d8 Wanarpv6 - ok
14:38:30.0374 0x16d8 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:38:30.0405 0x16d8 WatAdminSvc - ok
14:38:30.0545 0x16d8 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
14:38:30.0577 0x16d8 wbengine - ok
14:38:30.0592 0x16d8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:38:30.0592 0x16d8 WbioSrvc - ok
14:38:30.0639 0x16d8 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:38:30.0655 0x16d8 wcncsvc - ok
14:38:30.0655 0x16d8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:38:30.0670 0x16d8 WcsPlugInService - ok
14:38:30.0710 0x16d8 [ E47E66538692B1CFD6CC8021546FCC83, EF8EB285D815437B1E6A2A78AE4C2FC751C77ACEA4EB626E092D8E6012D725EF ] WCUService_STC_FF C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe
14:38:30.0723 0x16d8 WCUService_STC_FF - ok
14:38:30.0798 0x16d8 [ 147C60622CB53E901EFD8BB6D44A4C46, 453E9DDBE17C9C54C60BD160BBA045B39914A70B6DF7B6C530D68333944C43FB ] WCUService_STC_IE C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe
14:38:30.0814 0x16d8 WCUService_STC_IE - ok
14:38:30.0845 0x16d8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:38:30.0845 0x16d8 Wd - ok
14:38:30.0923 0x16d8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:38:30.0954 0x16d8 Wdf01000 - ok
14:38:30.0985 0x16d8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:38:31.0001 0x16d8 WdiServiceHost - ok
14:38:31.0001 0x16d8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:38:31.0001 0x16d8 WdiSystemHost - ok
14:38:31.0032 0x16d8 [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient C:\Windows\System32\webclnt.dll
14:38:31.0048 0x16d8 WebClient - ok
14:38:31.0079 0x16d8 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:38:31.0079 0x16d8 Wecsvc - ok
14:38:31.0094 0x16d8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:38:31.0110 0x16d8 wercplsupport - ok
14:38:31.0126 0x16d8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
14:38:31.0126 0x16d8 WerSvc - ok
14:38:31.0141 0x16d8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:38:31.0141 0x16d8 WfpLwf - ok
14:38:31.0157 0x16d8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:38:31.0172 0x16d8 WIMMount - ok
14:38:31.0204 0x16d8 WinDefend - ok
14:38:31.0219 0x16d8 WinHttpAutoProxySvc - ok
14:38:31.0298 0x16d8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:38:31.0304 0x16d8 Winmgmt - ok
14:38:31.0447 0x16d8 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
14:38:31.0494 0x16d8 WinRM - ok
14:38:31.0556 0x16d8 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:38:31.0572 0x16d8 WinUsb - ok
14:38:31.0618 0x16d8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:38:31.0634 0x16d8 Wlansvc - ok
14:38:31.0808 0x16d8 [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:38:31.0864 0x16d8 wlidsvc - ok
14:38:31.0927 0x16d8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:38:31.0942 0x16d8 WmiAcpi - ok
14:38:31.0978 0x16d8 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:38:31.0982 0x16d8 wmiApSrv - ok
14:38:32.0054 0x16d8 WMPNetworkSvc - ok
14:38:32.0079 0x16d8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:38:32.0087 0x16d8 WPCSvc - ok
14:38:32.0111 0x16d8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:38:32.0111 0x16d8 WPDBusEnum - ok
14:38:32.0142 0x16d8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:38:32.0142 0x16d8 ws2ifsl - ok
14:38:32.0157 0x16d8 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
14:38:32.0173 0x16d8 wscsvc - ok
14:38:32.0173 0x16d8 WSearch - ok
14:38:32.0329 0x16d8 [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv C:\Windows\system32\wuaueng.dll
14:38:32.0391 0x16d8 wuauserv - ok
14:38:32.0438 0x16d8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:38:32.0438 0x16d8 WudfPf - ok
14:38:32.0485 0x16d8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:38:32.0485 0x16d8 WUDFRd - ok
14:38:32.0501 0x16d8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:38:32.0516 0x16d8 wudfsvc - ok
14:38:32.0532 0x16d8 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
14:38:32.0547 0x16d8 WwanSvc - ok
14:38:32.0579 0x16d8 xhunter1 - ok
14:38:32.0610 0x16d8 ================ Scan global ===============================
14:38:32.0672 0x16d8 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
14:38:32.0735 0x16d8 [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll
14:38:32.0750 0x16d8 [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll
14:38:32.0781 0x16d8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
14:38:32.0828 0x16d8 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
14:38:32.0828 0x16d8 [ Global ] - ok
14:38:32.0828 0x16d8 ================ Scan MBR ==================================
14:38:32.0844 0x16d8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:38:33.0109 0x16d8 \Device\Harddisk0\DR0 - ok
14:38:33.0109 0x16d8 ================ Scan VBR ==================================
14:38:33.0109 0x16d8 [ F0D901DAC240BF37F4991F7B76120E87 ] \Device\Harddisk0\DR0\Partition1
14:38:33.0125 0x16d8 \Device\Harddisk0\DR0\Partition1 - ok
14:38:33.0140 0x16d8 [ 8CE7586ECBB8699BBE2BB8707DF358C5 ] \Device\Harddisk0\DR0\Partition2
14:38:33.0140 0x16d8 \Device\Harddisk0\DR0\Partition2 - ok
14:38:33.0156 0x16d8 ================ Scan generic autorun ======================
14:38:33.0795 0x16d8 [ 023FAC742820932580B68DB91E0D7B6A, 9B2AF05CBA9BB153A2EE959BA9911A93E9C75CFDF8E040D8E3D86CB9BD505091 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
14:38:34.0107 0x16d8 RtHDVCpl - ok
14:38:34.0170 0x16d8 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
14:38:34.0170 0x16d8 Logitech Download Assistant - ok
14:38:34.0310 0x16d8 [ 66177D4C99FD8B578C7C56DE445E4D5D, 003D0254D7C693A72DE84CB76858F8D67D9FD62206F1B56DF7F5D0FA834C3BA7 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
14:38:34.0326 0x16d8 avgnt - ok
14:38:34.0435 0x16d8 [ BC51263DEF5774BF213BFA05AE046705, 0C806870985CCE346BB891866B038DFE89BE90E55657442D6E74E1DC02730A91 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
14:38:34.0451 0x16d8 StartCCC - ok
14:38:34.0529 0x16d8 [ A097F470DB5D1B09CAD8C177C72FB267, 1B498F3EE1D44CC2BD30D92CFF47EA9BA66DD529C64A81FC6A5730EC2A427860 ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
14:38:34.0544 0x16d8 Avira Systray - ok
14:38:34.0653 0x16d8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:38:34.0669 0x16d8 Sidebar - ok
14:38:34.0685 0x16d8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:38:34.0700 0x16d8 mctadmin - ok
14:38:34.0731 0x16d8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:38:34.0763 0x16d8 Sidebar - ok
14:38:34.0779 0x16d8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:38:34.0779 0x16d8 mctadmin - ok
14:38:34.0842 0x16d8 [ C1DCF54DA67BA34970C1F9A139F7302B, C70CBAC304B60C2DB506090BD1E9C168E47B4A7548D51B51F6B38AE05D54A87A ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
14:38:34.0888 0x16d8 GoogleChromeAutoLaunch_8C08A43057843DCE2F430EE89329B7BA - ok
14:38:34.0888 0x16d8 Waiting for KSN requests completion. In queue: 51
14:38:35.0903 0x16d8 Waiting for KSN requests completion. In queue: 51
14:38:36.0917 0x16d8 Waiting for KSN requests completion. In queue: 51
14:38:38.0083 0x16d8 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.10.414 ), 0x40000 ( disabled : updated )
14:38:38.0114 0x16d8 Win FW state via NFP2: enabled
14:38:40.0865 0x16d8 ============================================================
14:38:40.0865 0x16d8 Scan finished
14:38:40.0865 0x16d8 ============================================================
14:38:40.0867 0x06b8 Detected object count: 0
14:38:40.0867 0x06b8 Actual detected object count: 0
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2014.11.18.05
rootkit: v2014.11.12.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17728
Zeus :: ZEUS-PC [administrator]
20/5/2015 2:36:53 μμ
mbar-log-2015-05-20 (14-36-53).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 322448
Time elapsed: 9 minute(s), 58 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
21.05.2015, 07:50
| #6 |
| /// the machine /// TB-Ausbilder | langsamer computer Kannste entfernen  Scan mit Combofix
__________________ --> langsamer computer |
|
21.05.2015, 10:26
| #7 |
| | langsamer computerCode:
ATTFilter ComboFix 15-05-19.01 - Zeus 21/05/2015 11:55:37.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1031.18.3581.1783 [GMT 3:00]
ausgeführt von:: c:\users\Zeus\Desktop\ComboFix.exe
AV: Avira Antivirus *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Antivirus *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Zeus\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\Zeus\AppData\Roaming\35453035-1427285135-4235-3346-4441FFFFFFFF
c:\users\Zeus\AppData\Roaming\35453035-1427285135-4235-3346-4441FFFFFFFF\jnsaE6F5.tmp
c:\users\Zeus\AppData\Roaming\35453035-1427285135-4235-3346-4441FFFFFFFF\nsu9305.tmpfs
c:\users\Zeus\AppData\Roaming\35453035-1427285135-4235-3346-4441FFFFFFFF\vnse36BC.tmp
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-04-21 bis 2015-05-21 ))))))))))))))))))))))))))))))
.
.
2015-05-20 11:36 . 2015-05-20 11:36 -------- d-----w- c:\programdata\Malwarebytes
2015-05-20 11:36 . 2015-05-20 11:49 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-05-20 11:36 . 2015-05-20 11:36 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-05-20 11:35 . 2015-05-20 11:35 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-05-19 21:04 . 2015-05-21 08:45 -------- d-----w- C:\FRST
2015-05-17 17:01 . 2014-07-16 07:24 40760 ----a-w- c:\windows\system32\TURegOpt.exe
2015-05-17 17:01 . 2014-07-16 07:24 29496 ----a-w- c:\windows\system32\authuitu.dll
2015-05-17 17:01 . 2014-07-16 07:24 25400 ----a-w- c:\windows\SysWow64\authuitu.dll
2015-05-17 17:01 . 2015-05-17 17:01 -------- d-----w- c:\users\Zeus\AppData\Roaming\TuneUp Software
2015-05-17 17:01 . 2015-05-17 17:01 -------- d-----w- c:\users\Zeus\AppData\Local\TuneUp Software
2015-05-17 17:00 . 2015-05-17 17:01 -------- d-----w- c:\program files (x86)\TuneUp Utilities 2014
2015-05-17 16:58 . 2015-05-17 17:09 -------- d-sh--w- c:\programdata\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2015-05-17 16:58 . 2015-05-17 16:58 -------- d--h--w- c:\programdata\Common Files
2015-05-17 16:58 . 2015-05-17 17:01 -------- d-----w- c:\programdata\TuneUp Software
2015-05-12 19:08 . 2015-05-12 19:08 -------- d-sh--w- c:\users\Zeus\AppData\Local\EmieUserList
2015-05-12 19:08 . 2015-05-12 19:08 -------- d-sh--w- c:\users\Zeus\AppData\Local\EmieSiteList
2015-05-12 19:08 . 2015-05-12 19:08 -------- d-sh--w- c:\users\Zeus\AppData\Local\EmieBrowserModeList
2015-05-10 10:44 . 2015-05-10 10:44 -------- d-----w- c:\users\Zeus\AppData\Local\TomTom
2015-05-10 10:44 . 2015-05-10 10:44 -------- d-----w- c:\program files (x86)\TomTom International B.V
2015-05-10 10:44 . 2015-05-10 10:44 -------- d-----w- c:\program files (x86)\MyDrive Connect
2015-04-22 15:38 . 2013-10-14 15:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2015-04-22 15:25 . 2015-04-22 15:25 942592 ----a-w- c:\windows\system32\jsIntl.dll
2015-04-22 15:23 . 2015-04-22 15:23 878080 ----a-w- c:\windows\system32\advapi32.dll
2015-04-22 15:23 . 2015-04-22 15:23 859648 ----a-w- c:\windows\system32\tdh.dll
2015-04-22 15:23 . 2015-04-22 15:23 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
2015-04-22 15:23 . 2015-04-22 15:23 619520 ----a-w- c:\windows\SysWow64\tdh.dll
2015-04-22 15:22 . 2015-04-22 15:22 327168 ----a-w- c:\windows\system32\mswsock.dll
2015-04-22 15:22 . 2015-04-22 15:22 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2015-04-22 15:16 . 2015-04-22 15:16 1887232 ----a-w- c:\windows\system32\d3d11.dll
2015-04-22 15:16 . 2015-04-22 15:16 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2015-04-22 13:25 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2015-04-22 13:25 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2015-04-22 13:25 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2015-04-22 13:25 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2015-04-22 13:25 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2015-04-22 13:25 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2015-04-22 13:25 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2015-04-22 13:25 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2015-04-22 13:16 . 2014-07-16 03:23 2048 ----a-w- c:\windows\system32\tzres.dll
2015-04-22 13:16 . 2014-07-16 02:46 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2015-04-22 13:15 . 2013-07-26 02:24 197120 ----a-w- c:\windows\system32\shdocvw.dll
2015-04-22 13:15 . 2014-08-12 02:02 878080 ----a-w- c:\windows\system32\IMJP10K.DLL
2015-04-22 13:15 . 2014-08-12 01:36 701440 ----a-w- c:\windows\SysWow64\IMJP10K.DLL
2015-04-22 13:15 . 2014-12-06 04:17 303616 ----a-w- c:\windows\system32\nlasvc.dll
2015-04-22 13:15 . 2014-12-06 03:50 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll
2015-04-22 13:15 . 2014-12-06 03:50 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2015-04-22 13:15 . 2012-10-03 17:44 70656 ----a-w- c:\windows\system32\nlaapi.dll
2015-04-22 13:15 . 2012-10-03 17:44 216576 ----a-w- c:\windows\system32\ncsi.dll
2015-04-22 13:15 . 2013-07-04 12:50 633856 ----a-w- c:\windows\system32\comctl32.dll
2015-04-22 13:15 . 2013-07-04 11:50 530432 ----a-w- c:\windows\SysWow64\comctl32.dll
2015-04-22 13:14 . 2015-02-25 03:18 754688 ----a-w- c:\windows\system32\drivers\http.sys
2015-04-22 13:14 . 2014-04-25 02:34 801280 ----a-w- c:\windows\system32\usp10.dll
2015-04-22 13:14 . 2014-04-25 02:06 626688 ----a-w- c:\windows\SysWow64\usp10.dll
2015-04-22 13:14 . 2014-10-18 02:05 861696 ----a-w- c:\windows\system32\oleaut32.dll
2015-04-22 13:14 . 2014-10-18 01:33 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2015-04-22 13:14 . 2014-10-25 01:57 77824 ----a-w- c:\windows\system32\packager.dll
2015-04-22 13:14 . 2014-10-25 01:32 67584 ----a-w- c:\windows\SysWow64\packager.dll
2015-04-22 13:14 . 2013-04-26 05:51 751104 ----a-w- c:\windows\system32\win32spl.dll
2015-04-22 13:14 . 2013-04-26 04:55 492544 ----a-w- c:\windows\SysWow64\win32spl.dll
2015-04-22 13:09 . 2013-07-20 10:33 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-04-22 13:09 . 2013-07-20 10:33 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-04-22 12:41 . 2015-04-22 12:41 -------- d-----w- c:\windows\SysWow64\Wat
2015-04-22 12:41 . 2015-04-22 12:41 -------- d-----w- c:\windows\system32\Wat
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-05-19 13:43 . 2014-06-22 13:39 152744 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2015-05-19 13:43 . 2014-06-22 13:39 132120 ----a-w- c:\windows\system32\drivers\avipbb.sys
2015-04-17 16:18 . 2014-06-23 12:21 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-04-17 16:18 . 2014-06-23 12:21 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-04-17 16:18 . 2015-04-17 16:18 18178736 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2015-04-01 08:16 . 2014-06-22 17:22 128913832 ----a-w- c:\windows\system32\MRT.exe
2015-03-25 03:24 . 2015-04-18 19:02 98304 ----a-w- c:\windows\system32\wudriver.dll
2015-03-25 03:24 . 2015-04-18 19:02 37376 ----a-w- c:\windows\system32\wups2.dll
2015-03-25 03:24 . 2015-04-18 19:02 35328 ----a-w- c:\windows\system32\wups.dll
2015-03-25 03:24 . 2015-04-18 19:02 3298816 ----a-w- c:\windows\system32\wucltux.dll
2015-03-25 03:24 . 2015-04-18 19:02 2553856 ----a-w- c:\windows\system32\wuaueng.dll
2015-03-25 03:24 . 2015-04-18 19:02 191488 ----a-w- c:\windows\system32\wuwebv.dll
2015-03-25 03:24 . 2015-04-18 19:02 696320 ----a-w- c:\windows\system32\wuapi.dll
2015-03-25 03:24 . 2015-04-18 19:02 60416 ----a-w- c:\windows\system32\WinSetupUI.dll
2015-03-25 03:23 . 2015-04-18 19:02 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2015-03-25 03:23 . 2015-04-18 19:02 36864 ----a-w- c:\windows\system32\wuapp.exe
2015-03-25 03:23 . 2015-04-18 19:02 135168 ----a-w- c:\windows\system32\wuauclt.exe
2015-03-25 03:00 . 2015-04-18 19:02 92672 ----a-w- c:\windows\SysWow64\wudriver.dll
2015-03-25 03:00 . 2015-04-18 19:02 566784 ----a-w- c:\windows\SysWow64\wuapi.dll
2015-03-25 03:00 . 2015-04-18 19:02 29696 ----a-w- c:\windows\SysWow64\wups.dll
2015-03-25 03:00 . 2015-04-18 19:02 173056 ----a-w- c:\windows\SysWow64\wuwebv.dll
2015-03-25 03:00 . 2015-04-18 19:02 33792 ----a-w- c:\windows\SysWow64\wuapp.exe
2015-03-17 05:22 . 2015-04-18 18:59 5557696 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-03-17 05:22 . 2015-04-18 18:59 95672 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2015-03-17 05:22 . 2015-04-18 18:59 155576 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2015-03-17 05:19 . 2015-04-18 18:59 1727904 ----a-w- c:\windows\system32\ntdll.dll
2015-03-17 05:17 . 2015-04-18 18:59 362496 ----a-w- c:\windows\system32\wow64win.dll
2015-03-17 05:17 . 2015-04-18 18:59 243712 ----a-w- c:\windows\system32\wow64.dll
2015-03-17 05:17 . 2015-04-18 18:59 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2015-03-17 05:16 . 2015-04-18 18:59 215040 ----a-w- c:\windows\system32\winsrv.dll
2015-03-17 05:16 . 2015-04-18 18:59 210944 ----a-w- c:\windows\system32\wdigest.dll
2015-03-17 05:16 . 2015-04-18 18:59 86528 ----a-w- c:\windows\system32\TSpkg.dll
2015-03-17 05:16 . 2015-04-18 18:59 29184 ----a-w- c:\windows\system32\sspisrv.dll
2015-03-17 05:16 . 2015-04-18 18:59 136192 ----a-w- c:\windows\system32\sspicli.dll
2015-03-17 05:16 . 2015-04-18 18:59 503808 ----a-w- c:\windows\system32\srcore.dll
2015-03-17 05:16 . 2015-04-18 18:59 50176 ----a-w- c:\windows\system32\srclient.dll
2015-03-17 05:16 . 2015-04-18 18:59 28160 ----a-w- c:\windows\system32\secur32.dll
2015-03-17 05:16 . 2015-04-18 18:59 341504 ----a-w- c:\windows\system32\schannel.dll
2015-03-17 05:16 . 2015-04-18 18:59 309760 ----a-w- c:\windows\system32\ncrypt.dll
2015-03-17 05:16 . 2015-04-18 18:59 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2015-03-17 05:16 . 2015-04-18 18:59 314880 ----a-w- c:\windows\system32\msv1_0.dll
2015-03-17 05:16 . 2015-04-18 18:59 1461760 ----a-w- c:\windows\system32\lsasrv.dll
2015-03-17 05:16 . 2015-04-18 18:59 728064 ----a-w- c:\windows\system32\kerberos.dll
2015-03-17 05:16 . 2015-04-18 18:59 424448 ----a-w- c:\windows\system32\KernelBase.dll
2015-03-17 05:16 . 2015-04-18 18:59 1163264 ----a-w- c:\windows\system32\kernel32.dll
2015-03-17 05:16 . 2015-04-18 18:59 43520 ----a-w- c:\windows\system32\csrsrv.dll
2015-03-17 05:16 . 2015-04-18 18:59 22016 ----a-w- c:\windows\system32\credssp.dll
2015-03-17 05:16 . 2015-04-18 18:59 112640 ----a-w- c:\windows\system32\smss.exe
2015-03-17 05:16 . 2015-04-18 18:59 296960 ----a-w- c:\windows\system32\rstrui.exe
2015-03-17 05:15 . 2015-04-18 18:59 31232 ----a-w- c:\windows\system32\lsass.exe
2015-03-17 05:15 . 2015-04-18 18:59 338432 ----a-w- c:\windows\system32\conhost.exe
2015-03-17 05:15 . 2015-04-18 18:59 64000 ----a-w- c:\windows\system32\auditpol.exe
2015-03-17 05:13 . 2015-04-18 18:59 60416 ----a-w- c:\windows\system32\msobjs.dll
2015-03-17 05:13 . 2015-04-18 18:59 146432 ----a-w- c:\windows\system32\msaudite.dll
2015-03-17 05:11 . 2015-04-18 18:59 6656 ----a-w- c:\windows\system32\apisetschema.dll
2015-03-17 05:11 . 2015-04-18 18:59 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-03-17 05:11 . 2015-04-18 18:59 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-03-17 05:11 . 2015-04-18 18:59 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-03-17 05:11 . 2015-04-18 18:59 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-03-17 05:11 . 2015-04-18 18:59 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-03-17 05:11 . 2015-04-18 18:59 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-03-17 05:11 . 2015-04-18 18:59 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-03-17 05:11 . 2015-04-18 18:59 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-03-17 05:11 . 2015-04-18 18:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-03-17 05:11 . 2015-04-18 18:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-03-17 05:11 . 2015-04-18 18:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-03-17 05:11 . 2015-04-18 18:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-03-17 05:11 . 2015-04-18 18:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-03-17 05:11 . 2015-04-18 18:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-03-17 05:11 . 2015-04-18 18:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-03-17 05:11 . 2015-04-18 18:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-03-17 05:11 . 2015-04-18 18:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-03-17 05:11 . 2015-04-18 18:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-03-17 05:11 . 2015-04-18 18:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-03-17 05:11 . 2015-04-18 18:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-03-17 05:11 . 2015-04-18 18:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-03-17 05:11 . 2015-04-18 18:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-03-17 05:11 . 2015-04-18 18:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-03-17 05:11 . 2015-04-18 18:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-03-17 05:11 . 2015-04-18 18:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-03-17 05:11 . 2015-04-18 18:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-03-17 05:11 . 2015-04-18 18:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-03-17 05:11 . 2015-04-18 18:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-03-17 05:11 . 2015-04-18 18:59 686080 ----a-w- c:\windows\system32\adtschema.dll
2015-03-17 05:01 . 2015-04-18 18:59 3976632 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-03-17 05:01 . 2015-04-18 18:59 3920824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-03-17 04:59 . 2015-04-18 18:59 1309696 ----a-w- c:\windows\SysWow64\ntdll.dll
2015-03-17 04:57 . 2015-04-18 18:59 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2015-03-17 04:57 . 2015-04-18 18:59 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2015-03-17 04:57 . 2015-04-18 18:59 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2015-03-17 04:57 . 2015-04-18 18:59 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-03-17 04:57 . 2015-04-18 18:59 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2015-03-17 04:57 . 2015-04-18 18:59 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2015-03-17 04:57 . 2015-04-18 18:59 221184 ----a-w- c:\windows\SysWow64\ncrypt.dll
2015-03-17 04:57 . 2015-04-18 18:59 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll
2015-03-17 04:57 . 2015-04-18 18:59 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2015-03-17 04:56 . 2015-04-18 18:59 17408 ----a-w- c:\windows\SysWow64\credssp.dll
2015-03-17 04:56 . 2015-04-18 18:59 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-03-17 04:56 . 2015-04-18 18:59 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2015-03-17 04:56 . 2015-04-18 18:59 50176 ----a-w- c:\windows\SysWow64\auditpol.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{0F3DC9E0-C459-4a40-BCF8-747BD9322E10}"= "c:\program files (x86)\Splashtop\Splashtop Connect IE\AddressBarSearch.dll" [2011-03-04 165776]
.
[HKEY_CLASSES_ROOT\clsid\{0f3dc9e0-c459-4a40-bcf8-747bd9322e10}]
[HKEY_CLASSES_ROOT\AddressBarSearch.SearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E8E0178-00EF-413d-9324-E7B3E31572E3}]
[HKEY_CLASSES_ROOT\AddressBarSearch.SearchHook]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{A18A516C-AA41-46A9-92DB-60208917E442}]
2013-12-11 14:49 184400 ----a-w- c:\program files (x86)\Avira\Internet Explorer\avira32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2014-06-06 13:07 297128 ----a-w- c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_8C08A43057843DCE2F430EE89329B7BA"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2015-05-05 812872]
"Web Companion"="c:\program files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe" [2015-03-12 1303872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2015-05-19 728312]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-06-07 336384]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2015-04-10 130048]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TP-LINK-Konfigurationstool.lnk - c:\program files (x86)\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe -nogui [2014-9-11 846848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"ZyngaGamesAgent"="c:\program files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"
"STCAgent"="c:\program files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe"
"AllShareAgent"=c:\program files (x86)\Samsung\AllShare\AllShareAgent.exe
.
R2 AntiVirMailService;Avira Email-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe [x]
R2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\amdhub30.sys;c:\windows\SYSNATIVE\DRIVERS\amdhub30.sys [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 AR9271;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athuwx.sys;c:\windows\SYSNATIVE\DRIVERS\athuwx.sys [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys;c:\windows\etdrv.sys [x]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys;c:\windows\GVTDrv64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 xhunter1;xhunter1;c:\windows\xhunter1.sys;c:\windows\xhunter1.sys [x]
R4 LavasoftTcpService;LavasoftTcpService;c:\program files (x86)\Lavasoft\Web Companion\TcpService\2.3.3.0\LavasoftTcpService.exe;c:\program files (x86)\Lavasoft\Web Companion\TcpService\2.3.3.0\LavasoftTcpService.exe [x]
R4 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot;c:\program files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe;c:\program files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [x]
R4 SamsungAllShareV2.0;Samsung AllShare PC;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [x]
R4 SCBackService;Splashtop Connect Service;c:\program files (x86)\Splashtop\Splashtop Connect\BackService.exe;c:\program files (x86)\Splashtop\Splashtop Connect\BackService.exe [x]
R4 SearchProtectionService;IE Search Set;c:\program files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe;c:\program files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [x]
R4 SimpleSlideShowServer;SimpleSlideShowServer;c:\program files (x86)\Samsung\AllShare\AllShareSlideShowService.exe;c:\program files (x86)\Samsung\AllShare\AllShareSlideShowService.exe [x]
R4 WCUService_STC_FF;Splashtop Connect Firefox Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe;c:\program files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe [x]
R4 WCUService_STC_IE;Splashtop Connect IE Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe;c:\program files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe [x]
S0 amdide64;amdide64;c:\windows\system32\DRIVERS\amdide64.sys;c:\windows\SYSNATIVE\DRIVERS\amdide64.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [x]
S3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\amdxhc.sys;c:\windows\SYSNATIVE\DRIVERS\amdxhc.sys [x]
S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\DRIVERS\LVUSBS64.sys;c:\windows\SYSNATIVE\DRIVERS\LVUSBS64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RTL8192cu;%RTL8192cu.DeviceDesc.DispName%;c:\windows\system32\DRIVERS\rtwlanu.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlanu.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-05-14 16:51 988488 ----a-w- c:\program files (x86)\Google\Chrome\Application\42.0.2311.152\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-05-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-23 16:18]
.
2015-05-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-03-03 12:45]
.
2015-05-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-03-03 12:45]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2014-05-27 15:49 357376 ----a-w- c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-06-09 11860072]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://gr.yahoo.com/?fr=vmn&type=vmn__webcompa__1_0__ya__hp_WCYID10099_swoc_campaign_150314__yaie
mDefault_Search_URL = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = about:blank
IE: Free YouTube Download
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Zeus\AppData\Roaming\Mozilla\Firefox\Profiles\iehuq9xm.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxps://gr.yahoo.com/?fr=vmn&type=vmn__webcompa__1_0__ya__hp_WCYID10099_swoc_campaign_150314__yaff
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q=
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-10 - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-10 - (no file)
AddRemove-Free FLV Converter - c:\program files (x86)\Free FLV Converter\uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-05-21 12:22:18 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2015-05-21 09:22
.
Vor Suchlauf: 11 Verzeichnis(se), 414.151.913.472 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 413.650.935.808 Bytes frei
.
- - End Of File - - 18D7BE76FE85C73642E15D2DF398960B
A36C5E4F47E84449FF07ED3517B43A31
ist es moeglich das das program combofix geholfen hat er oeffnet die seiten schneller jetzt |
|
22.05.2015, 06:45
| #8 |
| /// the machine /// TB-Ausbilder | langsamer computer KLar, aber wir sind noch nicht fertig Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
22.05.2015, 21:34
| #9 |
| | langsamer computer was ist ein frisches FRST log ? antimaleware Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 22/5/2015 Suchlauf-Zeit: 10:45:00 µµ Logdatei: 1.txt Administrator: Ja Version: 2.01.6.1022 Malware Datenbank: v2015.05.22.04 Rootkit Datenbank: v2015.05.16.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Zeus Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 358600 Verstrichene Zeit: 9 Min, 45 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente gefunden) Module: 0 (Keine schädliche Elemente gefunden) Registrierungsschlüssel: 16 PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, In Quarantäne, [c2eaade98505bd79791e7ce3d330d42c], PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, In Quarantäne, [c2eaade98505bd79791e7ce3d330d42c], PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, In Quarantäne, [c2eaade98505bd79791e7ce3d330d42c], PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, In Quarantäne, [c2eaade98505bd79791e7ce3d330d42c], PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, In Quarantäne, [c2eaade98505bd79791e7ce3d330d42c], PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, In Quarantäne, [c2eaade98505bd79791e7ce3d330d42c], PUP.Optional.DefaultSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}, In Quarantäne, [3f6d70268a00bc7a37cbc9a520e56f91], PUP.Optional.RollAround.A, HKLM\SOFTWARE\WOW6432NODE\RollAround, In Quarantäne, [19932a6c305a191d770f0fd6af54c040], PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\WOW6432NODE\SmdmF, In Quarantäne, [d8d4f5a16a20fc3a093b51b123e130d0], PUP.Optional.DefaultSearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}, In Quarantäne, [8c20158105851620689a016d838207f9], PUP.Optional.SettingsManager.A, HKU\S-1-5-21-65031845-1434384236-1651786591-1000\SOFTWARE\SmdmF, In Quarantäne, [5e4e3660602a78be6bd8a0622bd9956b], PUP.Optional.InstallCore.A, HKU\S-1-5-21-65031845-1434384236-1651786591-1000\SOFTWARE\INSTALLCORE\1I1T1Q1S, In Quarantäne, [9d0fb2e4cfbbf73fb3ff44e658ac728e], PUP.Optional.InstallCore.A, HKU\S-1-5-21-65031845-1434384236-1651786591-1000\SOFTWARE\INSTALLCORE, In Quarantäne, [3e6e0e888dfd43f3d3a14bf5f41142be], PUP.Optional.DefaultSearch.A, HKU\S-1-5-21-65031845-1434384236-1651786591-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}, In Quarantäne, [e3c9c1d5cebc0f27f1107bf33fc63dc3], PUP.Optional.RegCleanerPro.A, HKU\S-1-5-21-65031845-1434384236-1651786591-1000\SOFTWARE\SYSTWEAK\RegClean Pro, In Quarantäne, [d1dbc2d4b7d3c0768b7efc4a9174f010], PUP.Optional.SystemSpeedup, HKU\S-1-5-21-65031845-1434384236-1651786591-1000\SOFTWARE\SYSTWEAK\ssd, In Quarantäne, [f2ba99fdec9ed264e7fb8e7bb15317e9], Registrierungswerte: 10 PUP.Optional.DefaultSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}|DisplayName, default-search.net, In Quarantäne, [3f6d70268a00bc7a37cbc9a520e56f91] PUP.Optional.DefaultSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}|URL, hxxp://www.default-search.net/search?sid=503&aid=100&itype=n&ver=13898&tm=465&src=ds&p={searchTerms}, In Quarantäne, [496381159eecac8a38caf9751aebb24e] PUP.Optional.DefaultSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}|SuggestionsURL_JSON, hxxp://www.default-search.net?sid=503&aid=100&itype=n&ver=13898&tm=465&src=ds&p={searchTerms}&ft=json, In Quarantäne, [8a22296db1d94ceac240d29c9a6ba55b] PUP.Optional.DefaultSearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}|DisplayName, default-search.net, In Quarantäne, [8c20158105851620689a016d838207f9] PUP.Optional.DefaultSearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}|URL, hxxp://www.default-search.net/search?sid=503&aid=100&itype=n&ver=13898&tm=465&src=ds&p={searchTerms}, In Quarantäne, [28847521ccbea492bb478de123e2956b] PUP.Optional.DefaultSearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}|SuggestionsURL_JSON, hxxp://www.default-search.net?sid=503&aid=100&itype=n&ver=13898&tm=465&src=ds&p={searchTerms}&ft=json, In Quarantäne, [76367e1881096ec8a65c244a26df5da3] PUP.Optional.InstallCore.A, HKU\S-1-5-21-65031845-1434384236-1651786591-1000\SOFTWARE\INSTALLCORE|tb, 0N2X1N, In Quarantäne, [3e6e0e888dfd43f3d3a14bf5f41142be] PUP.Optional.DefaultSearch.A, HKU\S-1-5-21-65031845-1434384236-1651786591-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}|DisplayName, default-search.net, In Quarantäne, [e3c9c1d5cebc0f27f1107bf33fc63dc3] PUP.Optional.DefaultSearch.A, HKU\S-1-5-21-65031845-1434384236-1651786591-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}|URL, hxxp://www.default-search.net/search?sid=503&aid=100&itype=n&ver=13898&tm=465&src=ds&p={searchTerms}, In Quarantäne, [931963332b5f1224b74a165882837b85] PUP.Optional.DefaultSearch.A, HKU\S-1-5-21-65031845-1434384236-1651786591-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}|SuggestionsURL_JSON, hxxp://www.default-search.net?sid=503&aid=100&itype=n&ver=13898&tm=465&src=ds&p={searchTerms}&ft=json, In Quarantäne, [d3d9a2f48109ce68f80956185da8c63a] Registrierungsdaten: 0 (Keine schädliche Elemente gefunden) Ordner: 17 PUP.Optional.MultiPlug.A, C:\Users\Zeus\AppData\Local\35453035-1427292580-4235-3346-4441FFFFFFFF, In Quarantäne, [2587583e0387082edb3be986b055cf31], PUP.Optional.MultiPlug.A, C:\Users\Zeus\AppData\Local\35453035-1427292594-4235-3346-4441FFFFFFFF, In Quarantäne, [3b711b7bee9c57dffd1b84eb768f4ab6], PUP.Optional.MultiPlug.A, C:\Users\Zeus\AppData\Local\35453035-1427293128-4235-3346-4441FFFFFFFF, In Quarantäne, [59538610f991ad89d8407cf345c0d927], PUP.Optional.OpenCandy, C:\Users\Zeus\AppData\Roaming\OpenCandy, In Quarantäne, [0ba1bed8325891a551c7e2c7b74c4db3], PUP.Optional.OpenCandy, C:\Users\Zeus\AppData\Roaming\OpenCandy\0D983987366543829BA2475DB8D9C4E6, In Quarantäne, [0ba1bed8325891a551c7e2c7b74c4db3], PUP.Optional.CrossRider.A, C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo, In Quarantäne, [218b8d0908820f2720bed2d9d92a32ce], PUP.Optional.CrossRider.A, C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\0.2_0, In Quarantäne, [218b8d0908820f2720bed2d9d92a32ce], PUP.Optional.CrossRider.A, C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\0.2_0\_metadata, In Quarantäne, [218b8d0908820f2720bed2d9d92a32ce], PUP.Optional.CrossRider.A, C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh, In Quarantäne, [317b880ea0ea66d0343cb5f7c73cc040], PUP.Optional.CrossRider.A, C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\0.1_0, In Quarantäne, [317b880ea0ea66d0343cb5f7c73cc040], PUP.Optional.CrossRider.A, C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\0.1_0\_metadata, In Quarantäne, [317b880ea0ea66d0343cb5f7c73cc040], PUP.Optional.Datamngr.A, C:\Users\Zeus\AppData\LocalLow\DataMngr, In Quarantäne, [6745bbdbee9c75c1e0c53f6fad568f71], PUP.Optional.WebsSearches.A, C:\Users\Zeus\AppData\Roaming\webssearches, In Quarantäne, [e6c6197dbad0dd599d412f7fa55e0bf5], PUP.Optional.WebsSearches.A, C:\Users\Zeus\AppData\Roaming\webssearches\images, In Quarantäne, [e6c6197dbad0dd599d412f7fa55e0bf5], PUP.Optional.WebsSearches.A, C:\Users\Zeus\AppData\Roaming\webssearches\images\code, In Quarantäne, [e6c6197dbad0dd599d412f7fa55e0bf5], PUP.Optional.RollAround.A, C:\Program Files (x86)\Roll Around, In Quarantäne, [bcf0a6f0abdf2313d5df8c49f50e3fc1], PUP.Optional.RollAround.A, C:\Program Files (x86)\Roll Around\Extensions, In Quarantäne, [bcf0a6f0abdf2313d5df8c49f50e3fc1], Dateien: 56 PUP.Optional.Linkey.A, C:\Users\Zeus\AppData\Roaming\OpenCandy\0D983987366543829BA2475DB8D9C4E6\SettingsManagerSetup.exe, In Quarantäne, [416b395de4a6a98d02a395258d7433cd], PUP.Optional.RollAround.C, C:\Users\Zeus\AppData\Roaming\RHEng\5B416BD86796483CAF2ED7927A90861A\setup0213.exe, In Quarantäne, [4666d6c07d0d82b4dc6cf93a2bd7d42c], PUP.Optional.Outbrowse.Gen, C:\Users\Zeus\Downloads\Warriors Legends of Troy PS3.exe, In Quarantäne, [624a276f523886b0fba9ad958280ed13], Adware.Agent, C:\Users\Zeus\AppData\Local\35453035-1427293128-4235-3346-4441FFFFFFFF\insu624F.tmp, In Quarantäne, [cbe1d9bd751530068f7067e49073fc04], PUP.Optional.RollAround.A, C:\Users\Zeus\AppData\Roaming\Mozilla\Firefox\Profiles\iehuq9xm.default\extensions\{c9c8f370-8dff-4fc1-99e4-8495d1aa79c4}.xpi, In Quarantäne, [d6d61f7704862d0944ed8c5047bc7090], PUP.Optional.RollAround.A, C:\Users\Zeus\AppData\Roaming\Mozilla\Firefox\Profiles\iehuq9xm.default\extensions\{6c50e8fc-4fe8-4084-b216-9031e7319203}.xpi, In Quarantäne, [8b21781e602a50e63ff3ae2e42c133cd], PUP.Optional.MultiPlug.A, C:\Users\Zeus\AppData\Local\35453035-1427292580-4235-3346-4441FFFFFFFF\cnsg72.tmp, In Quarantäne, [2587583e0387082edb3be986b055cf31], PUP.Optional.MultiPlug.A, C:\Users\Zeus\AppData\Local\35453035-1427292594-4235-3346-4441FFFFFFFF\onsl393D.tmp, In Quarantäne, [3b711b7bee9c57dffd1b84eb768f4ab6], PUP.Optional.MultiPlug.A, C:\Users\Zeus\AppData\Local\35453035-1427292594-4235-3346-4441FFFFFFFF\snsl393B.tmp, In Quarantäne, [3b711b7bee9c57dffd1b84eb768f4ab6], PUP.Optional.MultiPlug.A, C:\Users\Zeus\AppData\Local\35453035-1427293128-4235-3346-4441FFFFFFFF\insu624F.tmp, In Quarantäne, [59538610f991ad89d8407cf345c0d927], PUP.Optional.CrossRider.A, C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\0.2_0\background.js, In Quarantäne, [218b8d0908820f2720bed2d9d92a32ce], PUP.Optional.CrossRider.A, C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\0.2_0\bookmarklet.js, In Quarantäne, [218b8d0908820f2720bed2d9d92a32ce], PUP.Optional.CrossRider.A, C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\0.2_0\icon-128.png, In Quarantäne, [218b8d0908820f2720bed2d9d92a32ce], PUP.Optional.CrossRider.A, C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\0.2_0\icon-16.png, In Quarantäne, [218b8d0908820f2720bed2d9d92a32ce], PUP.Optional.CrossRider.A, C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\0.2_0\icon-48.png, In Quarantäne, [218b8d0908820f2720bed2d9d92a32ce], PUP.Optional.CrossRider.A, C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\0.2_0\manifest.json, In Quarantäne, [218b8d0908820f2720bed2d9d92a32ce], PUP.Optional.CrossRider.A, C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\0.2_0\_metadata\computed_hashes.json, In Quarantäne, [218b8d0908820f2720bed2d9d92a32ce], PUP.Optional.CrossRider.A, C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\0.2_0\_metadata\verified_contents.json, In Quarantäne, [218b8d0908820f2720bed2d9d92a32ce], PUP.Optional.CrossRider.A, C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\0.1_0\background.js, In Quarantäne, [317b880ea0ea66d0343cb5f7c73cc040], PUP.Optional.CrossRider.A, C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\0.1_0\bookmarklet.js, In Quarantäne, [317b880ea0ea66d0343cb5f7c73cc040], PUP.Optional.CrossRider.A, C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\0.1_0\icon-128.png, In Quarantäne, [317b880ea0ea66d0343cb5f7c73cc040], PUP.Optional.CrossRider.A, C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\0.1_0\icon-16.png, In Quarantäne, [317b880ea0ea66d0343cb5f7c73cc040], PUP.Optional.CrossRider.A, C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\0.1_0\icon-48.png, In Quarantäne, [317b880ea0ea66d0343cb5f7c73cc040], PUP.Optional.CrossRider.A, C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\0.1_0\manifest.json, In Quarantäne, [317b880ea0ea66d0343cb5f7c73cc040], PUP.Optional.CrossRider.A, C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\0.1_0\_metadata\computed_hashes.json, In Quarantäne, [317b880ea0ea66d0343cb5f7c73cc040], PUP.Optional.CrossRider.A, C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\0.1_0\_metadata\verified_contents.json, In Quarantäne, [317b880ea0ea66d0343cb5f7c73cc040], PUP.Optional.Datamngr.A, C:\Users\Zeus\AppData\LocalLow\DataMngr\{99BB1406-1CFB-488C-90D1-2D978E04F707}, In Quarantäne, [6745bbdbee9c75c1e0c53f6fad568f71], PUP.Optional.WebsSearches.A, C:\Users\Zeus\AppData\Roaming\webssearches\314.json, In Quarantäne, [e6c6197dbad0dd599d412f7fa55e0bf5], PUP.Optional.WebsSearches.A, C:\Users\Zeus\AppData\Roaming\webssearches\MessageBox.xml, In Quarantäne, [e6c6197dbad0dd599d412f7fa55e0bf5], PUP.Optional.WebsSearches.A, C:\Users\Zeus\AppData\Roaming\webssearches\uninstallDlg2.xml, In Quarantäne, [e6c6197dbad0dd599d412f7fa55e0bf5], PUP.Optional.WebsSearches.A, C:\Users\Zeus\AppData\Roaming\webssearches\images\bg.png, In Quarantäne, [e6c6197dbad0dd599d412f7fa55e0bf5], PUP.Optional.WebsSearches.A, C:\Users\Zeus\AppData\Roaming\webssearches\images\bg1.png, In Quarantäne, [e6c6197dbad0dd599d412f7fa55e0bf5], PUP.Optional.WebsSearches.A, C:\Users\Zeus\AppData\Roaming\webssearches\images\bk_shadow.png, In Quarantäne, [e6c6197dbad0dd599d412f7fa55e0bf5], PUP.Optional.WebsSearches.A, C:\Users\Zeus\AppData\Roaming\webssearches\images\button.png, In Quarantäne, [e6c6197dbad0dd599d412f7fa55e0bf5], PUP.Optional.WebsSearches.A, C:\Users\Zeus\AppData\Roaming\webssearches\images\button1.png, In Quarantäne, [e6c6197dbad0dd599d412f7fa55e0bf5], PUP.Optional.WebsSearches.A, C:\Users\Zeus\AppData\Roaming\webssearches\images\checkbox.png, In Quarantäne, [e6c6197dbad0dd599d412f7fa55e0bf5], PUP.Optional.WebsSearches.A, C:\Users\Zeus\AppData\Roaming\webssearches\images\checkbox_select.png, In Quarantäne, [e6c6197dbad0dd599d412f7fa55e0bf5], PUP.Optional.WebsSearches.A, C:\Users\Zeus\AppData\Roaming\webssearches\images\checked.png, In Quarantäne, [e6c6197dbad0dd599d412f7fa55e0bf5], PUP.Optional.WebsSearches.A, C:\Users\Zeus\AppData\Roaming\webssearches\images\close.png, In Quarantäne, [e6c6197dbad0dd599d412f7fa55e0bf5], PUP.Optional.WebsSearches.A, C:\Users\Zeus\AppData\Roaming\webssearches\images\loading_bg.png, In Quarantäne, [e6c6197dbad0dd599d412f7fa55e0bf5], PUP.Optional.WebsSearches.A, C:\Users\Zeus\AppData\Roaming\webssearches\images\loading_light.png, In Quarantäne, [e6c6197dbad0dd599d412f7fa55e0bf5], PUP.Optional.WebsSearches.A, C:\Users\Zeus\AppData\Roaming\webssearches\images\min.png, In Quarantäne, [e6c6197dbad0dd599d412f7fa55e0bf5], PUP.Optional.WebsSearches.A, C:\Users\Zeus\AppData\Roaming\webssearches\images\scrollbar.bmp, In Quarantäne, [e6c6197dbad0dd599d412f7fa55e0bf5], PUP.Optional.WebsSearches.A, C:\Users\Zeus\AppData\Roaming\webssearches\images\Thumbs.db, In Quarantäne, [e6c6197dbad0dd599d412f7fa55e0bf5], PUP.Optional.WebsSearches.A, C:\Users\Zeus\AppData\Roaming\webssearches\images\unchecked.png, In Quarantäne, [e6c6197dbad0dd599d412f7fa55e0bf5], PUP.Optional.WebsSearches.A, C:\Users\Zeus\AppData\Roaming\webssearches\images\code\code1.jpg, In Quarantäne, [e6c6197dbad0dd599d412f7fa55e0bf5], PUP.Optional.WebsSearches.A, C:\Users\Zeus\AppData\Roaming\webssearches\images\code\code2.jpg, In Quarantäne, [e6c6197dbad0dd599d412f7fa55e0bf5], PUP.Optional.WebsSearches.A, C:\Users\Zeus\AppData\Roaming\webssearches\images\code\code3.jpg, In Quarantäne, [e6c6197dbad0dd599d412f7fa55e0bf5], PUP.Optional.WebsSearches.A, C:\Users\Zeus\AppData\Roaming\webssearches\images\code\code4.jpg, In Quarantäne, [e6c6197dbad0dd599d412f7fa55e0bf5], PUP.Optional.WebsSearches.A, C:\Users\Zeus\AppData\Roaming\webssearches\images\code\code5.jpg, In Quarantäne, [e6c6197dbad0dd599d412f7fa55e0bf5], PUP.Optional.WebsSearches.A, C:\Users\Zeus\AppData\Roaming\webssearches\images\code\code6.jpg, In Quarantäne, [e6c6197dbad0dd599d412f7fa55e0bf5], PUP.Optional.WebsSearches.A, C:\Users\Zeus\AppData\Roaming\webssearches\images\code\Thumbs.db, In Quarantäne, [e6c6197dbad0dd599d412f7fa55e0bf5], PUP.Optional.RollAround.A, C:\Program Files (x86)\Roll Around\7za.exe, In Quarantäne, [bcf0a6f0abdf2313d5df8c49f50e3fc1], PUP.Optional.RollAround.A, C:\Program Files (x86)\Roll Around\Extensions\{6c50e8fc-4fe8-4084-b216-9031e7319203}.xpi, In Quarantäne, [bcf0a6f0abdf2313d5df8c49f50e3fc1], PUP.Optional.RollAround.A, C:\Program Files (x86)\Roll Around\Extensions\{c9c8f370-8dff-4fc1-99e4-8495d1aa79c4}.xpi, In Quarantäne, [bcf0a6f0abdf2313d5df8c49f50e3fc1], PUP.Optional.Conduit.A, C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences, Gut: (), Schlecht: ({"browser":{"show_home_button":false},"default_search_provider":{"enabled":true,"encodings":"UTF-8","favicon_url":"hxxp://www.istartsurf.com/webfavicon.ico","id":6684764,"prepopulate_id":0},"default_search_provider_data":{"template_url_data":{"alternate_urls":["{google:baseURL}#q={searchTerms}","{google:baseURL}search#q={searchTerms}","{google:baseURL}webhp#q={searchTerms}","{google:baseURL}s#q={searchTerms}","{google:baseURL}s?q={searchTerms}"],"created_by_policy":false,"date_created":"0","favicon_url":"hxxp://www.google.com/favicon.ico","id":"2","image_url":"{google:baseURL}searchbyimage/upload","image_url_post_params":"encoded_image={google:imageThumbnail},image_url={google:imageURL},sbisrc={google:imageSearchSource},original_width={google:imageOriginalWidth},original_height={google:imageOriginalHeight}","input_encodings":["UTF-8"],"instant_url":"{google:baseURL}webhp?sourceid=chrome-instant&{google:RLZ}{google:forceInstantResults}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}","instant_url_post_params":"","keyword":"google.com","last_modified":"0","new_tab_url":"{google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}ie={inputEncoding}","originating_url":"","prepopulate_id":1,"safe_for_autoreplace":true,"search_terms_replacement_key":"espv","search_url_post_params":"","short_name":"Google","suggestions_url":"{google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}","suggestions_url_post_params":"","synced_guid":"143062E2-8072-44F1-8BD6-AA31DB2BA8EE","url":"{google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}{google:contextualSearchVersion}ie={inputEncoding}","usage_count":0}},"extensions":{"settings":{"aapocclcgogkmnckokdopfmhonfmgoek":{"ack_external":true,"active_permissions":{"api":[],"manifest_permissions":[]},"app_launcher_ordinal":"zs","commands":{},"content_settings":[],"creation_flags":137,"events":[],"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":[],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13069860720113841","lastpingday":"13076751597278991","location":1,"manifest":{"api_console_project_id":"889782162350","app":{"launch":{"local_path":"main.html"}},"container":"GOOGLE_DRIVE","current_locale":"de","default_locale":"en_US","description":"Präsentationen erstellen und bearbeiten","icons":{"128":"icon_128.png","16":"icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDLOGW2Hoztw8m2z6SmCjm7y4Oe2o6aRqO+niYKCXhZab572by7acqFIFF0On3e3a967SwNijsTx2n+7Mt3KqWzEKtnwUZqzHYSsdZZK64vWIHIduawP0EICWRMf2RGIBEdDC6I1zErtcDiSrJWeRlnb0DHWXDXlt1YseM7RiON9wIDAQAB","manifest_version":2,"name":"Google Präsentationen","offline_enabled":true,"update_url":"https://clients2.google.com/service/update2/crx","version":"0.9"},"page_ordinal":"n","path":"aapocclcgogkmnckokdopfmhonfmgoek\\0.9_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false},"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13069860680341483","location":5,"manifest":{"app":{"launch":{"web_url":"https://chrome.google.com/webstore"},"urls":["https://chrome.google.com/webstore"]},"description":"Entdecken Sie tolle Apps, Spiele, Erweiterungen und Designs für Google Chrome.","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Web Store","permissions":["webstorePrivate","management","system.cpu","system.display","system.memory","system.network","system.storage"],"version":"0.2"},"page_ordinal":"n","path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\40.0.2214.115\\resources\\web_store","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"aohghmighlieiainnegkcijnfilokake":{"ack_external":true,"active_permissions":{"api":[],"manifest_permissions":[]},"app_launcher_ordinal":"w","commands":{},"content_settings":[],"creation_flags":137,"events":[],"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":[],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13069860715126841","lastpingday":"13076751597278991","location":1,"manifest":{"api_console_project_id":"619683526622","app":{"launch":{"local_path":"main.html"}},"container":"GOOGLE_DRIVE","current_locale":"de","default_locale":"en_US","description":"Dokumente erstellen und bearbeiten","icons":{"128":"icon_128.png","16":"icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJhLK6fk/BWTEvJhywpk7jDe4A2r0bGXGOLZW4/AdBp3IiD9o9nx4YjLAtv0tIPxi7MvFd/GUUbQBwHT5wQWONJj1z/0Rc2qBkiJA0yqXh42p0snuA8dCfdlhOLsp7/XTMEwAVasjV5hC4awl78eKfJYlZ+8fM/UldLWJ/51iBQwIDAQAB","manifest_version":2,"name":"Google Docs","offline_enabled":true,"update_url":"https://clients2.google.com/service/update2/crx","version":"0.9"},"page_ordinal":"n","path":"aohghmighlieiainnegkcijnfilokake\\0.9_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false},"apdfllckaahabafndbhieahigkjlhalf":{"ack_external":true,"active_permissions":{"api":["background","clipboardRead","clipboardWrite","notifications","unlimitedStorage"],"manifest_permissions":[]},"app_launcher_ordinal":"z","commands":{},"content_settings":[],"creation_flags":137,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["background","clipboardRead","clipboardWrite","notifications","unlimitedStorage"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13069860721380841","lastpingday":"13076751597278991","location":1,"manifest":{"app":{"launch":{"web_url":"https://drive.google.com/?usp=chrome_app"},"urls":["hxxp://docs.google.com/","hxxp://drive.google.com/","https://docs.google.com/","https://drive.google.com/"]},"background":{"allow_js_access":false},"current_locale":"de","default_locale":"en_US","description":"Google Drive: Alle Inhalte an einem Ort erstellen, teilen und speichern.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIl5KlKwL2TSkntkpY3naLLz5jsN0YwjhZyObcTOK6Nda4Ie21KRqZau9lx5SHcLh7pE2/S9OiArb+na2dn7YK5EvH+aRXS1ec3uxVlBhqLdnleVgwgwlg5fH95I52IeHcoeK6pR4hW/Nv39GNlI/Uqk6O6GBCCsAxYrdxww9BiQIDAQAB","manifest_version":2,"name":"Google Drive","offline_enabled":true,"options_page":"https://drive.google.com/settings","permissions":["background","clipboardRead","clipboardWrite","notifications","unlimitedStorage"],"update_url":"https://clients2.google.com/service/update2/crx","version":"6.4"},"page_ordinal":"n","path":"apdfllckaahabafndbhieahigkjlhalf\\6.4_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false},"bepbmhgboaologfdajaanbcjmnhjmhfn":{"disable_reasons":1,"state":0},"bfjgbcjfpbbfepcccpaffkjofcmglifg":{"active_permissions":{"api":[],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":9,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":[],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13074014967279517","lastpingday":"13076751597278991","location":1,"manifest":{"current_locale":"de","default_locale":"en","key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQClY8uVLNLboHrzx5431OElszuH0FpiLCZyl1ZzU5HCYYA4t6ReRvaUG7HTNWpeUUUUki73XqgJV13qv/SeawOlmBzxt3MRDPBpcOFd7LzZTwz7dXJXGbTx+gh0b4VJve+pXSgLAF88sRm/YEOU/m52Gw8qCXTvK2tT2bA+JY2cmwIDAQAB","name":"Brushed","theme":{"colors":{"bookmark_text":[0,0,0],"frame":[117,117,117],"ntp_background":[117,117,117],"ntp_link":[0,0,0],"ntp_section":[255,255,255,0.4],"ntp_section_link":[0,0,0],"ntp_section_text":[0,0,0],"ntp_text":[0,0,0],"tab_background_text":[0,0,0],"tab_text":[0,0,0],"toolbar":[117,117,117]},"images":{"theme_button_background":"i/agxjaHJvbWV0aGVtZXNyDAsSBEZpbGUY2rMBDA","theme_frame":"i/agxjaHJvbWV0aGVtZXNyDAsSBEZpbGUYk6wBDA","theme_ntp_background":"i/agxjaHJvbWV0aGVtZXNyDAsSBEZpbGUYzZwBDA","theme_toolbar":"i/agxjaHJvbWV0aGVtZXNyDAsSBEZpbGUY2bMBDA"},"properties":{"ntp_background_alignment":"top left","ntp_background_repeat":"repeat-x","ntp_logo_alternate":1},"tints":{"buttons":[0.6,0,0.5]}},"update_url":"hxxp://clients2.google.com/service/update2/crx","version":"1.0"},"path":"bfjgbcjfpbbfepcccpaffkjofcmglifg\\1.0_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"blpcfgokakmgnkcojhhkbfbldkacnbeo":{"ack_external":true,"active_permissions":{"api":[],"manifest_permissions":[]},"app_launcher_ordinal":"yn","commands":{},"content_settings":[],"creation_flags":153,"events":[],"from_bookmark":true,"from_webstore":true,"granted_permissions":{"api":[],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13069860719511841","lastpingday":"13076751597278991","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"hxxp://www.youtube.com/?feature=ytca"},"web_content":{"enabled":true,"origin":"hxxp://www.youtube.com"}},"current_locale":"de","default_locale":"en","description":"Die beliebteste Online-Video-Community der Welt","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDC/HotmFlyuz5FaHaIbVBhhL4BwbcUtsfWwzgUMpZt5ZsLB2nW/Y5xwNkkPANYGdVsJkT2GPpRRIKBO5QiJ7jPMa3EZtcZHpkygBlQLSjMhdrAKevpKgIl6YTkwzNvExY6rzVDzeE9zqnIs33eppY4S5QcoALMxuSWlMKqgFQjHQIDAQAB","manifest_version":2,"name":"YouTube","update_url":"hxxp://clients2.google.com/service/update2/crx","version":"4.2.7"},"page_ordinal":"n","path":"blpcfgokakmgnkcojhhkbfbldkacnbeo\\4.2.7_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false},"cfhdojbkjhnklbpkdaibdccddilifddb":{"active_permissions":{"api":["contextMenus","notifications","tabs","unlimitedStorage","webNavigation","webRequest","webRequestBlocking"],"explicit_host":["hxxp://*/*","https://*/*"],"manifest_permissions":[],"scriptable_host":["hxxp://*/*","https://*/*"]},"commands":{},"content_settings":[],"creation_flags":9,"events":[],"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["contextMenus","notifications","tabs","unlimitedStorage","webNavigation","webRequest","webRequestBlocking"],"explicit_host":["hxxp://*/*","https://*/*"],"manifest_permissions":[],"scriptable_host":["hxxp://*/*","https://*/*"]},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13070663737422494","lastpingday":"13076751597278991","location":1,"manifest":{"background":{"scripts":["ext/common.js","ext/background.js","lib/compat.js","lib/info.js","lib/io.js","lib/adblockplus.js","lib/punycode.js","lib/publicSuffixList.js","lib/sha1.js","lib/jsbn.js","lib/rsa.js","webrequest.js","messageResponder.js","popupBlocker.js","background.js"]},"browser_action":{"default_icon":{"19":"icons/abp-19.png","38":"icons/abp-38.png"},"default_popup":"popup.html","default_title":"Adblock Plus"},"content_scripts":[{"all_frames":true,"js":["ext/common.js","ext/content.js","include.preload.js"],"matches":["hxxp://*/*","https://*/*"],"run_at":"document_start"},{"all_frames":true,"js":["include.postload.js"],"matches":["hxxp://*/*","https://*/*"],"run_at":"document_end"}],"current_locale":"de","default_locale":"en_US","description":"Ein kostenloser Werbeblocker mit über 50 Mio Nutzern, der ALLE nervenden Werbeanzeigen, Malware- und Tracking-Angriffe blockiert.","icons":{"128":"icons/detailed/abp-128.png","16":"icons/abp-16.png","32":"icons/abp-32.png","48":"icons/detailed/abp-48.png","64":"icons/detailed/abp-64.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCxGWIIBRUVzQIXITqE6+js1FA24fsZC58G0fxcO1Duwfps+9gip5tedTziErKEpeAQVkgasdT4kk+b6Lw27yp3oysAj6zD9j+j4W+EMArTXqMIc6SMYD7Z8bPcwPb3tC1MUxMSpO6oOVpFE23UhKe91SYnrK92nHI2cmsor5elXQIDAQAB","manifest_version":2,"minimum_chrome_version":"28.0","name":"Adblock Plus","options_page":"options.html","permissions":["tabs","hxxp://*/*","https://*/*","contextMenus","webRequest","webRequestBlocking","webNavigation","unlimitedStorage","notifications"],"short_name":"Adblock Plus","update_url":"https://clients2.google.com/service/update2/crx","version":"1.8.12","web_accessible_resources":["block.html"]},"path":"cfhdojbkjhnklbpkdaibdccddilifddb\\1.8.12_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"coobgpohoikkiipiblmjeljniedjpjpf":{"ack_external":true,"active_permissions":{"api":[],"manifest_permissions":[]},"app_launcher_ordinal":"y","commands":{},"content_settings":[],"creation_flags":153,"events":[],"from_bookmark":true,"from_webstore":true,"granted_permissions":{"api":[],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13072034088298213","lastpingday":"13076751597278991","location":1,"manifest":{"app":{"launch":{"web_url":"hxxp://www.google.com/webhp?source=search_app"},"urls":["*://www.google.com/search","*://www.google.com/webhp","*://www.google.com/imgres"]},"current_locale":"de","default_locale":"en","description":"Die schnellste Suche im Web.","icons":{"128":"128.png","16":"16.png","32":"32.png","48":"48.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIiso3Loy5VJHL40shGhUl6it5ZG55XB9q/2EX6aa88jAxwPutbCgy5d9bm1YmBzLfSgpX4xcpgTU08ydWbd7b50fbkLsqWl1mRhxoqnN01kuNfv9Hbz9dWWYd+O4ZfD3L2XZs0wQqo0y6k64n+qeLkUMd1MIhf6MR8Xz1SOA8pwIDAQAB","manifest_version":2,"name":"Google-Suche","permissions":[],"update_url":"hxxp://clients2.google.com/service/update2/crx","version":"0.0.0.30"},"page_ordinal":"n","path":"coobgpohoikkiipiblmjeljniedjpjpf\\0.0.0.30_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false},"dnhpdliibojhegemfjheidglijccjfmc":{"active_permissions":{"api":["hotwordPrivate","tabs","webConnectable"],"explicit_host":["*://*.google.co.uk/*","*://*.google.com/*","*://*.google.de/*","*://*.google.fr/*","*://*.google.ru/*","chrome://newtab/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13069860680344483","location":5,"manifest":{"background":{"persistent":false,"scripts":["manager.js"]},"externally_connectable":{"ids":["cpfhkdbjfdgdebcjlifoldbijinjfifp"],"matches":["*://*.google.com/*","*://*.google.ru/*","*://*.google.co.uk/*","*://*.google.fr/*","*://*.google.de/*","chrome://newtab/"]},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDagiQy1VGkO2CHJSjVh7eU5GtuBuOlg2/cTZt7203AcevqpcDd+65S2/yd9KAELYcU6pK8nHVGYBMI6s0u+0RgXfIJ0eFOlTlgfAQWHvg8ovHtJlFJd1COrOkbntD9+s9Jobr3ldmow87aZF1bVHUY4khVP56cZe6adlVw2wK31QIDAQAB","manifest_version":2,"minimum_chrome_version":"32","name":"hotword helper","permissions":["*://*.google.com/*","*://*.google.ru/*","*://*.google.co.uk/*","*://*.google.fr/*","*://*.google.de/*","chrome://newtab/","hotwordPrivate","tabs"],"version":"0.0.2.0"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\40.0.2214.115\\resources\\hotword_helper","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"eemcgdkfndhakfknompkggombfjjjeno":{"active_permissions":{"api":["bookmarks","bookmarkManagerPrivate","metricsPrivate","systemPrivate","tabs"],"explicit_host":["chrome://favicon/*","chrome://resources/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13069860680337483","location":5,"manifest":{"chrome_url_overrides":{"bookmarks":"main.html"},"content_security_policy":"object-src 'none'; script-src chrome://resources 'self'","description":"Bookmark Manager","icons":{},"incognito":"split","key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDQcByy+eN9jzazWF/DPn7NW47sW7lgmpk6eKc0BQM18q8hvEM3zNm2n7HkJv/R6fU+X5mtqkDuKvq5skF6qqUF4oEyaleWDFhd1xFwV7JV+/DU7bZ00w2+6gzqsabkerFpoP33ZRIw7OviJenP0c0uWqDWF8EGSyMhB3txqhOtiQIDAQAB","manifest_version":2,"name":"Bookmark Manager","permissions":["bookmarks","bookmarkManagerPrivate","metricsPrivate","systemPrivate","tabs","chrome://favicon/","chrome://resources/"],"version":"0.1"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\40.0.2214.115\\resources\\bookmark_manager","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"eglgfnfolcgijipffhlhbbnefdcbjbml":{"active_permissions":{"api":["cookies","storage","tabs"],"explicit_host":["hxxp://*/*","https://*/*"],"manifest_permissions":[],"scriptable_host":["*://*.avira.com/*","*://*/*","\u003Call_urls>"]},"commands":{"start-search":{"suggested_key":"Alt+S","was_assigned":true}},"content_settings":[],"creation_flags":9,"events":[],"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["cookies","storage","tabs"],"explicit_host":["hxxp://*/*","https://*/*"],"manifest_permissions":[],"scriptable_host":["*://*.avira.com/*","*://*/*","\u003Call_urls>"]},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13074713513639485","lastpingday":"13076751597278991","location":1,"manifest":{"background":{"scripts":["js/lib/require.js","js/background/background.js"]},"browser_action":{"default_icon":{"16":"img/avira_search_icon16.png","19":"img/avira_search_logo.png","24":"img/avira_search_icon24.png","32":"img/avira_search_icon32.png","38":"img/avira_search_logo.png"},"default_popup":"html/popup.html","default_title":"Avira SafeSearch"},"commands":{"start-search":{"description":"Start Avira search","suggested_key":{"default":"Alt+S"}}},"content_scripts":[{"css":["css/content_popup.css"],"js":["js/lib/require.js","js/lib/require-cs.js"],"matches":["\u003Call_urls>"]},{"js":["js/content/installedConfig.js","js/content/installed.js"],"matches":["*://*.avira.com/*"]},{"js":["js/serp/serp.js"],"matches":["*://*/*"]}],"content_security_policy":"script-src 'self'; object-src 'self'","current_locale":"de","default_locale":"en","description":"Bietet Ihnen Avira SafeSearch.","icons":{"128":"img/avira_search_icon128.png","16":"img/avira_search_icon16.png","48":"img/avira_search_icon48.png"},"key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxlMcz1QpYcRBonRxqF/3UbWmElzpz1wzHegltAl/ikCcZlDeDK63gvMq6O+wDGvX4u2hFicDHVTTU1/tYuMY07mBJh5WJb/vKzjzE6iOEwj1h5GbARBzgx9T9hczckpMnHZcFrPuk27W41P9JlSoTp+XpluJPO5AglMeYtHuUMrNOBYkZmUbyC5vQ3KJTkMEFf7bfoEJ7oCkvV0COb2NUvhdonsELg51Cm5UxnLlMciEk7bsrTxfKnEJUBKC8vYr4cPswK8SINk2o11bni6N+JDXrFSZ1QE46Jr2xmlLtL+28ULSWxavl8sOBTVC+MVxLmgHPeqzFM2OZwiPpb9owIDAQAB","manifest_version":2,"name":"Avira SafeSearch","permissions":["tabs","storage","cookies","hxxp://*/*","https://*/*"],"update_url":"https://clients2.google.com/service/update2/crx","version":"1.1.5","web_accessible_resources":["js/lib/jquery.js","js/lib/require.text.js","js/popup/messenger.js","js/popup/ContentMessenger.js","html/newtab_popup.html","html/search_offer.html"]},"path":"eglgfnfolcgijipffhlhbbnefdcbjbml\\1.1.5_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"elicpjhcidhpjomhibiffojpinpmmpil":{"active_permissions":{"api":["management","storage","tabs","webRequest","webRequestBlocking"],"explicit_host":["chrome://favicon/*","hxxp://*/*","hxxp://my.startpage24.com/*","https://*/*"],"manifest_permissions":[],"scriptable_host":["hxxp://*/*","https://*/*"]},"commands":{},"content_settings":[],"creation_flags":9,"events":[],"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["management","storage","tabs","webRequest","webRequestBlocking"],"explicit_host":["chrome://favicon/*","hxxp://*/*","hxxp://my.startpage24.com/*","https://*/*"],"manifest_permissions":[],"scriptable_host":["hxxp://*/*","https://*/*"]},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13069861867609531","lastpingday":"13076751597278991","location":1,"manifest":{"background":{"page":"extension/background.html"},"browser_action":{"default_icon":"icon19c.png","default_title":"Video Downloader professional"},"content_scripts":[{"all_frames":false,"js":["video/content.js"],"matches":["hxxp://*/*","https://*/*"],"run_at":"document_start"}],"content_security_policy":"script-src 'self' https://my.startpage24.com https://www.google.com https://www.google.de https://connect.facebook.net/ ; object-src 'self'","current_locale":"de","default_locale":"en","description":"Downloaden Sie Videos von Webseiten, oder sammeln Sie Videos in Ihrer Videoliste ohne sie runterzuladen.","icons":{"16":"icon.png","48":"icon48.png"},"incognito":"split","key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC0CYNAmEHsmJjTd4aEBlWHuX8tLLqC+5jGBbnmJAwp43I0Rnjsq8PzjwUGSh1EYNfyQrCMU7WAs1CfF3xP9fC3Fuk5+DkAsXTq46BJs5n+hIloCsrIDTEXdGRPtvijsjuyUa9RYKXwySC3FrUx68KPq1u6cnmnvZfD2Hyoz434EwIDAQAB","manifest_version":2,"name":"Video Downloader professional","options_page":"startpage/index.html?options=1","permissions":["hxxp://my.startpage24.com/","webRequest","webRequestBlocking","tabs","storage","management","chrome://favicon/","hxxp://*/*","https://*/*"],"update_url":"hxxp://clients2.google.com/service/update2/crx","version":"1.97.51","web_accessible_resources":["video/chromecastcheck.js","startpage/index.html","startpage/hu/L64P.js","startpage/hu/helper.js","startpage/3rd/jquery-min.js","startpage/addOnVars.js","startpage/data.js","startpage/text.js","startpage/addon.js","startpage/addon.css"]},"path":"elicpjhcidhpjomhibiffojpinpmmpil\\1.97.51_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"ennkphjdgehloodpbhlhldgbnhmacadg":{"active_permissions":{"api":[],"explicit_host":["chrome://settings-frame/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["app.runtime.onLaunched"],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13069860680346483","location":5,"manifest":{"app":{"background":{"scripts":["settings_app.js"]}},"description":"Settings","display_in_launcher":false,"icons":{"128":"settings_app_icon_128.png","16":"settings_app_icon_16.png","32":"settings_app_icon_32.png","48":"settings_app_icon_48.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDoVDPGX6fvKPVVgc+gnkYlGqHuuapgFDyKhsy4z7UzRLO/95zXPv8h8e5EacqbAQJLUbP6DERH5jowyNEYVxq9GJyntJMwP1ejvoz/52hnY3CCGGCmttmKzzpp5zwLuq3iZf8bslwywfflNUYtaCFSDa0TtrBZz0aOPrAAd/AhNwIDAQAB","manifest_version":2,"name":"Settings","permissions":["chrome://settings-frame/"],"version":"0.2"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\40.0.2214.115\\resources\\settings_app","preferences":{},"regular_only_preferences":{},"running":false,"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"felcaaldnbdncclmgdcncolpebgiejap":{"ack_external":true,"active_permissions":{"api":[],"manifest_permissions":[]},"app_launcher_ordinal":"zm","commands":{},"content_settings":[],"creation_flags":137,"events":[],"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":[],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13069860718537841","lastpingday":"13076751597278991","location":1,"manifest":{"api_console_project_id":"1083656409722","app":{"launch":{"local_path":"main.html"}},"container":"GOOGLE_DRIVE","current_locale":"de","default_locale":"en_US","description":"Tabellen erstellen und bearbeiten","icons":{"128":"icon_128.png","16":"icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC0AHrkP4MHPDKQI/O9LqZjtM24hKApaT3uVHeOduC06ZXWuwVRvx2wy5JUmMHfefXRG26tErgZSWpbxkm+2xfplKnT+grXF771HDgsNrNXERJHq7tnoYsWRiG3Gbs5BI4Ei+naZ/nyiWblbT4GyuD9N5yXNtoM0AnK+0FYhbO7IwIDAQAB","manifest_version":2,"name":"Google Tabellen","offline_enabled":true,"update_url":"https://clients2.google.com/service/update2/crx","version":"1.1"},"page_ordinal":"n","path":"felcaaldnbdncclmgdcncolpebgiejap\\1.1_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false},"flliilndjeohchalpbbcdekjklbdgfkk":{"ack_external":true,"active_permissions":{"api":["cookies","storage","tabs","webNavigation","webRequest","webRequestBlocking"],"explicit_host":["chrome://favicon/*","hxxp://*/*","https://*/*"],"manifest_permissions":[],"scriptable_host":["*://*/*"]},"commands":{},"content_settings":[],"creation_flags":9,"events":[],"extension_can_script_all_urls":true,"external_first_run":true,"from_bookmark":false,"from_webstore":true,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13074713518025485","lastpingday":"13076751597278991","location":6,"manifest":{"background":{"scripts":["js/bunches/background.js"]},"browser_action":{"default_icon":{"16":"img/avira_icon16.png","19":"img/avira_logo.png","24":"img/avira_icon24.png","32":"img/avira_icon32.png","38":"img/avira_logo.png"},"default_title":"Avira Browser Safety"},"content_scripts":[{"css":["css/content/content.css"],"js":["js/bunches/content.js"],"matches":["*://*/*"]},{"css":["css/content/search.css"],"js":["js/bunches/search.js"],"matches":["*://*/*"]},{"js":["js/bunches/content_start.js"],"matches":["*://*/*"],"run_at":"document_start"}],"content_security_policy":"script-src 'self' https://cdn.mxpnl.com hxxp://localhost:4000 https://localhost https://avira.com https://www.avira.com https://www.tt.avira.com; object-src 'self'","current_locale":"de","default_locale":"en","description":"Schützt Ihre Privatsphäre durch Blockieren von Online-Gefahren.","icons":{"128":"img/avira_icon128.png","16":"img/avira_icon16.png","48":"img/avira_icon48.png"},"key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnl3UicGZTgzDr3crrsAxjwue3gjDfxGKIxaipQBP8smbkQ2GuKVO9nojCLRzdn7TkB+Xo60aTqHC2hQhby0MMyjAvgqjXR2cE+99PtB4Hpvf7k/EOO7VMT2ndm/lVM9cJUtNq3A7GUxTqmL78akNAxgjZK0n2onNqpmiVHxufCmq8tlU+5NtJkk6ioRATpjdsjAxqeuRyglwzx0cPVMpXg8fUXp2EhwFYsDevN6f+7Sm0QujCmjOy11yjlz8XfnX3ODVCwByureqJLuTJpw5SMOykz4LHmUwiIvPdOZXJ9eiduedncVqDMuPTMWwWpkD3uV95pnmFNKE/6GxIx2dhwIDAQAB","manifest_version":2,"name":"Avira Browserschutz","options_page":"html/top.html#settings/General","options_ui":{"chrome_style":true,"open_in_tab":true,"page":"html/top.html#settings/General"},"permissions":["tabs","storage","webNavigation","webRequest","webRequestBlocking","cookies","hxxp://*/*","https://*/*","chrome://favicon/"],"update_url":"https://clients2.google.com/service/update2/crx","version":"1.4.7","web_accessible_resources":["html/top.html","html/blocked.html","img/serp_info_safe.svg","img/serp_info_unsafe.svg","css/images/ui-bg_highlight-soft_100_eeeeee_1x100.png","img/absb-checks.png","img/absb-attention.png","img/absb-close.png"]},"path":"flliilndjeohchalpbbcdekjklbdgfkk\\1.4.7_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"gcjbopemebdnolilndkpjfmhakccapkh":{"active_permissions":{"api":["contextMenus","tabs"],"explicit_host":["hxxp://*/*","https://*/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":9,"events":[],"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["contextMenus","tabs"],"explicit_host":["hxxp://*/*","https://*/*"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13069961303027566","lastpingday":"13076751597278991","location":1,"manifest":{"background":{"scripts":["background.js"]},"description":"Check page links using the W3C Link Checker tool","icons":{"128":"icon-128.png","16":"icon-16.png","48":"icon-48.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCwHbusD4X1Rmr+e1altUc+CXXFuNOlnahNHz1fcCmP5GdFXoc/fGcC5Z3FqgW1ur8IVRXKe7cvc7O3uhCmedxmqy7UFDCTiWak0bjwiD4uGxAY4r3CIqJLeK0n5QLIqK4eVGeIJwFxQ9M6ahFLX03fJX5RsER9jjGlXX5WlxQ5MwIDAQAB","manifest_version":2,"name":"Links Checker","permissions":["contextMenus","tabs","hxxp://*/*","https://*/*"],"update_url":"https://clients2.google.com/service/update2/crx","version":"0.1"},"path":"gcjbopemebdnolilndkpjfmhakccapkh\\0.1_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"gfdkimpbcpahaombhbimeihdjnejgicl":{"active_permissions":{"api":["feedbackPrivate"],"explicit_host":["chrome://resources/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["feedbackPrivate.onFeedbackRequested","runtime.onMessageExternal"],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13069860680345483","location":5,"manifest":{"app":{"background":{"scripts":["js/event_handler.js"]},"content_security_policy":"default-src 'none'; script-src 'self' chrome://resources; style-src 'unsafe-inline' *; img-src *; media-src 'self'"},"description":"User feedback extension","display_in_launcher":false,"display_in_new_tab_page":false,"icons":{"32":"images/icon32.png","64":"images/icon64.png"},"incognito":"split","key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMZElzFX2J1g1nRQ/8S3rg/1CjFyDltWOxQg+9M8aVgNVxbutEWFQz+oQzIP9BB67mJifULgiv12ToFKsae4NpEUR8sPZjiKDIHumc6pUdixOm8SJ5Rs16SMR6+VYxFUjlVW+5CA3IILptmNBxgpfyqoK0qRpBDIhGk1KDEZ4zqQIDAQAB","manifest_version":2,"name":"Feedback","permissions":["feedbackPrivate","chrome://resources/"],"version":"1.0"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\40.0.2214.115\\resources\\feedback","preferences":{},"regular_only_preferences":{},"running":false,"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"gmlllbghnfkpflemihljekbapjopfjik":{"ack_external":true,"active_permissions":{"api":["activeTab","bookmarks","bookmarkManagerPrivate","fileSystem","fileSystem.write","identity","identity.email","management","metricsPrivate","notifications","preferencesPrivate","storage","tabs","webConnectable"],"explicit_host":["*://*.google.com/*","chrome://favicon/*"],"manifest_permissions":[{"chrome_ui_overrides":true}]},"commands":{"_execute_page_action":{"suggested_key":"Ctrl+D"}},"content_settings":[],"creation_flags":137,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["activeTab","bookmarks","bookmarkManagerPrivate","fileSystem","fileSystem.write","identity","identity.email","management","metricsPrivate","notifications","preferencesPrivate","storage","tabs","webConnectable"],"explicit_host":["*://*.google.com/*","chrome://favicon/*"],"manifest_permissions":[{"chrome_ui_overrides":true}]},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13076782162245242","lastpingday":"13076751597433242","location":10,"manifest":{"background":{"persistent":true,"scripts":["bootstrap.js","background_compiled.js"]},"chrome_ui_overrides":{"bookmarks_ui":{"remove_bookmark_shortcut":true,"remove_button":true}},"chrome_url_overrides":{"bookmarks":"bookmarks.html"},"commands":{"_execute_page_action":{"description":"Stars popup","suggested_key":{"default":"Ctrl+D"}}},"content_security_policy":"script-src 'self' https://*.google.com https://*.gstatic.com; object-src 'self'","current_locale":"de","default_locale":"en","description":"Bookmark Manager","externally_connectable":{"matches":["*://*.google.com/*"]},"icons":{"16":"icons/bookmarks16.png","32":"icons/bookmarks32.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDO1rEc7Du17LBzIOf1nXMC4JM4suAzgaswHRjJhaE4/fNIXxrTjqaDH5tpU7huX8RdVyuu3zggdP36mpqhLYNzCf9fgnvhZEGpsXYqedWXapQ4nrVca4Xg5SB8/K7oRS+dnMwwxYjED434qTyfiSiJoXVo7MXa+qBckMQ6Wf0t0QIDAQAB","manifest_version":2,"minimum_chrome_version":"42","name":"Bookmark Manager","oauth2":{"client_id":"610799782257-avhfi6rijk0n02t94linmllq54ool5kf.apps.googleusercontent.com","scopes":["https://www.googleapis.com/auth/chromesync"]},"page_action":{"default_icon":{"19":"icons/collected19.png"},"default_title":"Star Page"},"permissions":["activeTab","bookmarks","bookmarkManagerPrivate","chrome://favicon/","identity","identity.email","management","metricsPrivate","notifications","preferencesPrivate","storage","tabs","*://*.google.com/*",{"fileSystem":["write"]}],"update_url":"https://clients2.google.com/service/update2/crx","version":"2.2015.506.11355"},"path":"gmlllbghnfkpflemihljekbapjopfjik\\2.2015.506.11355_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false},"kmendfapggjehodndflmmgagdbamhnfd":{"active_permissions":{"api":["cryptotokenPrivate","externally_connectable.all_urls","hid","tabs","u2fDevices","usb",{"usbDevices":[{"interfaceId":-1,"productId":529,"vendorId":4176}]},"webConnectable"],"explicit_host":["hxxp://*/*","https://*/*","https://www.gstatic.com/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["runtime.onConnectExternal","runtime.onMessageExternal"],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13076763619622263","location":5,"manifest":{"background":{"persistent":false,"scripts":["util.js","b64.js","sha256.js","countdown.js","countdowntimer.js","devicestatuscodes.js","approvedorigins.js","errorcodes.js","gnubbycodetypes.js","webrequest.js","gnubbymsgtypes.js","messagetypes.js","factoryregistry.js","closeable.js","requesthelper.js","webrequestsender.js","enroller.js","requestqueue.js","signer.js","origincheck.js","textfetcher.js","appid.js","watchdog.js","cryptotokenorigincheck.js","cryptotokenapprovedorigins.js","gnubbydevice.js","hidgnubbydevice.js","usbgnubbydevice.js","gnubbies.js","gnubby.js","gnubby-u2f.js","gnubbyfactory.js","singlesigner.js","multiplesigner.js","generichelper.js","inherits.js","individualattest.js","devicefactoryregistry.js","usbhelper.js","usbenrollhandler.js","usbsignhandler.js","usbgnubbyfactory.js","googlecorpindividualattest.js","cryptotokenbackground.js"]},"description":"CryptoToken Component Extension","externally_connectable":{"accepts_tls_channel_id":true,"ids":["fjajfjhkeibgmiggdfehjplbhmfkialk"],"matches":["\u003Call_urls>"]},"incognito":"split","key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7zRobvA+AVlvNqkHSSVhh1sEWsHSqz4oR/XptkDe/Cz3+gW9ZGumZ20NCHjaac8j1iiesdigp8B1LJsd/2WWv2Dbnto4f8GrQ5MVphKyQ9WJHwejEHN2K4vzrTcwaXqv5BSTXwxlxS/mXCmXskTfryKTLuYrcHEWK8fCHb+0gvr8b/kvsi75A1aMmb6nUnFJvETmCkOCPNX5CHTdy634Ts/x0fLhRuPlahk63rdf7agxQv5viVjQFk+tbgv6aa9kdSd11Js/RZ9yZjrFgHOBWgP4jTBqud4+HUglrzu8qynFipyNRLCZsaxhm+NItTyNgesxLdxZcwOz56KD1Q4IQIDAQAB","manifest_version":2,"name":"CryptoTokenExtension","permissions":["hid","u2fDevices","usb","cryptotokenPrivate","externally_connectable.all_urls","tabs","https://*/*","hxxp://*/*",{"usbDevices":[{"productId":529,"vendorId":4176}]}],"version":"0.9.22"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.65\\resources\\cryptotoken","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"lccekmodgklaepjeofjdjpbminllajkg":{"ack_external":true,"active_permissions":{"api":[],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":137,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":[],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13076766922773991","lastpingday":"13076751597278991","location":10,"manifest":{"description":"Support files for Chrome Hotwording.","export":{"resources":["audio/*","_platform_specific/*","hotword_*.nmf"],"whitelist":["nbpagnldghgfoolbancepceaanlmhfmd"]},"key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxhwmnepSrtvEcatE9K4SxOUTy6U1LNpuaT3BNr12cuehQT5YAGeUcgeIMQmE0/h/EefU53TcjUEn9vgE8+aSZW0VirROE36hfcWpqyxf9jh0mPRluLIxCW+ObD/B5YoXj0kxTWIaDQqKYBJyo+QCRwef5hwfAoUoDggnYDRHHG4z3mfZJ4duY2H3ISEw4/tsvAm8SxCZm+W6laCV0AkJxO+s4bNNC0z0Y5+G3nw24uV8cdMnfQcFUWJncnwqDSTUp7vOZb570Wv02TD+qhpA2rlF0/ym6edXoKzapR4+SQQllDXZ0yLZ3GQ6uf7IsCufSoYPoIsmYExHrlZbgVkWwIDAQAB","manifest_version":2,"minimum_chrome_version":"39","name":"Chrome Hotword Shared Module","platforms":[{"lang":"de","nacl_arch":"arm","sub_package_path":"_platform_specific/arm_de/"},{"lang":"de","nacl_arch":"x86-32","sub_package_path":"_platform_specific/x86-32_de/"},{"lang":"de","nacl_arch":"x86-64","sub_package_path":"_platform_specific/x86-64_de/"},{"lang":"en-AU","nacl_arch":"arm","sub_package_path":"_platform_specific/arm_en-au/"},{"lang":"en-AU","nacl_arch":"x86-32","sub_package_path":"_platform_specific/x86-32_en-au/"},{"lang":"en-AU","nacl_arch":"x86-64","sub_package_path":"_platform_specific/x86-64_en-au/"},{"lang":"en-GB","nacl_arch":"arm","sub_package_path":"_platform_specific/arm_en-gb/"},{"lang":"en-GB","nacl_arch":"x86-32","sub_package_path":"_platform_specific/x86-32_en-gb/"},{"lang":"en-GB","nacl_arch":"x86-64","sub_package_path":"_platform_specific/x86-64_en-gb/"},{"lang":"es","nacl_arch":"arm","sub_package_path":"_platform_specific/arm_es/"},{"lang":"es","nacl_arch":"x86-32","sub_package_path":"_platform_specific/x86-32_es/"},{"lang":"es","nacl_arch":"x86-64","sub_package_path":"_platform_specific/x86-64_es/"},{"lang":"fr","nacl_arch":"arm","sub_package_path":"_platform_specific/arm_fr/"},{"lang":"fr","nacl_arch":"x86-32","sub_package_path":"_platform_specific/x86-32_fr/"},{"lang":"fr","nacl_arch":"x86-64","sub_package_path":"_platform_specific/x86-64_fr/"},{"lang":"it","nacl_arch":"arm","sub_package_path":"_platform_specific/arm_it/"},{"lang":"it","nacl_arch":"x86-32","sub_package_path":"_platform_specific/x86-32_it/"},{"lang":"it","nacl_arch":"x86-64","sub_package_path":"_platform_specific/x86-64_it/"},{"lang":"ja","nacl_arch":"arm","sub_package_path":"_platform_specific/arm_ja/"},{"lang":"ja","nacl_arch":"x86-32","sub_package_path":"_platform_specific/x86-32_ja/"},{"lang":"ja","nacl_arch":"x86-64","sub_package_path":"_platform_specific/x86-64_ja/"},{"lang":"ko","nacl_arch":"arm","sub_package_path":"_platform_specific/arm_ko/"},{"lang":"ko","nacl_arch":"x86-32","sub_package_path":"_platform_specific/x86-32_ko/"},{"lang":"ko","nacl_arch":"x86-64","sub_package_path":"_platform_specific/x86-64_ko/"},{"lang":"pt-BR","nacl_arch":"arm","sub_package_path":"_platform_specific/arm_pt-br/"},{"lang":"pt-BR","nacl_arch":"x86-32","sub_package_path":"_platform_specific/x86-32_pt-br/"},{"lang":"pt-BR","nacl_arch":"x86-64","sub_package_path":"_platform_specific/x86-64_pt-br/"},{"lang":"ru","nacl_arch":"arm","sub_package_path":"_platform_specific/arm_ru/"},{"lang":"ru","nacl_arch":"x86-32","sub_package_path":"_platform_specific/x86-32_ru/"},{"lang":"ru","nacl_arch":"x86-64","sub_package_path":"_platform_specific/x86-64_ru/"},{"nacl_arch":"arm","sub_package_path":"_platform_specific/arm_/"},{"nacl_arch":"x86-32","sub_package_path":"_platform_specific/x86-32_/"},{"nacl_arch":"x86-64","sub_package_path":"_platform_specific/x86-64_/"}],"update_url":"https://clients2.google.com/service/update2/crx","version":"0.3.0.5"},"path":"lccekmodgklaepjeofjdjpbminllajkg\\0.3.0.5_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false},"lekgiimbfodefdaoofhlckefjbgpeilo":{"active_permissions":{"api":["contextMenus","tabs"],"explicit_host":["hxxp://*/*","https://*/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":9,"events":[],"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["contextMenus","tabs"],"explicit_host":["hxxp://*/*","https://*/*"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13069961293056566","lastpingday":"13076751597278991","location":1,"manifest":{"background":{"scripts":["background.js"]},"description":"Check the speed of the site being viewed","icons":{"128":"icon-128.png","16":"icon-16.png","48":"icon-48.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4169qzlsVDur45enq+GecHp5A+f84Wjn3TMsH7g5PgDUR1G7PnZF3fzrO+SkHxP7UfLcoTBPJ5j5qx4vt9jiI5Y5ZyAPA8X7benjMFb0NxvM6lk77/sqYYV5JfSD8Il9qL+rA1BO8P5l4OvV+ttT2N5Oz9d81qEssZhhDIeEk3wIDAQAB","manifest_version":2,"name":"Speed Check","permissions":["contextMenus","tabs","hxxp://*/*","https://*/*"],"update_url":"https://clients2.google.com/service/update2/crx","version":"0.2"},"path":"lekgiimbfodefdaoofhlckefjbgpeilo\\0.2_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"mfehgcgbbipciphmccgaenjidiccnmng":{"active_permissions":{"api":["cloudPrintPrivate"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13069860680340483","location":5,"manifest":{"app":{"launch":{"web_url":"https://www.google.com/cloudprint"},"urls":["https://www.google.com/cloudprint/enable_chrome_connector"]},"description":"Cloud Print","display_in_launcher":false,"icons":{},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDqOhnwk4+HXVfGyaNsAQdU/js1Na56diW08oF1MhZiwzSnJsEaeuMN9od9q9N4ZdK3o1xXOSARrYdE+syV7Dl31nf6qz3A6K+D5NHe6sSB9yvYlIiN37jdWdrfxxE0pRYEVYZNTe3bzq3NkcYJlOdt1UPcpJB+isXpAGUKUvt7EQIDAQAB","name":"Cloud Print","permissions":["cloudPrintPrivate"],"version":"0.1"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\40.0.2214.115\\resources\\cloud_print","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"mfffpogegjflfpflabcdkioaeobkgjik":{"active_permissions":{"api":["webRequest","webRequestBlocking"],"explicit_host":["\u003Call_urls>","chrome://favicon/*"],"manifest_permissions":[],"scriptable_host":["\u003Call_urls>"]},"commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13069860685783483","location":5,"manifest":{"background":{"scripts":["background.js","channel.js"]},"content_scripts":[{"all_frames":true,"js":["channel.js","saml_injected.js"],"matches":["\u003Call_urls>"],"run_at":"document_start"}],"content_security_policy":"default-src 'self'; script-src 'self'; frame-src *; style-src 'self' 'unsafe-inline'","description":"GAIA Component Extension","key":"MIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKBgQC4L17nAfeTd6Xhtx96WhQ6DSr8KdHeQmfzgCkieKLCgUkWdwB9G1DCuh0EPMDn1MdtSwUAT7xE36APEzi0X/UpKjOVyX8tCC3aQcLoRAE0aJAvCcGwK7qIaQaczHmHKvPC2lrRdzSoMMTC5esvHX+ZqIBMi123FOL0dGW6OPKzIwIBIw==","manifest_version":2,"name":"GaiaAuthExtension","permissions":["\u003Call_urls>","webRequest","webRequestBlocking"],"version":"0.0.1","web_accessible_resources":["main.css","main.html","main.js","offline.css","offline.html","offline.js","success.html","success.js","util.js"]},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\40.0.2214.115\\resources\\gaia_auth","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"mgndgikekgjfcpckkfioiadnlibdjbkf":{"active_permissions":{"api":[],"manifest_permissions":[]},"app_launcher_ordinal":"n","commands":{},"content_settings":[],"creation_flags":1,"events":[],"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13069860680342483","location":5,"manifest":{"app":{"launch":{"web_url":"hxxp://THIS-WILL-BE-REPLACED"}},"description":"Der schnelle, einfache und sichere Browser, entwickelt für das moderne Web","display_in_launcher":true,"display_in_new_tab_page":false,"icons":{"128":"product_logo_128.png","16":"product_logo_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDNuYLEQ1QPMcc5HfWI/9jiEf6FdJWqEtgRmIeI7qtjPLBM5oje+Ny2E2mTAhou5qdJiO2CHWdU1DQXY2F7Zu2gZaKZgHLfK4WimHxUT5Xd9/aro/R9PCzjguM1BLusiWYc9xlj1IsZpyiN1hcjU7SCnBhv1feQlv2WSB5KRiXwhQIDAQAB","name":"Chrome","version":"0.1"},"page_ordinal":"n","path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\40.0.2214.115\\resources\\chrome_app","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"mhjfbmdgcfjbbpaeojofohoefgiehjai":{"active_permissions":{"api":[],"explicit_host":["\u003Call_urls>","chrome://favicon/*"],"manifest_permissions":[],"scriptable_host":["chrome://print/*"]},"commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13073755032357810","location":5,"manifest":{"content_scripts":[{"js":["content_script.js"],"matches":["chrome://print/*"]}],"content_security_policy":"script-src 'self' chrome://resources; object-src *; plugin-types application/x-google-chrome-pdf","description":"","incognito":"split","key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDN6hM0rsDYGbzQPQfOygqlRtQgKUXMfnSjhIBL7LnReAVBEd7ZmKtyN2qmSasMl4HZpMhVe2rPWVVwBDl6iyNE/Kok6E6v6V3vCLGsOpQAuuNVye/3QxzIldzG/jQAdWZiyXReRVapOhZtLjGfywCvlWq7Sl/e3sbc0vWybSDI2QIDAQAB","manifest_version":2,"mime_types":["application/pdf"],"mime_types_handler":"index.html","name":"Chrome PDF Viewer","offline_enabled":true,"permissions":["\u003Call_urls>"],"version":"1","web_accessible_resources":["index.html","index.html"]},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\42.0.2311.90\\resources\\pdf","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"nbpagnldghgfoolbancepceaanlmhfmd":{"active_permissions":{"api":["audioCapture","hotwordPrivate","idle","management","metricsPrivate","tabs","unlimitedStorage","webConnectable"],"explicit_host":["*://*.google.at/*","*://*.google.ca/*","*://*.google.co.jp/*","*://*.google.co.kr/*","*://*.google.co.nz/*","*://*.google.co.uk/*","*://*.google.co.za/*","*://*.google.com.au/*","*://*.google.com.br/*","*://*.google.com.mx/*","*://*.google.com/*","*://*.google.de/*","*://*.google.es/*","*://*.google.fr/*","*://*.google.it/*","*://*.google.ru/*","chrome://newtab/*","chrome://resources/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["hotwordPrivate.onDeleteSpeakerModel","hotwordPrivate.onEnabledChanged","hotwordPrivate.onSpeakerModelExists","management.onInstalled","runtime.onMessageExternal","runtime.onStartup"],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13073755032352810","location":5,"manifest":{"background":{"persistent":false,"scripts":["chrome://resources/js/cr.js","chrome://resources/js/util.js","chrome://resources/js/cr/event_target.js","constants.js","keep_alive.js","logging.js","metrics.js","nacl_manager.js","state_manager.js","base_session_manager.js","always_on_manager.js","launcher_manager.js","page_audio_manager.js","training_manager.js","manager.js"]},"content_security_policy":"object-src 'none'; script-src chrome://resources 'self'","import":[{"id":"lccekmodgklaepjeofjdjpbminllajkg"}],"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbHXRPiq2De9EJ+4pvNN6uE/D2avxrqyLSpA/Hq3II+btkPl1gboY3oUPTfevpVOFa90Y1c1b3/W682dXqybT0klIvFLKhdQx0LiVqSUQyIaDrwOCSo/ZcukbEwDRojegWymCjHvX6WZk4kKZzTJYzY1vrp0TWKLhttEMN9KFmowIDAQAB","manifest_version":2,"minimum_chrome_version":"38","name":"Hotword triggering","permissions":["*://*.google.at/*","*://*.google.ca/*","*://*.google.com/*","*://*.google.com.au/*","*://*.google.com.mx/*","*://*.google.com.br/*","*://*.google.co.jp/*","*://*.google.co.kr/*","*://*.google.co.nz/*","*://*.google.co.uk/*","*://*.google.co.za/*","*://*.google.de/*","*://*.google.es/*","*://*.google.fr/*","*://*.google.it/*","*://*.google.ru/*","chrome://newtab/","chrome://resources/","audioCapture","hotwordPrivate","idle","management","metricsPrivate","tabs","unlimitedStorage"],"version":"0.0.1.4"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\42.0.2311.90\\resources\\hotword","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"ndibdjnfmopecpmkdieinmbadjfpblof":{"active_permissions":{"api":["nativeMessaging","tabs"],"explicit_host":["\u003Call_urls>","chrome://favicon/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":9,"disable_reasons":33,"events":[],"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["nativeMessaging","tabs"],"explicit_host":["\u003Call_urls>","chrome://favicon/*"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13069961272900119","lastpingday":"13076751597278991","location":1,"manifest":{"background":{"scripts":["js/background.js"]},"description":"AVG Secure Search alerts you before you visit dangerous webpages to make sure your identity, personal information & PC are protected","icons":{"128":"icons/wticon128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDaBhCcd8V6V8SwALoaT+A51wnypeg3PtHPFZ6/1OKPFykl5ejJUJj4iBdO6hwupZS9r69OFb9AF0NPAxXqMfuh/mVqguifgJiqVV7tLaQ5tGAIy0pACKYaTICVePngldEIu1VNSf8A+YoQIt0LL7arZL5E/0iIoqX4Yd04Q8X2HwIDAQAB","manifest_version":2,"name":"AVG Secure Search","page_action":{"default_icon":"icons/wticon19.png"},"permissions":["\u003Call_urls>","tabs","nativeMessaging"],"update_url":"https://clients2.google.com/service/update2/crx","version":"1.0.0.8"},"path":"ndibdjnfmopecpmkdieinmbadjfpblof\\1.0.0.8_0","preferences":{},"regular_only_preferences":{},"state":0,"was_installed_by_default":false,"was_installed_by_oem":false},"neajdppkdcdipfabeoofebfddakdcjhd":{"active_permissions":{"api":["systemPrivate","ttsEngine"],"explicit_host":["https://www.google.com/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["ttsEngine.onPause","ttsEngine.onResume","ttsEngine.onSpeak","ttsEngine.onStop"],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13069860680348483","location":5,"manifest":{"background":{"persistent":false,"scripts":["tts_extension.js"]},"description":"Component extension providing speech via the Google network text-to-speech service.","key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8GSbNUMGygqQTNDMFGIjZNcwXsHLzkNkHjWbuY37PbNdSDZ4VqlVjzbWqODSe+MjELdv5Keb51IdytnoGYXBMyqKmWpUrg+RnKvQ5ibWr4MW9pyIceOIdp9GrzC1WZGgTmZismYR3AjaIpufZ7xDdQQv+XrghPWCkdVqLN+qZDA1HU+DURznkMICiDDSH2sU0egm9UbWfS218bZqzKeQDiC3OnTPlaxcbJtKUuupIm5knjze3Wo9Ae9poTDMzKgchg0VlFCv3uqox+wlD8sjXBoyBCCK9HpImdVAF1a7jpdgiUHpPeV/26oYzM9/grltwNR3bzECQgSpyXp0eyoegwIDAQAB","manifest_version":2,"name":"Google Network Speech","permissions":["systemPrivate","ttsEngine","https://www.google.com/"],"tts_engine":{"voices":[{"event_types":["start","end","error"],"gender":"female","lang":"en-US","remote":true,"voice_name":"Google US English"},{"event_types":["start","end","error"],"gender":"male","lang":"en-GB","remote":true,"voice_name":"Google UK English Male"},{"event_types":["start","end","error"],"gender":"female","lang":"en-GB","remote":true,"voice_name":"Google UK English Female"},{"event_types":["start","end","error"],"gender":"female","lang":"es-ES","remote":true,"voice_name":"Google Español"},{"event_types":["start","end","error"],"gender":"female","lang":"fr-FR","remote":true,"voice_name":"Google Français"},{"event_types":["start","end","error"],"gender":"female","lang":"it-IT","remote":true,"voice_name":"Google Italiano"},{"event_types":["start","end","error"],"gender":"female","lang":"de-DE","remote":true,"voice_name":"Google Deutsch"},{"event_types":["start","end","error"],"gender":"female","lang":"ja-JP","remote":true,"voice_name":"Google æ?¥æ?¬äºº"},{"event_types":["start","end","error"],"gender":"female","lang":"ko-KR","remote":true,"voice_name":"Google í??êµ*ì?"},{"event_types":["start","end","error"],"gender":"female","lang":"zh-CN","remote":true,"voice_name":"Google ä¸*å?½ç??"}]},"version":"1.0"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\40.0.2214.115\\resources\\network_speech_synthesis","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"nkeimhogjdpnpccoofpliimaahmaaome":{"active_permissions":{"api":["alarms","desktopCapture","processes","webConnectable","webrtcAudioPrivate","webrtcLoggingPrivate","system.cpu"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["runtime.onConnectExternal","runtime.onMessageExternal"],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13069860680343483","location":5,"manifest":{"background":{"page":"background.html","persistent":false},"externally_connectable":{"matches":["https://*.google.com/hangouts*","*://localhost/*"]},"incognito":"split","key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDAQt2ZDdPfoSe/JI6ID5bgLHRCnCu9T36aYczmhw/tnv6QZB2I6WnOCMZXJZlRdqWc7w9jo4BWhYS50Vb4weMfh/I0On7VcRwJUgfAxW2cHB+EkmtI1v4v/OU24OqIa1Nmv9uRVeX0GjhQukdLNhAE6ACWooaf5kqKlCeK+1GOkQIDAQAB","manifest_version":2,"name":"Google+ Hangouts","permissions":["alarms","desktopCapture","processes","system.cpu","webrtcAudioPrivate","webrtcLoggingPrivate"],"version":"1.0"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\40.0.2214.115\\resources\\hangout_services","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"nmmhkkegccagdldgiimedpiccmgmieda":{"ack_external":true,"active_permissions":{"api":["identity","webview"],"explicit_host":["https://wallet-web.sandbox.google.com/*","https://wallet.google.com/*","https://www.google.com/*","https://www.googleapis.com/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":137,"events":["app.runtime.onLaunched","runtime.onConnectExternal"],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["identity","webview"],"explicit_host":["https://wallet-web.sandbox.google.com/*","https://wallet.google.com/*","https://www.google.com/*","https://www.googleapis.com/*"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13076196817207428","lastpingday":"13076751597278991","location":10,"manifest":{"app":{"background":{"scripts":["craw_background.js"]}},"current_locale":"de","default_locale":"en","description":"Google Wallet für digitale Produkte","display_in_launcher":false,"display_in_new_tab_page":false,"icons":{"128":"images/icon_128.png","16":"images/icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrKfMnLqViEyokd1wk57FxJtW2XXpGXzIHBzv9vQI/01UsuP0IV5/lj0wx7zJ/xcibUgDeIxobvv9XD+zO1MdjMWuqJFcKuSS4Suqkje6u+pMrTSGOSHq1bmBVh0kpToN8YoJs/P/yrRd7FEtAXTaFTGxQL4C385MeXSjaQfiRiQIDAQAB","manifest_version":2,"minimum_chrome_version":"29","name":"Google Wallet","oauth2":{"auto_approve":true,"client_id":"203784468217.apps.googleusercontent.com","scopes":["https://www.googleapis.com/auth/sierra","https://www.googleapis.com/auth/sierrasandbox","https://www.googleapis.com/auth/chromewebstore","https://www.googleapis.com/auth/chromewebstore.readonly"]},"permissions":["identity","webview","https://wallet.google.com/","https://wallet-web.sandbox.google.com/","https://www.google.com/","https://www.googleapis.com/*"],"update_url":"https://clients2.google.com/service/update2/crx","version":"0.1.1.0"},"path":"nmmhkkegccagdldgiimedpiccmgmieda\\0.1.1.0_0","preferences":{},"regular_only_preferences":{},"running":false,"state":1,"was_installed_by_default":true,"was_installed_by_oem":false},"noagedoiolkfaoaknohhepocfeooibjb":{"active_permissions":{"api":[],"explicit_host":["*://battlelog.battlefield.com/*","*://cte.battlelog.com/*"],"manifest_permissions":[],"scriptable_host":["*://battlelog.battlefield.com/*","*://cte.battlelog.com/*"]},"commands":{},"content_settings":[],"creation_flags":9,"disable_reasons":32,"events":[],"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":[],"explicit_host":["*://battlelog.battlefield.com/*","*://cte.battlelog.com/*"],"manifest_permissions":[],"scriptable_host":["*://battlelog.battlefield.com/*","*://cte.battlelog.com/*"]},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13069961316406566","lastpingday":"13076751597278991","location":1,"manifest":{"content_scripts":[{"css":["styles.css"],"js":["actions.js","controls.js","main.js","inject.js"],"matches":["*://battlelog.battlefield.com/*","*://cte.battlelog.com/*"],"run_at":"document_end"}],"description":"Adds some useful functionality for emblem editor.","icons":{"128":"icon_128x128.png","64":"icon_64x64.png"},"key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryCmWjWTKaKdmxBgwB78n4xDS1xPyWd8bEHvqLNP/v/QGdxpjQfe6twRTzHPl7ml8n8VuJHEokAgLhbIPe5WUDJM4iCTe4z7baf9yo5YfohrDXyDRzC2AQ7pIwMoPqdyeRg3IqSjojAPSPIz1koMGk+kjydrPUgSFR91ZskTozqEOhcGznJNoF6waDpG7GMR7+YQHBo5Yw/4pBTHMhkKABVEF9zisAs/livZwEQsZIcMoRalanyriBOUYbj0+7KQRT4hx/Fi/O4k8MWsAjv7kKfBZwi3PHvgi4FwraVcQ6cqAeFpfulv5HKIfj+7Jsi4JxN4sKUVQv74s55iZ2914QIDAQAB","manifest_version":2,"name":"Battlelog Emblem Editor Extended","permissions":["*://battlelog.battlefield.com/*","*://cte.battlelog.com/*"],"update_url":"https://clients2.google.com/service/update2/crx","version":"0.4.5.6"},"path":"noagedoiolkfaoaknohhepocfeooibjb\\0.4.5.6_0","preferences":{},"regular_only_preferences":{},"state":0,"was_installed_by_default":false,"was_installed_by_oem":false},"pafkbggdmjlpgkdkcbjmhmfcdpncadgh":{"active_permissions":{"api":["alarms","background","gcm","identity","metricsPrivate","notifications","storage","tabs","webstorePrivate"],"explicit_host":["*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/*","https://*.googleusercontent.com/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["alarms.onAlarm","gcm.onMessage","identity.onSignInChanged","notifications.onButtonClicked","notifications.onClicked","notifications.onClosed","notifications.onPermissionLevelChanged","notifications.onShowSettings","pushMessaging.onMessage","runtime.onInstalled","runtime.onStartup","runtime.onSuspend","storage.onChanged"],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13069860680347483","location":5,"manifest":{"background":{"persistent":false,"scripts":["utility.js","cards.js","background.js"]},"description":"Integrates Google Now into Chrome.","icons":{"128":"images/icon128.png","16":"images/icon16.png","48":"images/icon48.png"},"key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhqJr32OFD/bMXW4Md7jMfd7LbwHXVc6x5bBQG5U+dloofoxrICDR20yur/40mQ8O//0sS1b8srvbab1CRlSrxoNCr9T80NAkfzx0gHyVS+p1Zow+1FzLMu9PiGwwFyN80HIB7GI/dIa0wC9K/2OrrzcHEhVH96DacTtWQqjfDVtZPjT7Xwv23dgoWcpbkRC86jMJot3dmX9xnn0KzoVc9gDOHSIkBLbkkr6Sp3LGXCCM4L0DJgxdFwaLr5WBzgC3y5x0/wwPIwN4PtIaK3BhH6njlksfnKwwIJ9iRT41V4BqbWu4mszO/7VJ3HJyw2DBpIc2grU9ZRRxrV3fRQG4wIDAQAB","manifest_version":2,"name":"Google Now","oauth2":{"auto_approve":true,"scopes":["https://www.googleapis.com/auth/googlenow"]},"optional_permissions":["background"],"permissions":["alarms","identity","metricsPrivate","notifications","pushMessaging","storage","tabs","webstorePrivate","*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/chromenow/v1/*","https://*.googleusercontent.com/*"],"version":"1.2.0.1"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\40.0.2214.115\\resources\\google_now","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"pjkljhegncpnkpknbcohdijeoejaedia":{"ack_external":true,"active_permissions":{"api":["notifications"],"manifest_permissions":[]},"app_launcher_ordinal":"x","commands":{},"content_settings":[],"creation_flags":137,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["notifications"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13072034090387213","lastpingday":"13076751597278991","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"https://mail.google.com/mail/ca"},"urls":["*://mail.google.com/mail/ca"]},"current_locale":"de","default_locale":"en","description":"Schneller E-Mail-Dienst mit Suchfunktion und wenig Spam.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","manifest_version":2,"name":"Google Mail","options_page":"https://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"hxxp://clients2.google.com/service/update2/crx","version":"8.1"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\8.1_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false}}},"google":{"services":{"last_username":"atha70@web.de","username":"atha70@web.de"}},"homepage":"hxxp://search.conduit.com/?gd=&ctid=CT3318001&octid=EB_ORIGINAL_CTID&ISID=&SearchSource=55&CUI=&UM=5&UP=SP0AC95814-B408-4148-942D-6DA1DB0EDED4&SSPV=","homepage_changed":true,"homepage_is_newtabpage":false,"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"B63043CA93B78A82588E6AECF74789D2BBC277C6C410A4C2503C749DC7C95034"},"default_search_provider":{"keyword":"C15A6938A10B6A0439C7345ABD20D388D54CC96A501AA132E0CE787752E894B1","name":"6B9E2EF3FE752D3EBB6FF5900C189A4241B2F252B91BF73D2BA5863F05B996B9","search_url":"D7F212098CAE7C22E5CFB321617191093F5976FE7DAB0149531AADD6D156D7B7"},"default_search_provider_data":{"template_url_data":"99FBB5CEA7DBE53B86375A1372891E2477CE7748A2E81C078D728102B0E4DC69"},"extensions":{"settings":{"aapocclcgogkmnckokdopfmhonfmgoek":"F1EBC4D732F761A13EB36B37EAFE2658DF6DB8AF1AA4B26FE12B634D1AC584E7","ahfgeienlihckogmohjhadlkjgocpleb":"EA75A26C2C5A04AE107794518DF049F90019498AE08881174C7A8CC4CA3B9FEB","aohghmighlieiainnegkcijnfilokake":"3C18CC3FA3C546A02D4C560B3669536317D5FE16E44937DB98258588054E92E2","apdfllckaahabafndbhieahigkjlhalf":"8B7115B38CB17452015E6A2560357322BB64A90C499F5E019657E476DFB1CCB3","bepbmhgboaologfdajaanbcjmnhjmhfn":"2CB6905D5B23A7AF82546AF6CE40A386C22779921F143C0B0A7CFDF9C64FED12","bfjgbcjfpbbfepcccpaffkjofcmglifg":"D9669C423D575344CA8DB85AB9C9802C2534AA79D0C6C75CA230AE790A8AC5E4","blpcfgokakmgnkcojhhkbfbldkacnbeo":"C62E1FC30935B3AB76B05D29D0964E0DF201808D60B4E9282DD317046CE01C45","cfhdojbkjhnklbpkdaibdccddilifddb":"549187FCDA96BB2561E83628B7E7ECBDAD7B0422BD0F3F25C0EDDFDD55A7E873","coobgpohoikkiipiblmjeljniedjpjpf":"05A4C1C1E2115AAFD49D92C6A39827300E2A4B57573B1F0C9D6C7BDB54A5CC71","dnhpdliibojhegemfjheidglijccjfmc":"3AB2002F7ECB5B7551EA2DFCBB6BC6A08CF7B6F137A90AC6BAC2A5C19A108982","eemcgdkfndhakfknompkggombfjjjeno":"8F38C161A5B56D73C92FB59EE477D05A93E2BCE945B955B94EBE27AE19D298C9","eglgfnfolcgijipffhlhbbnefdcbjbml":"C74CB8315D1FC06C8E69C455AADAC6577F8F2D0107EA2E6214BCECBC6A27D312","elicpjhcidhpjomhibiffojpinpmmpil":"F5CD93307F9179281DBF80B6013A76613FFED7226084F2CAEF72BBAF92B75D44","ennkphjdgehloodpbhlhldgbnhmacadg":"DC1C5A0822BDE780D78E2E8CCC9506F59EC381AB6FD7D1EEC417F9F5D58DC96D","felcaaldnbdncclmgdcncolpebgiejap":"CAB9D0B89B92AE92E2BEBF49828F6D711E95B32BD7C761750412B7150E970588","flliilndjeohchalpbbcdekjklbdgfkk":"776EB108967764C6078E5D02C4FD61EFA0144FE6C63A31FC5477904B0907898A","gcjbopemebdnolilndkpjfmhakccapkh":"3DDC917312E21DEE8E2E3D08FD06983941EDBA91134AA3834FE35E78FC9C8AC8","gfdkimpbcpahaombhbimeihdjnejgicl":"778B5031DB2C9A01E4C6BA45A318B250119D791E706B983B9785542BE3800710","gmlllbghnfkpflemihljekbapjopfjik":"BAE34FE31DA536B8BFCB438FCEFB48C346D33E5E794295692CD8445F1E9D4F0A","kmendfapggjehodndflmmgagdbamhnfd":"D328FD32426F37CC038E27D87E40AD2A22AC647FAF51712128E110A49E4C55F9","lccekmodgklaepjeofjdjpbminllajkg":"DD1352B6454D58D883981CF019EACEF7CF4448ADDDD65860CB1B79DCA50DC03E","lekgiimbfodefdaoofhlckefjbgpeilo":"DB9387666512B0C9C4320C86B9726CFFBEB2E67E6783776174F527E7EBB07386","mfehgcgbbipciphmccgaenjidiccnmng":"1CE2BEEF7184D2961E40C634A8D7A3DEFCF94DBA6DD4102E43DD4C23C811BA12","mfffpogegjflfpflabcdkioaeobkgjik":"A73C68BBAE6F6A0FF582FCCECAC2C4FCCA81D94C0FA18856F8450129ED577CD3","mgndgikekgjfcpckkfioiadnlibdjbkf":"2CC329D224C45BF5BE41928FF1CE96CE582D8106560E2F750696CEDF4FC3B34C","mhjfbmdgcfjbbpaeojofohoefgiehjai":"05EFF64B458E0F94EBD463E8D9B738CE42234FA722B04745C6396312CE375070","nbpagnldghgfoolbancepceaanlmhfmd":"31FC4E7DF193F1C4A6D42AFA16C6A54D537FEAA6239E90695957383DEAACAE0F","ndibdjnfmopecpmkdieinmbadjfpblof":"416D1973FF41A9CA3139827C1A4DAAB7C4E4D01F04FE2544E89DAEC9E2C24B4B","neajdppkdcdipfabeoofebfddakdcjhd":"5AA88282D41A00DA81B0226434342BB7FDCB8E900300ABB9CE3DB46F9C788AF6","nkeimhogjdpnpccoofpliimaahmaaome":"366DB13DC8A880B45D911F13C36107F014D60648A1CFF64D5E03DABAF9A76CDB","nmmhkkegccagdldgiimedpiccmgmieda":"0997F6D33FB58BB3CE7647A285FD33B9988B698B3AF27230DD14DB8287CEBE1C","noagedoiolkfaoaknohhepocfeooibjb":"F3918E8AE2C00F4C38FA6D2A3B9DEE524AF0C950C160349AE6E0038348EF0203","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"60806C1519FB34F258E5C6DB47006FE74F3E42DD7F953F3E00A6CBD817D691E0","pjkljhegncpnkpknbcohdijeoejaedia":"39D531CF41F17886E25F7E9695E2B08EA0917DD48CBD3C666420E7793C079FAD"}},"google":{"services":{"last_username":"2967142D5049BE001EFC327025368923CACD0D6725420F59175C39F7235F70AD","username":"0610BFDE9CCE48FBA9136D1F0005738B0143E010208EA82C41BCE2679C2F5624"}},"homepage":"CC27C1201D28A059BAB846101CEEDDFAEFC8C71AA21B6807D17C010E4A89E867","homepage_is_newtabpage":"9078E27E4FDC56C2180392E4B12E3AF3868EAE48381CB2AC4A4053413FAD8A3F","pinned_tabs":"CCAA89434DEBD9FEF840E5C2E7ECC670AA34CDB2394C84F93162AA0B929D06DF","prefs":{"preference_reset_time":"74F61882A318A0EFAABBE65EA71D1155E7DB22A01BE79799D190EFC1B395D5C9"},"profile":{"reset_prompt_memento":"C1D4CB5F83FD4DB27D8C8EC44B112BFF32523576816573F7F0C413DED8464AFC"},"safebrowsing":{"incidents_sent":"71DF43EB88394090E0017470ED0638880EC37A0B18A83FAF1AA099F284B89C7D"},"search_provider_overrides":"423F740A9BB6DD75B293EE216C10E794F20BE02DCE55894593A3CDE9C7FC7B0C","session":{"restore_on_startup":"7540CA4409868259357B5BFF18E6EB2D017D749E54D4985F13F2BB78E851BF7C","startup_urls":"9C2B9FDA2DFA25136D4C5D7209A1C6E685CCD1786A0EF1A428AF115FF4118FA9"},"software_reporter":{"prompt_reason":"3E6B6981188E980B0952D0F6FD6472908AF47B49167459E13061D56458CD847A","prompt_seed":"8E8B9521C699E269488BADE6927F99AEF7B87FE4A4293EAE5B263D5AAD6A9C2D","prompt_version":"F4E811893BF5BC9C7AAF57AB4CAE05F972A344A2F84A30D7D73E14349D66DC73"},"sync":{"remaining_rollback_tries":"8422C412021F05CCA40E32B08D1845C278B7E55996D6BA112C75D1FDD9386416"}},"super_mac":"7DC883B5A3FB052314D5919ACD20427E0E565BB436E1BB9A90EF08E1B0B0F02C"},"session":{"restore_on_startup":5,"startup_urls":["hxxp://www.google.de/"]},"sync":{"remaining_rollback_tries":0}}), Ersetzt,[624acfc7484296a0eaabfa6e59ad619f] Physische Sektoren: 0 (Keine schädliche Elemente gefunden) (end) |
|
22.05.2015, 21:54
| #10 |
| | langsamer computerCode:
ATTFilter # AdwCleaner v4.205 - Bericht erstellt 22/05/2015 um 22:58:15
# Aktualisiert 21/05/2015 von Xplode
# Datenbank : 2015-05-21.2 [Server]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (x64)
# Benutzername : Zeus - ZEUS-PC
# Gestarted von : C:\Users\Zeus\Desktop\AdwCleaner_4.205.exe
# Option : Suchlauf
***** [ Dienste ] *****
Dienst Gefunden : SCBackService
***** [ Dateien / Ordner ] *****
Datei Gefunden : C:\Users\Zeus\AppData\Roaming\Mozilla\Firefox\Profiles\iehuq9xm.default\invalidprefs.js
Datei Gefunden : C:\Users\Zeus\AppData\Roaming\Mozilla\Firefox\Profiles\iehuq9xm.default\user.js
Datei Gefunden : C:\Windows\System32\roboot64.exe
Ordner Gefunden : C:\Program Files (x86)\pc speed up
Ordner Gefunden : C:\Program Files\SoftwareUpdater
Ordner Gefunden : C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Ordner Gefunden : C:\Users\Zeus\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp
Ordner Gefunden : C:\Users\Zeus\AppData\Roaming\337Games
Ordner Gefunden : C:\Users\Zeus\AppData\Roaming\RHEng
Ordner Gefunden : C:\Users\Zeus\Documents\PCSpeedUp
***** [ Geplante Tasks ] *****
Task Gefunden : FreeDriverScout
Task Gefunden : Software Updater
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden : HKCU\Software\Ciuvo
Schlüssel Gefunden : HKCU\Software\Linkey
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFE66D00-A56A-4F7F-81D7-4A28C5816D6C}
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKCU\Software\systweak
Schlüssel Gefunden : [x64] HKCU\Software\Ciuvo
Schlüssel Gefunden : [x64] HKCU\Software\Linkey
Schlüssel Gefunden : [x64] HKCU\Software\OCS
Schlüssel Gefunden : [x64] HKCU\Software\systweak
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{82A5CE4D-AF0C-45B6-8AF8-75625BE6A08D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{B2B7E0CD-E169-43B3-A233-E129610EE314}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{0DEC13F0-5C8C-4147-8329-6CDFAD9755B7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{0F3DC9E0-C459-4A40-BCF8-747BD9322E10}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{5E97F0FA-3B44-4634-A87E-8B0D5CFD6365}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{951F5841-FD1E-4F1D-8607-67B174DBD753}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{D1CCB0CC-DA45-4797-93D3-DEE7A13F8177}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{DCE24E28-D8EF-49BE-BC01-A1DD3B58FCE3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{E4F7F1A5-490E-4884-A9E3-CBD6A25749E1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{FFE66D00-A56A-4F7F-81D7-4A28C5816D6C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{22E9CC7A-04B2-4558-A993-763395274E42}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\STC.FBServiceAPPEventsSink
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\STC.FBServiceAPPEventsSink.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\STC.OptionMenu
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\STC.OptionMenu.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\STC.Protocol
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\STC.Protocol.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\STC.VisualBookmark
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\STC.VisualBookmark.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\STC.WebObject
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\STC.WebObject.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\STCHelper.BHOHelper
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\STCHelper.BHOHelper.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\STCHelper.FBServiceAPP
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\STCHelper.FBServiceAPP.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\STCHelper.Protocol
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\STCHelper.Protocol.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{4E8E0178-00EF-413D-9324-E7B3E31572E3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{506DDB16-455A-4746-AD77-D23228955FD3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{A1A533A8-E106-422B-AE29-D0025269AF83}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{B1759D04-0EF9-472A-B5C3-C774997B5321}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80ED3EBC-CC05-4336-ABCC-295798855718}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKLM\SOFTWARE\Solvusoft
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{22E9CC7A-04B2-4558-A993-763395274E42}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0F3DC9E0-C459-4A40-BCF8-747BD9322E10}]
Wert Gefunden : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}]
Wert Gefunden : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}]
Wert Gefunden : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{d9284e50-81fc-11da-a72b-0800200c9a66}]
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17728
-\\ Mozilla Firefox v37.0.2 (x86 de)
[iehuq9xm.default] - Zeile Gefunden : user_pref("avira.safe_search.installed", "[\"safesearch\"]");
[iehuq9xm.default] - Zeile Gefunden : user_pref("avira.safe_search.prev_newtab", "hxxps://safesearch.avira.com/#?source=newtab");
[iehuq9xm.default] - Zeile Gefunden : user_pref("browser.newtab.url", "hxxps://safesearch.avira.com/#?source=newtab");
[iehuq9xm.default] - Zeile Gefunden : user_pref("browser.search.order.1", "default-search.net");
[iehuq9xm.default] - Zeile Gefunden : user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-but[...]
[iehuq9xm.default] - Zeile Gefunden : user_pref("extensions.safesearch.MP_DISTINCT_ID", "\"148228c549b87-0b7d62a59c9e08-43514136-0-148228c549c1ac\"");
[iehuq9xm.default] - Zeile Gefunden : user_pref("extensions.safesearch.SAUTH_expires_at", "1431964332");
[iehuq9xm.default] - Zeile Gefunden : user_pref("extensions.safesearch.SAUTH_rndsnr", "\"b2f1cba8555d5c505ca0b2b3c71aa777c6242f2f\"");
[iehuq9xm.default] - Zeile Gefunden : user_pref("extensions.safesearch.SAUTH_userid", "4294819354");
[iehuq9xm.default] - Zeile Gefunden : user_pref("extensions.safesearch.SAUTH_utoken", "\"475aea1f6c6c6964ce99826f4f80267905ffa90a\"");
[iehuq9xm.default] - Zeile Gefunden : user_pref("extensions.safesearch.install", "1409328895138");
[iehuq9xm.default] - Zeile Gefunden : user_pref("extensions.safesearch.search_offer_disabled", "true");
[iehuq9xm.default] - Zeile Gefunden : user_pref("extensions.xpiState", "{\"app-profile\":{\"abs@avira.com\":{\"d\":\"C:\\\\Users\\\\Zeus\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\iehuq9xm.default\\\\extensions\\\\abs@avir[...]
-\\ Google Chrome v43.0.2357.65
-\\ Opera v24.0.1558.64
*************************
AdwCleaner[R0].txt - [8680 Bytes] - [22/05/2015 22:58:15]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [8739 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.7.6 (05.21.2015:1)
OS: Windows 7 Ultimate x64
Ran by Zeus on ?a? 22/05/2015 at 23:47:46,58
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
Successfully stopped: [Service] wcuservice_stc_ie
Successfully deleted: [Service] wcuservice_stc_ie
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A18A516C-AA41-46A9-92DB-60208917E442}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A18A516C-AA41-46A9-92DB-60208917E442}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{A18A516C-AA41-46A9-92DB-60208917E442}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] C:\ProgramData\drivergenius
~~~ FireFox
Successfully deleted: [File] C:\Users\Zeus\AppData\Roaming\mozilla\firefox\profiles\iehuq9xm.default\searchplugins\avira-safesearch.xml
Successfully deleted: [Folder] C:\Users\Zeus\AppData\Roaming\mozilla\firefox\profiles\iehuq9xm.default\extensions\safesearch@avira.com
Successfully deleted the following from C:\Users\Zeus\AppData\Roaming\mozilla\firefox\profiles\iehuq9xm.default\prefs.js
user_pref(avira.safe_search.installed, [\safesearch\]);
user_pref(avira.safe_search.search_was_active, false);
user_pref(browser.newtab.url, hxxps://safesearch.avira.com/#?source=newtab);
user_pref(browser.uiCustomization.state, {\placements\:{\PanelUI-contents\:[\edit-controls\,\zoom-controls\,\new-window-button\,\privatebrowsing-button\,\save-
user_pref(extensions.bootstrappedAddons, {\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\:{\version\:\2.6.9\,\type\:\extension\,\descriptor\:\C:\\\\Users\\\\Zeus\\\\A
user_pref(extensions.safesearch.MP_DISTINCT_ID, \da49b2482cdf222808422d4fd1c28c59355cb9e9\);
user_pref(extensions.safesearch.SAUTH_rndsnr, \462beaefb82f552dd5605b1557abf0cc608b22fa\);
user_pref(extensions.safesearch.install, 1432325102887);
user_pref(extensions.xpiState, {\app-profile\:{\abs@avira.com\:{\d\:\C:\\\\Users\\\\Zeus\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\iehuq9xm.default\
Emptied folder: C:\Users\Zeus\AppData\Roaming\mozilla\firefox\profiles\iehuq9xm.default\minidumps [75 files]
~~~ Chrome
Successfully deleted: [Folder] C:\Users\Zeus\appdata\local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo
Successfully deleted: [Folder] C:\Users\Zeus\appdata\local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Successfully deleted: [Folder] C:\Users\Zeus\appdata\local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ?a? 22/05/2015 at 23:51:21,56
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 |
|
23.05.2015, 19:48
| #11 |
| /// the machine /// TB-Ausbilder | langsamer computer AdwCleaner nochmal, diesmal auch löschen lassen. ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
24.05.2015, 13:01
| #12 |
| | langsamer computerCode:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-05-2015 Ran by Zeus (administrator) on ZEUS-PC on 24-05-2015 13:04:49 Running from C:\Users\Zeus\Downloads Loaded Profiles: Zeus (Available Profiles: Zeus) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe () C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [728312 2015-05-19] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-06-07] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [130048 2015-04-10] (Avira Operations GmbH & Co. KG) HKU\S-1-5-21-65031845-1434384236-1651786591-1000\...\Run: [GoogleChromeAutoLaunch_8C08A43057843DCE2F430EE89329B7BA] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-05-13] (Google Inc.) HKU\S-1-5-21-65031845-1434384236-1651786591-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1303872 2015-03-12] (Lavasoft) HKU\S-1-5-21-65031845-1434384236-1651786591-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-20] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK-Konfigurationstool.lnk [2014-09-11] ShortcutTarget: TP-LINK-Konfigurationstool.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-65031845-1434384236-1651786591-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-65031845-1434384236-1651786591-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-65031845-1434384236-1651786591-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://gr.yahoo.com/?fr=vmn&type=vmn__webcompa__1_0__ya__hp_WCYID10099_swoc_campaign_150314__yaie SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-65031845-1434384236-1651786591-1000 -> {8C4AAEDA-F9FF-44d4-BA7F-DB7F55AE47D3} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV SearchScopes: HKU\S-1-5-21-65031845-1434384236-1651786591-1000 -> {B5906189-5FA6-4151-9547-065BDAE0B0B3} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms} BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) Hosts: 127.0.0.1 validation.sls.microsoft.com Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Zeus\AppData\Roaming\Mozilla\Firefox\Profiles\iehuq9xm.default FF SearchEngineOrder.3: Bing FF SelectedSearchEngine: Yahoo FF Homepage: https://gr.yahoo.com/?fr=vmn&type=vmn__webcompa__1_0__ya__hp_WCYID10099_swoc_campaign_150314__yaff FF Keyword.URL: hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q= FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-17] () FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-04-22] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-17] () FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-04-22] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.) FF Extension: Avira Browser Safety - C:\Users\Zeus\AppData\Roaming\Mozilla\Firefox\Profiles\iehuq9xm.default\Extensions\abs@avira.com [2015-04-30] FF Extension: Bing Search Engine - C:\Users\Zeus\AppData\Roaming\Mozilla\Firefox\Profiles\iehuq9xm.default\Extensions\bingsearch.full@microsoft.com [2015-03-08] FF Extension: Video Downloader Professional - C:\Users\Zeus\AppData\Roaming\Mozilla\Firefox\Profiles\iehuq9xm.default\Extensions\ffext_basicvideoext@startpage24.xpi [2015-03-03] FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Zeus\AppData\Roaming\Mozilla\Firefox\Profiles\iehuq9xm.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-03-12] FF Extension: Video DownloadHelper - C:\Users\Zeus\AppData\Roaming\Mozilla\Firefox\Profiles\iehuq9xm.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-15] FF Extension: Adblock Plus - C:\Users\Zeus\AppData\Roaming\Mozilla\Firefox\Profiles\iehuq9xm.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-22] FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-10] FF HKU\S-1-5-21-65031845-1434384236-1651786591-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff FF Extension: No Name - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-06-22] Chrome: ======= CHR Profile: C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Brushed) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjgbcjfpbbfepcccpaffkjofcmglifg [2015-04-20] CHR Extension: (Adblock Plus) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-05-24] CHR Extension: (Avira SafeSearch) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\eglgfnfolcgijipffhlhbbnefdcbjbml [2015-05-24] CHR Extension: (Video Downloader professional) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2015-05-24] CHR Extension: (Avira Browser Safety) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-05-24] CHR Extension: (Links Checker) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh [2015-05-24] CHR Extension: (Bookmark Manager) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-24] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-24] CHR Extension: (Speed Check) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo [2015-05-24] CHR Extension: (AVG Secure Search) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2015-05-24] CHR Extension: (Google Wallet) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-24] CHR Extension: (Battlelog Emblem Editor Extended) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\noagedoiolkfaoaknohhepocfeooibjb [2015-05-24] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827640 2015-05-19] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-05-19] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-05-19] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1185584 2015-05-19] (Avira Operations GmbH & Co. KG) S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] () R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [205104 2015-04-10] (Avira Operations GmbH & Co. KG) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [] S4 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.3.0\LavasoftTcpService.exe [836984 2015-03-12] (Lavasoft Limited) S4 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [619776 2015-01-15] (Lenovo) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation) S4 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [17768 2015-03-12] () R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software) S4 WCUService_STC_FF; C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe [493384 2011-03-24] (Splashtop Inc.) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11832 2010-06-30] (Advanced Micro Devices Inc.) R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] () S3 AR9271; C:\Windows\System32\DRIVERS\athuwx.sys [2224160 2011-07-29] (Atheros Communications, Inc.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [152744 2015-05-19] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-05-19] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-05-27] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-05] (Avira Operations GmbH & Co. KG) S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-07-30] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-24] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation) R3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [990864 2013-04-09] (Realtek Semiconductor Corporation ) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-06-23] (TuneUp Software) S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-05-24 13:04 - 2015-05-24 13:04 - 00000000 ____D () C:\Users\Zeus\Downloads\FRST-OlderVersion 2015-05-23 22:01 - 2015-05-24 01:46 - 343850963 _____ () C:\Users\Zeus\Desktop\Watch Fraktal-everlysdmp4 - sharedsx.mp4 2015-05-22 23:47 - 2015-05-22 23:47 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-ZEUS-PC-Windows-7-Ultimate-(64-bit).dat 2015-05-22 23:47 - 2015-05-22 23:47 - 00000000 ____D () C:\RegBackup 2015-05-22 23:41 - 2015-05-22 23:42 - 02720009 _____ (Thisisu) C:\Users\Zeus\Downloads\JRT.exe 2015-05-22 23:02 - 2015-05-22 23:51 - 00000000 ____D () C:\Users\Zeus\Desktop\Sicherheitsprogramme 2015-05-22 22:58 - 2015-05-22 22:59 - 00000000 ____D () C:\AdwCleaner 2015-05-22 22:35 - 2015-05-22 22:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-05-22 22:34 - 2015-05-22 22:35 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-05-22 22:34 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-05-22 22:34 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-05-22 22:31 - 2015-05-22 22:33 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Zeus\Downloads\mbam-setup-2.1.6.1022.exe 2015-05-21 22:29 - 2015-05-21 22:29 - 00031698 _____ () C:\Users\Zeus\Downloads\docx (3) 2015-05-21 22:29 - 2015-05-21 22:29 - 00031698 _____ () C:\Users\Zeus\Downloads\docx (2) 2015-05-21 22:27 - 2015-05-21 22:27 - 01196832 _____ () C:\Users\Zeus\Downloads\Word Viewer - CHIP-Installer (1).exe 2015-05-21 22:25 - 2015-05-21 22:25 - 01196832 _____ () C:\Users\Zeus\Downloads\Word Viewer - CHIP-Installer.exe 2015-05-21 22:24 - 2015-05-21 22:24 - 01196832 _____ () C:\Users\Zeus\Downloads\OpenOffice - CHIP-Installer (1).exe 2015-05-21 22:22 - 2015-05-21 22:22 - 00031698 _____ () C:\Users\Zeus\Downloads\docx (1) 2015-05-21 22:22 - 2015-05-21 22:22 - 00031698 _____ () C:\Users\Zeus\Downloads\docx 2015-05-21 12:22 - 2015-05-21 12:22 - 00028041 _____ () C:\ComboFix.txt 2015-05-21 11:54 - 2011-06-26 09:45 - 00256000 _____ () C:\Windows\PEV.exe 2015-05-21 11:54 - 2010-11-07 20:20 - 00208896 _____ () C:\Windows\MBR.exe 2015-05-21 11:54 - 2009-04-20 07:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2015-05-21 11:54 - 2000-08-31 03:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2015-05-21 11:54 - 2000-08-31 03:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2015-05-21 11:54 - 2000-08-31 03:00 - 00098816 _____ () C:\Windows\sed.exe 2015-05-21 11:54 - 2000-08-31 03:00 - 00080412 _____ () C:\Windows\grep.exe 2015-05-21 11:54 - 2000-08-31 03:00 - 00068096 _____ () C:\Windows\zip.exe 2015-05-21 11:53 - 2015-05-21 12:22 - 00000000 ____D () C:\Qoobox 2015-05-21 11:53 - 2015-05-21 12:19 - 00000000 ____D () C:\Windows\erdnt 2015-05-21 11:44 - 2015-05-21 11:52 - 05627500 ____R (Swearware) C:\Users\Zeus\Desktop\ComboFix.exe 2015-05-20 14:37 - 2015-05-20 14:37 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Zeus\Downloads\tdsskiller.exe 2015-05-20 14:36 - 2015-05-24 12:26 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-05-20 14:36 - 2015-05-22 23:01 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-05-20 14:36 - 2015-05-22 22:34 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-05-20 14:35 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-05-20 14:34 - 2015-05-20 14:35 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Zeus\Downloads\mbar-1.09.1.1004.exe 2015-05-20 00:05 - 2015-05-20 00:06 - 00046825 _____ () C:\Users\Zeus\Downloads\Addition.txt 2015-05-20 00:04 - 2015-05-24 13:04 - 00016808 _____ () C:\Users\Zeus\Downloads\FRST.txt 2015-05-20 00:04 - 2015-05-24 13:04 - 00000000 ____D () C:\FRST 2015-05-19 23:58 - 2015-05-24 13:04 - 02108416 _____ (Farbar) C:\Users\Zeus\Downloads\FRST64.exe 2015-05-19 21:02 - 2015-05-19 21:02 - 01219529 _____ () C:\Users\Zeus\Downloads\dmt3d.zip 2015-05-18 13:08 - 2015-05-18 13:08 - 00002770 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 2015-05-17 20:01 - 2015-05-17 20:01 - 00002201 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk 2015-05-17 20:01 - 2015-05-17 20:01 - 00000000 ____D () C:\Users\Zeus\AppData\Roaming\TuneUp Software 2015-05-17 20:01 - 2015-05-17 20:01 - 00000000 ____D () C:\Users\Zeus\AppData\Local\TuneUp Software 2015-05-17 20:01 - 2015-05-17 20:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014 2015-05-17 20:01 - 2014-07-16 10:24 - 00040760 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe 2015-05-17 20:01 - 2014-07-16 10:24 - 00029496 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll 2015-05-17 20:01 - 2014-07-16 10:24 - 00025400 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll 2015-05-17 20:00 - 2015-05-17 20:01 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014 2015-05-17 19:58 - 2015-05-17 20:09 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} 2015-05-17 19:58 - 2015-05-17 20:01 - 00000000 ____D () C:\ProgramData\TuneUp Software 2015-05-17 19:50 - 2015-05-17 19:57 - 28598072 _____ (TuneUp Software) C:\Users\Zeus\Downloads\TuneUpUtilities2014_34de-DE.exe 2015-05-12 22:08 - 2015-05-12 22:08 - 00000000 __SHD () C:\Users\Zeus\AppData\Local\EmieUserList 2015-05-12 22:08 - 2015-05-12 22:08 - 00000000 __SHD () C:\Users\Zeus\AppData\Local\EmieSiteList 2015-05-12 22:08 - 2015-05-12 22:08 - 00000000 __SHD () C:\Users\Zeus\AppData\Local\EmieBrowserModeList 2015-05-10 13:48 - 2015-05-10 13:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-05-10 13:44 - 2015-05-10 13:44 - 00000000 ____D () C:\Users\Zeus\AppData\Local\TomTom 2015-05-10 13:44 - 2015-05-10 13:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom 2015-05-10 13:44 - 2015-05-10 13:44 - 00000000 ____D () C:\Program Files (x86)\TomTom International B.V 2015-05-10 13:44 - 2015-05-10 13:44 - 00000000 ____D () C:\Program Files (x86)\MyDrive Connect 2015-05-10 13:40 - 2015-05-10 13:42 - 23308160 _____ (TomTom International B.V.) C:\Users\Zeus\Downloads\InstallMyDriveConnect.exe 2015-04-30 08:21 - 2015-04-30 08:21 - 00000025 _____ () C:\Users\Zeus\Desktop\speicher.vbs 2015-04-30 01:29 - 2015-04-30 01:29 - 00146145 _____ () C:\Users\Zeus\AppData\Local\708F4E7A_stp.CIS 2015-04-30 01:29 - 2015-04-30 01:29 - 00000274 _____ () C:\Users\Zeus\AppData\Local\708F4E7A_stp.CIS.part 2015-04-30 01:28 - 2015-04-30 01:28 - 00385602 _____ () C:\Users\Zeus\AppData\Local\5D515C96_stp.CIS 2015-04-30 01:28 - 2015-04-30 01:28 - 00000220 _____ () C:\Users\Zeus\AppData\Local\5D515C96_stp.CIS.part 2015-04-30 01:17 - 2015-04-30 01:19 - 00007609 _____ () C:\Users\Zeus\AppData\Local\Resmon.ResmonCfg 2015-04-30 00:26 - 2015-04-30 00:26 - 00000027 _____ () C:\Users\Zeus\Documents\vbs.txt ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-05-24 13:00 - 2015-03-03 15:45 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-05-24 12:51 - 2015-04-16 18:24 - 00000433 _____ () C:\Windows\system32\Drivers\etc\hosts.ics 2015-05-24 12:17 - 2014-06-23 15:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-05-24 12:04 - 2009-07-14 07:45 - 00014336 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-05-24 12:04 - 2009-07-14 07:45 - 00014336 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-05-24 12:00 - 2015-03-03 15:45 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-05-24 11:55 - 2009-07-14 08:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-05-24 11:55 - 2009-07-14 07:51 - 00046864 _____ () C:\Windows\setupact.log 2015-05-24 11:53 - 2014-06-22 15:47 - 01980121 _____ () C:\Windows\WindowsUpdate.log 2015-05-22 23:22 - 2014-06-22 17:19 - 00375762 _____ () C:\Windows\PFRO.log 2015-05-21 23:13 - 2015-03-03 17:29 - 00000000 ____D () C:\Users\Zeus\Desktop\KINOFILME 2015-05-21 22:22 - 2015-03-03 17:28 - 00000000 ____D () C:\Users\Zeus\AppData\Roaming\FLV and Media Player 2015-05-21 12:22 - 2009-07-14 06:20 - 00000000 __RHD () C:\Users\Default 2015-05-21 12:10 - 2009-07-14 05:34 - 00000215 _____ () C:\Windows\system.ini 2015-05-20 20:06 - 2014-06-22 15:50 - 00000000 ____D () C:\Users\Zeus\AppData\Local\VirtualStore 2015-05-20 17:49 - 2015-03-08 19:08 - 00000000 ____D () C:\Users\Zeus\AppData\Roaming\Skype 2015-05-20 12:16 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\system32\NDF 2015-05-19 16:43 - 2014-06-22 16:39 - 00152744 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2015-05-19 16:43 - 2014-06-22 16:39 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2015-05-18 23:03 - 2014-10-11 19:09 - 00000000 ____D () C:\Windows\System32\Tasks\Games 2015-05-18 11:55 - 2015-03-03 15:45 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-05-18 11:55 - 2015-03-03 15:45 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-05-17 20:19 - 2014-06-22 19:23 - 00000000 ____D () C:\Users\Zeus\Desktop\Programme 2015-05-17 20:09 - 2015-03-01 20:52 - 00000000 ____D () C:\Users\Zeus\AppData\Local\Downloaded Installations 2015-05-17 20:09 - 2014-06-22 17:15 - 00000000 ___HD () C:\ProgramData\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3} 2015-05-14 01:22 - 2014-06-22 17:54 - 00000000 ____D () C:\Users\Zeus\Desktop\Bilder 2015-05-11 22:55 - 2009-07-14 20:58 - 00696832 _____ () C:\Windows\system32\perfh007.dat 2015-05-11 22:55 - 2009-07-14 20:58 - 00148128 _____ () C:\Windows\system32\perfc007.dat 2015-05-11 22:55 - 2009-07-14 08:13 - 01613340 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-05-11 13:21 - 2014-06-22 16:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-04-30 09:03 - 2014-06-23 15:48 - 00000000 ___RD () C:\Users\Zeus\Desktop\musik 2015-04-30 07:39 - 2014-06-22 15:50 - 00000000 ____D () C:\Users\Zeus 2015-04-30 07:38 - 2015-03-12 22:37 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack 2015-04-30 07:38 - 2015-03-03 17:44 - 00000000 ____D () C:\Users\Zeus\AppData\Roaming\FreeFLVConverter 2015-04-30 07:38 - 2015-03-03 15:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-04-30 07:38 - 2014-06-22 18:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2015-04-30 07:38 - 2014-06-22 18:07 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft 2015-04-30 07:38 - 2014-06-22 18:05 - 00000000 ____D () C:\Users\Zeus\AppData\Roaming\DVDVideoSoft 2015-04-30 07:37 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\registration 2015-04-27 00:56 - 2009-07-14 08:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD ==================== Files in the root of some directories ======= 2015-04-30 01:28 - 2015-04-30 01:28 - 0385602 _____ () C:\Users\Zeus\AppData\Local\5D515C96_stp.CIS 2015-04-30 01:28 - 2015-04-30 01:28 - 0000220 _____ () C:\Users\Zeus\AppData\Local\5D515C96_stp.CIS.part 2015-04-30 01:29 - 2015-04-30 01:29 - 0146145 _____ () C:\Users\Zeus\AppData\Local\708F4E7A_stp.CIS 2015-04-30 01:29 - 2015-04-30 01:29 - 0000274 _____ () C:\Users\Zeus\AppData\Local\708F4E7A_stp.CIS.part 2015-04-30 01:17 - 2015-04-30 01:19 - 0007609 _____ () C:\Users\Zeus\AppData\Local\Resmon.ResmonCfg Some files in TEMP: ==================== C:\Users\Zeus\AppData\Local\Temp\avgnt.exe C:\Users\Zeus\AppData\Local\Temp\Quarantine.exe C:\Users\Zeus\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-05-24 01:17 ==================== End of log ============================ gruss hellas Code:
ATTFilter # AdwCleaner v4.205 - Bericht erstellt 24/05/2015 um 13:11:45
# Aktualisiert 21/05/2015 von Xplode
# Datenbank : 2015-05-21.2 [Server]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (x64)
# Benutzername : Zeus - ZEUS-PC
# Gestarted von : C:\Users\Zeus\Desktop\Sicherheitsprogramme\AdwCleaner_4.205.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo
Ordner Gelöscht : C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
[/!\] Nicht Gelöscht ( Junction ) : C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17728
-\\ Mozilla Firefox v37.0.2 (x86 de)
[iehuq9xm.default\prefs.js] - Zeile Gelöscht : user_pref("avira.safe_search.installed", "[\"safesearch\"]");
[iehuq9xm.default\prefs.js] - Zeile Gelöscht : user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-but[...]
[iehuq9xm.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.safesearch.MP_DISTINCT_ID", "\"da49b2482cdf222808422d4fd1c28c59355cb9e9\"");
[iehuq9xm.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.safesearch.SAUTH_rndsnr", "\"462beaefb82f552dd5605b1557abf0cc608b22fa\"");
[iehuq9xm.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.xpiState", "{\"app-profile\":{\"abs@avira.com\":{\"d\":\"C:\\\\Users\\\\Zeus\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\iehuq9xm.default\\\\extensions\\\\abs@avir[...]
-\\ Google Chrome v43.0.2357.65
-\\ Opera v24.0.1558.64
*************************
AdwCleaner[R0].txt - [8846 Bytes] - [22/05/2015 22:58:15]
AdwCleaner[R1].txt - [2481 Bytes] - [24/05/2015 13:06:39]
AdwCleaner[S0].txt - [8832 Bytes] - [22/05/2015 22:59:19]
AdwCleaner[S1].txt - [2209 Bytes] - [24/05/2015 13:11:45]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2268 Bytes] ##########
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=b13404d77931d54f9caf1ccc6ec5f3d4
# engine=23996
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-05-24 11:49:17
# local_time=2015-05-24 02:49:17 (+0200, Osteuropäische Sommerzeit)
# country="Greece"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 2749240 184098007 0 0
# scanned=164771
# found=12
# cleaned=11
# scan_time=2504
sh=DEDD8F0F9D5A4010092A2F3638C2E8AFB12BDD41 ft=1 fh=a2211db89c5209d0 vn="Variante von Win32/Packed.Komodia.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\LavasoftTcpService.dll"
sh=61897FE467FE567D4E93C0E87AF1899DB5416CA2 ft=1 fh=2b4e98822df8a714 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
sh=99DC571D90B5EDBC3C0B1F98F0B35C01BFC22BD3 ft=1 fh=bc27467f513f5947 vn="Variante von Win32/Packed.Komodia.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.3.0\LavasoftLSPInstaller.exe"
sh=DEDD8F0F9D5A4010092A2F3638C2E8AFB12BDD41 ft=1 fh=a2211db89c5209d0 vn="Variante von Win32/Packed.Komodia.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.3.0\LavasoftTcpService.dll"
sh=1BCC5121EDB3B068A804F5E7077FDB2F7AD87D23 ft=1 fh=b20919ea4281fc65 vn="Variante von Win32/Packed.Komodia.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.3.0\LavasoftTcpService.exe"
sh=1F93F5FE420B28E0C9E9161E81DDEB4F9C9DE449 ft=1 fh=c138ae358509f971 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Zeus\AppData\Local\Temp\DMR\dmr_72.exe"
sh=8CC6E4C894DC9A49CC8746F394DC12213D5359FF ft=1 fh=6a5cad473f04ef9d vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Zeus\Downloads\Aircrack ng - CHIP-Installer.exe"
sh=972E584BE3465F9B6146421B8855E8916012AF63 ft=1 fh=c8be9c6ddfc6fe5d vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Zeus\Downloads\OpenOffice - CHIP-Installer (1).exe"
sh=CFB030AB4F39A3FB7F9493F21704275E9F7817F0 ft=1 fh=aa99f84eba07edf6 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Zeus\Downloads\OpenOffice - CHIP-Installer.exe"
sh=682AEEC9DAB347134AEC594F14B3007B12FB5353 ft=1 fh=68a8453f56925239 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Zeus\Downloads\Word Viewer - CHIP-Installer (1).exe"
sh=A928D3407BE15308DE7E89BA655CF56617975D63 ft=1 fh=8b5e61ddb61f5022 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Zeus\Downloads\Word Viewer - CHIP-Installer.exe"
sh=DEDD8F0F9D5A4010092A2F3638C2E8AFB12BDD41 ft=1 fh=a2211db89c5209d0 vn="Variante von Win32/Packed.Komodia.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Windows\System32\LavasoftTcpService.dll"
Code:
ATTFilter Results of screen317's Security Check version 1.001 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Avira Antivirus Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` Ad-Aware TuneUp Utilities 2014 TuneUp Utilities 2014 (de-DE) TuneUp Utilities 2014 Adobe Flash Player 17.0.0.169 Mozilla Firefox (for.) Google Chrome (42.0.2311.152) Google Chrome (43.0.2357.65) ````````Process Check: objlist.exe by Laurent```````` Ad-Aware AAWService.exe is disabled! Ad-Aware AAWTray.exe is disabled! Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Avira Antivir avgnt.exe Avira Antivir avguard.exe Malwarebytes Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` |
|
25.05.2015, 10:43
| #13 |
| /// the machine /// TB-Ausbilder | langsamer computer Auf welches Symbol klickst Du genau?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
25.05.2015, 12:22
| #14 |
| | langsamer computer auf das chrome symbol meinte ich lasse gerade das EMERGENCY KIT scannen ist bei 80 prozen und hat schon 106 sachen gefunden unter anderem ein Trojan.Generic 12752903 ist das was schlimmes? weil es unter hoher gefahr abgebildet ist |
|
25.05.2015, 12:47
| #15 |
| /// the machine /// TB-Ausbilder | langsamer computer Poste das Log wenn fertig, und bitte das hier:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu langsamer computer |
| ?????, compu, computer, gestellt, guter, hallo zusammen, hintergrundbild, immer wieder, inter, interne, internet browser langsam, internetseite, internetseiten, langsam, langsamer, langsamer computer, moeglich, probleme, recht, sache, sachen, seite, seiten, total, unerfahren, verschwindet, zusammen |
WARNUNG an die MITLESER: 
Linear-Darstellung
