| |
| |||||||
Log-Analyse und Auswertung: Maus clickt nicht mehr richtig, Pc extrem langsamWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
31.05.2015, 13:33
| #1 |
 |  Maus clickt nicht mehr richtig, Pc extrem langsam Liebes Helfer-Team, Die Probleme haben schon vor einigen Monaten begonnen. Die Browser (firefox und explorer) haben sich häufig aufgehängt und der Rechner wurde immer langsamer. Nun funktioniert die Maus teilweise nicht mehr richtig. Wenn ich ein Fenster oder eine Auswahl öffnen möchte, geht das Fenster oder Menüauswahl kurz auf und gleich wieder zu. So schnell dass man nichts anklicken kann. Es lässt sich auch kein Text mehr mit der Maus markieren, denn ich kann die Bereiche nicht mehr auswählen. Die Markierungen springen hin und her. Wenn ich eine Überweisung ausführen möchte ist es umgekehrt. Die Banksoftware zeigt mir an, dass der "weiter" Button schon gedrückt wurde ohne dass ich ihn angeklickt habe. Ich nutze diesen Rechner übrigens auch für Verkäufe bei Ebay und Amazon. Hoffentlich hilft mir trotzdem jemand .... Wir haben schon folgende Programme über den Rechner laufen lassen, aber es wurde nichts gefunden: Microsoft Security Essentials CC-Cleaner Malware Bytes Spy-Bot Ad-Aware Anbei die Log-files. Der GMER ließ sich nur im abgesicherten Modus ausführen. Es haben nicht all files in die Nachricht gepasst, deshalb musste ich die "Addition" zippen. Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 12:27 on 31/05/2015 (user)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015
Ran by user (administrator) on USER-PC on 31-05-2015 12:31:03
Running from C:\Users\user\Desktop
Loaded Profiles: user (Available Profiles: user & BayOrganizer)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Microsoft Corporation) C:\UPS\WSTD\MSSQL.1\MSSQL\Binn\sqlservr.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
() C:\OEM\USBDECTION\USBS3S4Detection.exe
(UltraVNC) C:\Program Files\UltraVNC\winvnc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\vVX1000.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(United Parcel Service, Inc.) C:\UPS\WSTD\WSTDMessaging.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Deutsche Telekom AG) C:\Users\user\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exe
(Microsoft) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUI.exe
(Lexware GmbH & Co. KG) C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
() C:\UPS\WSTD\UPSNA1Msgr.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_17_0_0_188_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(UltraVNC) C:\Program Files\UltraVNC\winvnc.exe
(Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
() C:\Users\user\Desktop\Defogger.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-10-28] (Realtek Semiconductor)
HKLM\...\Run: [VX1000] => C:\Windows\vVX1000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [395344 2011-09-22] (Acronis)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-12] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [563744 2010-03-26] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-11-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [1904640 2009-03-20] (AVM Berlin)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe [339240 2008-11-03] (Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [SAOB Monitor] => C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe [2571032 2011-09-22] (Acronis)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5587832 2011-09-22] (Acronis)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4370976 2014-12-12] (Fitbit, Inc.)
HKLM-x32\...\Run: [NA1Messenger] => C:\UPS\WSTD\UPSNA1Msgr.exe [30880 2015-03-04] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-2853840737-433536269-4251561868-1000\...\Run: [Global Registration] => "C:\Program Files (x86)\Acer\Registration\GREG.exe" BOOT
HKU\S-1-5-21-2853840737-433536269-4251561868-1000\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-2853840737-433536269-4251561868-1000\...\Run: [Google Update] => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-06-26] (Google Inc.)
HKU\S-1-5-21-2853840737-433536269-4251561868-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-08-25] (Google Inc.)
HKU\S-1-5-21-2853840737-433536269-4251561868-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-2853840737-433536269-4251561868-1000\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4370976 2014-12-12] (Fitbit, Inc.)
HKU\S-1-5-21-2853840737-433536269-4251561868-1000\...\MountPoints2: {65a925e3-ab9c-11df-bd8a-90fba6852557} - K:\pushinst.exe
HKU\S-1-5-21-2853840737-433536269-4251561868-1000\...\MountPoints2: {8fe5dddc-7c90-11e0-8397-90fba6852557} - F:\preinst.exe
HKU\S-1-5-21-2853840737-433536269-4251561868-1000\...\MountPoints2: {ad485c12-85c9-11e0-8bda-90fba6852557} - F:\preinst.exe
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\BROCKH~1.SCR [2572288 2006-05-10] (Brockhaus Duden Neue Medien GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk [2010-08-19]
ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2011-05-12]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Quicken 2010 Zahlungserinnerung.lnk [2011-05-30]
ShortcutTarget: Quicken 2010 Zahlungserinnerung.lnk -> C:\Program Files (x86)\Lexware\Quicken\2010\billmind.exe (Lexware GmbH & Co. KG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UPS WorldShip Messaging Utility.lnk [2015-01-09]
ShortcutTarget: UPS WorldShip Messaging Utility.lnk -> C:\UPS\WSTD\WSTDMessaging.exe (United Parcel Service, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UPS WorldShip PLD Reminder Utility.lnk [2015-01-09]
ShortcutTarget: UPS WorldShip PLD Reminder Utility.lnk -> C:\UPS\WSTD\wstdPldReminder.exe (UPS)
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2013-01-13]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mediencenter.lnk [2015-05-04]
ShortcutTarget: Mediencenter.lnk -> C:\Users\user\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exe (Deutsche Telekom AG)
ShellIconOverlayIdentifiers: [01Mediencenter_InSync] -> {77BC4082-DB5F-439A-8DC8-F9E24A63B0DE} => C:\Users\user\AppData\Roaming\Telekom\MediencenterSync\DTAG.Mediencenter.IconOverlayHandler.dll [2014-06-12] (Deutsche Telekom AG)
ShellIconOverlayIdentifiers: [02Mediencenter_ToSync] -> {528EE335-5034-4EFC-834E-63E5F02D2BC2} => C:\Users\user\AppData\Roaming\Telekom\MediencenterSync\DTAG.Mediencenter.IconOverlayHandler.dll [2014-06-12] (Deutsche Telekom AG)
ShellIconOverlayIdentifiers: [03Mediencenter_Failed] -> {6066ADF0-9EB0-43E5-ADB6-990F5A3B979C} => C:\Users\user\AppData\Roaming\Telekom\MediencenterSync\DTAG.Mediencenter.IconOverlayHandler.dll [2014-06-12] (Deutsche Telekom AG)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2853840737-433536269-4251561868-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2853840737-433536269-4251561868-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.web.de/
HKU\S-1-5-21-2853840737-433536269-4251561868-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.web.de/br/ie9_startpage
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\S-1-5-21-2853840737-433536269-4251561868-1000 -> 02067322810A44908AF3FFDC0A3C8022 URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\S-1-5-21-2853840737-433536269-4251561868-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2853840737-433536269-4251561868-1000 -> {09038620-190C-402B-A92F-18864E6AB22F} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-2853840737-433536269-4251561868-1000 -> {40064957-18EB-412d-9146-3F57E8D92EEC} URL = hxxp://go.web.de/br/ie9_search_pic/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-2853840737-433536269-4251561868-1000 -> {5A817CF6-92D5-4DE5-AC38-82DF8A73EF28} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-2853840737-433536269-4251561868-1000 -> {66311EE7-F7CE-4C0E-BD3D-F7DE74D6FD82} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKU\S-1-5-21-2853840737-433536269-4251561868-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?FORM=UP94DF&PC=UP94&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2853840737-433536269-4251561868-1000 -> {6B1D1FB7-7233-4F7C-802C-21A1DDB12754} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2853840737-433536269-4251561868-1000 -> {8D27B32E-89EE-460e-82D2-5FC354078EAD} URL = hxxp://go.web.de/br/ie9_search_produkte/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-2853840737-433536269-4251561868-1000 -> {DCE59F23-A446-45a5-9459-E68FDC0DE38D} URL = hxxp://go.web.de/br/ie9_search_maps/?su={searchTerms}
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-03] (Google Inc.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2010-05-28] (Hewlett-Packard Co.)
BHO-x32: PDF Architect 3 Helper -> {06E08260-0695-4EC1-A74B-1310D8899D93} -> C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-04-24] (pdfforge GmbH)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-22] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03] (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-22] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2010-05-28] (Hewlett-Packard Co.)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-03] (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03] (Google Inc.)
Toolbar: HKLM-x32 - PDF Architect 3 Toolbar - {2DFF3579-5AA7-45B9-9328-1D38EA230861} - C:\Program Files (x86)\PDF Architect 3\creator-ie-plugin.dll [2015-04-24] (pdfforge GmbH)
Toolbar: HKU\S-1-5-21-2853840737-433536269-4251561868-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-03] (Google Inc.)
DPF: HKLM-x32 {888078C6-70B2-4F88-8EE7-1F50DDEA6120} https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Tcpip\..\Interfaces\{345B0630-8ADB-4C71-99CD-B291163FB4A8}: [NameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\x9gzkdsh.default-1431960027951
FF Homepage: hxxp://web.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 3 -> C:\Program Files (x86)\PDF Architect 3\np-previewer.dll [2015-04-24] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-2853840737-433536269-4251561868-1000: @citrixonline.com/appdetectorplugin -> C:\Users\user\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-04-30] (Citrix Online)
FF Plugin HKU\S-1-5-21-2853840737-433536269-4251561868-1000: @tools.google.com/Google Update;version=3 -> C:\Users\user\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-2853840737-433536269-4251561868-1000: @tools.google.com/Google Update;version=9 -> C:\Users\user\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2010-12-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2010-12-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2010-12-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2010-12-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2010-12-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2010-12-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2010-12-13] (Apple Inc.)
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-05-16]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-05-16]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2015-05-16]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-05-12]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_3_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension
FF Extension: PDF Architect 3 Creator - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension [2015-05-04]
FF HKU\S-1-5-21-2853840737-433536269-4251561868-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bookmark Manager) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-17]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Google Wallet) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-22]
StartMenuInternet: Google Chrome.YD4YYFDLFDT4KRZW7QFUZSTY34 - C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-25] ()
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-13] (Adobe Systems) [File not signed]
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [368640 2009-03-20] (AVM Berlin) [File not signed]
S3 de_serv; C:\Program Files (x86)\Common Files\AVM\de_serv.exe [196666 2004-04-28] (AVM Berlin) [File not signed]
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [5738528 2014-12-12] (Fitbit, Inc.)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R2 MSSQL$UPSWSDBSERVER; C:\UPS\WSTD\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S3 PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2244312 2015-04-24] (pdfforge GmbH)
S3 PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [901336 2015-04-24] (pdfforge GmbH)
R2 PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [740568 2015-04-24] (pdfforge GmbH)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-09-30] (Intel Corporation) [File not signed]
R2 USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [76320 2009-12-09] ()
R2 uvnc_service; C:\Program Files\UltraVNC\WinVNC.exe [2169592 2011-05-18] (UltraVNC)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 aadev; C:\Windows\SysWOW64\DRIVERS\aadev.sys [27648 2004-04-28] (AVM Berlin) [File not signed]
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2009-03-20] (AVM Berlin)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2009-03-20] (AVM GmbH)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R3 mv2; C:\Windows\System32\DRIVERS\mv2.sys [12904 2011-10-19] (UVNC BVBA)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-31 12:31 - 2015-05-31 12:31 - 00028068 _____ () C:\Users\user\Desktop\FRST.txt
2015-05-31 12:30 - 2015-05-31 12:31 - 00000000 ____D () C:\FRST
2015-05-31 12:29 - 2015-05-31 12:29 - 02108928 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
2015-05-31 12:27 - 2015-05-31 12:27 - 00000470 _____ () C:\Users\user\Desktop\defogger_disable.log
2015-05-31 12:27 - 2015-05-31 12:27 - 00000000 _____ () C:\Users\user\defogger_reenable
2015-05-31 12:26 - 2015-05-31 12:26 - 00050477 _____ () C:\Users\user\Desktop\Defogger.exe
2015-05-31 11:21 - 2015-05-31 11:21 - 00000192 _____ () C:\Users\user\Desktop\SKU-France.txt
2015-05-30 12:56 - 2015-05-30 12:56 - 00123206 _____ () C:\Users\user\Desktop\138359600424.txt
2015-05-30 12:30 - 2015-05-30 12:31 - 00000000 ____D () C:\Users\user\Desktop\Ausland Amazon Berichte
2015-05-29 20:33 - 2015-05-31 08:11 - 00000168 _____ () C:\Windows\setupact.log
2015-05-29 20:33 - 2015-05-29 20:33 - 00002594 _____ () C:\Windows\PFRO.log
2015-05-29 20:33 - 2015-05-29 20:33 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-29 18:07 - 2015-05-29 18:12 - 00000000 ____D () C:\Users\user\Desktop\Vendor-Preise-2015
2015-05-27 10:25 - 2015-05-27 10:25 - 09307260 _____ (Mathias Gerlach [aborange.de] ) C:\Users\user\Downloads\bayorgafull.exe
2015-05-22 15:51 - 2015-05-22 16:12 - 00001081 _____ () C:\Users\user\Desktop\Celia-ebay-2.txt
2015-05-19 08:13 - 2015-05-19 08:14 - 00000000 _____ () C:\Users\user\Downloads\EasyLog_12388(3).csv
2015-05-19 08:13 - 2015-05-19 08:13 - 00000000 _____ () C:\Users\user\Downloads\EasyLog_12388(2).csv
2015-05-16 21:05 - 2015-05-16 21:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-13 22:02 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 22:02 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 08:12 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 08:12 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 08:12 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 08:12 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 08:12 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 08:12 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 08:12 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 08:12 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 08:12 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 08:12 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 08:12 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 08:12 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 08:12 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 08:12 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 08:12 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 08:12 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 08:12 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 08:12 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 08:12 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 08:12 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 08:12 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 08:12 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 08:12 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 08:12 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 08:12 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-13 08:12 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-13 08:12 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 08:12 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 08:12 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-13 08:12 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 08:12 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 08:12 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 08:12 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-13 08:12 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-13 08:12 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 08:12 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 08:12 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-13 08:12 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 08:12 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 08:12 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 08:12 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 08:12 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 08:12 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 08:12 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 08:12 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-13 08:12 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 08:12 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 08:12 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 08:12 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 08:12 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 08:12 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-13 08:12 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 08:12 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 08:12 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 08:12 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 08:12 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 08:12 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 08:12 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 08:12 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 08:11 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 08:11 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 08:11 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 08:11 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 08:11 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 08:09 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 08:09 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 08:09 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 08:09 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 08:09 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 08:09 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 08:09 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-13 08:09 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 08:09 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 08:09 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 08:09 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 08:09 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-13 08:09 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 08:09 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-13 08:09 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-13 08:09 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 08:09 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 08:09 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-13 08:09 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 08:09 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 08:09 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-13 08:09 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-13 08:09 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-13 08:09 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-13 08:09 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-13 08:09 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-13 08:09 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-13 08:09 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-13 08:09 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-13 08:09 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-13 08:09 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 08:09 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 08:08 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-13 08:08 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 08:08 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 08:08 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 08:08 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 08:08 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 08:08 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 08:08 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 08:08 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 08:08 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 08:08 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-13 08:08 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-13 08:08 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 08:08 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 08:08 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 08:08 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 08:08 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 08:08 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 08:08 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 08:08 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-13 08:08 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-13 08:08 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-13 08:08 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-13 08:08 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-13 08:08 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-13 08:08 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-13 08:08 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-13 08:08 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-13 08:08 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-13 08:08 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-13 08:08 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-13 08:08 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-13 08:08 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-13 08:08 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-13 08:08 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-13 08:08 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-13 08:08 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-13 08:08 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-13 08:08 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 08:08 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 08:08 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 08:08 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 08:08 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 08:08 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 08:08 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 08:08 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 08:08 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 08:08 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 08:08 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 08:08 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 08:08 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-13 08:08 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 08:08 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 08:08 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 08:08 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 08:08 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 08:08 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-04 15:58 - 2015-05-04 15:58 - 00000000 ____D () C:\Users\user\AppData\Roaming\PDF Producer
2015-05-04 15:41 - 2015-05-04 15:41 - 00000000 ____D () C:\Users\user\AppData\Local\PDFCreator
2015-05-04 15:40 - 2015-05-04 15:42 - 00000000 ____D () C:\Users\user\AppData\Roaming\PDF Architect 3
2015-05-04 15:38 - 2015-05-04 15:39 - 00000000 ____D () C:\Program Files (x86)\PDF Architect 3
2015-05-04 15:38 - 2015-05-04 15:38 - 00000000 ____D () C:\Users\user\Documents\PDF Architect
2015-05-04 15:38 - 2015-05-04 15:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 3
2015-05-04 15:36 - 2015-05-29 19:17 - 00000000 ____D () C:\Program Files\PDFCreator
2015-05-04 15:36 - 2015-05-04 15:36 - 00115592 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2015-05-04 15:36 - 2015-05-04 15:36 - 00000000 ____D () C:\Users\user\AppData\Roaming\pdfforge
2015-05-04 15:36 - 2015-05-04 15:36 - 00000000 ____D () C:\ProgramData\PDF Architect 3
2015-05-04 15:36 - 2015-05-04 15:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2015-05-04 12:42 - 2015-05-31 10:52 - 00000000 ___RD () C:\Users\user\Mediencenter
2015-05-04 12:41 - 2015-05-04 12:41 - 00001141 _____ () C:\Users\user\Desktop\Mediencenter.lnk
2015-05-04 12:41 - 2015-05-04 12:41 - 00001127 _____ () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mediencenter.lnk
2015-05-04 12:41 - 2015-05-04 12:41 - 00000000 ____D () C:\Users\user\AppData\Roaming\Telekom
2015-05-04 12:41 - 2015-05-04 12:41 - 00000000 ____D () C:\Users\user\AppData\Local\Telekom
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-31 12:25 - 2012-08-25 10:29 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-31 12:05 - 2015-04-30 15:54 - 00000556 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2853840737-433536269-4251561868-1000.job
2015-05-31 11:58 - 2012-10-23 07:48 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-31 11:49 - 2012-06-26 09:57 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2853840737-433536269-4251561868-1000UA.job
2015-05-31 11:34 - 2010-08-19 15:05 - 01315411 _____ () C:\Windows\WindowsUpdate.log
2015-05-31 11:13 - 2014-04-01 18:23 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{9F467484-1852-460B-A75D-75AECE93A3B6}
2015-05-31 08:25 - 2012-08-25 10:29 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-31 08:20 - 2009-07-14 06:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-31 08:20 - 2009-07-14 06:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-31 08:11 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-30 22:22 - 2012-05-19 11:22 - 00000000 ____D () C:\HVB eFIN 4
2015-05-30 14:49 - 2012-06-26 09:57 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2853840737-433536269-4251561868-1000Core.job
2015-05-30 14:01 - 2012-09-27 14:58 - 00000000 ____D () C:\Users\user\Desktop\Easylog-Abschluss
2015-05-30 11:00 - 2010-08-19 17:45 - 00002604 _____ () C:\Windows\ODBC.INI
2015-05-29 20:33 - 2012-12-09 22:49 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-05-29 20:32 - 2012-09-20 13:33 - 00007269 _____ () C:\Windows\wininit.ini
2015-05-29 19:49 - 2012-07-23 17:18 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-05-29 18:09 - 2011-05-12 21:39 - 00000000 ____D () C:\Users\user\Documents\V60
2015-05-29 17:27 - 2010-10-04 10:57 - 00000000 ____D () C:\Users\user\AppData\Roaming\BayOrganizer
2015-05-28 11:57 - 2015-04-30 11:56 - 00000182 _____ () C:\Users\user\Desktop\UPS_CSV_EXPORT.csv
2015-05-28 11:52 - 2010-08-20 00:52 - 00751608 _____ () C:\Windows\system32\perfh007.dat
2015-05-28 11:52 - 2010-08-20 00:52 - 00170560 _____ () C:\Windows\system32\perfc007.dat
2015-05-28 11:52 - 2009-07-14 07:13 - 01768672 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-27 10:29 - 2010-10-04 10:57 - 00001117 _____ () C:\Users\Public\Desktop\BayOrganizer.lnk
2015-05-27 10:29 - 2010-10-04 10:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BayOrganizer
2015-05-27 10:29 - 2010-10-04 10:57 - 00000000 ____D () C:\Program Files (x86)\BayOrganizer
2015-05-26 10:49 - 2014-08-28 17:46 - 00000000 ____D () C:\Users\user\Desktop\Ebay
2015-05-25 18:50 - 2013-08-09 22:00 - 00002354 _____ () C:\Users\user\Desktop\Google Chrome.lnk
2015-05-24 09:16 - 2012-11-10 22:37 - 00000000 ____D () C:\Users\user\Desktop\Schmutzig-Defekt
2015-05-23 22:32 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-05-23 12:18 - 2014-11-13 12:20 - 00000000 ____D () C:\Users\user\Desktop\China2015
2015-05-23 11:06 - 2012-04-16 10:44 - 00000000 ____D () C:\Users\user\Desktop\plenty
2015-05-20 22:44 - 2015-04-04 22:49 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-20 22:44 - 2015-04-04 22:49 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-20 15:03 - 2015-04-23 11:00 - 00024064 _____ () C:\Users\user\Desktop\JO-SA.xls
2015-05-19 08:01 - 2014-06-29 14:42 - 00000000 ____D () C:\Users\user\AppData\Local\Adobe
2015-05-19 08:01 - 2012-10-23 07:48 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-19 08:01 - 2012-04-10 07:41 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-19 08:01 - 2011-05-18 07:54 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-18 17:02 - 2011-11-02 16:15 - 00000000 ____D () C:\Users\user\Desktop\Tim-Yanik
2015-05-18 14:44 - 2012-06-26 09:57 - 00004084 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2853840737-433536269-4251561868-1000UA
2015-05-18 14:44 - 2012-06-26 09:57 - 00003688 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2853840737-433536269-4251561868-1000Core
2015-05-18 07:57 - 2012-05-06 12:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-17 09:17 - 2015-04-23 21:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2015-05-16 08:20 - 2012-08-25 10:29 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-16 08:20 - 2012-08-25 10:29 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-15 12:25 - 2013-05-14 20:35 - 00000000 ____D () C:\Users\user\Desktop\Unger
2015-05-14 17:24 - 2014-10-13 07:53 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-14 08:02 - 2009-07-14 06:45 - 00450800 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-14 07:58 - 2009-07-14 09:45 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-14 07:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-14 07:57 - 2012-05-11 09:19 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-14 07:57 - 2012-05-11 09:19 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-13 22:15 - 2013-06-18 19:04 - 00002121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-05-13 22:15 - 2013-06-18 19:04 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-05-13 22:15 - 2013-06-18 19:04 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-05-13 22:15 - 2011-01-29 18:07 - 00001912 _____ () C:\Windows\epplauncher.mif
2015-05-13 22:14 - 2013-08-15 22:11 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-13 22:05 - 2010-08-19 17:24 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 22:02 - 2012-05-11 09:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-13 09:54 - 2011-05-12 21:47 - 00000000 ____D () C:\Users\user\Documents\11-Birgit
2015-05-13 09:52 - 2015-03-08 11:48 - 00000000 ____D () C:\Users\user\Desktop\Vendor-Absage
2015-05-12 17:32 - 2014-12-01 13:00 - 00000000 ____D () C:\Users\user\Desktop\Ski-2015
2015-05-12 17:29 - 2014-01-30 17:08 - 00000000 ____D () C:\Users\user\Documents\B25
2015-05-12 14:00 - 2014-05-17 17:41 - 00000000 ____D () C:\Users\user\Desktop\Instructions China
2015-05-11 14:06 - 2015-04-14 16:08 - 00000000 ____D () C:\Users\user\Desktop\B25-DG
2015-05-09 09:36 - 2015-04-30 15:54 - 00003578 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-2853840737-433536269-4251561868-1000
2015-05-07 20:37 - 2011-05-12 21:47 - 00000000 ____D () C:\Users\user\Documents\05Birgit
2015-05-07 11:01 - 2011-05-12 21:43 - 00000000 ____D () C:\Users\user\Documents\ebaykidzshop24
2015-05-06 13:03 - 2015-01-09 20:15 - 00000000 ____D () C:\Users\user\Desktop\FBA-Rechnungen
2015-05-04 16:18 - 2012-09-20 11:49 - 00000000 ____D () C:\Users\user\Desktop\Vernüpfungen-Programme
2015-05-04 13:31 - 2015-04-14 14:12 - 00000000 ____D () C:\Users\user\Desktop\Lagerbestand FBA
==================== Files in the root of some directories =======
2010-08-19 16:15 - 2010-08-19 16:16 - 0010458 _____ () C:\Users\user\AppData\Local\MyWinLockerInstaller.txt-20100819.log
2015-03-21 14:20 - 2015-03-21 14:20 - 0000000 _____ () C:\Users\user\AppData\Local\{E0F3BA48-13C5-4E84-B44D-B312FCC64067}
2010-08-19 15:19 - 2010-08-19 15:22 - 0009362 _____ () C:\ProgramData\ArcadeDeluxe3.log
2010-03-23 17:03 - 2010-01-27 16:40 - 0131472 _____ () C:\ProgramData\FullRemove.exe
2010-12-16 21:41 - 2011-11-28 20:24 - 0023990 _____ () C:\ProgramData\hpzinstall.log
2013-01-02 17:00 - 2013-12-02 12:08 - 0001280 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2010-08-19 16:02 - 2010-08-19 16:02 - 0000091 _____ () C:\ProgramData\PS.log
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-27 13:19
==================== End of log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-05-31 12:58:13
Windows 6.1.7601 Service Pack 1 x64
Running: Gmer-19357.exe
---- Registry - GMER 2.1 ----
Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@C:\OEM\Preload\Autorun\SET\Screen saver\setup.exe 1
---- EOF - GMER 2.1 ----
|
|
31.05.2015, 13:38
| #2 |
| /// the machine /// TB-Ausbilder    | Maus clickt nicht mehr richtig, Pc extrem langsam Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
31.05.2015, 13:58
| #3 |
| | Fehlender Log file Hi,
__________________hier ist noch der "Addition" File. Sorry Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015
Ran by user at 2015-05-31 12:32:02
Running from C:\Users\user\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2853840737-433536269-4251561868-500 - Administrator - Disabled)
BayOrganizer (S-1-5-21-2853840737-433536269-4251561868-1002 - Administrator - Enabled) => C:\Users\BayOrganizer
Gast (S-1-5-21-2853840737-433536269-4251561868-501 - Limited - Disabled)
user (S-1-5-21-2853840737-433536269-4251561868-1000 - Administrator - Enabled) => C:\Users\user
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4500_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.21 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0921-000001000000}) (Version: 9.21.00.0 - Igor Pavlov)
AAVUpdateManager (HKLM-x32\...\{DF6FE172-006A-4324-AF7F-ACFE4BA290FE}) (Version: 12.00.0000 - Akademische Arbeitsgemeinschaft)
Acer Backup Manager (HKLM-x32\...\InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}) (Version: 2.0.2.19 - NewTech Infosystems)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.02.0722 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3017 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Acronis*True*Image*Home 2011 (HKLM-x32\...\{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}) (Version: 14.0.6942 - Acronis)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2540 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Illustrator CS2 (HKLM-x32\...\Adobe Illustrator CS2) (Version: 12.000.000 - Adobe Systems Inc.)
Adobe Photoshop 6.0 (HKLM-x32\...\Adobe Photoshop 6.0) (Version: 6.0 - Adobe Systems, Inc.)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version: 3.0 - Adobe Systems, Inc.)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
AlignmentUtility (x32 Version: 18.00.0000 - UPS) Hidden
Apple Application Support (HKLM-x32\...\{EE6097DD-05F4-4178-9719-D3170BF098E8}) (Version: 1.4.1 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
ATI AVIVO64 Codecs (Version: 10.12.0.41124 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{515C930B-1FE1-70AF-7249-6521733F9671}) (Version: 3.0.754.0 - ATI Technologies, Inc.)
AVM FRITZ!DSL (HKLM-x32\...\FRITZ!DSL) (Version: - )
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: - AVM Berlin)
Backup Manager Advance (x32 Version: 2.0.2.19 - NewTech Infosystems) Hidden
BayOrganizer - Deinstallation (HKLM-x32\...\BayOrganizer_is1) (Version: 10.60 - Mathias Gerlach [aborange.de])
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden
BPDSoftware (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
BufferChm (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
CCC (x32 Version: 18.00.0000 - United Parcel Service, Inc.) Hidden
ccc-core-static (x32 Version: 2009.1124.2131.38610 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Chinese Simplified Fonts Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-2447-0000-A00000000003}) (Version: 10.0.0 - Adobe Systems Incorporated)
Citrix Online Launcher (HKLM-x32\...\{6740FE60-43C1-4D15-8C4A-001624134B14}) (Version: 1.0.312 - Citrix)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Connect Label Design software (HKLM-x32\...\Connect Label Design software) (Version: - )
DDBAC (HKLM-x32\...\{450008C6-3722-4214-AB4F-9E45B57CB422}) (Version: 4.3.71 - DataDesign)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
DocMgr (x32 Version: 140.0.65.000 - Ihr Firmenname) Hidden
DocProc (x32 Version: 140.0.100.000 - Hewlett-Packard) Hidden
EASYLOG V6.6 (HKLM-x32\...\EASYLOG V6.6) (Version: 6.6 - Deutsche Post AG)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 14.0.0.10960 - Landesfinanzdirektion Thüringen)
Fax (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
FileZilla Client 3.5.3 (HKLM-x32\...\FileZilla Client) (Version: 3.5.3 - FileZilla Project)
Fitbit Connect (HKLM-x32\...\{08002BE6-6476-4012-8D4B-CF0AE7C71F29}) (Version: 2.0.0.6518 - Fitbit Inc.)
FormsComponent (x32 Version: 18.00.0000 - UPS) Hidden
FOSS (x32 Version: 18.00.0000 - UPS) Hidden
Google Chrome (HKU\S-1-5-21-2853840737-433536269-4251561868-1000\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
GoToMeeting 7.1.8.2553 (HKU\S-1-5-21-2853840737-433536269-4251561868-1000\...\GoToMeeting) (Version: 7.1.8.2553 - CitrixOnline)
GPBaseService2 (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3003 - Acer Incorporated)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet J4500 Series (HKLM\...\{E11448F2-0B44-4239-B04E-D88FE743E929}) (Version: 13.0 - HP)
HP OfficeJet J4600 All-In-One Series (HKLM\...\{4945F319-A24D-454C-A411-F3689987315D}) (Version: 14.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HVB eFIN 4 (HKLM-x32\...\HVB eFIN 4) (Version: - )
ICCHelp (HKLM-x32\...\{A5763105-D1D5-4862-A3FE-EC058F9AA73E}) (Version: 18.00.0000 - UPS)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3002 - Acer Incorporated)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
J4500 (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Lexware Elster (HKLM-x32\...\{DEBC6EBF-FF7A-4E30-9C49-DCFB53B446F0}) (Version: 8.10.00.0017 - Lexware GmbH & Co. KG)
Lexware Info Service (HKLM-x32\...\{59624372-3B85-47f4-9B04-4911E551DF1E}) (Version: 2.61.00.0033 - Lexware GmbH & Co. KG)
Lexware online banking (HKLM-x32\...\{6C35CAC7-27C9-4CB0-BBB8-CBF9994215DA}) (Version: 8.00.00.0067 - Lexware GmbH & Co. KG)
LogSelect HBH Service GmbH Version 2 (HKLM-x32\...\{88B8FE5D-2F5C-4562-BFAD-C957D453BC9B}_is1) (Version: 2 - HBH Service GmbH)
MarketResearch (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
Mediencenter 3.9.1055.64 (HKU\S-1-5-21-2853840737-433536269-4251561868-1000\...\Mediencenter) (Version: 3.9.1055.64 - Deutsche Telekom AG)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Small Business Edition 2003 (HKLM-x32\...\{91CA0407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla)
MSIChecker (x32 Version: 18.00.0000 - UPS) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NA1Messenger (x32 Version: 18.00.0000 - Your Company Name) Hidden
Nero 9 Essentials (HKLM-x32\...\{f174fe50-f02d-4952-a49d-bae9bf7d488a}) (Version: - Nero AG)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
NRF (x32 Version: 18.00.0000 - UPS) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
PDF Architect 3 (HKLM-x32\...\PDF Architect 3) (Version: 3.0.45.22485 - pdfforge GmbH)
PDF Architect 3 Create Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 Edit Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 View Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF24 Creator 6.3.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.1 - pdfforge)
plentyConnect (HKLM-x32\...\de.plentyConnect) (Version: 3.52 - plentySystems GmbH)
plentyConnect (x32 Version: 3.52 - plentySystems GmbH) Hidden
plentyMarketsShipping 2 (HKLM-x32\...\eu.plentyMarketsShipping) (Version: 2.52 - plentySystems GmbH)
plentyMarketsShipping 2 (x32 Version: 2.52 - plentySystems GmbH) Hidden
plentyStat (HKLM-x32\...\de.plentyStat) (Version: 2.02 - plentySystems GmbH)
plentyStat (x32 Version: 2.02 - plentySystems GmbH) Hidden
PolicyManager (x32 Version: 18.00.0000 - UPS) Hidden
ProductContext (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
Quicken 2010 - Servicepack 5 (HKLM-x32\...\{4C9E7EA5-9A3F-4C54-9038-EBB4CF25C29D}) (Version: 17.05.0000 - Lexware GmbH & Co KG)
Quicken 2010 (x32 Version: 17.00.00.0081 - Lexware GmbH & Co. KG) Hidden
Quicken HOME & BUSINESS 2010 (HKLM-x32\...\InstallShield_{4F8AFA74-1562-4980-8B87-8C07E8DE8FAF}) (Version: 17.00.00.0081 - Lexware GmbH & Co. KG)
Quicken Import Export Server 2010 (HKLM-x32\...\{7DA9F24A-CEC3-426E-BFFA-ADB94D922463}) (Version: 17.00.00.0048 - Lexware GmbH & Co. KG)
QuickTime (HKLM-x32\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5969 - Realtek Semiconductor Corp.)
Reconciler (x32 Version: 18.00.0000 - UPS) Hidden
ReportServer (x32 Version: 18.00.0000 - Your Company Name) Hidden
Scan (x32 Version: 140.0.167.000 - Hewlett-Packard) Hidden
Servicepack Datumsaktualisierung (x32 Version: 1.00.00.0005 - Haufe-Lexware) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SmartWebPrinting (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden
SupportUtility (x32 Version: 18.00.0000 - UPS) Hidden
sv.net (HKLM-x32\...\sv.net) (Version: 15.0 - ITSG GmbH)
System (x32 Version: 18.00.0000 - UPS) Hidden
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Turbo Lister 2 (HKLM-x32\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
UltraVnc (HKLM\...\Ultravnc2_is1) (Version: 1.0.9.6.1 - uvnc bvba)
UnifiedPrinting (x32 Version: 18.00.0000 - UPS) Hidden
UPS WorldShip (HKLM-x32\...\UPS WorldShip) (Version: 18.0 - UPS)
UPSDB (x32 Version: 18.00.0000 - UPS) Hidden
UPSICC (x32 Version: 18.00.0000 - UPS) Hidden
UPSlinkHTTP (x32 Version: 18.00.0000 - UPS) Hidden
UPSVC2008MM (x32 Version: 1.00.0000 - UPS) Hidden
UPSVCMM (x32 Version: 12.00.0000 - UPS) Hidden
WEB.DE Desktop Icons (HKLM-x32\...\1&1 Mail & Media GmbH 1und1DesktopIconsInstaller) (Version: 3.0.3.0 - 1&1 Mail & Media GmbH)
WEB.DE Softwareaktualisierung (HKLM-x32\...\1&1 Mail & Media GmbH 1und1Softwareaktualisierung) (Version: 3.0.0.55 - 1&1 Mail & Media GmbH)
WebEx (HKU\S-1-5-21-2853840737-433536269-4251561868-1000\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
WebHelp (HKLM-x32\...\{8C5BD501-AD5D-4A75-9321-076509B438FC}) (Version: 18.00.0000 - UPS)
WebReg (x32 Version: 140.0.213.017 - Hewlett-Packard) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3008 - Acer Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WorldShip (x32 Version: 18.00.0000 - UPS) Hidden
WSShared (x32 Version: 18.00.0000 - UPS) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2853840737-433536269-4251561868-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
CustomCLSID: HKU\S-1-5-21-2853840737-433536269-4251561868-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2853840737-433536269-4251561868-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2853840737-433536269-4251561868-1000_Classes\CLSID\{268502F4-815D-4358-A8D6-B783FDB58EF0}\InprocServer32 -> C:\Users\user\AppData\Roaming\Telekom\MediencenterSync\DTAG.Mediencenter.ContextMenuHandler.dll (Deutsche Telekom AG)
CustomCLSID: HKU\S-1-5-21-2853840737-433536269-4251561868-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2853840737-433536269-4251561868-1000_Classes\CLSID\{3A999A50-AB25-4A20-90A9-08F71FCE320F}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\x64\3\hpcdmc64.dll (HP)
CustomCLSID: HKU\S-1-5-21-2853840737-433536269-4251561868-1000_Classes\CLSID\{528EE335-5034-4EFC-834E-63E5F02D2BC2}\InprocServer32 -> C:\Users\user\AppData\Roaming\Telekom\MediencenterSync\DTAG.Mediencenter.IconOverlayHandler.dll (Deutsche Telekom AG)
CustomCLSID: HKU\S-1-5-21-2853840737-433536269-4251561868-1000_Classes\CLSID\{6066ADF0-9EB0-43E5-ADB6-990F5A3B979C}\InprocServer32 -> C:\Users\user\AppData\Roaming\Telekom\MediencenterSync\DTAG.Mediencenter.IconOverlayHandler.dll (Deutsche Telekom AG)
CustomCLSID: HKU\S-1-5-21-2853840737-433536269-4251561868-1000_Classes\CLSID\{77BC4082-DB5F-439A-8DC8-F9E24A63B0DE}\InprocServer32 -> C:\Users\user\AppData\Roaming\Telekom\MediencenterSync\DTAG.Mediencenter.IconOverlayHandler.dll (Deutsche Telekom AG)
CustomCLSID: HKU\S-1-5-21-2853840737-433536269-4251561868-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\user\AppData\Local\Citrix\GoToMeeting\2331\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-2853840737-433536269-4251561868-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2853840737-433536269-4251561868-1000_Classes\CLSID\{98087D89-B93F-4BCF-A998-AE4D9F607C14}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\x64\3\hpcdmc64.dll (HP)
CustomCLSID: HKU\S-1-5-21-2853840737-433536269-4251561868-1000_Classes\CLSID\{B286F068-5B17-4AE8-989B-8F9A199C47BA}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\x64\3\hpcdmc64.dll (HP)
CustomCLSID: HKU\S-1-5-21-2853840737-433536269-4251561868-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2853840737-433536269-4251561868-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2853840737-433536269-4251561868-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2853840737-433536269-4251561868-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
==================== Restore Points =========================
13-05-2015 21:59:47 Windows Update
17-05-2015 10:44:01 Windows Update
20-05-2015 16:37:26 Windows Update
20-05-2015 22:43:54 Windows Update
25-05-2015 09:41:15 Windows Update
28-05-2015 14:56:50 Windows Update
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0CBD6B5D-EA32-4CC3-835F-65671CFCD9F4} - System32\Tasks\{2DA1F3AB-4D61-4230-8FAD-22BCD0811E76} => pcalua.exe -a "C:\Users\user\Downloads\Setup (7).exe" -d C:\Users\user\Desktop
Task: {1326772C-BAB7-4B89-9DA3-6E301BA107F5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {1D93812D-E4A5-4A45-A88B-A1E1796FB49D} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2012-03-09] (Microsoft Corporation)
Task: {1F374A73-7163-409F-A781-2106C9A65EC3} - System32\Tasks\{5653E523-55B9-4551-82DB-E1894B0CEEBB} => pcalua.exe -a C:\Users\user\Desktop\fritzdsl2.04.03_german.exe -d C:\Users\user\Desktop
Task: {289C1A53-4C59-4AE7-8980-E8E113398A6C} - System32\Tasks\{0277641C-7A99-4742-9571-11EE32BB3512} => pcalua.exe -a "C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5UF4PLF5\Setup.exe" -d C:\Users\user\Desktop
Task: {3067937B-7E7A-4471-8DEA-997E662DF396} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-19] (Adobe Systems Incorporated)
Task: {41E966C3-05E4-4705-8C92-2F3546FF4000} - System32\Tasks\{B1E68D5F-A236-4515-A95F-BDCC256A4F75} => pcalua.exe -a C:\Users\user\Desktop\Setup-SV-Net.exe -d C:\Users\user\Desktop
Task: {5F054400-462D-43F5-8F9A-50B173FB8071} - System32\Tasks\{BB1785B3-DAD3-4C43-A1CD-F2F494044531} => pcalua.exe -a E:\setup.exe -d E:\ -c -fbox98
Task: {6115E597-A060-4288-ACAB-E19C4A319237} - System32\Tasks\{C962AD25-0860-406D-8FDC-F42F4A60F486} => pcalua.exe -a C:\Users\user\Desktop\Armin\PSE_5.0_WIN_ESD1_DE.exe -d C:\Users\user\Desktop
Task: {6EDBD316-83C0-4C5F-B7E1-1BAB0693664D} - System32\Tasks\Registration 1und1 Task => C:\Program Files (x86)\1und1Softwareaktualisierung\cdsupdclient.exe [2013-06-18] (1&1 Mail & Media GmbH)
Task: {6FDF14B4-8D80-449D-B26D-43D338B7288C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2853840737-433536269-4251561868-1000Core => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-26] (Google Inc.)
Task: {765B4BB4-D2ED-48EC-81D2-F1E2AFC38C34} - System32\Tasks\{85BEB17F-D2F8-44B4-870B-4F212174E587} => pcalua.exe -a E:\setup.exe -d E:\
Task: {880D3C86-2E19-4C58-8DD0-E8DDDBBAE95E} - System32\Tasks\G2MUpdateTask-S-1-5-21-2853840737-433536269-4251561868-1000 => C:\Users\user\AppData\Local\Citrix\GoToMeeting\2553\g2mupdate.exe [2015-05-09] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {88DD0A59-5ECC-45E6-A301-C18E889D3BD3} - System32\Tasks\{5925DBA4-F274-4423-A760-953B4ECF7F72} => pcalua.exe -a C:\Users\user\Desktop\Setup.exe -d C:\Users\user\Desktop
Task: {8B9490A1-4326-4170-A38E-A058CDF95781} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2853840737-433536269-4251561868-1000UA => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-26] (Google Inc.)
Task: {8FAF0C2F-2778-4A42-AAE5-EAECCD819985} - System32\Tasks\{34CC3EAC-BA33-4B8B-ABBB-D2AE0D68844E} => pcalua.exe -a C:\Users\user\Desktop\ddbac.exe -d C:\Users\user\Desktop
Task: {A144AC19-9CDF-4AB7-8C15-F97800C86FBC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {A7D7756E-B2F8-4D98-87B3-82BABE26B433} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {AE2855D9-FC53-4B97-95C4-65617D65A6A6} - System32\Tasks\{C920FA47-2AA3-4B13-A14D-19E61C15F221} => pcalua.exe -a C:\Users\user\Downloads\Setup.exe -d C:\Users\user\Desktop
Task: {C0F739BD-B03B-426A-93AE-72B1D8621C93} - System32\Tasks\{BC32C8DC-14C1-4FF5-8793-DD41DEE862A4} => pcalua.exe -a "C:\Users\user\Downloads\Setup (6).exe" -d C:\Users\user\Desktop
Task: {CEAF6452-5A3D-467C-BE07-68506510F35C} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {D8439AE3-F080-4A38-A4D3-9F24B73E6FD3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {DB5C3DF7-3473-4F93-A19C-CA223841881C} - System32\Tasks\{F8F7F2F7-1493-4D3E-BC84-4DD91A5B710B} => pcalua.exe -a "C:\Users\user\Downloads\Setup (1).exe" -d C:\Users\user\Desktop
Task: {E29D3277-CA31-4814-B8C4-C9B93A81C4B3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2008-07-30] (Apple Inc.)
Task: {FBD30A3B-EFE5-4F3D-8D1D-0651C8AA7BBC} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {FD99A553-9C55-49A0-A964-085C15AE30ED} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2853840737-433536269-4251561868-1000.job => C:\Users\user\AppData\Local\Citrix\GoToMeeting\2553\g2mupdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2853840737-433536269-4251561868-1000Core.job => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2853840737-433536269-4251561868-1000UA.job => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2008-10-25 01:35 - 2008-10-25 01:35 - 00128296 _____ () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2009-12-14 04:19 - 2009-12-09 11:24 - 00076320 _____ () C:\OEM\USBDECTION\USBS3S4Detection.exe
2010-03-26 04:29 - 2010-03-26 04:29 - 00563744 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
2014-12-02 20:29 - 2015-03-04 22:19 - 00030880 _____ () C:\UPS\WSTD\UPSNA1Msgr.exe
2009-08-14 10:55 - 2009-08-14 10:55 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-08-19 15:09 - 2010-08-19 15:09 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2015-02-19 23:40 - 2015-02-19 23:40 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-05-31 12:26 - 2015-05-31 12:26 - 00050477 _____ () C:\Users\user\Desktop\Defogger.exe
2009-02-03 02:33 - 2009-02-03 02:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2008-09-29 02:55 - 2008-09-29 02:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2014-11-19 23:02 - 2014-11-19 23:02 - 40622592 ____R () C:\Program Files (x86)\Fitbit Connect\libcef.dll
2010-03-26 04:29 - 2010-03-26 04:29 - 00154144 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll
2011-09-22 23:20 - 2011-09-22 23:20 - 11233136 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\Common\ti_managers.dll
2014-12-02 18:45 - 2015-03-04 21:01 - 00045056 _____ () C:\UPS\WSTD\PolicyMgr\UPS.Components.NA1MessengerServer.dll
2015-03-04 20:39 - 2015-03-04 20:39 - 00018432 _____ () C:\UPS\WSTD\UPSResourceManager.dll
2015-03-04 20:55 - 2015-03-04 20:55 - 00053248 _____ () C:\UPS\WSTD\PolicyMgr\UPS.Components.PolicyHolder.dll
2015-03-04 20:55 - 2015-03-04 20:55 - 00024576 _____ () C:\UPS\WSTD\PolicyMgr\Microsoft.ApplicationBlocks.Data.dll
2012-01-08 15:41 - 2012-01-08 15:41 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2015-05-25 18:50 - 2015-05-22 22:22 - 01281864 _____ () C:\Users\user\AppData\Local\Google\Chrome\Application\43.0.2357.81\libglesv2.dll
2015-05-25 18:50 - 2015-05-22 22:22 - 00080712 _____ () C:\Users\user\AppData\Local\Google\Chrome\Application\43.0.2357.81\libegl.dll
2015-04-15 14:59 - 2015-04-15 14:59 - 16863920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\user\Documents\Smiffys Email Invoice_ SO-0000015209.eml:OECustomProperty
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2853840737-433536269-4251561868-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{D0577A44-4992-477B-A54E-96B4CE110923}] => (Allow) C:\Program Files\UltraVNC\vncviewer.exe
FirewallRules: [{E3FB99B6-FD9D-4BC9-B055-C00EB3892F2F}] => (Allow) C:\Program Files\UltraVNC\vncviewer.exe
FirewallRules: [{C7DBEB76-D896-485F-A3B7-E860D557A013}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{69F02DC8-AAFB-4183-BD45-23994807203A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{3F5AD536-07D9-45C1-8C5B-8D5AD777AF33}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{DC56F688-DD23-4C45-A367-A76D303225FE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{D43C01CC-FD79-4AEA-A037-7619BDCE78D6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{5190E005-247B-442F-9902-3F16FACCD971}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{4E869188-08F1-4583-A67B-7362B9AD2327}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{1A432516-3B2A-474E-9267-9404AB2574E8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{64069114-4AA7-4782-A2CC-4D677520BBA0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{A8D345BF-5BE7-4D67-8D6E-4697EF9A9331}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{0F6E618C-05E5-49B7-AE9C-6791B6CBF90C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{41182C44-5291-4FE0-8342-E8ACE7AAB4BA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{A117A5E2-3CEF-485A-BA0F-EF4091EDADE0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{D460BA6F-FB67-4475-AFDA-BB1F116BEB6B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{47D91F5E-E58F-499E-99A1-A233C59B03CF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{A0A2F93C-6430-40C6-B82C-4D9E06E33233}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{21BF8187-1796-452D-A12D-614E727BA781}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{5C1DEEA9-B558-4868-8058-EEEB10EAC98E}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{AA200AA4-105B-45AF-A1DD-338E814569C0}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{5951F920-8AB9-41A5-BBBB-538834D3EA86}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{4829B4D3-A594-4153-B7E8-DE9A150E5DB4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{3DDD2A0E-7EA3-4916-9679-B73758AE760D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [TCP Query User{38920882-88FD-4AD5-A87C-C7AF34379AEC}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => (Allow) C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [UDP Query User{974B69A5-FEAC-4A59-AD6B-4D7F537D7559}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => (Allow) C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [TCP Query User{CE68E9CB-B39A-4503-974B-E5917014AE16}C:\dhl\easylog v6.3\sqlany9\dbeng9.exe] => (Allow) C:\dhl\easylog v6.3\sqlany9\dbeng9.exe
FirewallRules: [UDP Query User{97F15594-0986-406C-AE23-08881C50CF97}C:\dhl\easylog v6.3\sqlany9\dbeng9.exe] => (Allow) C:\dhl\easylog v6.3\sqlany9\dbeng9.exe
FirewallRules: [TCP Query User{AF81CD14-D688-405D-A291-AE979DE3497C}C:\dhl\easylog v6.6\sqlany9\dbeng9.exe] => (Allow) C:\dhl\easylog v6.6\sqlany9\dbeng9.exe
FirewallRules: [UDP Query User{ADBC1047-E318-415F-910C-459706D982B7}C:\dhl\easylog v6.6\sqlany9\dbeng9.exe] => (Allow) C:\dhl\easylog v6.6\sqlany9\dbeng9.exe
FirewallRules: [TCP Query User{F507D590-3E1A-49C6-BDA5-ED807A4F06BA}C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{483F215A-5DA1-4E77-9C3F-E31220959BD3}C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{C0314084-6B46-41D9-8BD7-A09C278C90FC}C:\dhl\easylog v6.6\sqlany9\dbeng9.exe] => (Block) C:\dhl\easylog v6.6\sqlany9\dbeng9.exe
FirewallRules: [UDP Query User{CC6AC1B0-BB1B-46D9-B27F-0A8825DE992D}C:\dhl\easylog v6.6\sqlany9\dbeng9.exe] => (Block) C:\dhl\easylog v6.6\sqlany9\dbeng9.exe
FirewallRules: [{AD792CB3-C01C-4853-B38F-7E79D739FE5B}] => (Allow) C:\UPS\WSTD\MSSQL.1\MSSQL\Binn\sqlservr.exe
FirewallRules: [{43B4C6CD-70B1-4B1B-B804-565644E74C80}] => (Allow) C:\UPS\WSTD\MSSQL.1\MSSQL\Binn\sqlservr.exe
FirewallRules: [{53910D86-D31C-4C33-9B36-1B8D4A486458}] => (Allow) LPort=1434
FirewallRules: [{AC98B5CB-4173-47CF-A1F0-37FF91B6E92A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C2DBBE03-9D21-43A6-8724-18B911CF04BD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{6FCE4F8C-85C3-4D88-A00B-10E9DD9DAA2A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{498151A2-F3A2-4353-9B47-5C662DD05CEF}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
==================== Faulty Device Manager Devices =============
Name: Intel(R) 5 Series/3400 Series-Chipsatzfamilie - PCI-Express-Stammanschluss 2 - 3B44
Description: Intel(R) 5 Series/3400 Series-Chipsatzfamilie - PCI-Express-Stammanschluss 2 - 3B44
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: NETBT
Description: NETBT
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NetBT
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Officejet J4680 series
Description: Officejet J4680 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: ST1000LM 010-9YH146 USB Device
Description: Laufwerk
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardlaufwerke)
Service: disk
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Officejet J4680 series
Description: Officejet J4680 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: USB-Eingabegerät
Description: USB-Eingabegerät
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standardsystemgeräte)
Service: HidUsb
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Intel(R) Management Engine Interface
Description: Intel(R) Management Engine Interface
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: HECIx64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/30/2015 02:45:38 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (05/30/2015 02:45:28 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/30/2015 02:45:27 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/30/2015 02:45:27 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/30/2015 02:45:27 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/29/2015 08:34:10 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (05/29/2015 08:34:10 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.
Kontext: Windows Anwendung
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (05/29/2015 08:34:10 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (05/29/2015 08:34:10 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490)
Error: (05/29/2015 08:34:09 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
System errors:
=============
Error: (05/31/2015 00:10:57 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (05/31/2015 00:10:57 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (05/31/2015 11:40:21 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (05/31/2015 11:40:21 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (05/31/2015 11:40:19 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (05/31/2015 11:40:19 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (05/31/2015 10:52:23 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "TCP/IP-NetBIOS-Hilfsdienst" ist vom Dienst "NetBT" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (05/31/2015 10:52:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NetBT" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1058
Error: (05/31/2015 10:29:24 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "TCP/IP-NetBIOS-Hilfsdienst" ist vom Dienst "NetBT" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (05/31/2015 10:29:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NetBT" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1058
Microsoft Office:
=========================
Error: (05/30/2015 02:45:38 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (05/30/2015 02:45:28 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe
Error: (05/30/2015 02:45:27 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe
Error: (05/30/2015 02:45:27 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe
Error: (05/30/2015 02:45:27 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe
Error: (05/29/2015 08:34:10 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description:
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (05/29/2015 08:34:10 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontext: Windows Anwendung
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (05/29/2015 08:34:10 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (05/29/2015 08:34:10 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer
Error: (05/29/2015 08:34:09 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore
CodeIntegrity Errors:
===================================
Date: 2013-06-16 20:42:29.716
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-16 20:42:29.713
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-16 20:42:29.710
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-16 20:42:29.686
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-16 20:42:29.683
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-16 20:42:29.680
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-15 09:03:20.399
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-15 09:03:20.398
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-15 09:03:20.394
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-15 09:03:20.380
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3 CPU 530 @ 2.93GHz
Percentage of memory in use: 49%
Total physical RAM: 6071.06 MB
Available physical RAM: 3085.36 MB
Total Pagefile: 12140.33 MB
Available Pagefile: 7123.25 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:453.45 GB) (Free:314.83 GB) NTFS
Drive d: (DATA) (Fixed) (Total:453.96 GB) (Free:453.41 GB) NTFS
Drive e: (CGP 2013 CD) (CDROM) (Total:1.76 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 10D6741B)
Partition 1: (Not Active) - (Size=24 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=453.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=454 GB) - (Type=07 NTFS)
==================== End of log ============================
|
|
01.06.2015, 09:12
| #4 |
| /// the machine /// TB-Ausbilder | Maus clickt nicht mehr richtig, Pc extrem langsam hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.06.2015, 11:25
| #5 |
| | Maus clickt nicht mehr richtig, Pc extrem langsam Hallo Schrauber, der Scan mit dem Malwarebytes Anti-Rootkit war negativ aber der TDSSKiller hat einiges gefunden ... Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.05.31.03
rootkit: v2015.05.31.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17801
user :: USER-PC [administrator]
01.06.2015 11:21:27
mbar-log-2015-06-01 (11-21-27).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 441827
Time elapsed: 35 minute(s), 55 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 12:08:18.0811 0x1aa4 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
12:08:23.0757 0x1aa4 ============================================================
12:08:23.0758 0x1aa4 Current date / time: 2015/06/01 12:08:23.0757
12:08:23.0758 0x1aa4 SystemInfo:
12:08:23.0758 0x1aa4
12:08:23.0758 0x1aa4 OS Version: 6.1.7601 ServicePack: 1.0
12:08:23.0758 0x1aa4 Product type: Workstation
12:08:23.0758 0x1aa4 ComputerName: USER-PC
12:08:23.0758 0x1aa4 UserName: user
12:08:23.0758 0x1aa4 Windows directory: C:\Windows
12:08:23.0758 0x1aa4 System windows directory: C:\Windows
12:08:23.0758 0x1aa4 Running under WOW64
12:08:23.0758 0x1aa4 Processor architecture: Intel x64
12:08:23.0758 0x1aa4 Number of processors: 4
12:08:23.0758 0x1aa4 Page size: 0x1000
12:08:23.0758 0x1aa4 Boot type: Normal boot
12:08:23.0758 0x1aa4 ============================================================
12:08:24.0000 0x1aa4 KLMD registered as C:\Windows\system32\drivers\42813001.sys
12:08:24.0486 0x1aa4 System UUID: {B614EE90-FB76-48B3-0B61-4F45FB2178C2}
12:08:26.0316 0x1aa4 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:08:26.0390 0x1aa4 ============================================================
12:08:26.0390 0x1aa4 \Device\Harddisk0\DR0:
12:08:26.0390 0x1aa4 MBR partitions:
12:08:26.0390 0x1aa4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3000800, BlocksNum 0x32000
12:08:26.0390 0x1aa4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3032800, BlocksNum 0x38AE7000
12:08:26.0390 0x1aa4 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3BB19800, BlocksNum 0x38BEC800
12:08:26.0390 0x1aa4 ============================================================
12:08:26.0433 0x1aa4 C: <-> \Device\Harddisk0\DR0\Partition2
12:08:26.0679 0x1aa4 D: <-> \Device\Harddisk0\DR0\Partition3
12:08:26.0714 0x1aa4 ============================================================
12:08:26.0714 0x1aa4 Initialize success
12:08:26.0714 0x1aa4 ============================================================
12:10:43.0666 0x1e1c ============================================================
12:10:43.0666 0x1e1c Scan started
12:10:43.0666 0x1e1c Mode: Manual; SigCheck; TDLFS;
12:10:43.0666 0x1e1c ============================================================
12:10:43.0666 0x1e1c KSN ping started
12:10:44.0374 0x1e1c KSN ping finished: true
12:10:45.0197 0x1e1c ================ Scan system memory ========================
12:10:45.0197 0x1e1c System memory - ok
12:10:45.0197 0x1e1c ================ Scan services =============================
12:10:45.0358 0x1e1c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:10:45.0519 0x1e1c 1394ohci - ok
12:10:45.0551 0x1e1c aadev - ok
12:10:45.0618 0x1e1c [ 7EEB488346FBFA3731276C3EE8A8FD9E, 97D2E49C2E615E38E8176F1C1551BF452CC6A00787FF90845EFF27A4E6E20B1F ] AAV UpdateService C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
12:10:45.0629 0x1e1c AAV UpdateService - ok
12:10:45.0659 0x1e1c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:10:45.0681 0x1e1c ACPI - ok
12:10:45.0721 0x1e1c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:10:45.0801 0x1e1c AcpiPmi - ok
12:10:45.0901 0x1e1c [ 249386D5903657326265C996B32A0EDB, AE0BCB06FB96B0CF50D5D6ED8F08E7AF333775911CABF828BFAA8FF5724310F8 ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
12:10:45.0935 0x1e1c AcrSch2Svc - ok
12:10:45.0973 0x1e1c [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
12:10:45.0996 0x1e1c Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )
12:10:46.0508 0x1e1c Detect skipped due to KSN trusted
12:10:46.0508 0x1e1c Adobe LM Service - ok
12:10:46.0642 0x1e1c [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:10:46.0652 0x1e1c AdobeARMservice - ok
12:10:46.0748 0x1e1c [ 00CC35F515079F5F94FABC3AC5C7D363, 7CE8B1715009602059DEDD6CBCA9C18EF079EDA344E7809813D6C0A395622B82 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:10:46.0762 0x1e1c AdobeFlashPlayerUpdateSvc - ok
12:10:46.0801 0x1e1c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:10:46.0825 0x1e1c adp94xx - ok
12:10:46.0856 0x1e1c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:10:46.0877 0x1e1c adpahci - ok
12:10:46.0902 0x1e1c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:10:46.0918 0x1e1c adpu320 - ok
12:10:46.0957 0x1e1c [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:10:47.0020 0x1e1c AeLookupSvc - ok
12:10:47.0055 0x1e1c [ AE1FCE2CD1E99BEA89183BA8CD320872, 96F14BCA0C2479F39A5027A71922907D0F35CAD8E9A5037674DF7995BBDB2B51 ] afcdp C:\Windows\system32\DRIVERS\afcdp.sys
12:10:47.0092 0x1e1c afcdp - ok
12:10:47.0234 0x1e1c [ AF44F7E027037628F1FAC3C13CDE73E6, 56A95EBF2241C275FD401487C5F0E86859F8637D8B1BD01B7157EE9BC22B1907 ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
12:10:47.0313 0x1e1c afcdpsrv - ok
12:10:47.0380 0x1e1c [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
12:10:47.0449 0x1e1c AFD - ok
12:10:47.0483 0x1e1c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
12:10:47.0494 0x1e1c agp440 - ok
12:10:47.0525 0x1e1c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
12:10:47.0603 0x1e1c ALG - ok
12:10:47.0652 0x1e1c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
12:10:47.0661 0x1e1c aliide - ok
12:10:47.0699 0x1e1c [ 1D317EA326423FF7630CF1DA3BD46A1C, 1C1D07927106F2D48820AD6E34F0A8137C12FF43C925F89320C3D82C9C786B21 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:10:47.0752 0x1e1c AMD External Events Utility - ok
12:10:47.0772 0x1e1c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
12:10:47.0783 0x1e1c amdide - ok
12:10:47.0810 0x1e1c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:10:47.0857 0x1e1c AmdK8 - ok
12:10:47.0872 0x1e1c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:10:47.0901 0x1e1c AmdPPM - ok
12:10:47.0931 0x1e1c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:10:47.0944 0x1e1c amdsata - ok
12:10:47.0980 0x1e1c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:10:47.0995 0x1e1c amdsbs - ok
12:10:48.0014 0x1e1c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:10:48.0024 0x1e1c amdxata - ok
12:10:48.0074 0x1e1c [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
12:10:48.0150 0x1e1c AppID - ok
12:10:48.0171 0x1e1c [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:10:48.0203 0x1e1c AppIDSvc - ok
12:10:48.0233 0x1e1c [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
12:10:48.0310 0x1e1c Appinfo - ok
12:10:48.0324 0x1e1c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
12:10:48.0336 0x1e1c arc - ok
12:10:48.0351 0x1e1c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:10:48.0363 0x1e1c arcsas - ok
12:10:48.0478 0x1e1c [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:10:48.0491 0x1e1c aspnet_state - ok
12:10:48.0523 0x1e1c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:10:48.0634 0x1e1c AsyncMac - ok
12:10:48.0661 0x1e1c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
12:10:48.0674 0x1e1c atapi - ok
12:10:48.0743 0x1e1c [ FB7602C5C508BE281368AAE0B61B51C6, 81FB4ABFA006974C20CA0E9FEB279A51CC4A9F0C1DA67075AA0EAD13F43B3782 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
12:10:48.0754 0x1e1c AtiHdmiService - ok
12:10:48.0956 0x1e1c [ 19B5C61CB09BFF2BD69E063EE54B56C3, EDA5897A58115ACCBB880EBAE1034E45AA0F2038A98C21E3A3CF1662C360408B ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
12:10:49.0199 0x1e1c atikmdag - ok
12:10:49.0268 0x1e1c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:10:49.0312 0x1e1c AudioEndpointBuilder - ok
12:10:49.0331 0x1e1c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:10:49.0356 0x1e1c AudioSrv - ok
12:10:49.0417 0x1e1c [ D1A9AE485FFF7C72CA50D8949B2210B9, 937E02439519E3837DBEFE3D17123104BA5B1636E7AC322B634DC135B3024B50 ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
12:10:49.0442 0x1e1c AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic ( 1 )
12:10:50.0403 0x1e1c Detect skipped due to KSN trusted
12:10:50.0403 0x1e1c AVM WLAN Connection Service - ok
12:10:50.0450 0x1e1c [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject C:\Windows\system32\drivers\avmeject.sys
12:10:50.0458 0x1e1c avmeject - ok
12:10:50.0512 0x1e1c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:10:50.0599 0x1e1c AxInstSV - ok
12:10:50.0661 0x1e1c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
12:10:50.0734 0x1e1c b06bdrv - ok
12:10:50.0784 0x1e1c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:10:50.0818 0x1e1c b57nd60a - ok
12:10:50.0937 0x1e1c [ 5F685973740F289BE3C809952DB8408B, 4C0A0C06BB2B6B1879A860B0D68289A55F80CF74947FCCE7815F1D8121232F62 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe
12:10:50.0951 0x1e1c BBSvc - ok
12:10:50.0978 0x1e1c [ 76F78018F45E7F92164CEA5020176933, 76E1CA6E198417F3749864721C43913189A7EA07B5ED320DE543B2037CEA3D65 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
12:10:50.0995 0x1e1c BBUpdate - ok
12:10:51.0030 0x1e1c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
12:10:51.0079 0x1e1c BDESVC - ok
12:10:51.0104 0x1e1c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
12:10:51.0151 0x1e1c Beep - ok
12:10:51.0237 0x1e1c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
12:10:51.0310 0x1e1c BFE - ok
12:10:51.0363 0x1e1c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
12:10:51.0536 0x1e1c BITS - ok
12:10:51.0564 0x1e1c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:10:51.0586 0x1e1c blbdrive - ok
12:10:51.0625 0x1e1c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:10:51.0679 0x1e1c bowser - ok
12:10:51.0713 0x1e1c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:10:51.0760 0x1e1c BrFiltLo - ok
12:10:51.0769 0x1e1c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:10:51.0793 0x1e1c BrFiltUp - ok
12:10:51.0825 0x1e1c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
12:10:51.0884 0x1e1c Browser - ok
12:10:51.0903 0x1e1c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:10:51.0950 0x1e1c Brserid - ok
12:10:51.0965 0x1e1c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:10:51.0995 0x1e1c BrSerWdm - ok
12:10:52.0008 0x1e1c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:10:52.0031 0x1e1c BrUsbMdm - ok
12:10:52.0044 0x1e1c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:10:52.0072 0x1e1c BrUsbSer - ok
12:10:52.0095 0x1e1c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:10:52.0127 0x1e1c BTHMODEM - ok
12:10:52.0169 0x1e1c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
12:10:52.0218 0x1e1c bthserv - ok
12:10:52.0246 0x1e1c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:10:52.0282 0x1e1c cdfs - ok
12:10:52.0323 0x1e1c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:10:52.0340 0x1e1c cdrom - ok
12:10:52.0377 0x1e1c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
12:10:52.0422 0x1e1c CertPropSvc - ok
12:10:52.0427 0x1e1c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:10:52.0462 0x1e1c circlass - ok
12:10:52.0490 0x1e1c [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
12:10:52.0509 0x1e1c CLFS - ok
12:10:52.0578 0x1e1c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:10:52.0589 0x1e1c clr_optimization_v2.0.50727_32 - ok
12:10:52.0630 0x1e1c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:10:52.0641 0x1e1c clr_optimization_v2.0.50727_64 - ok
12:10:52.0726 0x1e1c [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:10:52.0739 0x1e1c clr_optimization_v4.0.30319_32 - ok
12:10:52.0749 0x1e1c [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:10:52.0784 0x1e1c clr_optimization_v4.0.30319_64 - ok
12:10:52.0810 0x1e1c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:10:52.0832 0x1e1c CmBatt - ok
12:10:52.0868 0x1e1c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:10:52.0878 0x1e1c cmdide - ok
12:10:52.0924 0x1e1c [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
12:10:52.0963 0x1e1c CNG - ok
12:10:52.0995 0x1e1c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:10:53.0007 0x1e1c Compbatt - ok
12:10:53.0053 0x1e1c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:10:53.0097 0x1e1c CompositeBus - ok
12:10:53.0111 0x1e1c COMSysApp - ok
12:10:53.0132 0x1e1c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:10:53.0142 0x1e1c crcdisk - ok
12:10:53.0177 0x1e1c [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:10:53.0247 0x1e1c CryptSvc - ok
12:10:53.0281 0x1e1c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:10:53.0340 0x1e1c DcomLaunch - ok
12:10:53.0368 0x1e1c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
12:10:53.0426 0x1e1c defragsvc - ok
12:10:53.0471 0x1e1c [ 48A90F76DFAFDF80845ACE13576F425B, 356206430332CAE85FAA508F4C224B25A805D100F6D01DB6DA5573ACBC82E921 ] de_serv C:\Program Files (x86)\Common Files\AVM\de_serv.exe
12:10:53.0529 0x1e1c de_serv - detected UnsignedFile.Multi.Generic ( 1 )
12:10:54.0399 0x1e1c de_serv ( UnsignedFile.Multi.Generic ) - warning
12:10:54.0399 0x1e1c Force sending object to P2P due to detect: de_serv
12:11:00.0352 0x1e1c Object send P2P result: false
12:11:00.0389 0x1e1c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:11:00.0448 0x1e1c DfsC - ok
12:11:00.0498 0x1e1c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:11:00.0551 0x1e1c Dhcp - ok
12:11:00.0653 0x1e1c [ EA8A3E8C674B03CB4AFA1D344DBD7BC1, 564D9370AE4D12973647997684B9637B2A5A7480F66B87018F789CE4E43C8191 ] DiagTrack C:\Windows\system32\diagtrack.dll
12:11:00.0771 0x1e1c DiagTrack - ok
12:11:00.0797 0x1e1c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
12:11:00.0840 0x1e1c discache - ok
12:11:00.0879 0x1e1c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:11:00.0892 0x1e1c Disk - ok
12:11:00.0938 0x1e1c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:11:00.0998 0x1e1c Dnscache - ok
12:11:01.0036 0x1e1c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
12:11:01.0106 0x1e1c dot3svc - ok
12:11:01.0149 0x1e1c [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
12:11:01.0179 0x1e1c Dot4 - ok
12:11:01.0213 0x1e1c [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
12:11:01.0243 0x1e1c Dot4Print - ok
12:11:01.0260 0x1e1c [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
12:11:01.0275 0x1e1c dot4usb - ok
12:11:01.0305 0x1e1c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
12:11:01.0356 0x1e1c DPS - ok
12:11:01.0407 0x1e1c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:11:01.0453 0x1e1c drmkaud - ok
12:11:01.0509 0x1e1c [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:11:01.0560 0x1e1c DXGKrnl - ok
12:11:01.0605 0x1e1c [ 52A482DC61F24B498C8268866B90BB44, C3D01124E4544B54474BCEF4971D1AEE64F6AEA4BE65B9C4916047FB1F948D2F ] e1kexpress C:\Windows\system32\DRIVERS\e1k62x64.sys
12:11:01.0621 0x1e1c e1kexpress - ok
12:11:01.0643 0x1e1c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
12:11:01.0693 0x1e1c EapHost - ok
12:11:01.0822 0x1e1c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
12:11:02.0013 0x1e1c ebdrv - ok
12:11:02.0045 0x1e1c [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] EFS C:\Windows\System32\lsass.exe
12:11:02.0110 0x1e1c EFS - ok
12:11:02.0179 0x1e1c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:11:02.0249 0x1e1c ehRecvr - ok
12:11:02.0289 0x1e1c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
12:11:02.0341 0x1e1c ehSched - ok
12:11:02.0401 0x1e1c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:11:02.0426 0x1e1c elxstor - ok
12:11:02.0463 0x1e1c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:11:02.0489 0x1e1c ErrDev - ok
12:11:02.0546 0x1e1c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
12:11:02.0602 0x1e1c EventSystem - ok
12:11:02.0642 0x1e1c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
12:11:02.0699 0x1e1c exfat - ok
12:11:02.0757 0x1e1c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:11:02.0814 0x1e1c fastfat - ok
12:11:02.0865 0x1e1c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
12:11:02.0948 0x1e1c Fax - ok
12:11:02.0958 0x1e1c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:11:02.0985 0x1e1c fdc - ok
12:11:03.0010 0x1e1c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
12:11:03.0058 0x1e1c fdPHost - ok
12:11:03.0071 0x1e1c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
12:11:03.0118 0x1e1c FDResPub - ok
12:11:03.0140 0x1e1c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:11:03.0152 0x1e1c FileInfo - ok
12:11:03.0170 0x1e1c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:11:03.0222 0x1e1c Filetrace - ok
12:11:03.0467 0x1e1c [ 65A89589DD9FE02F6F71F8F3CCA51E7A, 65D2FE2553BA7B8B249AA9F389EE4ACBB547C2586C7DA99AEE140A2AA6021820 ] Fitbit Connect C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
12:11:03.0609 0x1e1c Fitbit Connect - ok
12:11:03.0634 0x1e1c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:11:03.0647 0x1e1c flpydisk - ok
12:11:03.0681 0x1e1c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:11:03.0701 0x1e1c FltMgr - ok
12:11:03.0767 0x1e1c [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\Windows\system32\FntCache.dll
12:11:03.0900 0x1e1c FontCache - ok
12:11:03.0963 0x1e1c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:11:03.0972 0x1e1c FontCache3.0.0.0 - ok
12:11:03.0987 0x1e1c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:11:03.0998 0x1e1c FsDepends - ok
12:11:04.0019 0x1e1c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:11:04.0029 0x1e1c Fs_Rec - ok
12:11:04.0064 0x1e1c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:11:04.0084 0x1e1c fvevol - ok
12:11:04.0126 0x1e1c [ 444534CBA693DD23C1CC589681E01656, DF8ED7FFA66E0A88EBB58A491A177D8CEB35B08B0911D7A1F4B8865755DC27CE ] FWLANUSB C:\Windows\system32\DRIVERS\fwlanusb.sys
12:11:04.0181 0x1e1c FWLANUSB - ok
12:11:04.0198 0x1e1c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:11:04.0209 0x1e1c gagp30kx - ok
12:11:04.0260 0x1e1c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
12:11:04.0322 0x1e1c gpsvc - ok
12:11:04.0430 0x1e1c [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:11:04.0440 0x1e1c gupdate - ok
12:11:04.0446 0x1e1c [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:11:04.0454 0x1e1c gupdatem - ok
12:11:04.0518 0x1e1c [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:11:04.0532 0x1e1c gusvc - ok
12:11:04.0543 0x1e1c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:11:04.0598 0x1e1c hcw85cir - ok
12:11:04.0650 0x1e1c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:11:04.0691 0x1e1c HdAudAddService - ok
12:11:04.0717 0x1e1c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:11:04.0747 0x1e1c HDAudBus - ok
12:11:04.0782 0x1e1c [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
12:11:04.0791 0x1e1c HECIx64 - ok
12:11:04.0803 0x1e1c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:11:04.0814 0x1e1c HidBatt - ok
12:11:04.0834 0x1e1c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:11:04.0859 0x1e1c HidBth - ok
12:11:04.0876 0x1e1c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:11:04.0910 0x1e1c HidIr - ok
12:11:04.0933 0x1e1c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
12:11:04.0968 0x1e1c hidserv - ok
12:11:05.0006 0x1e1c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:11:05.0054 0x1e1c HidUsb - ok
12:11:05.0090 0x1e1c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:11:05.0141 0x1e1c hkmsvc - ok
12:11:05.0174 0x1e1c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:11:05.0225 0x1e1c HomeGroupListener - ok
12:11:05.0256 0x1e1c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:11:05.0286 0x1e1c HomeGroupProvider - ok
12:11:05.0440 0x1e1c [ 97AAC45A375168C6A2297BEEB9692E31, 9C7285988D0C5DE8E3608F4E9F50A5C9398FFD0DA0F4C965C953859001FC76C8 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
12:11:05.0454 0x1e1c hpqcxs08 - ok
12:11:05.0501 0x1e1c [ 19A4FB67B1C97EA18EDFF44340973CD9, F1B6A7C1E450FF9A1D10F315F17D42DFE8390E88FF1AED4DE35237C4B81FC81D ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
12:11:05.0512 0x1e1c hpqddsvc - ok
12:11:05.0544 0x1e1c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:11:05.0555 0x1e1c HpSAMD - ok
12:11:05.0653 0x1e1c [ F37882F128EFACEFE353E0BAE2766909, 2F9D21613500F092DFC0DB879180B549EE615D9B07408A5CC1A7F84663B2F47A ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
12:11:05.0711 0x1e1c HPSLPSVC - detected UnsignedFile.Multi.Generic ( 1 )
12:11:05.0711 0x1e1c HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
12:11:05.0769 0x1e1c [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:11:05.0832 0x1e1c HTTP - ok
12:11:05.0865 0x1e1c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:11:05.0874 0x1e1c hwpolicy - ok
12:11:05.0911 0x1e1c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:11:05.0923 0x1e1c i8042prt - ok
12:11:05.0997 0x1e1c [ 660BF3255A1EB18ED803FD2FBA6AE400, 74A77E9828D62F2821D398EAA84BB15BF093EAD1BD5A7824362ED3D1A063C509 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
12:11:06.0012 0x1e1c IAANTMON - ok
12:11:06.0041 0x1e1c [ BE7D72FCF442C26975942007E0831241, A0FD29B3D1A1278787F8B3FBE7EC3216AAF328467974A6D90752639BB44DCD84 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
12:11:06.0056 0x1e1c iaStor - ok
12:11:06.0093 0x1e1c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:11:06.0115 0x1e1c iaStorV - ok
12:11:06.0183 0x1e1c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:11:06.0226 0x1e1c idsvc - ok
12:11:06.0259 0x1e1c IEEtwCollectorService - ok
12:11:06.0287 0x1e1c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:11:06.0299 0x1e1c iirsp - ok
12:11:06.0362 0x1e1c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
12:11:06.0435 0x1e1c IKEEXT - ok
12:11:06.0543 0x1e1c [ 42943BB3AB7A405B30EFF7C8283CC129, B914B5610565B794BE28664DE605C5726A0587F15034A026509885771C63B0D5 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:11:06.0654 0x1e1c IntcAzAudAddService - ok
12:11:06.0689 0x1e1c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
12:11:06.0700 0x1e1c intelide - ok
12:11:06.0732 0x1e1c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:11:06.0760 0x1e1c intelppm - ok
12:11:06.0790 0x1e1c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:11:06.0841 0x1e1c IPBusEnum - ok
12:11:06.0880 0x1e1c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:11:06.0913 0x1e1c IpFilterDriver - ok
12:11:06.0958 0x1e1c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:11:07.0039 0x1e1c iphlpsvc - ok
12:11:07.0069 0x1e1c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:11:07.0096 0x1e1c IPMIDRV - ok
12:11:07.0114 0x1e1c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:11:07.0159 0x1e1c IPNAT - ok
12:11:07.0192 0x1e1c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:11:07.0247 0x1e1c IRENUM - ok
12:11:07.0259 0x1e1c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:11:07.0270 0x1e1c isapnp - ok
12:11:07.0310 0x1e1c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:11:07.0331 0x1e1c iScsiPrt - ok
12:11:07.0364 0x1e1c [ 75DDB94A2A24F9F7037D10A2DDA06D36, 8CA8AD4258045AA742DD97E977C8B03FE0689006B3EBF83689CD2CFDE746EF28 ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
12:11:07.0376 0x1e1c JRAID - ok
12:11:07.0406 0x1e1c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:11:07.0417 0x1e1c kbdclass - ok
12:11:07.0446 0x1e1c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:11:07.0469 0x1e1c kbdhid - ok
12:11:07.0489 0x1e1c [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] KeyIso C:\Windows\system32\lsass.exe
12:11:07.0516 0x1e1c KeyIso - ok
12:11:07.0545 0x1e1c [ F7DFAE6040AC910B7C64EE208A34157D, AEF1100F12391692D9DB78519D843A90C97E199A80DDC4D43E3AF1919A9E8E56 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:11:07.0557 0x1e1c KSecDD - ok
12:11:07.0575 0x1e1c [ 8FE94F2EF9BF444E93E35D87E210D02F, 78E8F6FD7C1EA3556194947707BE6893538A9E25A550C22045866C5B30251D14 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:11:07.0588 0x1e1c KSecPkg - ok
12:11:07.0613 0x1e1c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:11:07.0659 0x1e1c ksthunk - ok
12:11:07.0691 0x1e1c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
12:11:07.0742 0x1e1c KtmRm - ok
12:11:07.0785 0x1e1c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:11:07.0855 0x1e1c LanmanServer - ok
12:11:07.0889 0x1e1c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:11:07.0925 0x1e1c LanmanWorkstation - ok
12:11:07.0955 0x1e1c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:11:08.0004 0x1e1c lltdio - ok
12:11:08.0046 0x1e1c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:11:08.0106 0x1e1c lltdsvc - ok
12:11:08.0125 0x1e1c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:11:08.0164 0x1e1c lmhosts - ok
12:11:08.0243 0x1e1c [ E38775922D4A4C05B5D96733AB4CE169, 92888BF351C4249C81189CA7F25419077017DD2F1F88FD91D1F4A51CEBF98A62 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:11:08.0257 0x1e1c LMS - ok
12:11:08.0287 0x1e1c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:11:08.0300 0x1e1c LSI_FC - ok
12:11:08.0326 0x1e1c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:11:08.0338 0x1e1c LSI_SAS - ok
12:11:08.0357 0x1e1c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:11:08.0368 0x1e1c LSI_SAS2 - ok
12:11:08.0385 0x1e1c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:11:08.0398 0x1e1c LSI_SCSI - ok
12:11:08.0426 0x1e1c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
12:11:08.0478 0x1e1c luafv - ok
12:11:08.0515 0x1e1c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:11:08.0530 0x1e1c Mcx2Svc - ok
12:11:08.0541 0x1e1c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:11:08.0553 0x1e1c megasas - ok
12:11:08.0571 0x1e1c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:11:08.0590 0x1e1c MegaSR - ok
12:11:08.0622 0x1e1c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
12:11:08.0671 0x1e1c MMCSS - ok
12:11:08.0686 0x1e1c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
12:11:08.0737 0x1e1c Modem - ok
12:11:08.0763 0x1e1c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:11:08.0789 0x1e1c monitor - ok
12:11:08.0814 0x1e1c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:11:08.0825 0x1e1c mouclass - ok
12:11:08.0838 0x1e1c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:11:08.0849 0x1e1c mouhid - ok
12:11:08.0874 0x1e1c [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:11:08.0886 0x1e1c mountmgr - ok
12:11:08.0964 0x1e1c [ DD370A8148862150BA81A3F5C56A1E40, F56B84297BDC32266CB69D10FB2D66B8B332D60CAB7E64E4E3AC2BB749BBD31B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:11:08.0978 0x1e1c MozillaMaintenance - ok
12:11:09.0030 0x1e1c [ 73150F67D20270FF95A021A22E64F28A, A8878DEFBE437FB453F8E9243FB5C787D07AC7415A4475388D479C10417C524F ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
12:11:09.0050 0x1e1c MpFilter - ok
12:11:09.0091 0x1e1c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
12:11:09.0105 0x1e1c mpio - ok
12:11:09.0137 0x1e1c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:11:09.0176 0x1e1c mpsdrv - ok
12:11:09.0229 0x1e1c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:11:09.0311 0x1e1c MpsSvc - ok
12:11:09.0345 0x1e1c [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:11:09.0396 0x1e1c MRxDAV - ok
12:11:09.0428 0x1e1c [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:11:09.0462 0x1e1c mrxsmb - ok
12:11:09.0496 0x1e1c [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:11:09.0522 0x1e1c mrxsmb10 - ok
12:11:09.0540 0x1e1c [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:11:09.0554 0x1e1c mrxsmb20 - ok
12:11:09.0575 0x1e1c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
12:11:09.0586 0x1e1c msahci - ok
12:11:09.0668 0x1e1c [ A592A054D78750B4D73ABAA4C94DECDF, 40B135C9F9EE698EC78BD19BD18353AE2CF4D020DDB9CFC37CD2FDBF7602614A ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS64.exe
12:11:09.0680 0x1e1c MSCamSvc - ok
12:11:09.0698 0x1e1c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:11:09.0711 0x1e1c msdsm - ok
12:11:09.0732 0x1e1c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
12:11:09.0766 0x1e1c MSDTC - ok
12:11:09.0796 0x1e1c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:11:09.0833 0x1e1c Msfs - ok
12:11:09.0842 0x1e1c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:11:09.0886 0x1e1c mshidkmdf - ok
12:11:09.0905 0x1e1c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:11:09.0914 0x1e1c msisadrv - ok
12:11:09.0953 0x1e1c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:11:10.0009 0x1e1c MSiSCSI - ok
12:11:10.0012 0x1e1c msiserver - ok
12:11:10.0054 0x1e1c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:11:10.0088 0x1e1c MSKSSRV - ok
12:11:10.0187 0x1e1c [ CE996C1821021ADF8E28E80A54E846A8, 99042E895B6C2EA80F3BA65563A12C8EBA882E3AD6A21DD8E799B0112C75DDD2 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
12:11:10.0199 0x1e1c MsMpSvc - ok
12:11:10.0234 0x1e1c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:11:10.0279 0x1e1c MSPCLOCK - ok
12:11:10.0283 0x1e1c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:11:10.0318 0x1e1c MSPQM - ok
12:11:10.0368 0x1e1c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:11:10.0390 0x1e1c MsRPC - ok
12:11:10.0405 0x1e1c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:11:10.0416 0x1e1c mssmbios - ok
12:11:10.0551 0x1e1c MSSQL$UPSWSDBSERVER - ok
12:11:10.0616 0x1e1c [ 1D89EB4E2A99CABD4E81225F4F4C4B25, B9C4D956E3F74CB463A1A14287F4B550381FBB3E4B2DF9418E041E02A159E31E ] MSSQLServerADHelper C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
12:11:10.0625 0x1e1c MSSQLServerADHelper - ok
12:11:10.0643 0x1e1c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:11:10.0678 0x1e1c MSTEE - ok
12:11:10.0704 0x1e1c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:11:10.0724 0x1e1c MTConfig - ok
12:11:10.0760 0x1e1c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
12:11:10.0771 0x1e1c Mup - ok
12:11:10.0833 0x1e1c [ A906B08944EF1BEC17AE306E9FDB35D0, 898B7D602A2B422C97D8773D72F978C828F9B7BA7582F3236601B0EF4C9834E5 ] mv2 C:\Windows\system32\DRIVERS\mv2.sys
12:11:10.0886 0x1e1c mv2 - ok
12:11:10.0929 0x1e1c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
12:11:10.0999 0x1e1c napagent - ok
12:11:11.0044 0x1e1c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:11:11.0096 0x1e1c NativeWifiP - ok
12:11:11.0167 0x1e1c [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
12:11:11.0209 0x1e1c NDIS - ok
12:11:11.0254 0x1e1c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:11:11.0288 0x1e1c NdisCap - ok
12:11:11.0325 0x1e1c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:11:11.0380 0x1e1c NdisTapi - ok
12:11:11.0423 0x1e1c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:11:11.0475 0x1e1c Ndisuio - ok
12:11:11.0506 0x1e1c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:11:11.0559 0x1e1c NdisWan - ok
12:11:11.0599 0x1e1c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:11:11.0634 0x1e1c NDProxy - ok
12:11:11.0754 0x1e1c [ 7D2633295EB6FF2B938185874884059D, B3A4E52ABCB2E2720D8ADB0B68C222D4AB98E838D40B6A731D15EB1D6C9DEA15 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
12:11:11.0811 0x1e1c Nero BackItUp Scheduler 4.0 - ok
12:11:11.0858 0x1e1c [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
12:11:11.0863 0x1e1c Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
12:11:11.0863 0x1e1c Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
12:11:11.0896 0x1e1c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:11:11.0954 0x1e1c NetBIOS - ok
12:11:11.0982 0x1e1c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:11:12.0037 0x1e1c NetBT - ok
12:11:12.0055 0x1e1c [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] Netlogon C:\Windows\system32\lsass.exe
12:11:12.0066 0x1e1c Netlogon - ok
12:11:12.0103 0x1e1c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
12:11:12.0154 0x1e1c Netman - ok
12:11:12.0199 0x1e1c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:11:12.0214 0x1e1c NetMsmqActivator - ok
12:11:12.0233 0x1e1c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:11:12.0247 0x1e1c NetPipeActivator - ok
12:11:12.0271 0x1e1c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
12:11:12.0319 0x1e1c netprofm - ok
12:11:12.0345 0x1e1c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:11:12.0360 0x1e1c NetTcpActivator - ok
12:11:12.0366 0x1e1c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:11:12.0380 0x1e1c NetTcpPortSharing - ok
12:11:12.0410 0x1e1c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:11:12.0421 0x1e1c nfrd960 - ok
12:11:12.0473 0x1e1c [ 4774AD83C650001B337B92E5E5DA337B, 138ECC7F556D8A12AE58B78B68F6515BE4C00F9F062596B48B6CA6C010F13035 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
12:11:12.0489 0x1e1c NisDrv - ok
12:11:12.0547 0x1e1c [ 96B7D15161A778B359E707796CCEA646, 9E4A25D9848FAECC517474EAD548E7975CBE3F41AAA964E5245E78F2A723925E ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
12:11:12.0567 0x1e1c NisSrv - ok
12:11:12.0600 0x1e1c [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
12:11:12.0660 0x1e1c NlaSvc - ok
12:11:12.0675 0x1e1c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:11:12.0708 0x1e1c Npfs - ok
12:11:12.0721 0x1e1c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
12:11:12.0772 0x1e1c nsi - ok
12:11:12.0793 0x1e1c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:11:12.0838 0x1e1c nsiproxy - ok
12:11:12.0912 0x1e1c [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:11:12.0999 0x1e1c Ntfs - ok
12:11:13.0057 0x1e1c [ BD691091AC7D9713D8F0B07C6B099E6C, 4A69ED227CCBBCB76F78078CEE42506A875759FFB519CB9C40173EF8ACD6D6D2 ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
12:11:13.0078 0x1e1c NTI IScheduleSvc - ok
12:11:13.0092 0x1e1c [ 64DDD0DEE976302F4BD93E5EFCC2F013, 19F54B4549999EF96FAE1B2B97973F281304843ADE0CF5823574453AB41E3E9C ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
12:11:13.0100 0x1e1c NTIDrvr - ok
12:11:13.0116 0x1e1c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
12:11:13.0166 0x1e1c Null - ok
12:11:13.0207 0x1e1c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:11:13.0222 0x1e1c nvraid - ok
12:11:13.0247 0x1e1c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:11:13.0261 0x1e1c nvstor - ok
12:11:13.0286 0x1e1c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:11:13.0300 0x1e1c nv_agp - ok
12:11:13.0319 0x1e1c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:11:13.0351 0x1e1c ohci1394 - ok
12:11:13.0433 0x1e1c [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:11:13.0443 0x1e1c ose - ok
12:11:13.0495 0x1e1c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:11:13.0552 0x1e1c p2pimsvc - ok
12:11:13.0601 0x1e1c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
12:11:13.0643 0x1e1c p2psvc - ok
12:11:13.0663 0x1e1c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:11:13.0692 0x1e1c Parport - ok
12:11:13.0720 0x1e1c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:11:13.0732 0x1e1c partmgr - ok
12:11:13.0768 0x1e1c [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:11:13.0818 0x1e1c PcaSvc - ok
12:11:13.0849 0x1e1c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
12:11:13.0863 0x1e1c pci - ok
12:11:13.0902 0x1e1c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
12:11:13.0912 0x1e1c pciide - ok
12:11:13.0932 0x1e1c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:11:13.0947 0x1e1c pcmcia - ok
12:11:13.0961 0x1e1c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
12:11:13.0974 0x1e1c pcw - ok
12:11:14.0126 0x1e1c [ 501015A7570DA3E2B159B6191B37B347, C202C053ED78E956C00EDB8F265CED53344BD90D3A614FBFF789B98B0C4D7A90 ] PDF Architect 3 C:\Program Files (x86)\PDF Architect 3\ws.exe
12:11:14.0333 0x1e1c PDF Architect 3 - ok
12:11:14.0394 0x1e1c [ 07DA9CEDFC7441AE061DFA7E2BD825F6, 35A8060EA0E2E34EBB1EB25F40BB72A6D3B83CBA8BD8CD4BF9E427A777D42D28 ] PDF Architect 3 CrashHandler C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe
12:11:14.0489 0x1e1c PDF Architect 3 CrashHandler - ok
12:11:14.0544 0x1e1c [ 1234BB5F8C7EC1E52F32A3EBF65F52EA, AEE529A96C6F21D27B3F5AEF6AADF42129C676584DEE550C8F42815D1C913B0C ] PDF Architect 3 Creator C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
12:11:14.0566 0x1e1c PDF Architect 3 Creator - ok
12:11:14.0621 0x1e1c [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:11:14.0658 0x1e1c PEAUTH - ok
12:11:14.0729 0x1e1c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:11:14.0741 0x1e1c PerfHost - ok
12:11:14.0811 0x1e1c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
12:11:14.0908 0x1e1c pla - ok
12:11:14.0961 0x1e1c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:11:15.0024 0x1e1c PlugPlay - ok
12:11:15.0088 0x1e1c [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
12:11:15.0109 0x1e1c Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
12:11:15.0109 0x1e1c Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
12:11:15.0122 0x1e1c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:11:15.0152 0x1e1c PNRPAutoReg - ok
12:11:15.0184 0x1e1c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:11:15.0202 0x1e1c PNRPsvc - ok
12:11:15.0229 0x1e1c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:11:15.0285 0x1e1c PolicyAgent - ok
12:11:15.0313 0x1e1c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
12:11:15.0368 0x1e1c Power - ok
12:11:15.0392 0x1e1c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:11:15.0426 0x1e1c PptpMiniport - ok
12:11:15.0444 0x1e1c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:11:15.0479 0x1e1c Processor - ok
12:11:15.0515 0x1e1c [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
12:11:15.0553 0x1e1c ProfSvc - ok
12:11:15.0577 0x1e1c [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:11:15.0588 0x1e1c ProtectedStorage - ok
12:11:15.0627 0x1e1c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:11:15.0677 0x1e1c Psched - ok
12:11:15.0735 0x1e1c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:11:15.0831 0x1e1c ql2300 - ok
12:11:15.0845 0x1e1c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:11:15.0858 0x1e1c ql40xx - ok
12:11:15.0881 0x1e1c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
12:11:15.0914 0x1e1c QWAVE - ok
12:11:15.0935 0x1e1c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:11:15.0966 0x1e1c QWAVEdrv - ok
12:11:15.0981 0x1e1c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:11:16.0040 0x1e1c RasAcd - ok
12:11:16.0063 0x1e1c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:11:16.0109 0x1e1c RasAgileVpn - ok
12:11:16.0135 0x1e1c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
12:11:16.0171 0x1e1c RasAuto - ok
12:11:16.0205 0x1e1c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:11:16.0263 0x1e1c Rasl2tp - ok
12:11:16.0306 0x1e1c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
12:11:16.0349 0x1e1c RasMan - ok
12:11:16.0366 0x1e1c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:11:16.0403 0x1e1c RasPppoe - ok
12:11:16.0416 0x1e1c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:11:16.0459 0x1e1c RasSstp - ok
12:11:16.0493 0x1e1c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:11:16.0544 0x1e1c rdbss - ok
12:11:16.0563 0x1e1c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:11:16.0584 0x1e1c rdpbus - ok
12:11:16.0596 0x1e1c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:11:16.0651 0x1e1c RDPCDD - ok
12:11:16.0673 0x1e1c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:11:16.0718 0x1e1c RDPENCDD - ok
12:11:16.0734 0x1e1c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:11:16.0785 0x1e1c RDPREFMP - ok
12:11:16.0819 0x1e1c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:11:16.0868 0x1e1c RDPWD - ok
12:11:16.0905 0x1e1c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:11:16.0920 0x1e1c rdyboost - ok
12:11:16.0952 0x1e1c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:11:17.0005 0x1e1c RemoteAccess - ok
12:11:17.0028 0x1e1c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:11:17.0069 0x1e1c RemoteRegistry - ok
12:11:17.0085 0x1e1c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:11:17.0136 0x1e1c RpcEptMapper - ok
12:11:17.0159 0x1e1c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
12:11:17.0173 0x1e1c RpcLocator - ok
12:11:17.0214 0x1e1c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
12:11:17.0260 0x1e1c RpcSs - ok
12:11:17.0271 0x1e1c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:11:17.0320 0x1e1c rspndr - ok
12:11:17.0333 0x1e1c [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] SamSs C:\Windows\system32\lsass.exe
12:11:17.0343 0x1e1c SamSs - ok
12:11:17.0371 0x1e1c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:11:17.0383 0x1e1c sbp2port - ok
12:11:17.0392 0x1e1c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:11:17.0449 0x1e1c SCardSvr - ok
12:11:17.0483 0x1e1c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:11:17.0531 0x1e1c scfilter - ok
12:11:17.0606 0x1e1c [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
12:11:17.0711 0x1e1c Schedule - ok
12:11:17.0743 0x1e1c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:11:17.0776 0x1e1c SCPolicySvc - ok
12:11:17.0809 0x1e1c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:11:17.0862 0x1e1c SDRSVC - ok
12:11:17.0902 0x1e1c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:11:17.0950 0x1e1c secdrv - ok
12:11:17.0984 0x1e1c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
12:11:18.0018 0x1e1c seclogon - ok
12:11:18.0032 0x1e1c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
12:11:18.0068 0x1e1c SENS - ok
12:11:18.0082 0x1e1c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:11:18.0116 0x1e1c SensrSvc - ok
12:11:18.0164 0x1e1c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:11:18.0191 0x1e1c Serenum - ok
12:11:18.0213 0x1e1c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:11:18.0237 0x1e1c Serial - ok
12:11:18.0265 0x1e1c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:11:18.0276 0x1e1c sermouse - ok
12:11:18.0315 0x1e1c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
12:11:18.0366 0x1e1c SessionEnv - ok
12:11:18.0399 0x1e1c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:11:18.0414 0x1e1c sffdisk - ok
12:11:18.0429 0x1e1c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:11:18.0444 0x1e1c sffp_mmc - ok
12:11:18.0459 0x1e1c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:11:18.0472 0x1e1c sffp_sd - ok
12:11:18.0485 0x1e1c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:11:18.0496 0x1e1c sfloppy - ok
12:11:18.0533 0x1e1c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:11:18.0576 0x1e1c SharedAccess - ok
12:11:18.0620 0x1e1c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:11:18.0666 0x1e1c ShellHWDetection - ok
12:11:18.0689 0x1e1c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:11:18.0702 0x1e1c SiSRaid2 - ok
12:11:18.0717 0x1e1c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:11:18.0728 0x1e1c SiSRaid4 - ok
12:11:18.0752 0x1e1c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:11:18.0787 0x1e1c Smb - ok
12:11:18.0833 0x1e1c [ 10450F432811D7FDA60A97FCC674D7B2, FD6245B06DD81C6E287DA47173D622357D86D84E3A5444CD34645973FE2E8BF5 ] snapman C:\Windows\system32\DRIVERS\snapman.sys
12:11:18.0848 0x1e1c snapman - ok
12:11:18.0875 0x1e1c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:11:18.0901 0x1e1c SNMPTRAP - ok
12:11:18.0917 0x1e1c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
12:11:18.0927 0x1e1c spldr - ok
12:11:18.0967 0x1e1c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
12:11:19.0025 0x1e1c Spooler - ok
12:11:19.0161 0x1e1c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
12:11:19.0329 0x1e1c sppsvc - ok
12:11:19.0352 0x1e1c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:11:19.0401 0x1e1c sppuinotify - ok
12:11:19.0468 0x1e1c [ 86EBD8B1F23E743AAD21F4D5B4D40985, 8FA4DFDAE15712266B878C364FEFDB63CB30A3DCC25F83CDFE8C8AB3AE864BE6 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
12:11:19.0480 0x1e1c SQLBrowser - ok
12:11:19.0546 0x1e1c [ 3C432A96363097870995E2A3C8B66ABD, AA0AE0935FC5317FE93D7D3C3B9A6B2E026915D07704AF3E36F14FEA8595F4A6 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
12:11:19.0556 0x1e1c SQLWriter - ok
12:11:19.0602 0x1e1c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:11:19.0641 0x1e1c srv - ok
12:11:19.0681 0x1e1c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:11:19.0713 0x1e1c srv2 - ok
12:11:19.0747 0x1e1c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:11:19.0772 0x1e1c srvnet - ok
12:11:19.0792 0x1e1c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:11:19.0838 0x1e1c SSDPSRV - ok
12:11:19.0855 0x1e1c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:11:19.0905 0x1e1c SstpSvc - ok
12:11:19.0920 0x1e1c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:11:19.0930 0x1e1c stexstor - ok
12:11:19.0962 0x1e1c [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\drivers\serscan.sys
12:11:20.0003 0x1e1c StillCam - ok
12:11:20.0061 0x1e1c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
12:11:20.0104 0x1e1c stisvc - ok
12:11:20.0138 0x1e1c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
12:11:20.0149 0x1e1c swenum - ok
12:11:20.0173 0x1e1c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
12:11:20.0233 0x1e1c swprv - ok
12:11:20.0312 0x1e1c [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
12:11:20.0411 0x1e1c SysMain - ok
12:11:20.0445 0x1e1c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:11:20.0479 0x1e1c TabletInputService - ok
12:11:20.0513 0x1e1c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
12:11:20.0568 0x1e1c TapiSrv - ok
12:11:20.0598 0x1e1c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
12:11:20.0650 0x1e1c TBS - ok
12:11:20.0733 0x1e1c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:11:20.0828 0x1e1c Tcpip - ok
12:11:20.0887 0x1e1c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:11:20.0944 0x1e1c TCPIP6 - ok
12:11:20.0987 0x1e1c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:11:21.0009 0x1e1c tcpipreg - ok
12:11:21.0024 0x1e1c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:11:21.0049 0x1e1c TDPIPE - ok
12:11:21.0133 0x1e1c [ 99527D49EE0A96FC25537C61B270A372, 519E23F86EC86349F92C4A88DBD19C097AEE0A6E152776B32B45D293ED14946B ] tdrpman273 C:\Windows\system32\DRIVERS\tdrpm273.sys
12:11:21.0198 0x1e1c tdrpman273 - ok
12:11:21.0226 0x1e1c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:11:21.0246 0x1e1c TDTCP - ok
12:11:21.0278 0x1e1c [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:11:21.0320 0x1e1c tdx - ok
12:11:21.0347 0x1e1c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
12:11:21.0358 0x1e1c TermDD - ok
12:11:21.0407 0x1e1c [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
12:11:21.0453 0x1e1c TermService - ok
12:11:21.0475 0x1e1c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
12:11:21.0506 0x1e1c Themes - ok
12:11:21.0533 0x1e1c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
12:11:21.0567 0x1e1c THREADORDER - ok
12:11:21.0612 0x1e1c [ EBBAEA02F0095A798000C7E06B16D41B, CBEAC6CBF0F8D5B72ACCBADA6BD1DF1EB31F84B0D973DA955337991D4DBBDF7E ] timounter C:\Windows\system32\DRIVERS\timntr.sys
12:11:21.0669 0x1e1c timounter - ok
12:11:21.0682 0x1e1c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
12:11:21.0726 0x1e1c TrkWks - ok
12:11:21.0775 0x1e1c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:11:21.0827 0x1e1c TrustedInstaller - ok
12:11:21.0861 0x1e1c [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:11:21.0875 0x1e1c tssecsrv - ok
12:11:21.0919 0x1e1c [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:11:21.0959 0x1e1c TsUsbFlt - ok
12:11:22.0007 0x1e1c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:11:22.0044 0x1e1c tunnel - ok
12:11:22.0058 0x1e1c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:11:22.0069 0x1e1c uagp35 - ok
12:11:22.0114 0x1e1c [ 2E22C1FD397A5A9FFEF55E9D1FC96C00, 4646712B3F3AF6188DBCE1A95D92261E8B15E9583FE5DD538EC884F48B51759D ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
12:11:22.0124 0x1e1c UBHelper - ok
12:11:22.0159 0x1e1c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:11:22.0202 0x1e1c udfs - ok
12:11:22.0217 0x1e1c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:11:22.0244 0x1e1c UI0Detect - ok
12:11:22.0265 0x1e1c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:11:22.0292 0x1e1c uliagpkx - ok
12:11:22.0322 0x1e1c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
12:11:22.0334 0x1e1c umbus - ok
12:11:22.0347 0x1e1c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:11:22.0368 0x1e1c UmPass - ok
12:11:22.0522 0x1e1c [ 41118D920B2B268C0ADC36421248CDCF, 4F99C4913DCFE02B0783FD97F02558E4DD4D7C98553D95A8E26FAAA0C0D67616 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:11:22.0681 0x1e1c UNS - detected UnsignedFile.Multi.Generic ( 1 )
12:11:22.0682 0x1e1c UNS ( UnsignedFile.Multi.Generic ) - warning
12:11:22.0682 0x1e1c Force sending object to P2P due to detect: UNS
12:11:22.0690 0x1e1c Object send P2P result: false
12:11:22.0768 0x1e1c [ 70DDE3A86DBEB1D6C3C30AD687B1877A, 2DAE797240DB8F521F1C9D1171524790052E186B060D58A1B102FBFFC80CE48E ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
12:11:22.0781 0x1e1c Updater Service - ok
12:11:22.0817 0x1e1c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
12:11:22.0879 0x1e1c upnphost - ok
12:11:22.0920 0x1e1c [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
12:11:22.0950 0x1e1c usbaudio - ok
12:11:22.0992 0x1e1c [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:11:23.0049 0x1e1c usbccgp - ok
12:11:23.0083 0x1e1c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:11:23.0123 0x1e1c usbcir - ok
12:11:23.0151 0x1e1c [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
12:11:23.0170 0x1e1c usbehci - ok
12:11:23.0206 0x1e1c [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:11:23.0225 0x1e1c usbhub - ok
12:11:23.0262 0x1e1c [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:11:23.0285 0x1e1c usbohci - ok
12:11:23.0321 0x1e1c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:11:23.0354 0x1e1c usbprint - ok
12:11:23.0421 0x1e1c [ B5E6C4F280EBF0B16F74A5B415F2E0DF, 4B1F7C95F267A29FC8AE4F285E2B19200C7E3F8505B1E75797A7A9EDE4CD1EDE ] USBS3S4Detection C:\OEM\USBDECTION\USBS3S4Detection.exe
12:11:23.0429 0x1e1c USBS3S4Detection - ok
12:11:23.0473 0x1e1c [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\drivers\usbscan.sys
12:11:23.0513 0x1e1c usbscan - ok
12:11:23.0544 0x1e1c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:11:23.0574 0x1e1c USBSTOR - ok
12:11:23.0603 0x1e1c [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:11:23.0614 0x1e1c usbuhci - ok
12:11:23.0726 0x1e1c [ E7474DCA1148597D841E8599D4AC4859, BD2F2B6A8E5EB43E8D9F3B04923DBCC57C90D59D660BED29E457A9F65282BD83 ] uvnc_service C:\Program Files\UltraVNC\WinVNC.exe
12:11:23.0791 0x1e1c uvnc_service - ok
12:11:23.0811 0x1e1c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
12:11:23.0855 0x1e1c UxSms - ok
12:11:23.0867 0x1e1c [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] VaultSvc C:\Windows\system32\lsass.exe
12:11:23.0882 0x1e1c VaultSvc - ok
12:11:23.0894 0x1e1c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:11:23.0905 0x1e1c vdrvroot - ok
12:11:23.0958 0x1e1c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
12:11:24.0007 0x1e1c vds - ok
12:11:24.0027 0x1e1c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:11:24.0051 0x1e1c vga - ok
12:11:24.0078 0x1e1c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:11:24.0110 0x1e1c VgaSave - ok
12:11:24.0134 0x1e1c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:11:24.0152 0x1e1c vhdmp - ok
12:11:24.0170 0x1e1c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
12:11:24.0180 0x1e1c viaide - ok
12:11:24.0199 0x1e1c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:11:24.0210 0x1e1c volmgr - ok
12:11:24.0256 0x1e1c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:11:24.0276 0x1e1c volmgrx - ok
12:11:24.0294 0x1e1c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:11:24.0312 0x1e1c volsnap - ok
12:11:24.0362 0x1e1c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:11:24.0376 0x1e1c vsmraid - ok
12:11:24.0446 0x1e1c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
12:11:24.0561 0x1e1c VSS - ok
12:11:24.0583 0x1e1c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
12:11:24.0611 0x1e1c vwifibus - ok
12:11:24.0719 0x1e1c [ CE6C085771812D5EE863CC7EF93CAEF2, 40CBE5D2A88A1DB412ED22F15B68D0D5BF1090E909DCC65946178BB1AB782248 ] VX1000 C:\Windows\system32\DRIVERS\VX1000.sys
12:11:24.0842 0x1e1c VX1000 - ok
12:11:24.0888 0x1e1c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
12:11:24.0949 0x1e1c W32Time - ok
12:11:24.0966 0x1e1c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:11:24.0977 0x1e1c WacomPen - ok
12:11:25.0025 0x1e1c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:11:25.0079 0x1e1c WANARP - ok
12:11:25.0087 0x1e1c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:11:25.0121 0x1e1c Wanarpv6 - ok
12:11:25.0202 0x1e1c [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:11:25.0264 0x1e1c WatAdminSvc - ok
12:11:25.0328 0x1e1c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
12:11:25.0435 0x1e1c wbengine - ok
12:11:25.0492 0x1e1c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:11:25.0526 0x1e1c WbioSrvc - ok
12:11:25.0573 0x1e1c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:11:25.0599 0x1e1c wcncsvc - ok
12:11:25.0612 0x1e1c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:11:25.0652 0x1e1c WcsPlugInService - ok
12:11:25.0690 0x1e1c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:11:25.0700 0x1e1c Wd - ok
12:11:25.0748 0x1e1c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:11:25.0795 0x1e1c Wdf01000 - ok
12:11:25.0841 0x1e1c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:11:25.0873 0x1e1c WdiServiceHost - ok
12:11:25.0878 0x1e1c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:11:25.0890 0x1e1c WdiSystemHost - ok
12:11:25.0923 0x1e1c [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
12:11:25.0966 0x1e1c WebClient - ok
12:11:25.0988 0x1e1c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:11:26.0034 0x1e1c Wecsvc - ok
12:11:26.0049 0x1e1c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:11:26.0084 0x1e1c wercplsupport - ok
12:11:26.0120 0x1e1c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
12:11:26.0169 0x1e1c WerSvc - ok
12:11:26.0191 0x1e1c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:11:26.0224 0x1e1c WfpLwf - ok
12:11:26.0228 0x1e1c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:11:26.0239 0x1e1c WIMMount - ok
12:11:26.0261 0x1e1c WinDefend - ok
12:11:26.0285 0x1e1c WinHttpAutoProxySvc - ok
12:11:26.0346 0x1e1c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:11:26.0397 0x1e1c Winmgmt - ok
12:11:26.0491 0x1e1c [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
12:11:26.0648 0x1e1c WinRM - ok
12:11:26.0698 0x1e1c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\drivers\WinUsb.sys
12:11:26.0714 0x1e1c WinUsb - ok
12:11:26.0761 0x1e1c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:11:26.0835 0x1e1c Wlansvc - ok
12:11:26.0964 0x1e1c [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:11:27.0034 0x1e1c wlidsvc - ok
12:11:27.0070 0x1e1c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:11:27.0094 0x1e1c WmiAcpi - ok
12:11:27.0128 0x1e1c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:11:27.0145 0x1e1c wmiApSrv - ok
12:11:27.0163 0x1e1c WMPNetworkSvc - ok
12:11:27.0186 0x1e1c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:11:27.0238 0x1e1c WPCSvc - ok
12:11:27.0270 0x1e1c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:11:27.0296 0x1e1c WPDBusEnum - ok
12:11:27.0323 0x1e1c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:11:27.0357 0x1e1c ws2ifsl - ok
12:11:27.0376 0x1e1c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
12:11:27.0402 0x1e1c wscsvc - ok
12:11:27.0406 0x1e1c WSearch - ok
12:11:27.0513 0x1e1c [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv C:\Windows\system32\wuaueng.dll
12:11:27.0669 0x1e1c wuauserv - ok
12:11:27.0703 0x1e1c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:11:27.0759 0x1e1c WudfPf - ok
12:11:27.0800 0x1e1c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\drivers\WUDFRd.sys
12:11:27.0826 0x1e1c WUDFRd - ok
12:11:27.0859 0x1e1c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:11:27.0901 0x1e1c wudfsvc - ok
12:11:27.0930 0x1e1c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
12:11:27.0988 0x1e1c WwanSvc - ok
12:11:28.0013 0x1e1c ================ Scan global ===============================
12:11:28.0033 0x1e1c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:11:28.0073 0x1e1c [ D17DD01601460F5899E5C154B3FD0BFA, B2FCFDE4B6F87634EA1F6D8AEA6D9B3C641D41D999C68B76F95491539B19D422 ] C:\Windows\system32\winsrv.dll
12:11:28.0087 0x1e1c [ D17DD01601460F5899E5C154B3FD0BFA, B2FCFDE4B6F87634EA1F6D8AEA6D9B3C641D41D999C68B76F95491539B19D422 ] C:\Windows\system32\winsrv.dll
12:11:28.0118 0x1e1c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:11:28.0153 0x1e1c [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
12:11:28.0163 0x1e1c [ Global ] - ok
12:11:28.0163 0x1e1c ================ Scan MBR ==================================
12:11:28.0182 0x1e1c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:11:28.0427 0x1e1c \Device\Harddisk0\DR0 - ok
12:11:28.0428 0x1e1c ================ Scan VBR ==================================
12:11:28.0430 0x1e1c [ 6E9508C01C0A5650A5CDE319076DD990 ] \Device\Harddisk0\DR0\Partition1
12:11:28.0446 0x1e1c \Device\Harddisk0\DR0\Partition1 - ok
12:11:28.0449 0x1e1c [ 5ED82C53A7B04E6AFB043A325BF6EC71 ] \Device\Harddisk0\DR0\Partition2
12:11:28.0469 0x1e1c \Device\Harddisk0\DR0\Partition2 - ok
12:11:28.0474 0x1e1c [ 601079925D90977987C6003D7401DF18 ] \Device\Harddisk0\DR0\Partition3
12:11:28.0476 0x1e1c \Device\Harddisk0\DR0\Partition3 - ok
12:11:28.0477 0x1e1c ================ Scan generic autorun ======================
12:11:28.0530 0x1e1c [ D1930CA970D4250D891F432419E3D6C9, C839ED92D5BCC293081E05F2B199848C37A478A361BA6C3255421A297211C915 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
12:11:28.0541 0x1e1c IAAnotif - ok
12:11:28.0542 0x1e1c mwlDaemon - ok
12:11:28.0819 0x1e1c [ 0D7CF635D9888072015EBE3B232DFB99, 25F8BB678DA47D4C7D002964597A04EE651E1492C43C217E3987FBC8DA66FDE6 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
12:11:29.0017 0x1e1c RtHDVCpl - ok
12:11:29.0082 0x1e1c [ 9EC9218D94DB00C67BBB28DC62B8A46B, DF799C4CEBA4E4B6159BBD68A99B8D493A249107E9177F82684BA3E022EAEE81 ] C:\Windows\vVX1000.exe
12:11:29.0106 0x1e1c VX1000 - ok
12:11:29.0211 0x1e1c [ 2078AE5DF5876F58124CDC2B4F972CD3, 59023E6A595950BFA611502AA9AA68C1AD48114DDCBD6BA7FDE4CDC86A7170B1 ] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
12:11:29.0228 0x1e1c Acronis Scheduler2 Service - ok
12:11:29.0230 0x1e1c SpywareTerminatorShield - ok
12:11:29.0316 0x1e1c [ 35BA4E6632BA690EA6421C1E03537D0E, 99D6B4DB12ABE3A7F44AB1B2D626978E85231185AE280D9516986027BC8385CB ] C:\Program Files\Microsoft Security Client\msseces.exe
12:11:29.0369 0x1e1c MSC - ok
12:11:29.0371 0x1e1c SpywareTerminatorUpdater - ok
12:11:29.0430 0x1e1c [ DB4E2D9C09A5762CB2551222B5E443B2, 318AD09D1821E38B7D7ACC0A06965057B494A752C9E34FD1CA41247DC703F985 ] C:\Windows\RaidTool\xInsIDE.exe
12:11:29.0453 0x1e1c JMB36X IDE Setup - detected UnsignedFile.Multi.Generic ( 1 )
12:11:29.0453 0x1e1c JMB36X IDE Setup ( UnsignedFile.Multi.Generic ) - warning
12:11:29.0496 0x1e1c [ D9CB30BF12B3670650C85637EA1AB6EA, AFA4943A853ACE460007D3AFE5D45B4C972BF51777ACF4C0E84684DA6A014131 ] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
12:11:29.0507 0x1e1c BackupManagerTray - ok
12:11:29.0569 0x1e1c [ AD16557CECFB17CF7393D28DC40F6D09, 1D44F79F39E4A9413605DD6F1C63366970475C5E2A3FFF7636A80EFDA0D5E0E8 ] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
12:11:29.0588 0x1e1c Hotkey Utility - ok
12:11:29.0654 0x1e1c [ A42DBD6A193BF3C790C9C9A1EF216770, DE32851B3B56B0CBF3207B8099C5563722DD4C881AD0C59F8A6B7AC74E2FEE54 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
12:11:29.0673 0x1e1c StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
12:11:29.0674 0x1e1c StartCCC ( UnsignedFile.Multi.Generic ) - warning
12:11:29.0762 0x1e1c [ 851383DAEF93961E9868A1474AFFEEBD, 6262E7FF3D356FA4FC9523D941A0D9B09E7450AA466EA6063A0C264F1B99F1AE ] C:\Program Files (x86)\avmwlanstick\wlangui.exe
12:11:29.0885 0x1e1c AVMWlanClient - detected UnsignedFile.Multi.Generic ( 1 )
12:11:29.0885 0x1e1c AVMWlanClient ( UnsignedFile.Multi.Generic ) - warning
12:11:29.0921 0x1e1c [ 0133E5265FDD7063F87856C9BD5156C9, 27C0389B3FA0209C6B4D1A8A75AAD23525DD3B5DB7B0CD7358D1D6417818C8EF ] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
12:11:29.0932 0x1e1c LifeCam - ok
12:11:29.0967 0x1e1c [ 0AEE5668EB59912F32FF245BFA72465F, 653978E365B0E72D34E8B3ED1BFCF0237B70B41396BD70EBBBEDB31AFD77857B ] C:\Program Files (x86)\QuickTime\QTTask.exe
12:11:30.0002 0x1e1c QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
12:11:30.0002 0x1e1c QuickTime Task ( UnsignedFile.Multi.Generic ) - warning
12:11:30.0062 0x1e1c [ 8FDD61D9F50DB1BE962C20D99F355BCF, 831D7A7E0B1D022533FC489BE1DDBD2EFAECEDDB737436C086AFCF24308A4303 ] C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe
12:11:30.0077 0x1e1c LexwareInfoService - ok
12:11:30.0207 0x1e1c [ C433243E73FCF988435CEC1F461C48EE, 65C601B72EC48528F9CFF8F412E5AB75497E018E92754A4669741F34996A954E ] C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
12:11:30.0284 0x1e1c SAOB Monitor - ok
12:11:30.0468 0x1e1c [ A7D3BA9573C2BD5DDCA2A87140915D6A, 2D36D01A10B5F988FB6ED2204FAB3F05B7E31373B7A16B13E3CE5E8EB81420EA ] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
12:11:30.0603 0x1e1c TrueImageMonitor.exe - ok
12:11:30.0710 0x1e1c [ 72860972F8196EBB3C896F53D2B95470, 95C046A66DD0089377867F073CADCE585B7C69CA23E724DCAD9D896BF01E023D ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
12:11:30.0720 0x1e1c hpqSRMon - detected UnsignedFile.Multi.Generic ( 1 )
12:11:30.0720 0x1e1c hpqSRMon ( UnsignedFile.Multi.Generic ) - warning
12:11:30.0720 0x1e1c Force sending object to P2P due to detect: C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
12:11:30.0721 0x1e1c Object send P2P result: false
12:11:30.0764 0x1e1c [ C637FC4638A96165256B28D38DE7B953, CD658543610F151C7860DBDCF36596C9B5417D87E598FA50A435392D4AED1C14 ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
12:11:30.0772 0x1e1c HP Software Update - ok
12:11:30.0847 0x1e1c [ DDEFF7E98629203E66BB4298FABC5983, 59CBE0A49AAA93898831B1D64FFB1D0809736CABB4D19843DB2E99C2650D1AD9 ] C:\Program Files (x86)\PDF24\pdf24.exe
12:11:30.0858 0x1e1c PDFPrint - ok
12:11:31.0036 0x1e1c [ 3B95D79E0342130CCC2704E0DC4CF306, A7D5D9485931FA2F1F9554E11453DF8EDEC54D445644C2184C1F34B5AE9CA01D ] C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
12:11:31.0140 0x1e1c Fitbit Connect - ok
12:11:31.0236 0x1e1c [ E719CFFBEC257DBCB2212A56A298DD33, 46D426C5C94971B7BD6D1EA2754E0BD4B8686DC655E82E579B345F6C617B61D4 ] C:\UPS\WSTD\UPSNA1Msgr.exe
12:11:31.0322 0x1e1c NA1Messenger - ok
12:11:31.0416 0x1e1c [ 3E04F1E482357B1FC8B088197C3D9FF8, 85524ADDC27ADC831EBBD24E079B412CFDC69E5F594BD153319087665A28D546 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
12:11:31.0460 0x1e1c Adobe ARM - ok
12:11:31.0542 0x1e1c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:11:31.0637 0x1e1c Sidebar - ok
12:11:31.0663 0x1e1c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:11:31.0679 0x1e1c mctadmin - ok
12:11:31.0708 0x1e1c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:11:31.0744 0x1e1c Sidebar - ok
12:11:31.0751 0x1e1c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:11:31.0768 0x1e1c mctadmin - ok
12:11:31.0769 0x1e1c Global Registration - ok
12:11:31.0788 0x1e1c msnmsgr - ok
12:11:31.0887 0x1e1c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe
12:11:31.0896 0x1e1c Google Update - ok
12:11:31.0927 0x1e1c [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
12:11:31.0936 0x1e1c swg - ok
12:11:32.0179 0x1e1c [ 845799C9874B68BEAE3B64059653C7E3, 2E0B9DD46569A6449989E2D7C60B88B46352A178019B4BD840C166674E798CFD ] C:\Program Files\CCleaner\CCleaner64.exe
12:11:32.0349 0x1e1c CCleaner Monitoring - ok
12:11:32.0592 0x1e1c [ 3B95D79E0342130CCC2704E0DC4CF306, A7D5D9485931FA2F1F9554E11453DF8EDEC54D445644C2184C1F34B5AE9CA01D ] C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
12:11:32.0786 0x1e1c Fitbit Connect - ok
12:11:32.0825 0x1e1c AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.8.204.0 ), 0x61000 ( enabled : updated )
12:11:32.0867 0x1e1c Win FW state via NFP2: enabled
12:11:32.0873 0x1e1c ============================================================
12:11:32.0873 0x1e1c Scan finished
12:11:32.0873 0x1e1c ============================================================
12:11:32.0885 0x1118 Detected object count: 10
12:11:32.0885 0x1118 Actual detected object count: 10
12:13:17.0599 0x1118 de_serv ( UnsignedFile.Multi.Generic ) - skipped by user
12:13:17.0599 0x1118 de_serv ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:13:17.0601 0x1118 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
12:13:17.0601 0x1118 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:13:17.0602 0x1118 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
12:13:17.0602 0x1118 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:13:17.0603 0x1118 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
12:13:17.0603 0x1118 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:13:17.0604 0x1118 UNS ( UnsignedFile.Multi.Generic ) - skipped by user
12:13:17.0604 0x1118 UNS ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:13:17.0605 0x1118 JMB36X IDE Setup ( UnsignedFile.Multi.Generic ) - skipped by user
12:13:17.0606 0x1118 JMB36X IDE Setup ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:13:17.0607 0x1118 StartCCC ( UnsignedFile.Multi.Generic ) - skipped by user
12:13:17.0607 0x1118 StartCCC ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:13:17.0609 0x1118 AVMWlanClient ( UnsignedFile.Multi.Generic ) - skipped by user
12:13:17.0609 0x1118 AVMWlanClient ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:13:17.0610 0x1118 QuickTime Task ( UnsignedFile.Multi.Generic ) - skipped by user
12:13:17.0610 0x1118 QuickTime Task ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:13:17.0611 0x1118 hpqSRMon ( UnsignedFile.Multi.Generic ) - skipped by user
12:13:17.0611 0x1118 hpqSRMon ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
01.06.2015, 18:02
| #6 |
| /// the machine /// TB-Ausbilder | Maus clickt nicht mehr richtig, Pc extrem langsam hi, Scan mit Combofix
__________________ --> Maus clickt nicht mehr richtig, Pc extrem langsam |
|
01.06.2015, 20:34
| #7 |
| | Maus clickt nicht mehr richtig, Pc extrem langsam Hallo Schrauber, das ist der logfile von combofix : Code:
ATTFilter Combofix Logfile: |
|
02.06.2015, 18:37
| #8 |
| /// the machine /// TB-Ausbilder | Maus clickt nicht mehr richtig, Pc extrem langsam Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.06.2015, 11:48
| #9 |
| | Maus clickt nicht mehr richtig, Pc extrem langsam Hallo Schrauber, anbei die logfiles: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 04.06.2015 Suchlauf-Zeit: 11:42:32 Logdatei: mbam.txt Administrator: Ja Version: 2.01.6.1022 Malware Datenbank: v2015.06.04.03 Rootkit Datenbank: v2015.06.02.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: user Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 454955 Verstrichene Zeit: 14 Min, 54 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente gefunden) Module: 0 (Keine schädliche Elemente gefunden) Registrierungsschlüssel: 0 (Keine schädliche Elemente gefunden) Registrierungswerte: 0 (Keine schädliche Elemente gefunden) Registrierungsdaten: 0 (Keine schädliche Elemente gefunden) Ordner: 0 (Keine schädliche Elemente gefunden) Dateien: 0 (Keine schädliche Elemente gefunden) Physische Sektoren: 0 (Keine schädliche Elemente gefunden) (end) Code:
ATTFilter # AdwCleaner v4.206 - Bericht erstellt 04/06/2015 um 12:14:00
# Aktualisiert 01/06/2015 von Xplode
# Datenbank : 2015-06-01.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : user - USER-PC
# Gestarted von : C:\Users\user\Desktop\AdwCleaner_4.206.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\users\user\AppData\LocalLow\HPAppData
Ordner Gelöscht : C:\users\user\AppData\Roaming\HPAppData
Ordner Gelöscht : C:\users\user\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\users\user\Documents\Updater
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\adawarebp
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17801
-\\ Mozilla Firefox v38.0.5 (x86 de)
-\\ Google Chrome v
*************************
AdwCleaner[R0].txt - [2979 Bytes] - [07/05/2014 10:20:36]
AdwCleaner[R1].txt - [1685 Bytes] - [04/06/2015 12:09:02]
AdwCleaner[R2].txt - [1744 Bytes] - [04/06/2015 12:12:19]
AdwCleaner[S0].txt - [2932 Bytes] - [07/05/2014 10:21:35]
AdwCleaner[S1].txt - [1618 Bytes] - [04/06/2015 12:14:00]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1677 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.8.8 (06.03.2015:1)
OS: Windows 7 Home Premium x64
Ran by user on 04.06.2015 at 12:28:02,37
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2DFF3579-5AA7-45B9-9328-1D38EA230861}
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{06E08260-0695-4EC1-A74B-1310D8899D93}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{2DFF3579-5AA7-45B9-9328-1D38EA230861}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93}
~~~ Files
Successfully deleted: [File] C:\Windows\wininit.ini
Successfully deleted: [File] C:\Windows\prefetch\GOOGLETOOLBARMANAGER_BA9226F4-E3ED928D.pf
Successfully deleted: [File] C:\Windows\prefetch\GOOGLETOOLBARNOTIFIER.EXE-969E73DB.pf
Successfully deleted: [File] C:\Windows\prefetch\GOOGLETOOLBARUSER_32.EXE-66EEE4D2.pf
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\x9gzkdsh.default-1431960027951\minidumps [1 files]
~~~ Chrome
[C:\Users\user\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\user\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\user\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\user\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.06.2015 at 12:30:37,08
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
04.06.2015, 20:46
| #10 |
| /// the machine /// TB-Ausbilder | Maus clickt nicht mehr richtig, Pc extrem langsamESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.06.2015, 08:41
| #11 |
| | Maus clickt nicht mehr richtig, Pc extrem langsam Hallo Schrauber, ich habe gestern den ESet Scanner laufen lassen und habe jetzt das Riesen Problem, dass kein Drucker nicht mehr funktioniert. Es wird der Fehler 1068 angezeigt. Aber alle Freigaben sind erteilt ? Die Screenshots habe ich angehängt. Bitte, bitte schnelle Hilfe !! Hier noch die Scans Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=c4229e31250df740b4e300b62255faa4
# end=init
# utc_time=2015-06-05 05:42:25
# local_time=2015-06-05 07:42:25 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 24191
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=c4229e31250df740b4e300b62255faa4
# end=updated
# utc_time=2015-06-05 05:48:59
# local_time=2015-06-05 07:48:59 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=c4229e31250df740b4e300b62255faa4
# engine=24191
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-06-05 09:02:55
# local_time=2015-06-05 11:02:55 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 1990038 74851491 0 0
# scanned=366176
# found=4
# cleaned=0
# scan_time=11635
sh=EE9A1E7D10F2AD35A7F456CF2709E71813A5B79B ft=1 fh=68a057cd5aebd202 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\DHL\IN\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe"
sh=AE4E95005328FD4A4E90784CB5FAEEFD8F2EE072 ft=1 fh=00b654858b1059dc vn="Variante von Win32/AdWare.iBryte.AR Anwendung" ac=I fn="C:\DHL\IN\Setup.exe"
sh=BD664CB6B5B89F626F7F7168800F58BA8600D702 ft=1 fh=29313588db557bce vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\DHL\IN\SpyBot Search Destroy - CHIP-Installer.exe"
sh=F218CB4810038F0B9E1DAA6A8E73FA258D620A8C ft=1 fh=719afe2b4494447f vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\user\Desktop\Vernüpfungen-Programme\PDFCreator-2_1_1-setup.exe"
Code:
ATTFilter Results of screen317's Security Check version 1.002
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 8 Update 31
Java version 32-bit out of Date!
Adobe Flash Player 17.0.0.169
Adobe Reader XI
Mozilla Firefox (38.0.5)
Google Chrome (43.0.2357.65)
Google Chrome (43.0.2357.81)
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
Acronis TrueImageHome OnlineBackupStandalone TrueImageMonitor.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
|
|
06.06.2015, 15:11
| #12 |
| | Maus clickt nicht mehr richtig, Pc extrem langsam Hallo Schrauber, ich habe den Rechner zurückgesetzt auf den Punkt vor dem Eset Scan. Aber es hat nichts gebracht. Ich glaube ich habe einen Fehler beim Einschalten der Firewall gemacht. Ich habe gestern abend "Standard widerherstellen" gewählt, anstatt einschalten. Vermutlich habe ich die Firewall verändert und die blockiert nun .... Oder das Eset hat die Firewall verändert ? Jetzt kann ich keine Paketscheine drucken und bin völlig ratlos. Was kann ich tun ? Hallo Schrauber, nach einigen Stunden ausprobieren habe ich einen Befehl gefunden der das Problem gelöst hat. (Steht auch schon im Trojaner board). * Start -> Alle Programme -> Zubehör -> Eingabeaufforderung (rechte Maustaste als Administrator ausführen) * “netsh winsock reset” eingeben und “Enter-Taste” drücken die Fehlermeldungen könnt ihr ignorieren * “netsh int ip reset” eingeben und “Enter-Taste” drücken * Computer neu starten Der Rest meines Wochenendes ist nun gerettet. Ich hoffe, dass ich mit meinen Versuchen nichts wichtiges am PC verstellt habe. Mein Rechner ist nach den ganzen Virenscans immer schneller und stabiler geworden. Die Maus-clicks funktionieren auch einwandfrei. Geblieben ist ein Druckerproblem: Nach der Druckaufforderung dauert es manchmal bis zu 4 min, bis der Drucker tatsächlich anspringt. Besonders bei PDF Dateien und Drucken aus dem Firefox. Je mehr gedruckt wurde um so länger dauert es. Manchmal muss ich auch den Rechner neu starten um drucken zu können. |
|
07.06.2015, 09:48
| #13 |
| /// the machine /// TB-Ausbilder | Maus clickt nicht mehr richtig, Pc extrem langsam ESET hat da mit eigentlich nix zu tun, scannt ja nur. Installier mal den Druckertreiber neu. Und ein frisches FRST log bitte
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.06.2015, 14:10
| #14 |
| | Maus clickt nicht mehr richtig, Pc extrem langsam Hi, den Druckertreiber habe ich eben neu installiert. Bin gespannt, ob meine Druckerprobleme damit verschwinden. Nun die neuen Scan's Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-06-2015
Ran by user (administrator) on USER-PC on 08-06-2015 14:57:41
Running from C:\Users\user\Desktop
Loaded Profiles: user (Available Profiles: user & BayOrganizer)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Microsoft Corporation) C:\UPS\WSTD\MSSQL.1\MSSQL\Binn\sqlservr.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
() C:\OEM\USBDECTION\USBS3S4Detection.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\vVX1000.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(United Parcel Service, Inc.) C:\UPS\WSTD\WSTDMessaging.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Lexware GmbH & Co. KG) C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
() C:\UPS\WSTD\UPSNA1Msgr.exe
(Microsoft) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUI.exe
(Deutsche Telekom AG) C:\Users\user\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_17_0_0_188_ActiveX.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-10-28] (Realtek Semiconductor)
HKLM\...\Run: [VX1000] => C:\Windows\vVX1000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [395344 2011-09-22] (Acronis)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-12] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [563744 2010-03-26] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-11-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [1904640 2009-03-20] (AVM Berlin)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe [339240 2008-11-03] (Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [SAOB Monitor] => C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe [2571032 2011-09-22] (Acronis)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5587832 2011-09-22] (Acronis)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4370976 2014-12-12] (Fitbit, Inc.)
HKLM-x32\...\Run: [NA1Messenger] => C:\UPS\WSTD\UPSNA1Msgr.exe [30880 2015-03-04] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-2853840737-433536269-4251561868-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-08-25] (Google Inc.)
HKU\S-1-5-21-2853840737-433536269-4251561868-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-2853840737-433536269-4251561868-1000\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4370976 2014-12-12] (Fitbit, Inc.)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\BROCKH~1.SCR [2572288 2006-05-10] (Brockhaus Duden Neue Medien GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2011-05-12]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Quicken 2010 Zahlungserinnerung.lnk [2011-05-30]
ShortcutTarget: Quicken 2010 Zahlungserinnerung.lnk -> C:\Program Files (x86)\Lexware\Quicken\2010\billmind.exe (Lexware GmbH & Co. KG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UPS WorldShip Messaging Utility.lnk [2015-01-09]
ShortcutTarget: UPS WorldShip Messaging Utility.lnk -> C:\UPS\WSTD\WSTDMessaging.exe (United Parcel Service, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UPS WorldShip PLD Reminder Utility.lnk [2015-01-09]
ShortcutTarget: UPS WorldShip PLD Reminder Utility.lnk -> C:\UPS\WSTD\wstdPldReminder.exe (UPS)
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mediencenter.lnk [2015-05-04]
ShortcutTarget: Mediencenter.lnk -> C:\Users\user\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exe (Deutsche Telekom AG)
ShellIconOverlayIdentifiers: [01Mediencenter_InSync] -> {77BC4082-DB5F-439A-8DC8-F9E24A63B0DE} => C:\Users\user\AppData\Roaming\Telekom\MediencenterSync\DTAG.Mediencenter.IconOverlayHandler.dll [2014-06-12] (Deutsche Telekom AG)
ShellIconOverlayIdentifiers: [02Mediencenter_ToSync] -> {528EE335-5034-4EFC-834E-63E5F02D2BC2} => C:\Users\user\AppData\Roaming\Telekom\MediencenterSync\DTAG.Mediencenter.IconOverlayHandler.dll [2014-06-12] (Deutsche Telekom AG)
ShellIconOverlayIdentifiers: [03Mediencenter_Failed] -> {6066ADF0-9EB0-43E5-ADB6-990F5A3B979C} => C:\Users\user\AppData\Roaming\Telekom\MediencenterSync\DTAG.Mediencenter.IconOverlayHandler.dll [2014-06-12] (Deutsche Telekom AG)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2853840737-433536269-4251561868-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2853840737-433536269-4251561868-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.web.de/
HKU\S-1-5-21-2853840737-433536269-4251561868-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2853840737-433536269-4251561868-1000 -> 02067322810A44908AF3FFDC0A3C8022 URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\S-1-5-21-2853840737-433536269-4251561868-1000 -> {09038620-190C-402B-A92F-18864E6AB22F} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-2853840737-433536269-4251561868-1000 -> {40064957-18EB-412d-9146-3F57E8D92EEC} URL = hxxp://go.web.de/br/ie9_search_pic/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-2853840737-433536269-4251561868-1000 -> {5A817CF6-92D5-4DE5-AC38-82DF8A73EF28} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-2853840737-433536269-4251561868-1000 -> {66311EE7-F7CE-4C0E-BD3D-F7DE74D6FD82} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKU\S-1-5-21-2853840737-433536269-4251561868-1000 -> {6B1D1FB7-7233-4F7C-802C-21A1DDB12754} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2853840737-433536269-4251561868-1000 -> {8D27B32E-89EE-460e-82D2-5FC354078EAD} URL = hxxp://go.web.de/br/ie9_search_produkte/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-2853840737-433536269-4251561868-1000 -> {DCE59F23-A446-45a5-9459-E68FDC0DE38D} URL = hxxp://go.web.de/br/ie9_search_maps/?su={searchTerms}
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-03] (Google Inc.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2010-05-28] (Hewlett-Packard Co.)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-22] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03] (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-22] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2010-05-28] (Hewlett-Packard Co.)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-03] (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03] (Google Inc.)
Toolbar: HKU\S-1-5-21-2853840737-433536269-4251561868-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-03] (Google Inc.)
DPF: HKLM-x32 {888078C6-70B2-4F88-8EE7-1F50DDEA6120} https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\x9gzkdsh.default-1431960027951
FF Homepage: hxxp://web.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 3 -> C:\Program Files (x86)\PDF Architect 3\np-previewer.dll [2015-04-24] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-2853840737-433536269-4251561868-1000: @citrixonline.com/appdetectorplugin -> C:\Users\user\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-04-30] (Citrix Online)
FF Plugin HKU\S-1-5-21-2853840737-433536269-4251561868-1000: @tools.google.com/Google Update;version=3 -> C:\Users\user\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-2853840737-433536269-4251561868-1000: @tools.google.com/Google Update;version=9 -> C:\Users\user\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2010-12-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2010-12-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2010-12-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2010-12-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2010-12-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2010-12-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2010-12-13] (Apple Inc.)
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-06-03]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-06-03]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2015-06-03]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-05-12]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_3_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension
FF Extension: PDF Architect 3 Creator - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension [2015-05-04]
FF HKU\S-1-5-21-2853840737-433536269-4251561868-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bookmark Manager) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-17]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Google Wallet) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-22]
StartMenuInternet: Google Chrome.YD4YYFDLFDT4KRZW7QFUZSTY34 - C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-25] ()
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-13] (Adobe Systems) [File not signed]
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [368640 2009-03-20] (AVM Berlin) [File not signed]
S3 de_serv; C:\Program Files (x86)\Common Files\AVM\de_serv.exe [196666 2004-04-28] (AVM Berlin) [File not signed]
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [5738528 2014-12-12] (Fitbit, Inc.)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R2 MSSQL$UPSWSDBSERVER; C:\UPS\WSTD\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S3 PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2244312 2015-04-24] (pdfforge GmbH)
S3 PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [901336 2015-04-24] (pdfforge GmbH)
R2 PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [740568 2015-04-24] (pdfforge GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-09-30] (Intel Corporation) [File not signed]
R2 USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [76320 2009-12-09] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 aadev; C:\Windows\SysWOW64\DRIVERS\aadev.sys [27648 2004-04-28] (AVM Berlin) [File not signed]
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2009-03-20] (AVM Berlin)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2009-03-20] (AVM GmbH)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-08 14:57 - 2015-06-08 14:58 - 00025747 _____ C:\Users\user\Desktop\FRST.txt
2015-06-08 14:57 - 2015-06-08 14:57 - 02108928 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
2015-06-08 13:40 - 2015-06-08 13:40 - 00006295 _____ C:\Users\user\Desktop\ELSendEx20150608134009809.txt
2015-06-08 09:28 - 2015-06-08 09:28 - 00001147 _____ C:\Windows\DYNAZIP.LOG
2015-06-06 10:18 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-06 10:18 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-06 10:18 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-06 10:18 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-06 10:18 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-06 10:18 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-06 10:18 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-06 10:18 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-05 14:06 - 2015-06-05 14:06 - 00000000 ____D C:\Users\user\Desktop\Amazon Marke
2015-06-04 12:28 - 2015-06-04 12:28 - 00000207 _____ C:\Windows\tweaking.com-regbackup-USER-PC-Windows-7-Home-Premium-(64-bit).dat
2015-06-04 12:28 - 2015-06-04 12:28 - 00000000 ____D C:\RegBackup
2015-06-03 15:02 - 2015-06-03 15:26 - 00001249 _____ C:\Users\user\Desktop\Atosa-Lenz-Rechnung.txt
2015-06-03 08:25 - 2015-06-04 08:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-02 18:16 - 2015-06-06 19:46 - 00000000 ____D C:\Users\user\Desktop\Amazon-Frankreich
2015-06-01 21:01 - 2015-06-01 21:01 - 00022429 _____ C:\ComboFix.txt
2015-06-01 20:51 - 2015-06-01 20:51 - 00000000 ____D C:\Users\user\AppData\Local\GWX
2015-06-01 20:28 - 2015-06-01 21:01 - 00000000 ____D C:\Qoobox
2015-06-01 20:28 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-06-01 20:28 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-06-01 20:28 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-06-01 20:28 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-06-01 20:28 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-06-01 20:28 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-06-01 20:28 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-06-01 20:28 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-06-01 20:27 - 2015-06-01 20:58 - 00000000 ____D C:\Windows\erdnt
2015-06-01 13:07 - 2015-06-08 13:17 - 00000652 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2853840737-433536269-4251561868-1000.job
2015-06-01 13:07 - 2015-06-01 13:07 - 00003674 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-2853840737-433536269-4251561868-1000
2015-06-01 11:21 - 2015-06-01 12:00 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-05-31 13:40 - 2015-06-08 14:53 - 00000000 ____D C:\Users\user\Desktop\Trojaner-board
2015-05-31 12:30 - 2015-06-08 14:57 - 00000000 ____D C:\FRST
2015-05-31 12:27 - 2015-05-31 12:27 - 00000000 _____ C:\Users\user\defogger_reenable
2015-05-30 12:30 - 2015-06-01 20:21 - 00000000 ____D C:\Users\user\Desktop\Amazon Berichte Lagerbestand
2015-05-29 20:33 - 2015-06-08 14:35 - 00001064 _____ C:\Windows\setupact.log
2015-05-29 20:33 - 2015-06-06 14:58 - 00004694 _____ C:\Windows\PFRO.log
2015-05-29 20:33 - 2015-05-29 20:33 - 00000000 _____ C:\Windows\setuperr.log
2015-05-27 10:25 - 2015-05-27 10:25 - 09307260 _____ (Mathias Gerlach [aborange.de] ) C:\Users\user\Downloads\bayorgafull.exe
2015-05-22 15:51 - 2015-05-22 16:12 - 00001081 _____ C:\Users\user\Desktop\Celia-ebay-2.txt
2015-05-19 08:13 - 2015-05-19 08:14 - 00000000 _____ C:\Users\user\Downloads\EasyLog_12388(3).csv
2015-05-19 08:13 - 2015-05-19 08:13 - 00000000 _____ C:\Users\user\Downloads\EasyLog_12388(2).csv
2015-05-13 22:02 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 22:02 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 08:12 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 08:12 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 08:12 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 08:12 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 08:12 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 08:12 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 08:12 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 08:12 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 08:12 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 08:12 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 08:12 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 08:12 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 08:12 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 08:12 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 08:12 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 08:12 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 08:12 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 08:12 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 08:12 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 08:12 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 08:12 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 08:12 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 08:12 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 08:12 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 08:12 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-13 08:12 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-13 08:12 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 08:12 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 08:12 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-13 08:12 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 08:12 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 08:12 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 08:12 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-13 08:12 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-13 08:12 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 08:12 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 08:12 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-13 08:12 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 08:12 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 08:12 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 08:12 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 08:12 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 08:12 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 08:12 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 08:12 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-13 08:12 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 08:12 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 08:12 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 08:12 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 08:12 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 08:12 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-13 08:12 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 08:12 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 08:12 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 08:12 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 08:12 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 08:12 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 08:12 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 08:12 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 08:11 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 08:11 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 08:11 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 08:11 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 08:11 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 08:09 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 08:09 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 08:09 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 08:09 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 08:09 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 08:09 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 08:09 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-13 08:09 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 08:09 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 08:09 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 08:09 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 08:09 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-13 08:09 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 08:09 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-13 08:09 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-13 08:09 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 08:09 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 08:09 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-13 08:09 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 08:09 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 08:09 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-13 08:09 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-13 08:09 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-13 08:09 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-13 08:09 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-13 08:09 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-13 08:09 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-13 08:09 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-13 08:09 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-13 08:09 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-13 08:09 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 08:09 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 08:08 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-13 08:08 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 08:08 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 08:08 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 08:08 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 08:08 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 08:08 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 08:08 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 08:08 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 08:08 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 08:08 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-13 08:08 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-13 08:08 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 08:08 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 08:08 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 08:08 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 08:08 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 08:08 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 08:08 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 08:08 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-13 08:08 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-13 08:08 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-13 08:08 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-13 08:08 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-13 08:08 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-13 08:08 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-13 08:08 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-13 08:08 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-13 08:08 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-13 08:08 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-13 08:08 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-13 08:08 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-13 08:08 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-13 08:08 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-13 08:08 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-13 08:08 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-13 08:08 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-13 08:08 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-13 08:08 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 08:08 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 08:08 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 08:08 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 08:08 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 08:08 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 08:08 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 08:08 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 08:08 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 08:08 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 08:08 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 08:08 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 08:08 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 08:08 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-13 08:08 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 08:08 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 08:08 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 08:08 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 08:08 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 08:08 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-08 14:58 - 2012-10-23 07:48 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-08 14:51 - 2015-04-30 15:54 - 00000556 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2853840737-433536269-4251561868-1000.job
2015-06-08 14:49 - 2012-06-26 09:57 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2853840737-433536269-4251561868-1000UA.job
2015-06-08 14:49 - 2012-06-26 09:57 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2853840737-433536269-4251561868-1000Core.job
2015-06-08 14:47 - 2010-08-19 15:05 - 01140459 _____ C:\Windows\WindowsUpdate.log
2015-06-08 14:43 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-08 14:43 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-08 14:37 - 2015-05-04 12:42 - 00000000 ___RD C:\Users\user\Mediencenter
2015-06-08 14:35 - 2012-08-25 10:29 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-08 14:35 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-08 14:32 - 2014-04-01 18:23 - 00003922 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{9F467484-1852-460B-A75D-75AECE93A3B6}
2015-06-08 14:25 - 2012-08-25 10:29 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-08 13:39 - 2015-04-30 11:56 - 00000177 _____ C:\Users\user\Desktop\UPS_CSV_EXPORT.csv
2015-06-08 10:45 - 2011-05-12 21:39 - 00000000 ____D C:\Users\user\Desktop\ATOSA
2015-06-07 20:52 - 2014-12-25 20:55 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-07 10:09 - 2014-12-11 08:59 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-07 10:09 - 2014-05-06 23:25 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-06 15:16 - 2010-08-20 00:52 - 00751608 _____ C:\Windows\system32\perfh007.dat
2015-06-06 15:16 - 2010-08-20 00:52 - 00170560 _____ C:\Windows\system32\perfc007.dat
2015-06-06 15:16 - 2009-07-14 07:13 - 01768672 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-06 10:05 - 2015-04-04 22:49 - 00000000 ___SD C:\Windows\system32\GWX
2015-06-06 10:05 - 2014-12-25 20:55 - 00000000 ____D C:\ProgramData\FitbitConnect
2015-06-06 10:05 - 2011-10-19 18:13 - 00000000 ____D C:\Users\BayOrganizer
2015-06-06 10:05 - 2009-07-14 09:44 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-06-06 10:05 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2015-06-05 19:41 - 2012-09-27 14:58 - 00000000 ____D C:\Users\user\Desktop\Easylog-Abschluss
2015-06-05 19:17 - 2010-10-04 10:57 - 00000000 ____D C:\Users\user\AppData\Roaming\BayOrganizer
2015-06-05 15:31 - 2011-06-02 21:34 - 00000000 ___DC C:\Program Files (x86)\LabelDesignSoftware
2015-06-05 09:52 - 2011-05-12 21:47 - 00000000 ____D C:\Users\user\Documents\11-Birgit
2015-06-04 22:44 - 2015-01-09 20:15 - 00000000 ____D C:\Users\user\Desktop\FBA-Rechnungen
2015-06-04 12:24 - 2012-11-10 22:37 - 00000000 ____D C:\Users\user\Desktop\Schmutzig-Defekt
2015-06-04 12:14 - 2014-05-07 10:20 - 00000000 ____D C:\AdwCleaner
2015-06-04 08:56 - 2012-05-06 12:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-02 15:07 - 2011-05-12 21:39 - 00000000 ____D C:\Users\user\Desktop\Amazon
2015-06-02 15:05 - 2013-01-19 20:03 - 00000000 ____D C:\Users\user\Desktop\Amazon-Einkauf
2015-06-02 10:32 - 2014-05-26 15:40 - 00000000 ____D C:\Users\user\Desktop\Widerruf-2014
2015-06-02 08:37 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-06-01 21:42 - 2011-01-29 18:07 - 01742016 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-06-01 21:01 - 2010-11-12 22:46 - 00000000 ____D C:\Users\valeria 2009
2015-06-01 21:01 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-06-01 20:51 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-06-01 20:44 - 2009-07-14 04:34 - 98566144 _____ C:\Windows\system32\config\SOFTWARE.bak
2015-06-01 20:44 - 2009-07-14 04:34 - 60293120 _____ C:\Windows\system32\config\COMPONENTS.bak
2015-06-01 20:44 - 2009-07-14 04:34 - 21233664 _____ C:\Windows\system32\config\SYSTEM.bak
2015-06-01 20:44 - 2009-07-14 04:34 - 00524288 _____ C:\Windows\system32\config\DEFAULT.bak
2015-06-01 20:44 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2015-06-01 20:44 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2015-06-01 14:29 - 2011-05-12 21:43 - 00000000 ____D C:\Users\user\Documents\ebaykidzshop24
2015-06-01 13:07 - 2015-04-30 15:54 - 00003578 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-2853840737-433536269-4251561868-1000
2015-06-01 11:17 - 2012-05-19 11:22 - 00000000 ____D C:\HVB eFIN 4
2015-06-01 11:12 - 2010-08-19 17:45 - 00002604 _____ C:\Windows\ODBC.INI
2015-05-29 20:33 - 2012-12-09 22:49 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-05-29 19:49 - 2012-07-23 17:18 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-05-29 19:17 - 2015-05-04 15:36 - 00000000 ____D C:\Program Files\PDFCreator
2015-05-29 18:09 - 2011-05-12 21:39 - 00000000 ____D C:\Users\user\Documents\V60
2015-05-27 10:29 - 2010-10-04 10:57 - 00001117 _____ C:\Users\Public\Desktop\BayOrganizer.lnk
2015-05-27 10:29 - 2010-10-04 10:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BayOrganizer
2015-05-27 10:29 - 2010-10-04 10:57 - 00000000 ____D C:\Program Files (x86)\BayOrganizer
2015-05-26 10:49 - 2014-08-28 17:46 - 00000000 ____D C:\Users\user\Desktop\Ebay
2015-05-25 18:50 - 2013-08-09 22:00 - 00002354 _____ C:\Users\user\Desktop\Google Chrome.lnk
2015-05-23 22:32 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-05-23 12:18 - 2014-11-13 12:20 - 00000000 ____D C:\Users\user\Desktop\China2015
2015-05-23 11:06 - 2012-04-16 10:44 - 00000000 ____D C:\Users\user\Desktop\plenty
2015-05-20 22:44 - 2015-04-04 22:49 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-20 15:03 - 2015-04-23 11:00 - 00024064 _____ C:\Users\user\Desktop\JO-SA.xls
2015-05-19 08:01 - 2014-06-29 14:42 - 00000000 ____D C:\Users\user\AppData\Local\Adobe
2015-05-19 08:01 - 2012-10-23 07:48 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-19 08:01 - 2012-04-10 07:41 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-19 08:01 - 2011-05-18 07:54 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-18 17:02 - 2011-11-02 16:15 - 00000000 ____D C:\Users\user\Desktop\Tim-Yanik
2015-05-18 14:44 - 2012-06-26 09:57 - 00004084 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2853840737-433536269-4251561868-1000UA
2015-05-18 14:44 - 2012-06-26 09:57 - 00003688 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2853840737-433536269-4251561868-1000Core
2015-05-16 08:20 - 2012-08-25 10:29 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-16 08:20 - 2012-08-25 10:29 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-15 12:25 - 2013-05-14 20:35 - 00000000 ____D C:\Users\user\Desktop\Unger
2015-05-14 17:24 - 2014-10-13 07:53 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-14 08:02 - 2009-07-14 06:45 - 00450800 _____ C:\Windows\system32\FNTCACHE.DAT
2015-05-14 07:58 - 2009-07-14 09:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-14 07:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-05-14 07:57 - 2012-05-11 09:19 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-14 07:57 - 2012-05-11 09:19 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-13 22:15 - 2013-06-18 19:04 - 00002121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-05-13 22:15 - 2013-06-18 19:04 - 00000000 ____D C:\Program Files\Microsoft Security Client
2015-05-13 22:15 - 2013-06-18 19:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2015-05-13 22:15 - 2011-01-29 18:07 - 00001912 _____ C:\Windows\epplauncher.mif
2015-05-13 22:14 - 2013-08-15 22:11 - 00000000 ____D C:\Windows\system32\MRT
2015-05-13 22:05 - 2010-08-19 17:24 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 22:02 - 2012-05-11 09:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-12 17:32 - 2014-12-01 13:00 - 00000000 ____D C:\Users\user\Desktop\Ski-2015
2015-05-12 17:29 - 2014-01-30 17:08 - 00000000 ____D C:\Users\user\Documents\B25
2015-05-12 14:00 - 2014-05-17 17:41 - 00000000 ____D C:\Users\user\Desktop\Instructions China
2015-05-11 14:06 - 2015-04-14 16:08 - 00000000 ____D C:\Users\user\Desktop\B25-DG
==================== Files in the root of some directories =======
2010-08-19 16:15 - 2010-08-19 16:16 - 0010458 _____ () C:\Users\user\AppData\Local\MyWinLockerInstaller.txt-20100819.log
2015-03-21 14:20 - 2015-03-21 14:20 - 0000000 _____ () C:\Users\user\AppData\Local\{E0F3BA48-13C5-4E84-B44D-B312FCC64067}
2010-08-19 15:19 - 2010-08-19 15:22 - 0009362 _____ () C:\ProgramData\ArcadeDeluxe3.log
2010-03-23 17:03 - 2010-01-27 16:40 - 0131472 _____ () C:\ProgramData\FullRemove.exe
2010-12-16 21:41 - 2011-11-28 20:24 - 0023990 _____ () C:\ProgramData\hpzinstall.log
2013-01-02 17:00 - 2013-12-02 12:08 - 0001280 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2010-08-19 16:02 - 2010-08-19 16:02 - 0000091 _____ () C:\ProgramData\PS.log
Some files in TEMP:
====================
C:\Users\user\AppData\Local\Temp\Quarantine.exe
C:\Users\user\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-03 17:44
==================== End of log ============================
|
|
08.06.2015, 14:11
| #15 |
| | Maus clickt nicht mehr richtig, Pc extrem langsam nun noch die Addition:FRST Additions Logfile: [CODE]Additional FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x64) Version:07-06-2015
Ran by user at 2015-06-08 14:58:36
Running from C:\Users\user\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2853840737-433536269-4251561868-500 - Administrator - Disabled)
BayOrganizer (S-1-5-21-2853840737-433536269-4251561868-1002 - Administrator - Enabled) => C:\Users\BayOrganizer
Gast (S-1-5-21-2853840737-433536269-4251561868-501 - Limited - Disabled)
user (S-1-5-21-2853840737-433536269-4251561868-1000 - Administrator - Enabled) => C:\Users\user
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4500_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.21 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0921-000001000000}) (Version: 9.21.00.0 - Igor Pavlov)
AAVUpdateManager (HKLM-x32\...\{DF6FE172-006A-4324-AF7F-ACFE4BA290FE}) (Version: 12.00.0000 - Akademische Arbeitsgemeinschaft)
Acer Backup Manager (HKLM-x32\...\InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}) (Version: 2.0.2.19 - NewTech Infosystems)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.02.0722 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Acronis*True*Image*Home 2011 (HKLM-x32\...\{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}) (Version: 14.0.6942 - Acronis)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2540 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Illustrator CS2 (HKLM-x32\...\Adobe Illustrator CS2) (Version: 12.000.000 - Adobe Systems Inc.)
Adobe Photoshop 6.0 (HKLM-x32\...\Adobe Photoshop 6.0) (Version: 6.0 - Adobe Systems, Inc.)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version: 3.0 - Adobe Systems, Inc.)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
AlignmentUtility (x32 Version: 18.00.0000 - UPS) Hidden
Apple Application Support (HKLM-x32\...\{EE6097DD-05F4-4178-9719-D3170BF098E8}) (Version: 1.4.1 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
ATI AVIVO64 Codecs (Version: 10.12.0.41124 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{515C930B-1FE1-70AF-7249-6521733F9671}) (Version: 3.0.754.0 - ATI Technologies, Inc.)
AVM FRITZ!DSL (HKLM-x32\...\FRITZ!DSL) (Version: - )
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: - AVM Berlin)
Backup Manager Advance (x32 Version: 2.0.2.19 - NewTech Infosystems) Hidden
BayOrganizer - Deinstallation (HKLM-x32\...\BayOrganizer_is1) (Version: 10.60 - Mathias Gerlach [aborange.de])
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden
BPDSoftware (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
BufferChm (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
CCC (x32 Version: 18.00.0000 - United Parcel Service, Inc.) Hidden
ccc-core-static (x32 Version: 2009.1124.2131.38610 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Chinese Simplified Fonts Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-2447-0000-A00000000003}) (Version: 10.0.0 - Adobe Systems Incorporated)
Citrix Online Launcher (HKLM-x32\...\{6740FE60-43C1-4D15-8C4A-001624134B14}) (Version: 1.0.312 - Citrix)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Connect Label Design software (HKLM-x32\...\Connect Label Design software) (Version: - )
DDBAC (HKLM-x32\...\{450008C6-3722-4214-AB4F-9E45B57CB422}) (Version: 4.3.71 - DataDesign)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
DocMgr (x32 Version: 140.0.65.000 - Ihr Firmenname) Hidden
DocProc (x32 Version: 140.0.100.000 - Hewlett-Packard) Hidden
EASYLOG V6.6 (HKLM-x32\...\EASYLOG V6.6) (Version: 6.6 - Deutsche Post AG)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 14.0.0.10960 - Landesfinanzdirektion Thüringen)
Fax (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
FileZilla Client 3.5.3 (HKLM-x32\...\FileZilla Client) (Version: 3.5.3 - FileZilla Project)
Fitbit Connect (HKLM-x32\...\{08002BE6-6476-4012-8D4B-CF0AE7C71F29}) (Version: 2.0.0.6518 - Fitbit Inc.)
FormsComponent (x32 Version: 18.00.0000 - UPS) Hidden
FOSS (x32 Version: 18.00.0000 - UPS) Hidden
Google Chrome (HKU\S-1-5-21-2853840737-433536269-4251561868-1000\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
GoToMeeting 7.2.0.2759 (HKU\S-1-5-21-2853840737-433536269-4251561868-1000\...\GoToMeeting) (Version: 7.2.0.2759 - CitrixOnline)
GPBaseService2 (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3003 - Acer Incorporated)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet J4500 Series (HKLM\...\{E11448F2-0B44-4239-B04E-D88FE743E929}) (Version: 13.0 - HP)
HP OfficeJet J4600 All-In-One Series (HKLM\...\{4945F319-A24D-454C-A411-F3689987315D}) (Version: 14.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HVB eFIN 4 (HKLM-x32\...\HVB eFIN 4) (Version: - )
ICCHelp (HKLM-x32\...\{A5763105-D1D5-4862-A3FE-EC058F9AA73E}) (Version: 18.00.0000 - UPS)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3002 - Acer Incorporated)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
J4500 (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Lexware Elster (HKLM-x32\...\{DEBC6EBF-FF7A-4E30-9C49-DCFB53B446F0}) (Version: 8.10.00.0017 - Lexware GmbH & Co. KG)
Lexware Info Service (HKLM-x32\...\{59624372-3B85-47f4-9B04-4911E551DF1E}) (Version: 2.61.00.0033 - Lexware GmbH & Co. KG)
Lexware online banking (HKLM-x32\...\{6C35CAC7-27C9-4CB0-BBB8-CBF9994215DA}) (Version: 8.00.00.0067 - Lexware GmbH & Co. KG)
LogSelect HBH Service GmbH Version 2 (HKLM-x32\...\{88B8FE5D-2F5C-4562-BFAD-C957D453BC9B}_is1) (Version: 2 - HBH Service GmbH)
MarketResearch (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
Mediencenter 3.9.1055.64 (HKU\S-1-5-21-2853840737-433536269-4251561868-1000\...\Mediencenter) (Version: 3.9.1055.64 - Deutsche Telekom AG)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Small Business Edition 2003 (HKLM-x32\...\{91CA0407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla)
MSIChecker (x32 Version: 18.00.0000 - UPS) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NA1Messenger (x32 Version: 18.00.0000 - Your Company Name) Hidden
Nero 9 Essentials (HKLM-x32\...\{f174fe50-f02d-4952-a49d-bae9bf7d488a}) (Version: - Nero AG)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
NRF (x32 Version: 18.00.0000 - UPS) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
PDF Architect 3 (HKLM-x32\...\PDF Architect 3) (Version: 3.0.45.22485 - pdfforge GmbH)
PDF Architect 3 Create Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 Edit Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 View Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF24 Creator 6.3.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.1 - pdfforge)
plentyConnect (HKLM-x32\...\de.plentyConnect) (Version: 3.52 - plentySystems GmbH)
plentyConnect (x32 Version: 3.52 - plentySystems GmbH) Hidden
plentyMarketsShipping 2 (HKLM-x32\...\eu.plentyMarketsShipping) (Version: 2.52 - plentySystems GmbH)
plentyMarketsShipping 2 (x32 Version: 2.52 - plentySystems GmbH) Hidden
plentyStat (HKLM-x32\...\de.plentyStat) (Version: 2.02 - plentySystems GmbH)
plentyStat (x32 Version: 2.02 - plentySystems GmbH) Hidden
PolicyManager (x32 Version: 18.00.0000 - UPS) Hidden
ProductContext (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
Quicken 2010 - Servicepack 5 (HKLM-x32\...\{4C9E7EA5-9A3F-4C54-9038-EBB4CF25C29D}) (Version: 17.05.0000 - Lexware GmbH & Co KG)
Quicken 2010 (x32 Version: 17.00.00.0081 - Lexware GmbH & Co. KG) Hidden
Quicken HOME & BUSINESS 2010 (HKLM-x32\...\InstallShield_{4F8AFA74-1562-4980-8B87-8C07E8DE8FAF}) (Version: 17.00.00.0081 - Lexware GmbH & Co. KG)
Quicken Import Export Server 2010 (HKLM-x32\...\{7DA9F24A-CEC3-426E-BFFA-ADB94D922463}) (Version: 17.00.00.0048 - Lexware GmbH & Co. KG)
QuickTime (HKLM-x32\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5969 - Realtek Semiconductor Corp.)
Reconciler (x32 Version: 18.00.0000 - UPS) Hidden
ReportServer (x32 Version: 18.00.0000 - Your Company Name) Hidden
Scan (x32 Version: 140.0.167.000 - Hewlett-Packard) Hidden
Servicepack Datumsaktualisierung (x32 Version: 1.00.00.0005 - Haufe-Lexware) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SmartWebPrinting (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden
SupportUtility (x32 Version: 18.00.0000 - UPS) Hidden
sv.net (HKLM-x32\...\sv.net) (Version: 15.0 - ITSG GmbH)
System (x32 Version: 18.00.0000 - UPS) Hidden
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Turbo Lister 2 (HKLM-x32\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
UltraVnc (HKLM\...\Ultravnc2_is1) (Version: 1.0.9.6.1 - uvnc bvba)
UnifiedPrinting (x32 Version: 18.00.0000 - UPS) Hidden
UPS WorldShip (HKLM-x32\...\UPS WorldShip) (Version: 18.0 - UPS)
UPSDB (x32 Version: 18.00.0000 - UPS) Hidden
UPSICC (x32 Version: 18.00.0000 - UPS) Hidden
UPSlinkHTTP (x32 Version: 18.00.0000 - UPS) Hidden
UPSVC2008MM (x32 Version: 1.00.0000 - UPS) Hidden
UPSVCMM (x32 Version: 12.00.0000 - UPS) Hidden
WEB.DE Desktop Icons (HKLM-x32\...\1&1 Mail & Media GmbH 1und1DesktopIconsInstaller) (Version: 3.0.3.0 - 1&1 Mail & Media GmbH)
WEB.DE Softwareaktualisierung (HKLM-x32\...\1&1 Mail & Media GmbH 1und1Softwareaktualisierung) (Version: 3.0.0.55 - 1&1 Mail & Media GmbH)
WebEx (HKU\S-1-5-21-2853840737-433536269-4251561868-1000\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
WebHelp (HKLM-x32\...\{8C5BD501-AD5D-4A75-9321-076509B438FC}) (Version: 18.00.0000 - UPS)
WebReg (x32 Version: 140.0.213.017 - Hewlett-Packard) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3008 - Acer Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WorldShip (x32 Version: 18.00.0000 - UPS) Hidden
WSShared (x32 Version: 18.00.0000 - UPS) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2853840737-433536269-4251561868-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
CustomCLSID: HKU\S-1-5-21-2853840737-433536269-4251561868-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2853840737-433536269-4251561868-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2853840737-433536269-4251561868-1000_Classes\CLSID\{268502F4-815D-4358-A8D6-B783FDB58EF0}\InprocServer32 -> C:\Users\user\AppData\Roaming\Telekom\MediencenterSync\DTAG.Mediencenter.ContextMenuHandler.dll (Deutsche Telekom AG)
CustomCLSID: HKU\S-1-5-21-2853840737-433536269-4251561868-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2853840737-433536269-4251561868-1000_Classes\CLSID\{3A999A50-AB25-4A20-90A9-08F71FCE320F}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\x64\3\hpcdmc64.dll (HP)
CustomCLSID: HKU\S-1-5-21-2853840737-433536269-4251561868-1000_Classes\CLSID\{528EE335-5034-4EFC-834E-63E5F02D2BC2}\InprocServer32 -> C:\Users\user\AppData\Roaming\Telekom\MediencenterSync\DTAG.Mediencenter.IconOverlayHandler.dll (Deutsche Telekom AG)
CustomCLSID: HKU\S-1-5-21-2853840737-433536269-4251561868-1000_Classes\CLSID\{6066ADF0-9EB0-43E5-ADB6-990F5A3B979C}\InprocServer32 -> C:\Users\user\AppData\Roaming\Telekom\MediencenterSync\DTAG.Mediencenter.IconOverlayHandler.dll (Deutsche Telekom AG)
CustomCLSID: HKU\S-1-5-21-2853840737-433536269-4251561868-1000_Classes\CLSID\{77BC4082-DB5F-439A-8DC8-F9E24A63B0DE}\InprocServer32 -> C:\Users\user\AppData\Roaming\Telekom\MediencenterSync\DTAG.Mediencenter.IconOverlayHandler.dll (Deutsche Telekom AG)
CustomCLSID: HKU\S-1-5-21-2853840737-433536269-4251561868-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\user\AppData\Local\Citrix\GoToMeeting\2331\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-2853840737-433536269-4251561868-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2853840737-433536269-4251561868-1000_Classes\CLSID\{98087D89-B93F-4BCF-A998-AE4D9F607C14}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\x64\3\hpcdmc64.dll (HP)
CustomCLSID: HKU\S-1-5-21-2853840737-433536269-4251561868-1000_Classes\CLSID\{B286F068-5B17-4AE8-989B-8F9A199C47BA}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\x64\3\hpcdmc64.dll (HP)
CustomCLSID: HKU\S-1-5-21-2853840737-433536269-4251561868-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2853840737-433536269-4251561868-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2853840737-433536269-4251561868-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2853840737-433536269-4251561868-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
==================== Restore Points =========================
01-06-2015 20:31:40 PunktCombofix
01-06-2015 21:39:43 Windows Update
05-06-2015 20:24:53 Windows Update
05-06-2015 23:18:29 Windows Update
06-06-2015 10:02:24 Wiederherstellungsvorgang
06-06-2015 10:22:11 Windows Update
06-06-2015 22:00:18 Windows Update
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2015-06-01 20:51 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0449F429-B3E5-43AC-A4AF-CA6624CA6F6E} - System32\Tasks\G2MUploadTask-S-1-5-21-2853840737-433536269-4251561868-1000 => C:\Users\user\AppData\Local\Citrix\GoToMeeting\2759\g2mupload.exe [2015-06-01] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {0CBD6B5D-EA32-4CC3-835F-65671CFCD9F4} - System32\Tasks\{2DA1F3AB-4D61-4230-8FAD-22BCD0811E76} => pcalua.exe -a "C:\Users\user\Downloads\Setup (7).exe" -d C:\Users\user\Desktop
Task: {1326772C-BAB7-4B89-9DA3-6E301BA107F5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {1D93812D-E4A5-4A45-A88B-A1E1796FB49D} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2012-03-09] (Microsoft Corporation)
Task: {1F374A73-7163-409F-A781-2106C9A65EC3} - System32\Tasks\{5653E523-55B9-4551-82DB-E1894B0CEEBB} => pcalua.exe -a C:\Users\user\Desktop\fritzdsl2.04.03_german.exe -d C:\Users\user\Desktop
Task: {21CF3C6C-F0AD-45F9-A0B4-475CB58687CF} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {289C1A53-4C59-4AE7-8980-E8E113398A6C} - System32\Tasks\{0277641C-7A99-4742-9571-11EE32BB3512} => pcalua.exe -a "C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5UF4PLF5\Setup.exe" -d C:\Users\user\Desktop
Task: {3067937B-7E7A-4471-8DEA-997E662DF396} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-19] (Adobe Systems Incorporated)
Task: {35AB2545-F464-457A-8C95-A768C6CB513A} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {41E966C3-05E4-4705-8C92-2F3546FF4000} - System32\Tasks\{B1E68D5F-A236-4515-A95F-BDCC256A4F75} => pcalua.exe -a C:\Users\user\Desktop\Setup-SV-Net.exe -d C:\Users\user\Desktop
Task: {5F054400-462D-43F5-8F9A-50B173FB8071} - System32\Tasks\{BB1785B3-DAD3-4C43-A1CD-F2F494044531} => pcalua.exe -a E:\setup.exe -d E:\ -c -fbox98
Task: {6115E597-A060-4288-ACAB-E19C4A319237} - System32\Tasks\{C962AD25-0860-406D-8FDC-F42F4A60F486} => pcalua.exe -a C:\Users\user\Desktop\Armin\PSE_5.0_WIN_ESD1_DE.exe -d C:\Users\user\Desktop
Task: {6EDBD316-83C0-4C5F-B7E1-1BAB0693664D} - System32\Tasks\Registration 1und1 Task => C:\Program Files (x86)\1und1Softwareaktualisierung\cdsupdclient.exe [2013-06-18] (1&1 Mail & Media GmbH)
Task: {6FDF14B4-8D80-449D-B26D-43D338B7288C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2853840737-433536269-4251561868-1000Core => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-26] (Google Inc.)
Task: {765B4BB4-D2ED-48EC-81D2-F1E2AFC38C34} - System32\Tasks\{85BEB17F-D2F8-44B4-870B-4F212174E587} => pcalua.exe -a E:\setup.exe -d E:\
Task: {880D3C86-2E19-4C58-8DD0-E8DDDBBAE95E} - System32\Tasks\G2MUpdateTask-S-1-5-21-2853840737-433536269-4251561868-1000 => C:\Users\user\AppData\Local\Citrix\GoToMeeting\2759\g2mupdate.exe [2015-06-01] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {88DD0A59-5ECC-45E6-A301-C18E889D3BD3} - System32\Tasks\{5925DBA4-F274-4423-A760-953B4ECF7F72} => pcalua.exe -a C:\Users\user\Desktop\Setup.exe -d C:\Users\user\Desktop
Task: {8B9490A1-4326-4170-A38E-A058CDF95781} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2853840737-433536269-4251561868-1000UA => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-26] (Google Inc.)
Task: {8FAF0C2F-2778-4A42-AAE5-EAECCD819985} - System32\Tasks\{34CC3EAC-BA33-4B8B-ABBB-D2AE0D68844E} => pcalua.exe -a C:\Users\user\Desktop\ddbac.exe -d C:\Users\user\Desktop
Task: {A144AC19-9CDF-4AB7-8C15-F97800C86FBC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {A7D7756E-B2F8-4D98-87B3-82BABE26B433} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {AE2855D9-FC53-4B97-95C4-65617D65A6A6} - System32\Tasks\{C920FA47-2AA3-4B13-A14D-19E61C15F221} => pcalua.exe -a C:\Users\user\Downloads\Setup.exe -d C:\Users\user\Desktop
Task: {C0F739BD-B03B-426A-93AE-72B1D8621C93} - System32\Tasks\{BC32C8DC-14C1-4FF5-8793-DD41DEE862A4} => pcalua.exe -a "C:\Users\user\Downloads\Setup (6).exe" -d C:\Users\user\Desktop
Task: {CEAF6452-5A3D-467C-BE07-68506510F35C} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {D8439AE3-F080-4A38-A4D3-9F24B73E6FD3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {DB5C3DF7-3473-4F93-A19C-CA223841881C} - System32\Tasks\{F8F7F2F7-1493-4D3E-BC84-4DD91A5B710B} => pcalua.exe -a "C:\Users\user\Downloads\Setup (1).exe" -d C:\Users\user\Desktop
Task: {E26501AC-5857-42DD-B32D-EC563357BF72} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {E29D3277-CA31-4814-B8C4-C9B93A81C4B3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2008-07-30] (Apple Inc.)
Task: {F9A97106-7AFB-43D1-BD68-90B76A8B5D63} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {FD99A553-9C55-49A0-A964-085C15AE30ED} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2853840737-433536269-4251561868-1000.job => C:\Users\user\AppData\Local\Citrix\GoToMeeting\2759\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2853840737-433536269-4251561868-1000.job => C:\Users\user\AppData\Local\Citrix\GoToMeeting\2759\g2mupload.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2853840737-433536269-4251561868-1000Core.job => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2853840737-433536269-4251561868-1000UA.job => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2008-10-25 01:35 - 2008-10-25 01:35 - 00128296 _____ () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2009-12-14 04:19 - 2009-12-09 11:24 - 00076320 _____ () C:\OEM\USBDECTION\USBS3S4Detection.exe
2015-02-19 23:40 - 2015-02-19 23:40 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2010-03-26 04:29 - 2010-03-26 04:29 - 00563744 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
2014-12-02 20:29 - 2015-03-04 22:19 - 00030880 _____ () C:\UPS\WSTD\UPSNA1Msgr.exe
2009-08-14 10:55 - 2009-08-14 10:55 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-08-19 15:09 - 2010-08-19 15:09 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2009-02-03 02:33 - 2009-02-03 02:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2008-09-29 02:55 - 2008-09-29 02:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2010-03-26 04:29 - 2010-03-26 04:29 - 00154144 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll
2011-09-22 23:20 - 2011-09-22 23:20 - 11233136 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\Common\ti_managers.dll
2014-11-19 23:02 - 2014-11-19 23:02 - 40622592 ____R () C:\Program Files (x86)\Fitbit Connect\libcef.dll
2014-12-02 18:45 - 2015-03-04 21:01 - 00045056 _____ () C:\UPS\WSTD\PolicyMgr\UPS.Components.NA1MessengerServer.dll
2015-03-04 20:39 - 2015-03-04 20:39 - 00018432 _____ () C:\UPS\WSTD\UPSResourceManager.dll
2015-03-04 20:55 - 2015-03-04 20:55 - 00053248 _____ () C:\UPS\WSTD\PolicyMgr\UPS.Components.PolicyHolder.dll
2015-03-04 20:55 - 2015-03-04 20:55 - 00024576 _____ () C:\UPS\WSTD\PolicyMgr\Microsoft.ApplicationBlocks.Data.dll
2015-04-15 14:59 - 2015-04-15 14:59 - 16863920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\user\Documents\Smiffys Email Invoice_ SO-0000015209.eml:OECustomProperty
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2853840737-433536269-4251561868-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{D0577A44-4992-477B-A54E-96B4CE110923}] => (Allow) C:\Program Files\UltraVNC\vncviewer.exe
FirewallRules: [{E3FB99B6-FD9D-4BC9-B055-C00EB3892F2F}] => (Allow) C:\Program Files\UltraVNC\vncviewer.exe
FirewallRules: [{C7DBEB76-D896-485F-A3B7-E860D557A013}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{69F02DC8-AAFB-4183-BD45-23994807203A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{3F5AD536-07D9-45C1-8C5B-8D5AD777AF33}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{DC56F688-DD23-4C45-A367-A76D303225FE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{D43C01CC-FD79-4AEA-A037-7619BDCE78D6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{5190E005-247B-442F-9902-3F16FACCD971}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{4E869188-08F1-4583-A67B-7362B9AD2327}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{1A432516-3B2A-474E-9267-9404AB2574E8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{64069114-4AA7-4782-A2CC-4D677520BBA0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{A8D345BF-5BE7-4D67-8D6E-4697EF9A9331}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{0F6E618C-05E5-49B7-AE9C-6791B6CBF90C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{41182C44-5291-4FE0-8342-E8ACE7AAB4BA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{A117A5E2-3CEF-485A-BA0F-EF4091EDADE0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{D460BA6F-FB67-4475-AFDA-BB1F116BEB6B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{47D91F5E-E58F-499E-99A1-A233C59B03CF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{A0A2F93C-6430-40C6-B82C-4D9E06E33233}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{21BF8187-1796-452D-A12D-614E727BA781}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{5C1DEEA9-B558-4868-8058-EEEB10EAC98E}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{AA200AA4-105B-45AF-A1DD-338E814569C0}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{5951F920-8AB9-41A5-BBBB-538834D3EA86}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{4829B4D3-A594-4153-B7E8-DE9A150E5DB4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{3DDD2A0E-7EA3-4916-9679-B73758AE760D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [TCP Query User{38920882-88FD-4AD5-A87C-C7AF34379AEC}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => (Allow) C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [UDP Query User{974B69A5-FEAC-4A59-AD6B-4D7F537D7559}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => (Allow) C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [TCP Query User{CE68E9CB-B39A-4503-974B-E5917014AE16}C:\dhl\easylog v6.3\sqlany9\dbeng9.exe] => (Allow) C:\dhl\easylog v6.3\sqlany9\dbeng9.exe
FirewallRules: [UDP Query User{97F15594-0986-406C-AE23-08881C50CF97}C:\dhl\easylog v6.3\sqlany9\dbeng9.exe] => (Allow) C:\dhl\easylog v6.3\sqlany9\dbeng9.exe
FirewallRules: [TCP Query User{AF81CD14-D688-405D-A291-AE979DE3497C}C:\dhl\easylog v6.6\sqlany9\dbeng9.exe] => (Allow) C:\dhl\easylog v6.6\sqlany9\dbeng9.exe
FirewallRules: [UDP Query User{ADBC1047-E318-415F-910C-459706D982B7}C:\dhl\easylog v6.6\sqlany9\dbeng9.exe] => (Allow) C:\dhl\easylog v6.6\sqlany9\dbeng9.exe
FirewallRules: [TCP Query User{F507D590-3E1A-49C6-BDA5-ED807A4F06BA}C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{483F215A-5DA1-4E77-9C3F-E31220959BD3}C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{C0314084-6B46-41D9-8BD7-A09C278C90FC}C:\dhl\easylog v6.6\sqlany9\dbeng9.exe] => (Block) C:\dhl\easylog v6.6\sqlany9\dbeng9.exe
FirewallRules: [UDP Query User{CC6AC1B0-BB1B-46D9-B27F-0A8825DE992D}C:\dhl\easylog v6.6\sqlany9\dbeng9.exe] => (Block) C:\dhl\easylog v6.6\sqlany9\dbeng9.exe
FirewallRules: [{AD792CB3-C01C-4853-B38F-7E79D739FE5B}] => (Allow) C:\UPS\WSTD\MSSQL.1\MSSQL\Binn\sqlservr.exe
FirewallRules: [{43B4C6CD-70B1-4B1B-B804-565644E74C80}] => (Allow) C:\UPS\WSTD\MSSQL.1\MSSQL\Binn\sqlservr.exe
FirewallRules: [{53910D86-D31C-4C33-9B36-1B8D4A486458}] => (Allow) LPort=1434
FirewallRules: [{AC98B5CB-4173-47CF-A1F0-37FF91B6E92A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C2DBBE03-9D21-43A6-8724-18B911CF04BD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{6FCE4F8C-85C3-4D88-A00B-10E9DD9DAA2A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{498151A2-F3A2-4353-9B47-5C662DD05CEF}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
==================== Faulty Device Manager Devices =============
Name: Intel(R) 5 Series/3400 Series-Chipsatzfamilie - PCI-Express-Stammanschluss 2 - 3B44
Description: Intel(R) 5 Series/3400 Series-Chipsatzfamilie - PCI-Express-Stammanschluss 2 - 3B44
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: mv video hook driver2
Description: mv video hook driver2
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: UVNC BVBA
Service: mv2
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Officejet J4680 series
Description: Officejet J4680 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/06/2015 04:53:30 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (06/06/2015 04:53:24 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (06/06/2015 04:53:24 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (06/06/2015 04:53:24 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (06/06/2015 04:53:24 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (06/06/2015 02:53:44 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.
Error: (06/06/2015 11:53:20 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.
Error: (06/06/2015 11:53:15 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.
Error: (06/06/2015 11:53:15 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.
Error: (06/05/2015 11:06:34 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.
System errors:
=============
Error: (06/08/2015 02:35:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AVM ADSL Adapter Device" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (06/08/2015 02:35:02 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\DRIVERS\aadev.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (06/08/2015 00:59:33 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (06/08/2015 00:59:33 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (06/08/2015 00:37:53 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (06/08/2015 00:34:40 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (06/08/2015 11:19:47 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (06/08/2015 11:19:39 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 43. Der interne Fehlerstatus lautet: 252.
Error: (06/08/2015 10:52:06 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 43. Der interne Fehlerstatus lautet: 252.
Error: (06/08/2015 10:52:06 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 43. Der interne Fehlerstatus lautet: 252.
Microsoft Office:
=========================
Error: (06/06/2015 04:53:30 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
Error: (06/06/2015 04:53:24 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe
Error: (06/06/2015 04:53:24 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe
Error: (06/06/2015 04:53:24 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe
Error: (06/06/2015 04:53:24 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe
Error: (06/06/2015 02:53:44 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestC:\$RECYCLE.BIN\S-1-5-21-2853840737-433536269-4251561868-1000\$R8ZEPOI.exe
Error: (06/06/2015 11:53:20 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestC:\Users\user\Desktop\esetsmartinstaller_deu.exe
Error: (06/06/2015 11:53:15 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestC:\Users\user\Desktop\esetsmartinstaller_deu.exe
Error: (06/06/2015 11:53:15 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestC:\Users\user\Desktop\esetsmartinstaller_deu.exe
Error: (06/05/2015 11:06:34 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
CodeIntegrity Errors:
===================================
Date: 2015-06-01 20:39:50.627
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-06-01 20:39:50.521
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-06-16 20:42:29.716
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-16 20:42:29.713
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-16 20:42:29.710
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-16 20:42:29.686
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-16 20:42:29.683
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-16 20:42:29.680
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-15 09:03:20.399
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-06-15 09:03:20.398
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3 CPU 530 @ 2.93GHz
Percentage of memory in use: 37%
Total physical RAM: 6071.06 MB
Available physical RAM: 3794.1 MB
Total Pagefile: 12140.33 MB
Available Pagefile: 9452.65 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:453.45 GB) (Free:313.02 GB) NTFS
Drive d: (DATA) (Fixed) (Total:453.96 GB) (Free:453.41 GB) NTFS
Drive e: (CGP 2013 CD) (CDROM) (Total:1.76 GB) (Free:0 GB) CDFS
Drive m: (Volume) (Fixed) (Total:931.51 GB) (Free:649.17 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 10D6741B)
Partition 1: (Not Active) - (Size=24 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=453.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=454 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 9D5B614C)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of log ============================
--- --- --- |
|
| Themen zu Maus clickt nicht mehr richtig, Pc extrem langsam |
| adobe, autorun, browser, defender, ebay, explorer, failed, firefox, flash player, google, helper, home, homepage, langsam, maus, mozilla, realtek, registry, security, server, spyware, stick, system, windows, winlogon.exe |
Linear-Darstellung
