Avast meldet "schädliche Webseite blockiert " - svchost

Member 2015 · 04.06.2015, 10:21

Avast meldet: Infektion blockiert.

URL: hxxp://simplesitescan.net/4141/SegmentProlonger_142669622240134.dll
Infektion: URL:Mal
Prozess: C:\Windows\System32\svchost.exe

Habe einen Screenshot der Meldung angehängt

Diese oder ähnliche Meldungen zeigt Avast alle paar Minuten an, obwohl ich gerade gar nicht im Internet unterwegs bin.

Habe gegooglet und auch hier gelesen, finde aber keine genaue Lösung.

Habe ich einen Infekt auf dem Rechner, Rootkit-Problem o.ä.?

Freue mich aug Feedback / Hilfe.

Vielen Dank

schrauber · 04.06.2015, 10:34

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Member 2015 · 04.06.2015, 10:43

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:03-06-2015
Ran by NAME (administrator) on PCBUERO on 04-06-2015 11:36:11
Running from C:\Users\NAME\Downloads
Loaded Profiles: NAME (Available Profiles: NAME)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.09\aaHMSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Memeo) C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Dominik Reichl) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [DLQLU] => C:\Program Files\Dell Printers\Additional Color Laser Software\Launcher\DLQLU.EXE [1244136 2013-02-25] (Dell Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7659224 2000-01-01] (Realtek Semiconductor)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2715536 2015-04-10] (Dominik Reichl)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498728 2015-05-01] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Syncios\SynciosDeviceService.exe [778752 2015-03-06] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [X]
HKU\S-1-5-21-4059485407-2828597014-2479886380-1000\...\Run: [Allway Sync] => C:\Program Files\Allway Sync\Bin\syncappw.exe [96456 2015-04-21] ()
HKU\S-1-5-21-4059485407-2828597014-2479886380-1000\...\Run: [HotSwap! Applet] => C:\Program Files\HotSwap_5.0.0.0\64bit\HotSwap!.EXE [117248 2012-02-18] (Kazuyuki Nakayama)
HKU\S-1-5-21-4059485407-2828597014-2479886380-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25700400 2015-04-28] (Google)
HKU\S-1-5-21-4059485407-2828597014-2479886380-1000\...\Run: [KeePass Password Safe 2] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2715536 2015-04-10] (Dominik Reichl)
HKU\S-1-5-21-4059485407-2828597014-2479886380-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-4059485407-2828597014-2479886380-1000\...\Run: [] => [X]
HKU\S-1-5-21-4059485407-2828597014-2479886380-1000\...\Run: [Safe PST Backup] => C:\Program Files (x86)\4Team Corporation\Safe PST Backup\SafePSTBackup.exe [5162832 2014-08-05] (4Team Corporation)
HKU\S-1-5-21-4059485407-2828597014-2479886380-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-4059485407-2828597014-2479886380-1000\...\Run: [Visual Subst] => C:\Program Files (x86)\Visual Subst\VSubst.exe [139672 2008-02-02] (NTWind Software)
HKU\S-1-5-21-4059485407-2828597014-2479886380-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-4059485407-2828597014-2479886380-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-4059485407-2828597014-2479886380-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-4059485407-2828597014-2479886380-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
Startup: C:\Users\NAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HiDrive.lnk [2014-10-23]
ShortcutTarget: HiDrive.lnk -> C:\Program Files (x86)\Strato\HiDrive\HiDrive.App.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-21] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [HiDriveOverlayIcon1] -> {45a23d58-ebdc-3d73-ae36-80fd48cb363e} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [HiDriveOverlayIcon2] -> {654b0053-308a-3fcf-8a68-08cc1f1e7783} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4059485407-2828597014-2479886380-1000 -> {F08562FF-F3FE-43A7-99E6-44A9DE6C2924} URL = https://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-04-24] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-25] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-04-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-04-24] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO-x32: No Name -> {120A8821-2BEE-4C29-BCDA-62C577781992} ->  No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-25] (Avast Software s.r.o.)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - No Name - {120A8821-2BEE-4C29-BCDA-62C577781992} -  No File
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-4059485407-2828597014-2479886380-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\..\Interfaces\{ECCA7DF3-97D5-4CE0-9D74-741776634C45}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

FireFox:
========
FF ProfilePath: C:\Users\NAME\AppData\Roaming\Mozilla\Firefox\Profiles\fjh6c24b.default-1430949737863
FF DefaultSearchEngine.US: Google
FF Homepage: https://www.google.de/
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-04] ()
FF Plugin: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-04-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-04-24] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-04] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-11-15] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2015-03-19] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin HKU\S-1-5-21-4059485407-2828597014-2479886380-1000: @hola.org/vlc,version=1.7.116 -> C:\Users\NAME\AppData\Local\Hola\firefox\app\vlc No File
FF Plugin HKU\S-1-5-21-4059485407-2828597014-2479886380-1000: @phonostar.de/phonostar -> C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll No File
FF Plugin HKU\S-1-5-21-4059485407-2828597014-2479886380-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\NAME\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-01-23] (Unity Technologies ApS)
FF Extension: Flash Video Downloader - YouTube HD Downloader [4K] - C:\Users\NAME\AppData\Roaming\Mozilla\Firefox\Profiles\fjh6c24b.default-1430949737863\Extensions\artur.dubovoy@gmail.com [2015-05-29]
FF Extension: FoxyProxy Standard - C:\Users\NAME\AppData\Roaming\Mozilla\Firefox\Profiles\fjh6c24b.default-1430949737863\Extensions\foxyproxy@eric.h.jung [2015-05-30]
FF Extension: Youtube Downloader - 4K Download - C:\Users\NAME\AppData\Roaming\Mozilla\Firefox\Profiles\fjh6c24b.default-1430949737863\Extensions\paulsaintuzb@gmail.com [2015-05-29]
FF Extension: EPUBReader - C:\Users\NAME\AppData\Roaming\Mozilla\Firefox\Profiles\fjh6c24b.default-1430949737863\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2015-05-29]
FF Extension: Forecastfox (fix version) - C:\Users\NAME\AppData\Roaming\Mozilla\Firefox\Profiles\fjh6c24b.default-1430949737863\Extensions\forecastfox@s3_fix_version.xpi [2015-05-07]
FF Extension: Screengrab  (fix version) - C:\Users\NAME\AppData\Roaming\Mozilla\Firefox\Profiles\fjh6c24b.default-1430949737863\Extensions\{02450914-cdd9-410f-b1da-db004e18c671}.xpi [2015-05-07]
FF Extension: All-in-One Sidebar - C:\Users\NAME\AppData\Roaming\Mozilla\Firefox\Profiles\fjh6c24b.default-1430949737863\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2015-05-07]
FF Extension: Download YouTube Videos as MP4 - C:\Users\NAME\AppData\Roaming\Mozilla\Firefox\Profiles\fjh6c24b.default-1430949737863\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2015-05-07]
FF Extension: Adblock Plus - C:\Users\NAME\AppData\Roaming\Mozilla\Firefox\Profiles\fjh6c24b.default-1430949737863\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-07]
FF Extension: Recorder Toolbar - C:\Program Files (x86)\Mozilla Firefox\extensions\{10743931-94DF-476f-A987-4391233C17A2} [2015-06-03]
FF Extension: avast! Ad Blocker - C:\Program Files (x86)\Mozilla Firefox\extensions\adblocker@avast.com.xpi [2015-06-03]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-06-03]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-15]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-03-21]
FF HKU\S-1-5-21-4059485407-2828597014-2479886380-1000\...\Firefox\Extensions: [{b9aa91db-385d-4c69-8a2f-96790aa9405b}] - c:\program files (x86)\copernic\desktopsearch4\firefoxconnector

Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Browser\nppdf32.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (RIM Handheld Application Loader) - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Profile: C:\Users\NAME\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-01]
CHR Extension: (Google Drive) - C:\Users\NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-01]
CHR Extension: (YouTube) - C:\Users\NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-01]
CHR Extension: (Google Search) - C:\Users\NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-01]
CHR Extension: (Chrome In-App Payments service) - C:\Users\NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-01]
CHR Extension: (Gmail) - C:\Users\NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-01]
CHR HKU\S-1-5-21-4059485407-2828597014-2479886380-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cnnbdaahphjgdgfhliignpepgnbnfomp] - c:\program files (x86)\copernic\desktopsearch4\ChromeConnector\ChromeConnector.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2015-05-01]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-03]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.12\atkexComSvc.exe [917120 2010-10-28] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.09\aaHMSvc.exe [909440 2010-11-03] ()
S2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.10\AsSysCtrlService.exe [586880 2010-10-21] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-21] (Avast Software s.r.o.)
R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [588024 2014-10-31] (BlackBerry Limited)
S2 BotkindSyncService; C:\Program Files\Allway Sync\Bin\SyncService.exe [262144 2015-04-13] () [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S2 Capture Device Service; C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2011-08-23] (Macrovision Europe Ltd.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 RasMan; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 RasMan; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [396024 2015-03-19] (Apple Inc.)
R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1354488 2015-03-19] (BlackBerry Limited)
S2 SafePSTShadowCopy; C:\Program Files (x86)\4Team Corporation\SafePSTBackup Shadow Copy Service\SafePST.ShadowCopySvc.exe [16736 2014-08-05] (4Team)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5491984 2015-05-20] (TeamViewer GmbH)
S3 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2005-01-31] (Ulead Systems, Inc.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 HPSLPSVC; C:\Users\NAME\AppData\Local\Temp\7zS7869\hpslpsvc64.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-21] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-21] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-21] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-21] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-21] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-21] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-21] ()
R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [79872 2009-06-10] (AVM GmbH)
R3 blackberryncm; C:\Windows\System32\DRIVERS\blackberryncm6_AMD64.sys [25088 2014-09-08] (BlackBerry)
R1 cbfs5; C:\Windows\system32\drivers\cbfs5.sys [421568 2015-01-23] (EldoS Corporation)
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-05] (Microsoft Corporation)
R3 FPCIBASE; C:\Windows\System32\DRIVERS\fpcibase.sys [899328 2009-06-10] (AVM Berlin)
R3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [111336 2014-04-28] (GenesysLogic)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2013-11-29] (Qualcomm Atheros Co., Ltd.)
S4 LMIRfsClientNP; No ImagePath
R3 MTSBDA; C:\Windows\System32\Drivers\MtsBda.sys [344592 2009-07-14] (TechniSat Provide)
R3 MtsHID; C:\Windows\System32\drivers\MtsHID.sys [27664 2011-01-23] (TechniSat Provide)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-08-20] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-08-20] ()
R3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2014-05-06] (BlackBerry Limited)
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [18432 2015-03-19] (BlackBerry Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [23552 2014-01-12] (Windows (R) Win 7 DDK provider)
R3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [86016 2014-01-12] (Nuvoton Technology Corp.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-01-18] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2014-01-18] (Acronis)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2014-01-18] (Acronis International GmbH)
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl [146928 2009-08-28] (CyberLink Corp.)
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfoX64.sys [X]
U3 DfSdkS; No ImagePath
S2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [X]
S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP4c\WNt500x64\Sandra.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-04 11:36 - 2015-06-04 11:36 - 00031678 _____ C:\Users\NAME\Downloads\FRST.txt
2015-06-04 11:35 - 2015-06-04 11:36 - 00000000 ____D C:\FRST
2015-06-04 11:35 - 2015-06-04 11:35 - 02108928 _____ (Farbar) C:\Users\NAME\Downloads\FRST64.exe
2015-06-04 09:22 - 2015-06-04 09:45 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-06-04 09:09 - 2015-06-04 09:09 - 02942610 _____ (Thisisu) C:\Users\NAME\Desktop\JRT.exe
2015-06-04 09:09 - 2015-06-04 09:09 - 00000207 _____ C:\Windows\tweaking.com-regbackup-PCBUERO-Windows-7-Home-Premium-(64-bit).dat
2015-06-04 09:09 - 2015-06-04 09:09 - 00000000 ____D C:\RegBackup
2015-06-04 08:42 - 2015-06-04 08:42 - 00000364 _____ C:\Windows\PFRO.log
2015-06-03 23:45 - 2015-06-03 23:45 - 00002156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2015-06-03 21:01 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-03 21:01 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-03 21:01 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-03 21:01 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-03 21:01 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-03 21:01 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-03 21:01 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-03 21:01 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-03 21:00 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-03 21:00 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-03 21:00 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-03 21:00 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-03 21:00 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-03 21:00 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-03 21:00 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-03 21:00 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-03 21:00 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-03 21:00 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-03 21:00 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-03 21:00 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-03 21:00 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-03 21:00 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-03 21:00 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-03 21:00 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-03 21:00 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-03 21:00 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-03 21:00 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-03 21:00 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-03 21:00 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-03 21:00 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-03 21:00 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-03 21:00 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-03 21:00 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-03 21:00 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-03 21:00 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-03 21:00 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-03 21:00 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-03 21:00 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-03 21:00 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-03 21:00 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-03 21:00 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-03 21:00 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-03 21:00 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-03 21:00 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-03 21:00 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-03 21:00 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-03 21:00 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-03 21:00 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-03 21:00 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-03 21:00 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-03 21:00 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-03 21:00 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-03 21:00 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-03 21:00 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-03 21:00 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-03 21:00 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-03 21:00 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-03 21:00 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-03 21:00 - 2015-05-09 05:27 - 03147776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-06-03 21:00 - 2015-05-09 05:27 - 02589184 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-06-03 21:00 - 2015-05-09 05:27 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-06-03 21:00 - 2015-05-09 05:27 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-06-03 21:00 - 2015-05-09 05:27 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-06-03 21:00 - 2015-05-09 05:27 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-06-03 21:00 - 2015-05-09 05:27 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-06-03 21:00 - 2015-05-09 05:26 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-06-03 21:00 - 2015-05-09 05:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-06-03 21:00 - 2015-05-09 05:26 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-06-03 21:00 - 2015-05-09 05:26 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-06-03 21:00 - 2015-05-09 05:14 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-06-03 21:00 - 2015-05-09 05:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-06-03 21:00 - 2015-05-09 05:14 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-06-03 21:00 - 2015-05-09 05:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-06-03 21:00 - 2015-05-09 05:13 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-06-03 00:24 - 2015-06-04 08:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-05-31 11:47 - 2015-05-31 11:47 - 00000048 _____ C:\MyUpdateLogs.log
2015-05-31 09:46 - 2015-06-04 07:40 - 00000000 ____D C:\Users\NAME\Documents\Turbo Lister Backup
2015-05-31 01:00 - 2015-06-04 08:43 - 00000280 _____ C:\Windows\setupact.log
2015-05-31 01:00 - 2015-05-31 01:00 - 00000000 _____ C:\Windows\setuperr.log
2015-05-30 10:44 - 2015-05-30 10:44 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2015-05-30 10:44 - 2015-05-30 10:44 - 00000000 ____D C:\Program Files\Realtek
2015-05-30 10:43 - 2000-01-01 02:00 - 02162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2015-05-30 10:43 - 2000-01-01 02:00 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2015-05-30 10:43 - 2000-01-01 02:00 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2015-05-30 10:43 - 2000-01-01 02:00 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2015-05-30 10:43 - 2000-01-01 02:00 - 00856992 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2015-05-30 10:43 - 2000-01-01 02:00 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2015-05-30 10:43 - 2000-01-01 02:00 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2015-05-30 10:43 - 2000-01-01 02:00 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2015-05-30 10:43 - 2000-01-01 02:00 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2015-05-30 10:43 - 2000-01-01 02:00 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2015-05-30 10:43 - 2000-01-01 02:00 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2015-05-30 10:43 - 2000-01-01 02:00 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2015-05-30 10:43 - 2000-01-01 02:00 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 72461312 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2015-05-30 10:42 - 2000-01-01 02:00 - 14048512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 12967680 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2015-05-30 10:42 - 2000-01-01 02:00 - 05234952 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 04270424 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-05-30 10:42 - 2000-01-01 02:00 - 03186544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 02860760 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 02827632 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-05-30 10:42 - 2000-01-01 02:00 - 01499984 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 01445764 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-05-30 10:42 - 2000-01-01 02:00 - 01411096 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 01360640 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 01313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 01287384 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 01136728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 01048824 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00995120 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00979280 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00959704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00922880 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00889592 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00724728 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00629464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00451096 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00366104 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00326680 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00326680 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00303776 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00246008 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 06218072 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 01550528 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 00109848 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 00096568 _____ C:\Windows\system32\audioLibVc.dll
2015-05-29 23:30 - 2015-05-29 23:30 - 00001668 _____ C:\Users\NAME\Desktop\FileLocator.lnk
2015-05-29 23:23 - 2015-05-29 23:23 - 00000000 ____D C:\Users\NAME\AppData\Roaming\Mythicsoft
2015-05-29 23:23 - 2015-05-29 23:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileLocator Lite
2015-05-29 23:23 - 2015-05-29 23:23 - 00000000 ____D C:\Program Files\Mythicsoft
2015-05-29 23:16 - 2015-05-29 23:21 - 00000000 ____D C:\ProgramData\Copernic
2015-05-29 22:54 - 2015-05-29 23:05 - 00001065 _____ C:\Users\NAME\Desktop\Start Tor Browser.lnk
2015-05-29 22:53 - 2015-05-29 22:53 - 00000000 ____D C:\ProgramData\SlimWare Utilities, Inc
2015-05-29 22:51 - 2015-05-29 22:51 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2015-05-29 22:51 - 2015-05-29 22:51 - 00000000 ____D C:\ProgramData\Documents\Downloaded Installers
2015-05-29 22:50 - 2015-05-29 22:50 - 00000828 _____ C:\Users\NAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2015-05-29 22:50 - 2015-05-29 22:50 - 00000000 ____D C:\Program Files\Tor Browser
2015-05-29 16:37 - 2015-05-29 16:37 - 00013157 _____ C:\Users\NAME\Desktop\Indizierungsoptionen.lnk
2015-05-29 16:10 - 2015-05-31 09:42 - 00000000 ____D C:\Indexordner
2015-05-25 17:30 - 2015-05-25 17:46 - 00000054 _____ C:\Users\NAME\Documents\default.dad
2015-05-23 17:02 - 2015-05-23 17:02 - 00000000 ____D C:\Users\NAME\Documents\StreamTransport
2015-05-20 06:50 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-05-17 11:39 - 2015-05-17 11:53 - 00000000 ____D C:\Program Files (x86)\SmartDVB
2015-05-17 09:17 - 2015-05-17 09:17 - 00000000 ____D C:\Users\NAME\Documents\Turbo Lister
2015-05-17 08:55 - 2015-05-17 08:55 - 00002045 _____ C:\Users\Public\Desktop\eBay Turbo Lister 2.lnk
2015-05-17 08:55 - 2015-05-17 08:55 - 00002045 _____ C:\ProgramData\Desktop\eBay Turbo Lister 2.lnk
2015-05-17 08:55 - 2015-05-17 08:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay
2015-05-17 08:55 - 2015-05-17 08:55 - 00000000 ____D C:\ProgramData\eBay
2015-05-17 08:55 - 2015-05-17 08:55 - 00000000 ____D C:\Program Files (x86)\eBay
2015-05-16 17:35 - 2015-05-16 17:35 - 00000000 _____ C:\autoexec.bat
2015-05-14 16:51 - 2015-06-04 09:22 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-14 16:51 - 2015-06-04 09:22 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-14 16:51 - 2015-05-14 16:51 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-05-14 16:51 - 2015-05-14 16:51 - 00001106 _____ C:\ProgramData\Desktop\ Malwarebytes Anti-Malware .lnk
2015-05-14 16:51 - 2015-05-14 16:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-05-14 16:51 - 2015-05-14 16:51 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-05-14 16:51 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-14 16:51 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-14 08:56 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 08:56 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 08:52 - 2015-04-21 16:33 - 14374400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-14 08:52 - 2015-04-21 16:33 - 13771776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-14 08:52 - 2015-04-21 16:33 - 02864640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-14 08:52 - 2015-04-21 16:33 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-14 08:52 - 2015-04-21 16:33 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-14 08:52 - 2015-04-21 16:33 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-14 08:52 - 2015-04-21 16:33 - 00690176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-14 08:52 - 2015-04-21 16:33 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-14 08:52 - 2015-04-21 16:33 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-14 08:52 - 2015-04-21 16:33 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-14 08:52 - 2015-04-21 16:33 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-14 08:52 - 2015-04-21 16:33 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-14 08:52 - 2015-04-21 16:33 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-14 08:52 - 2015-04-21 16:33 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-14 08:52 - 2015-04-21 16:33 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-05-14 08:52 - 2015-04-21 16:33 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-14 08:52 - 2015-04-21 16:33 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-14 08:52 - 2015-04-21 16:33 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-14 08:52 - 2015-04-21 16:33 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-14 08:52 - 2015-04-21 16:32 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-14 08:52 - 2015-04-21 15:53 - 02237440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-14 08:52 - 2015-04-21 15:53 - 01409536 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-14 08:52 - 2015-04-21 15:53 - 00601600 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-14 08:52 - 2015-04-21 15:53 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-14 08:52 - 2015-04-21 15:53 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-14 08:52 - 2015-04-21 15:52 - 19291136 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-14 08:52 - 2015-04-21 15:52 - 15414784 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-14 08:52 - 2015-04-21 15:52 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-14 08:52 - 2015-04-21 15:52 - 02656768 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-14 08:52 - 2015-04-21 15:52 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-14 08:52 - 2015-04-21 15:52 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-14 08:52 - 2015-04-21 15:52 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-14 08:52 - 2015-04-21 15:52 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-14 08:52 - 2015-04-21 15:52 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-14 08:52 - 2015-04-21 15:52 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-14 08:52 - 2015-04-21 15:52 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-14 08:52 - 2015-04-21 15:52 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-05-14 08:52 - 2015-04-21 15:52 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-14 08:52 - 2015-04-21 15:52 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-14 08:52 - 2015-04-21 15:52 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-14 08:52 - 2015-04-21 15:52 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-14 08:52 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-14 08:52 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-14 08:52 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-14 08:52 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-14 08:52 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-14 08:52 - 2015-04-18 05:06 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-14 08:52 - 2015-04-18 04:59 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-14 08:52 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-14 08:52 - 2015-04-18 04:37 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-14 08:52 - 2015-04-18 04:34 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-14 08:52 - 2015-04-18 04:12 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-05-14 08:52 - 2015-04-18 04:09 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-05-14 08:52 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-14 08:52 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-14 08:52 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-14 08:52 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-10 18:08 - 2015-05-10 18:08 - 00001488 _____ C:\Users\NAME\Desktop\Skype.lnk
2015-05-09 11:07 - 2015-05-09 11:07 - 00001370 _____ C:\Users\NAME\Desktop\Handbuch MARKED.pdf - Verknüpfung.lnk
2015-05-08 23:36 - 2015-05-08 23:36 - 00000000 ____D C:\Users\NAME\Documents\Incomedia
2015-05-08 23:12 - 2015-05-08 23:12 - 00000000 ____D C:\Users\NAME\Documents\Meine Websites
2015-05-08 22:31 - 2015-05-08 22:31 - 00001104 _____ C:\Users\NAME\Desktop\Microsoft Expression Web 4.lnk
2015-05-08 22:29 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-05-08 22:27 - 2015-05-08 22:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2015-05-08 22:27 - 2015-05-08 22:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2015-05-08 22:27 - 2015-05-08 22:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Expression

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-04 11:34 - 2015-02-16 20:20 - 00000000 ____D C:\Users\NAME\AppData\Local\9F983EEF-7CB2-41EA-959B-EBA701ABEDBA.aplzod
2015-06-04 11:05 - 2013-07-26 20:53 - 00000000 ____D C:\Users\NAME\AppData\Roaming\Skype
2015-06-04 10:43 - 2011-07-13 23:16 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-04 10:41 - 2012-08-23 10:52 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-04 10:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-04 09:01 - 2013-10-05 01:42 - 00000000 ____D C:\Users\NAME\AppData\Local\CrashDumps
2015-06-04 08:57 - 2014-11-15 13:58 - 00005132 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for PCBUERO-NAME PCBUERO
2015-06-04 08:53 - 2009-07-14 06:45 - 00023264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-04 08:53 - 2009-07-14 06:45 - 00023264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-04 08:50 - 2011-12-04 16:21 - 02049531 _____ C:\Windows\WindowsUpdate.log
2015-06-04 08:49 - 2014-08-14 14:35 - 00000000 ____D C:\Users\NAME\AppData\Local\Adobe
2015-06-04 08:49 - 2012-08-23 10:52 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-04 08:49 - 2012-04-13 22:48 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-04 08:49 - 2011-05-20 09:26 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-04 08:49 - 2009-07-14 19:58 - 00705952 _____ C:\Windows\system32\perfh007.dat
2015-06-04 08:49 - 2009-07-14 19:58 - 00152262 _____ C:\Windows\system32\perfc007.dat
2015-06-04 08:49 - 2009-07-14 07:13 - 01638820 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-04 08:47 - 2014-08-29 10:41 - 00000000 __SHD C:\Users\NAME\wc
2015-06-04 08:46 - 2015-02-16 20:17 - 00000000 ___RD C:\Users\NAME\iCloudDrive
2015-06-04 08:46 - 2014-08-23 18:59 - 00000000 ___RD C:\Users\NAME\Google Drive
2015-06-04 08:45 - 2011-07-13 23:16 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-04 08:43 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-04 08:42 - 2013-01-31 22:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-04 08:41 - 2014-12-10 07:47 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-04 08:41 - 2014-04-22 20:05 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-04 08:41 - 2011-05-10 01:35 - 00000000 ____D C:\Users\NAME\AppData\Roaming\KeePass
2015-06-04 08:41 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-03 23:45 - 2011-07-13 23:16 - 00000000 ____D C:\Program Files (x86)\Google
2015-06-03 22:46 - 2011-09-10 16:16 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{A9C5EE0F-E1FC-451A-8B1C-454518492B63}
2015-06-03 19:19 - 2014-03-15 22:23 - 00000314 _____ C:\Windows\Tasks\MT66 Software Update.job
2015-06-02 21:50 - 2015-03-01 15:06 - 00000000 ____D C:\AdwCleaner
2015-05-31 20:51 - 2011-05-10 00:05 - 00000000 ____D C:\Users\NAME\AppData\Local\FRITZ!
2015-05-31 16:04 - 2014-01-18 15:33 - 00000000 ____D C:\ProgramData\Acronis
2015-05-31 04:00 - 2012-02-23 22:39 - 00000372 _____ C:\Windows\Tasks\Allway Sync_{4D5D44EA8CFE20E67E17FB2D2B9557A2}.job
2015-05-31 03:00 - 2012-02-23 22:41 - 00000372 _____ C:\Windows\Tasks\Allway Sync_{4526EC8052B0DD6E9FE27029D0A8F297}.job
2015-05-31 02:00 - 2012-02-23 22:42 - 00000372 _____ C:\Windows\Tasks\Allway Sync_{4F0C1497E9A5A062AD06B978802E02AB}.job
2015-05-31 01:00 - 2012-02-15 08:23 - 00000372 _____ C:\Windows\Tasks\Allway Sync_{47DB885EEF89F1BFADE380163D5D1ABD}.job
2015-05-30 12:38 - 2015-04-15 08:14 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-05-30 11:26 - 2011-05-10 01:30 - 00000000 ____D C:\Users\NAME\AppData\Roaming\vlc
2015-05-30 10:45 - 2013-07-07 12:50 - 00000000 ___HD C:\Program Files (x86)\Temp
2015-05-30 10:41 - 2011-05-09 22:56 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-05-30 10:39 - 2013-09-30 23:58 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-05-29 15:44 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-05-26 21:39 - 2013-07-26 20:53 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-05-25 15:09 - 2011-05-09 22:53 - 00000000 ____D C:\Users\NAME
2015-05-24 09:31 - 2014-11-15 13:33 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-05-22 19:27 - 2011-05-10 20:17 - 00000000 ____D C:\ProgramData\Skype
2015-05-16 21:38 - 2011-07-13 23:16 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-16 21:38 - 2011-07-13 23:16 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-16 17:48 - 2011-05-09 23:41 - 00000000 ____D C:\Windows\Panther
2015-05-15 13:05 - 2015-03-21 17:40 - 00002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2015-05-15 13:05 - 2015-03-21 17:40 - 00002210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2015-05-15 13:05 - 2015-03-21 17:40 - 00002049 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2015-05-14 16:37 - 2014-11-10 23:55 - 00001404 _____ C:\Users\Public\Desktop\Avast.lnk
2015-05-14 16:37 - 2014-11-10 23:55 - 00001404 _____ C:\ProgramData\Desktop\Avast.lnk
2015-05-14 09:22 - 2012-04-13 22:27 - 00541872 _____ C:\Windows\system32\FNTCACHE.DAT
2015-05-14 09:20 - 2014-12-10 21:34 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-14 09:20 - 2014-12-10 21:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-14 09:19 - 2009-07-14 20:18 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-14 09:05 - 2013-08-15 03:02 - 00000000 ____D C:\Windows\system32\MRT
2015-05-14 08:59 - 2011-05-12 22:38 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-14 08:56 - 2014-12-10 21:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-10 18:07 - 2014-12-25 23:56 - 00025035 _____ C:\Windows\SysWOW64\msrsb04.dll
2015-05-10 18:06 - 2014-12-25 23:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iDevice Manager
2015-05-08 23:31 - 2015-04-21 22:08 - 00000000 ____D C:\ProgramData\Package Cache
2015-05-08 23:31 - 2012-04-09 00:43 - 00000000 ____D C:\Users\NAME\AppData\Local\Incomedia

==================== Files in the root of some directories =======

2012-02-05 10:42 - 2012-02-05 11:13 - 0000121 _____ () C:\Users\NAME\AppData\Roaming\Camdata.ini
2012-02-05 10:42 - 2012-02-05 11:13 - 0000408 _____ () C:\Users\NAME\AppData\Roaming\CamLayout.ini
2012-02-05 10:42 - 2012-02-05 11:13 - 0000408 _____ () C:\Users\NAME\AppData\Roaming\CamShapes.ini
2014-01-22 23:53 - 2014-01-22 23:54 - 0000005 _____ () C:\Users\NAME\AppData\Roaming\mbam.context.scan
2015-04-24 23:14 - 2015-04-24 23:54 - 0000627 _____ () C:\Users\NAME\AppData\Roaming\Requiem.log
2011-05-10 01:40 - 2014-08-18 19:51 - 0035628 _____ () C:\Users\NAME\AppData\Roaming\Rim.Desktop.Exception.log
2011-05-10 01:40 - 2014-08-20 23:00 - 0011770 _____ () C:\Users\NAME\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2011-09-11 13:55 - 2014-08-18 19:51 - 0027027 _____ () C:\Users\NAME\AppData\Roaming\Rim.DesktopHelper.Exception.log
2012-06-08 00:08 - 2012-07-27 09:36 - 0002695 _____ () C:\Users\NAME\AppData\Roaming\Rim.Transcoder.Exception.log
2013-11-03 13:48 - 2013-11-03 13:48 - 0013883 _____ () C:\Users\NAME\AppData\Roaming\UserTile.png
2011-09-14 23:31 - 2012-06-17 16:47 - 0123122 _____ () C:\Users\NAME\AppData\Local\ars.cache
2011-09-14 23:31 - 2012-06-17 16:47 - 0933511 _____ () C:\Users\NAME\AppData\Local\census.cache
2011-05-17 23:08 - 2015-04-20 21:19 - 0018432 _____ () C:\Users\NAME\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-09-14 23:21 - 2011-09-14 23:21 - 0000036 _____ () C:\Users\NAME\AppData\Local\housecall.guid.cache
2011-12-29 00:57 - 2012-05-03 22:41 - 0000605 _____ () C:\Users\NAME\AppData\Local\process.log
2014-10-25 13:09 - 2014-10-25 13:09 - 0001672 _____ () C:\Users\NAME\AppData\Local\recently-used.xbel
2011-06-30 16:00 - 2015-03-29 22:18 - 0007604 _____ () C:\Users\NAME\AppData\Local\Resmon.ResmonCfg
2014-07-25 22:39 - 2014-07-25 22:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2011-05-10 20:22 - 2011-05-10 20:22 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2011-05-10 21:27 - 2011-08-23 22:08 - 0003269 _____ () C:\ProgramData\hpzinstall.log
2013-09-29 12:17 - 2013-09-29 13:33 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

Files to move or delete:
====================
C:\Users\Public\IK_PosLen.dat
C:\Users\Public\VR-IBAN-Konverter.dat


Some files in TEMP:
====================
C:\Users\NAME\AppData\Local\Temp\Quarantine.exe
C:\Users\NAME\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-03 00:48

==================== End of log ============================

Member 2015 · 04.06.2015, 11:33

[CODE]Additional
FRST Logfile:

Code:

ATTFilter

scan result of Farbar Recovery Scan Tool (x64) Version:03-06-2015
Ran by NAME at 2015-06-04 11:36:44
Running from C:\Users\NAME\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4059485407-2828597014-2479886380-500 - Administrator - Disabled)
DELL_2C1Cv1MA (S-1-5-21-4059485407-2828597014-2479886380-1064 - Limited - Enabled)
Gast (S-1-5-21-4059485407-2828597014-2479886380-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-4059485407-2828597014-2479886380-1066 - Limited - Enabled)
NAME (S-1-5-21-4059485407-2828597014-2479886380-1000 - Administrator - Enabled) => C:\Users\NAME

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video to MP3 2.2 (HKLM-x32\...\4K Video to MP3_is1) (Version: 2.2.0.800 - Open Media LLC)
4Team Safe PST Backup Free Edition (HKLM-x32\...\{E8586440-78BF-42B5-A1B9-3F581AF25FA4}) (Version: 2.40.0527 - 4Team Corporation)
64 Bit HP CIO Components Installer (Version: 8.2.1 - Hewlett-Packard) Hidden
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.11 - Adobe Systems)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 1.01.09 - ASUSTeK)
Allway Sync version 15.1.9 (HKLM\...\Allway Sync_is1) (Version:  - Botkind Inc)
Anti-Twin (Installation 11.05.2012) (HKLM-x32\...\Anti-Twin 2012-05-11 19.58.34) (Version:  - Joerg Rosenthal, Germany)
AoA Audio Extractor (HKLM-x32\...\{D1725D54-279A-40C5-A70D-23C1785DB920}_is1) (Version:  - AoAMedia.com)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Verifier (x64) (HKLM\...\{89026002-A893-42D9-9E20-6829B844735E}) (Version: 4.1.1078 - Microsoft Corporation)
App-Manager – Dell C2665dnf (HKLM-x32\...\{B873FAEC-1627-4899-88C4-B8D0D0424F1D}) (Version: 1.00.000 - Dell Inc.)
Ashampoo Photo Optimizer 4 v.4.0.3 (HKLM-x32\...\Ashampoo Photo Optimizer 4_is1) (Version: 4.0.3 - Ashampoo GmbH & Co. KG)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.4.0 - Asmedia Technology)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Atheros Communications Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Avery Wizard 5.0 (HKLM-x32\...\{FC3B3A5D-7058-4627-9F1E-F95CC38B6054}) (Version: 5.0.5 - Avery)
AVM FRITZ! (HKLM-x32\...\FRITZ! 2.0) (Version:  - AVM Berlin)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version:  - AVM Berlin)
Bandicam (HKLM-x32\...\Bandicam) (Version:  - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - )
Biet-O-Matic v2.14.8 (HKLM-x32\...\Biet-O-Matic v2.14.8) (Version: Biet-O-Matic v2.14.8 - BOM Development Team)
BlackBerry 10 Desktop Software (HKLM-x32\...\{a0642dd3-1105-464b-84c8-caaf676c39c8}) (Version: 1.1.0.22 - BlackBerry)
BlackBerry Blend (x32 Version: 1.1.0.23 - BlackBerry Ltd.) Hidden
BlackBerry Communication Drivers (x32 Version: 8.0.0.119 - BlackBerry Ltd.) Hidden
BlackBerry Device Drivers (x32 Version: 8.0.0.119 - BlackBerry Ltd.) Hidden
BlackBerry Link (x32 Version: 1.2.4.28 - BlackBerry) Hidden
BlackBerry Link Remover (x32 Version: 1.2.4.0 - BlackBerry Ltd.) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
calibre 64bit (HKLM\...\{A96A1330-17E9-485A-BC51-341CF4FE2CE3}) (Version: 2.26.0 - Kovid Goyal)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4255 - CDBurnerXP)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.70.4.2009 - Georgy Berdyshev)
CHIP Free MP3 converter for YouTube 3.0 Professional-E (HKLM-x32\...\{2ED4869A-6D7B-4a8f-8261-B842DA4852FA}_is1) (Version:  - )
cobra Adress PLUS 2009 (HKLM-x32\...\{BA0723F5-BB02-4C80-847E-62049E2238FE}) (Version: 13.2.2000 - cobra GmbH)
cobra Outlook AddIn 2009 (HKLM-x32\...\{31D94784-FBE0-49F3-A1A5-F6F0AEDD8A93}) (Version: 13.2.1079 - cobra GmbH)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version:  - DownloadHelper)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-4059485407-2828597014-2479886380-1000\...\CopyTrans Suite) (Version: 3.006 - WindSolutions)
CyberLink Blu-ray Disc Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2806 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3224 - CyberLink Corp.)
CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.3228 - CyberLink Corp.)
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.1.1520 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell C2665dnf Color MFP Address Book Editor Ver.1.0.0.0 (HKLM-x32\...\{723B61D6-A73A-4DB7-B8E1-E2D2F7DC58F2}) (Version: 1.0.0.0 - Dell Inc.)
Dell C2665dnf Color MFP Scanner Driver (HKLM-x32\...\{AF194BFC-5C05-4408-B2DF-5CF30BC556D2}) (Version: 1.0.0.0 - Dell Inc.)
Dell Printer Software (HKLM-x32\...\{105F3CE5-FE55-408E-BF30-E78F85BA0B12}) (Version: 1.00.000 - Dell Inc.)
DVBViewer TE2 (HKLM-x32\...\DVBViewer TE2_is1) (Version:  - CM&V)
DVDFab 9.0.4.0 (15/05/2013) (HKLM-x32\...\DVDFab 9_is1) (Version:  - Fengtao Software Inc.)
ElsterFormular-Upgrade (HKLM-x32\...\ElsterFormular für Privatanwender 12.1.0.6164p) (Version: 15.1.13904 - Landesfinanzdirektion Thüringen)
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Essential XML Editor (HKLM-x32\...\Essential XML Editor) (Version:  - Dieter Köhler)
Essential XML Editor (x32 Version: 1.6.4 - Dieter Köhler) Hidden
Excel Password Recovery Lastic 1.2 (HKLM-x32\...\Excel Password Recovery Lastic_is1) (Version:  - )
FileLocator Lite x64 (HKLM\...\{BA37CA0B-6815-46A7-8493-0061FD96EC1A}) (Version: 7.0.828.1 - Mythicsoft Ltd)
FormatFactory 3.3.4.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.4.0 - Format Factory)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Video Dub version 2.0.18.430 (HKLM-x32\...\Free Video Dub_is1) (Version: 2.0.18.430 - DVDVideoSoft Ltd.)
Free Video Editor version 1.1.4.424 (HKLM-x32\...\Free Video Editor_is1) (Version: 1.1.4.424 - DVDVideoSoft Ltd.)
Google Drive (HKLM-x32\...\{35574F09-89F9-4B16-B69B-64F3E25901B8}) (Version: 1.21.9226.6034 - Google, Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
GPL Ghostscript 9.00 (HKLM-x32\...\GPL Ghostscript 9.00) (Version:  - )
HDShredder 4 Free Edition (HKLM-x32\...\HDShredder.Free.4.0.0.1031-{2E3E5BEF-CE30-4A6D-9599-A41C69DC35B1}) (Version: 4 - Miray Software AG)
HiDrive (HKLM-x32\...\{C8359CFC-B507-416F-A99E-DDE14F833F1D}) (Version: 3.1.8.0 - STRATO AG)
hppLaserJetService (x32 Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppQFolderCM2320 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3517 - Intel Corporation)
InterVideo DeviceService (HKLM-x32\...\{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}) (Version: 1.0.0 - InterVideo)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java 7 Update 80 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417080FF}) (Version: 7.0.800 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Joe (HKLM-x32\...\{36A1E3D6-288A-4EEE-A081-30D9808B2BE3}) (Version: 3.05.0100 - Wirth New Media Sarl)
KC Softwares VideoInspector (HKLM-x32\...\KC Softwares VideoInspector_is1) (Version:  - KC Softwares)
KeePass Password Safe 2.29 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.29 - Dominik Reichl)
Konfigurationstool – Dell C2665dnf (HKLM-x32\...\{5AC049AB-E61B-45D4-A3DB-6A606FF38B90}) (Version: 1.00.000 - Dell Inc.)
Leawo Blu-ray Player version  1.8.7.0 (HKLM-x32\...\{CF7F52BF-DEE0-44CD-A7E1-AADD5CCECCDD}_is1) (Version: 1.8.7.0 - leawo Software)
LG Tool Kit (HKLM-x32\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 9.01.1124.01 - )
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
MainConcept DTV Decoder Pro (HKLM-x32\...\{793FCE60-DE5E-4977-A942-A7B69A45B17D}) (Version: 1.5.0.2 - MainConcept GmbH)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Expression Web 4 (HKLM-x32\...\Web_4.0.1460.0) (Version: 4.0.1460.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4719.1002 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4059485407-2828597014-2479886380-1000\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 (x86) de (HKLM-x32\...\{DC39A078-4D4C-4EF2-9CAF-69D342D74125}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 (x86) de (HKLM-x32\...\{E8D33431-67EA-4DC1-B443-EE989DE532BC}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++  Compilers 2010 Standard - enu - x64 (HKLM\...\{88387B3B-B110-392F-B919-1A15B48F21D4}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++  Compilers 2010 Standard - enu - x86 (HKLM-x32\...\{370187B9-6964-38D0-851F-6C4898B0C2B1}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Windows SDK for Windows 7 (7.1) (HKLM\...\SDKSetup_7.1.7600.0.30514) (Version: 7.1.7600.0.30514 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MiniTool Partition Wizard Home Edition 7.6 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MP4Joiner v2.1.2 (HKLM-x32\...\MP4Joiner_is1) (Version:  - )
MT66 Software Update (HKLM-x32\...\{F2E4F3A5-A8F0-46F4-8E91-E8C1DE1FCFE5}_is1) (Version:  - )
Netzmanager (Version: 1.07 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{3F5F509B-E226-417C-8CD1-CAAE756C328A}) (Version: 4.0.0 - dotPDN LLC)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RAIDar 3.01c1-p1 (HKLM-x32\...\RAIDar 3.01c1-p1) (Version:  - Infrant Technologies Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7378 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Room Arranger (HKLM-x32\...\Room Arranger) (Version: 7.4.2 - Jan Adamec)
Seagate Dashboard (HKLM-x32\...\{C3A11907-930D-41AC-A135-CC3B12F92011}) (Version: 1.1.0.1421 - Memeo Inc.)
SIW version 2010.07.14 (HKLM-x32\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2010.07.14 - Topala Software Solutions)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
SmartSound Quicktracks Plugin (HKLM-x32\...\InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}) (Version: 3.0.5.0 - SmartSound Software Inc)
SmartSound Quicktracks Plugin (x32 Version: 3.0.5.0 - SmartSound Software Inc) Hidden
SoftPerfect WiFi Guard version 1.0.4 (HKLM\...\{38AFD787-4D2E-4442-92D2-7739F5F92CF4}_is1) (Version: 1.0.4 - SoftPerfect Research)
StreamTransport version: 1.1.2.0 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
Sweet Home 3D version 4.4 (HKLM\...\Sweet Home 3D_is1) (Version:  - eTeks)
Syncios Version 4.2.4 (HKLM-x32\...\{068A5D84-8419-4BDE-9689-FE65F412EFBB}_is1) (Version: 4.2.4 - Anvsoft, Inc.)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.42849 - TeamViewer)
TechniSat DVB-PC TV Star (HKLM-x32\...\{CE9F9FBC-5253-46D2-9883-09E55003D794}) (Version: 1.0.0 - TechniSat)
True Image WD Edition (HKLM-x32\...\{15D4F110-7FCC-4716-AD1F-1D476A1742D5}) (Version: 16.0.5934 - Acronis)
Turbo Lister 2 (HKLM-x32\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
Ulead DVD DiskRecorder 2.1.1 (HKLM-x32\...\{31E1050B-F69F-4A16-8F5A-E44D31901250}) (Version:  - Ulead Systems, Inc.)
Ulead VideoStudio 11 (HKLM-x32\...\InstallShield_{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}) (Version: 11.0.0.0000 - InterVideo Digital Technology Corporation)
Ulead VideoStudio 9.0 (HKLM-x32\...\{88F92798-59AB-474F-B40D-1EC5F782F7EE}) (Version: 9.0 - Ulead System)
Ultimate EPubsoft DRM Removal 8.9.1 (HKLM-x32\...\{49617AB8-5A31-44A7-95A6-BE6CE251A6F1}) (Version: 8.9.1 - EPUBSOFT)
Unity Web Player (HKU\S-1-5-21-4059485407-2828597014-2479886380-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
VideoStudio (x32 Version: 11.0.0.0000 - InterVideo Digital Technology Corporation) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
Visual Subst (HKLM-x32\...\Visual Subst) (Version: 1.0.6 - NTWind Software)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vocup 1.4.3 (HKLM-x32\...\Vocup_is1) (Version: 1.4.3 - Florian Amstutz)
VR-IBAN-Konverter (HKLM-x32\...\{DAB41703-2543-4B37-BE9F-F5A0645D3BA4}) (Version: 1.00.0032 - Genossenschaftliche FinanzGruppe)
Windows 7 Codec Pack 3.3.0 (HKLM-x32\...\Windows 7 - Codec Pack) (Version:  - Windows 7 Codec Pack)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
XMedia Recode Version 3.2.1.6 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.2.1.6 - XMedia Recode)
XnView 1.97.8 (HKLM-x32\...\XnView_is1) (Version: 1.97.8 - Gougelet Pierre-e)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4059485407-2828597014-2479886380-1000_Classes\CLSID\{42ED960B-3C77-4008-A81E-C655146B1FD5}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4059485407-2828597014-2479886380-1000_Classes\CLSID\{651149a5-c216-a2e4-8ca6-4c6277b3fb233}\InprocServer32 -> 0xDA1078C8B2C5CC0100D81B9C33374F01000000000000000000000000 No File
CustomCLSID: HKU\S-1-5-21-4059485407-2828597014-2479886380-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\NAME\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4059485407-2828597014-2479886380-1000_Classes\CLSID\{b31b1545-d09c-06d8-70f3-e230283011406}\InprocServer32 -> 0x46675945414272515977632B587373424867414F41444D5062695332797A526E306F68416E527655766262576178395379 (the data entry has 86 more characters).
CustomCLSID: HKU\S-1-5-21-4059485407-2828597014-2479886380-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\NAME\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4059485407-2828597014-2479886380-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\NAME\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4059485407-2828597014-2479886380-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\NAME\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4059485407-2828597014-2479886380-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\NAME\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714_1\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

02-06-2015 07:56:28 20150601 alles ok
03-06-2015 21:01:13 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2014-04-22 21:22 - 2014-04-22 21:23 - 00000034 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {004D3EEA-65C0-407D-B7D4-9C609A23EC8A} - System32\Tasks\MT66 Software Update => C:\Program Files (x86)\Common Files\MT66 Software Update\UpdateClient.exe [2009-11-18] (MedienTeam66)
Task: {03527A66-9D87-463C-9428-E9A995F1DE34} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2012-03-12] (Microsoft Corporation)
Task: {0F4E1283-46BC-431D-BA37-B63C833A5EF1} - System32\Tasks\{3A5618C7-A1C5-4E04-ABED-912939B76AD1} => pcalua.exe -a C:\Windows\SysWOW64\CplMCDec.cpl -c MainConcept Decoder Control
Task: {16577B19-BF86-4E0A-94AC-CC831E8878CA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {1965907D-AE51-467E-9454-5252A979B9B9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-04-21] (Avast Software s.r.o.)
Task: {2435DD56-94FC-45E2-9490-DB7FF749F175} - System32\Tasks\{C6AECB71-34F4-4A2E-A48F-DA0865446185} => C:\Program Files (x86)\cobra\AdressPLUS2009\Programm\AdressPLUS.exe [2009-04-06] (cobra GmbH)
Task: {2C4433FA-EA8D-4464-92ED-E6ED0B0E0406} - System32\Tasks\4Team updater => C:\Program Files (x86)\4Team Corporation\4Team-Updater\4Team-Updater.exe [2014-06-10] ()
Task: {3A403C98-2E5F-45CD-AF18-BA51E9DBEDC2} - System32\Tasks\Microsoft Office 15 Sync Maintenance for PCBUERO-NAME PCBUERO => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-03-10] (Microsoft Corporation)
Task: {3B6283BD-5E43-4150-988E-F026949A7C6B} - System32\Tasks\Allway Sync_{4F0C1497E9A5A062AD06B978802E02AB} => C:\Program Files\Allway Sync\Bin\syncappw.exe [2015-04-21] ()
Task: {48A59B8B-B3E3-47A4-95DF-3C4DEB7383A1} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {518482C6-C894-4E5E-B277-2FC355B258AA} - System32\Tasks\{62896A08-2847-4647-A6D3-22683CA6BD62} => pcalua.exe -a C:\Users\NAME\Downloads\irfanview_plugins_428_setup.exe -d C:\Users\NAME\Downloads
Task: {611501AD-AC21-4C3B-A608-BB084255F113} - System32\Tasks\{626E38EB-275A-48A3-8FFF-FDE990F235A5} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2015-04-17] (Skype Technologies S.A.)
Task: {86F140C5-90AA-424C-B937-5F4133CDF751} - System32\Tasks\{07E641B5-5948-4970-A1B3-62F2E110F18B} => pcalua.exe -a C:\Users\NAME\Downloads\64bit_Vista_Win7_R265.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {8B974D57-5915-4DE6-9534-B9F39D832D95} - System32\Tasks\{F6A79807-13E5-42DE-8CCF-DE5A1E759324} => pcalua.exe -a C:\Users\NAME\Downloads\vpsupd.exe -d C:\Users\NAME\Downloads
Task: {95F2E3DC-0DB3-416C-9611-9E70281635F7} - System32\Tasks\{2C25ADFC-9607-42C6-92BC-6E3D2E663A82} => pcalua.exe -a C:\Users\NAME\Downloads\HiJackThis204.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {978911E6-C947-4DBF-9942-99820E1FE5DF} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {9924893F-A5D7-4EDA-AE20-E5B8F96B6B83} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {A452E930-41BF-4B03-8A5D-8EE6F02AEC6F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {A4CA749E-2B0C-4729-9E59-3AA6B5F62B0B} - System32\Tasks\{808D2836-1906-4ABC-BF0A-52E07AF61111} => pcalua.exe -a D:\WINDOWS.XP\SETUP.EXE -d D:\WINDOWS.XP
Task: {AA101B14-EE49-4E8E-8A2A-69793C9AF679} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {AA99E0BF-0DCA-4CA7-82CD-EE5707757504} - System32\Tasks\{2D47C6B0-D2B6-4365-8E61-69AA7C66DB59} => D:\WINDOWS.XP\SETUP.EXE
Task: {AF3C190D-D831-4947-9914-9EDC44C3DC7E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-05-19] (Microsoft Corporation)
Task: {BAF477FB-CFCC-4B88-9501-EE10A6D883EA} - System32\Tasks\{E8EB3BE7-8EB8-4F5E-A924-D6391FA107A4} => B:\Setup.exe
Task: {BC5F4C4F-CFE8-4803-BB91-825E0139AFC4} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2010-10-28] (ASUSTeK Computer Inc.)
Task: {C46162DD-C01F-4D8A-9A7D-BDACB9CD2821} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {C83AF108-5C95-4899-AC10-2E0FFDEC3702} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {CA6BD99A-F98F-4D15-A2EA-B5C5898AE592} - System32\Tasks\{5507DA1F-278E-4BC3-BC5D-E645249DCCE6} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe" -c -runfromtemp -l1031 -removeonly
Task: {D2198DCD-CD80-42AC-9826-170A8F4F1779} - System32\Tasks\{1C456F1E-F9A7-4B46-BA1E-BD65FD1CF0AF} => msiexec.exe /package "B:\setup\SolutionCenter\SolutionCenter.msi"
Task: {D41D8CF3-A62F-42F0-BFD6-ED0666ED632F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {E0AB431F-5D1A-482D-8A45-51057D0045C8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-04] (Adobe Systems Incorporated)
Task: {E58DDB35-0821-4C9F-BFC4-F8075E53B824} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {E67B05BF-531B-4D66-8CB4-181603F77FE8} - System32\Tasks\{1EDFEF86-714A-4F13-890D-AFBAFC83555E} => pcalua.exe -a C:\Users\NAME\Downloads\Install_CopyTrans_Suite.exe -d C:\Users\NAME\Downloads
Task: {E7411F16-F6BF-4FC0-8800-4F4B41F698C2} - System32\Tasks\{EEBC3D9E-8140-431B-B85C-31C188B57779} => pcalua.exe -a "C:\Users\NAME\Downloads\USB HDD\Setup.exe" -d "C:\Users\NAME\Downloads\USB HDD"
Task: {E7E97F81-4B00-491C-9CF4-6B801D326184} - System32\Tasks\Allway Sync_{47DB885EEF89F1BFADE380163D5D1ABD} => C:\Program Files\Allway Sync\Bin\syncappw.exe [2015-04-21] ()
Task: {E90A67BF-11CC-4D24-8097-75B40D64F269} - System32\Tasks\Allway Sync_{4526EC8052B0DD6E9FE27029D0A8F297} => C:\Program Files\Allway Sync\Bin\syncappw.exe [2015-04-21] ()
Task: {ECCA0C43-AA25-47E1-8BE1-A0EA63CE2EBF} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {F09A17DA-DE32-46A1-8AA2-20D52503F7BB} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {F9D0FA86-E9C7-47E4-91B7-FCEC8461588C} - System32\Tasks\{14997EA8-ACA0-4676-8315-3D7FA01E38CE} => pcalua.exe -a C:\Users\NAME\Desktop\HiJackThis204.exe -d C:\Users\NAME\Desktop
Task: {FB5F097C-738C-4561-A694-3CF75A257B4E} - System32\Tasks\Allway Sync_{4D5D44EA8CFE20E67E17FB2D2B9557A2} => C:\Program Files\Allway Sync\Bin\syncappw.exe [2015-04-21] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Allway Sync_{4526EC8052B0DD6E9FE27029D0A8F297}.job => C:\Program Files\Allway Sync\Bin\syncappw.exe
Task: C:\Windows\Tasks\Allway Sync_{47DB885EEF89F1BFADE380163D5D1ABD}.job => C:\Program Files\Allway Sync\Bin\syncappw.exe
Task: C:\Windows\Tasks\Allway Sync_{4D5D44EA8CFE20E67E17FB2D2B9557A2}.job => C:\Program Files\Allway Sync\Bin\syncappw.exe
Task: C:\Windows\Tasks\Allway Sync_{4F0C1497E9A5A062AD06B978802E02AB}.job => C:\Program Files\Allway Sync\Bin\syncappw.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\MT66 Software Update.job => C:\Program Files (x86)\Common Files\MT66 Software Update\UpdateClient.exe

==================== Loaded Modules (Whitelisted) ==============

2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-11-03 12:42 - 2010-11-03 12:42 - 00909440 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.09\aaHMSvc.exe
2015-04-01 10:38 - 2015-04-01 10:38 - 00033280 _____ () C:\Program Files (x86)\Strato\HiDrive\ShellExt\HiDriveOverlayIcon1.dll
2015-04-01 10:38 - 2015-04-01 10:38 - 00009728 _____ () C:\Program Files (x86)\Strato\HiDrive\ShellExt\HiDrive.WCFClient.dll
2015-04-01 10:38 - 2015-04-01 10:38 - 00009216 _____ () C:\Program Files (x86)\Strato\HiDrive\ShellExt\HiDrive.TextLogger.dll
2015-04-01 10:38 - 2015-04-01 10:38 - 00019968 _____ () C:\Program Files (x86)\Strato\HiDrive\ShellExt\HiDriveShareFileExtensionEdit.dll
2015-04-01 10:38 - 2015-04-01 10:38 - 00022528 _____ () C:\Program Files (x86)\Strato\HiDrive\ShellExt\HiDriveShareFileExtensionCreate.dll
2014-11-22 02:03 - 2014-11-22 02:03 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-11-15 13:33 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2011-05-10 00:03 - 2006-02-23 11:35 - 00020480 _____ () C:\Windows\System32\FritzColorPort64.dll
2011-05-10 00:03 - 2006-02-22 10:39 - 00020480 _____ () C:\Windows\System32\FritzPort64.dll
2011-05-10 20:37 - 2010-06-17 21:56 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2015-04-21 23:12 - 2015-04-21 23:12 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-21 23:12 - 2015-04-21 23:12 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-06-03 20:59 - 2015-06-03 20:59 - 02951680 _____ () C:\Program Files\AVAST Software\Avast\defs\15060301\algo.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-03 21:17 - 2015-03-03 21:17 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-10-03 17:49 - 2013-10-03 17:49 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2015-03-19 12:22 - 2015-03-19 12:22 - 00094208 _____ () C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\libxpmux.dll
2014-11-15 13:33 - 2014-11-15 13:33 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2014-05-08 15:49 - 2014-05-08 15:49 - 00131072 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Locale\de_de\PDFMaker\PDFMOutlookAddin.DEU
2015-05-01 20:10 - 2015-05-01 20:10 - 03989224 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\PDFMaker\Common\AdobePDFMakerX.dll
2014-05-08 15:49 - 2014-05-08 15:49 - 01446912 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Locale\de_DE\PDFMaker\AdobePDFMakerX.DEU
2015-05-19 05:29 - 2015-04-14 14:42 - 01032360 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\ADDINS\UmOutlookAddin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:8CE646EE
AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-4059485407-2828597014-2479886380-1000\...\dell.com -> dell.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4059485407-2828597014-2479886380-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\NAME\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: HP LaserJet Service => 2
MSCONFIG\Services: HPSLPSVC => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ISDNWatch.lnk => C:\Windows\pss\ISDNWatch.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^NAME^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^An OneNote senden.lnk => C:\Windows\pss\An OneNote senden.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
MSCONFIG\startupreg: BlackBerryLink.exe => "C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.exe" /minimize
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: HPPQVideo => "C:\Program Files (x86)\HP\ScheduledLaunch\HP Color LaserJet CM2320 MFP Series\bin\hppschlnch.exe" -r SOFTWARE\Hewlett-Packard\ScheduledLaunch\CLJ_CM2320_MFP_Series -f PQOptimizerVideo.xml -o remindLater
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KeePass 2 PreLoad => "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
MSCONFIG\startupreg: LGODDFU => "C:\Program Files (x86)\lg_fwupdate\fwupdate.exe" blrun
MSCONFIG\startupreg: Malwarebytes' Anti-Malware => "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
MSCONFIG\startupreg: PDVD8LanguageShortcut => "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl8 => "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"
MSCONFIG\startupreg: RIM PeerManager => "C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe"
MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
MSCONFIG\startupreg: SAOB Monitor => C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
MSCONFIG\startupreg: Seagate Dashboard => C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TrueImageMonitor.exe => "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
MSCONFIG\startupreg: UCam_Menu => "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\1.0"
MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
MSCONFIG\startupreg: UpdatePPShortCut => "C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0"
MSCONFIG\startupreg: UpdatePSTShortCut => "C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
MSCONFIG\startupreg: UVS11 Preload => C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{D74D9CC8-3170-4713-B9F6-1CA4AE89BF2D}C:\program files (x86)\raidar\raidar.exe] => (Allow) C:\program files (x86)\raidar\raidar.exe
FirewallRules: [UDP Query User{05BBBD2A-F9B2-424D-A27C-9E2CF1AE12DD}C:\program files (x86)\raidar\raidar.exe] => (Allow) C:\program files (x86)\raidar\raidar.exe
FirewallRules: [{02D3E338-68C9-4323-A481-0190A3A5F958}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B9E4B5B1-5B6B-4C84-B6B9-B94DF7F05BC6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5C381CD7-DEA5-47E1-A643-40DCD8D701D0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9244917E-EE32-4ED3-BD37-ACDD0EBB5DF3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD8\PowerDVD8.EXE
FirewallRules: [TCP Query User{7BB2C2CF-3BCB-4AEF-9E07-31BDAA6E0174}C:\program files (x86)\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files (x86)\google\google earth\plugin\geplugin.exe
FirewallRules: [UDP Query User{DE5B1C7D-D463-433C-BC2C-80FF55F72D9E}C:\program files (x86)\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files (x86)\google\google earth\plugin\geplugin.exe
FirewallRules: [TCP Query User{23CDFF3C-B1BA-4498-83A7-AB46CDCE4D73}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [UDP Query User{92ABEDFE-EAD2-4AC9-A370-FE1780B4BFFB}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [{E45E2CD5-97CC-41D4-9C75-B7BC54EC012F}] => (Allow) C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
FirewallRules: [TCP Query User{BC720A79-C75B-45B5-AAA7-36520C055D88}C:\program files\windows sidebar\sidebar.exe] => (Allow) C:\program files\windows sidebar\sidebar.exe
FirewallRules: [UDP Query User{252EB32E-C1BB-43B2-B8B1-7079269E7B1B}C:\program files\windows sidebar\sidebar.exe] => (Allow) C:\program files\windows sidebar\sidebar.exe
FirewallRules: [TCP Query User{53D46B33-37A2-4D6A-9F91-8340160DBA3E}C:\program files (x86)\raidar\raidar.exe] => (Allow) C:\program files (x86)\raidar\raidar.exe
FirewallRules: [UDP Query User{7B579F22-FD9C-4B59-8D82-D508015D903D}C:\program files (x86)\raidar\raidar.exe] => (Allow) C:\program files (x86)\raidar\raidar.exe
FirewallRules: [TCP Query User{8E26447C-64EC-4221-8F44-2733B2653441}C:\program files (x86)\asus\ai suite ii\ai suite ii.exe] => (Allow) C:\program files (x86)\asus\ai suite ii\ai suite ii.exe
FirewallRules: [UDP Query User{686F7C0D-C6F8-48FB-B3FD-C78F10299AFC}C:\program files (x86)\asus\ai suite ii\ai suite ii.exe] => (Allow) C:\program files (x86)\asus\ai suite ii\ai suite ii.exe
FirewallRules: [TCP Query User{EB9260EE-826E-4A4B-908D-3F45B80648D6}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Block) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [UDP Query User{386766A4-A1A4-4493-B62C-A36336119A63}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Block) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [{2E7F9F37-AFEF-4914-8D7A-1BE91E0151C4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{753485A4-F027-4E89-ACF3-56C2D737AE55}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D4BB4428-D62B-4E61-B848-046E1BE93B85}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD8\PowerDVD8.EXE
FirewallRules: [{DE2A4C64-5E2A-45E5-A344-E9F84403478F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD8\PowerDVD8.EXE
FirewallRules: [Out=C:\Program Files (x86)\DVDFab 9040\DVDFab.exe] => (Block) C:\Program Files (x86)\DVDFab 9040\DVDFab.exe
FirewallRules: [Out=C:\Program Files (x86)\DVDFab 9040\FabCheck.exe] => (Block) C:\Program Files (x86)\DVDFab 9040\FabCheck.exe
FirewallRules: [Out=C:\Program Files (x86)\DVDFab 9040\FabCore.exe] => (Block) C:\Program Files (x86)\DVDFab 9040\FabCore.exe
FirewallRules: [Out=C:\Program Files (x86)\DVDFab 9040\FabRegOp.exe] => (Block) C:\Program Files (x86)\DVDFab 9040\FabRegOp.exe
FirewallRules: [Out=C:\Program Files (x86)\DVDFab 9040\FabReport.exe] => (Block) C:\Program Files (x86)\DVDFab 9040\FabReport.exe
FirewallRules: [Out=C:\Program Files (x86)\DVDFab 9040\FileMover.exe] => (Block) C:\Program Files (x86)\DVDFab 9040\FileMover.exe
FirewallRules: [{34B475A5-DCF4-42FB-B99B-2B610B87D17E}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{F5FD24E9-FB81-47A9-8A64-1B693712ABC3}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [TCP Query User{0E715F1D-6E99-4E3B-ADE4-AA161F451FDB}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{8758DF5C-1544-4809-A1B4-6C203EF70926}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{FB8FEE9C-C5D1-4EBF-9D94-C7C8F9EA140E}B:\dlact.exe] => (Allow) B:\dlact.exe
FirewallRules: [UDP Query User{A6C08A6C-C30D-44CB-AF67-BCBF1F3DC8AB}B:\dlact.exe] => (Allow) B:\dlact.exe
FirewallRules: [TCP Query User{43F87F5C-4D43-4A1A-934C-4A49A5155ED1}C:\program files\dell printers\dell c2665dnf color laser multifunction printer\app manager\dla1jdz.exe] => (Allow) C:\program files\dell printers\dell c2665dnf color laser multifunction printer\app manager\dla1jdz.exe
FirewallRules: [UDP Query User{DAD13BFF-4683-41AA-9F8F-8A7CC356F341}C:\program files\dell printers\dell c2665dnf color laser multifunction printer\app manager\dla1jdz.exe] => (Allow) C:\program files\dell printers\dell c2665dnf color laser multifunction printer\app manager\dla1jdz.exe
FirewallRules: [TCP Query User{7003C5B5-8F45-45CE-BF91-5959A744AB0F}C:\program files\dell printers\dell c2665dnf color laser multifunction printer\configuration tool\dlact.exe] => (Allow) C:\program files\dell printers\dell c2665dnf color laser multifunction printer\configuration tool\dlact.exe
FirewallRules: [UDP Query User{2100D177-5BAF-4B2F-912C-76A92ADCCC76}C:\program files\dell printers\dell c2665dnf color laser multifunction printer\configuration tool\dlact.exe] => (Allow) C:\program files\dell printers\dell c2665dnf color laser multifunction printer\configuration tool\dlact.exe
FirewallRules: [{359995E9-F621-4DB7-B8FB-565A810C34D4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{06F06D0E-BD3B-42CD-85C0-EADCBB869684}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{46232BB9-EFCA-4F36-86B3-589071883C2F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0E78D3A8-E279-48D3-B6BB-38C3FAA05582}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9FFC561F-9627-4A16-83C1-6522445C2BBE}] => (Allow) C:\Users\NAME\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{AAD7BAD3-3299-4A05-97B3-031B2649C802}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{327453B9-A750-4F4A-B3A2-97F97BAE226A}] => (Allow) B:\fsetup.exe
FirewallRules: [{B42FA957-85B5-47E3-918D-69B721819186}] => (Allow) B:\fsetup.exe
FirewallRules: [{026D3D7D-9718-4483-B3C6-7EB373BB165D}] => (Allow) B:\fsetup.exe
FirewallRules: [{5ADDBE43-2622-484B-9223-EE7796460F90}] => (Allow) B:\fsetup.exe
FirewallRules: [{CD34FB46-26F6-4DDB-9178-31C24D567402}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0F7A18FA-656B-4787-846B-D32A8EC1DDED}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8B7F11E8-4A16-405E-A83C-C4A2F58CB635}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{5A13B175-BCF0-48DD-930D-537D4533CDC2}] => (Allow) LPort=2869
FirewallRules: [{0F740F87-0C4D-49CD-9021-4B38591C8F37}] => (Allow) LPort=1900
FirewallRules: [{A6798994-7172-4685-97B5-6ECBBB98853E}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{5CD4BE0D-DD65-4A37-939F-E7204C4167E6}] => (Allow) tunmgr.exe
FirewallRules: [{52D7CD5B-24A5-4734-9144-E152EAF49BDF}] => (Allow) tunmgr.exe
FirewallRules: [{86335151-5C95-4CD8-80A7-329C2150A58E}] => (Allow) mDNSResponder.exe
FirewallRules: [{AA2E270D-B615-479C-A352-44F5F3278529}] => (Allow) mDNSResponder.exe
FirewallRules: [{B683943E-E020-4E3A-B9C9-C4A5E4D3B65E}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
FirewallRules: [{BF10BC06-3CAE-4084-A468-4E88DB40B2D4}] => (Allow) C:\Program Files (x86)\BlackBerry\BlackBerry Blend\desktopinvokeproxy.exe
FirewallRules: [TCP Query User{7D1435C6-F00F-4F14-8AC4-4B868DA51335}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => (Block) C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [UDP Query User{BA635A77-EB40-4F9B-BE03-DF44AA1FDCFB}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => (Block) C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [{00512C35-CA8D-41B9-A56D-898E20C6C943}] => (Allow) C:\Program Files (x86)\Software4u\iDevice Manager\Software4u.IDeviceManager.exe
FirewallRules: [{94B52BC5-D08D-41FD-95FD-DDD27E29880B}] => (Allow) C:\Program Files (x86)\Software4u\iDevice Manager\Software4u.IDeviceManager.exe
FirewallRules: [{5FD857C2-AD05-49A4-87C6-89E71C5E0EC8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B4ED02AE-BA81-4DBF-82E8-46BFE058EC39}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{99773573-8A93-41B8-B158-773C4150AB06}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F245910A-462D-462D-B865-645AF90BFD4F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Faulty Device Manager Devices =============

Name: LogMeIn Kernel Information Provider
Description: LogMeIn Kernel Information Provider
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: LMIInfo
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/04/2015 09:01:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: 4Team-Updater.exe, Version: 1.0.5274.24706, Zeitstempel: 0x5396ef64
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18869, Zeitstempel: 0x556363bc
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x4c8
Startzeit der fehlerhaften Anwendung: 0x4Team-Updater.exe0
Pfad der fehlerhaften Anwendung: 4Team-Updater.exe1
Pfad des fehlerhaften Moduls: 4Team-Updater.exe2
Berichtskennung: 4Team-Updater.exe3

Error: (06/04/2015 09:01:02 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: 4Team-Updater.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.UnauthorizedAccessException
Stapel:
   bei Auto_Updater.MainApplication.ScheduleTask()
   bei Auto_Updater.MainApplication.Main()

Error: (06/03/2015 09:01:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: 4Team-Updater.exe, Version: 1.0.5274.24706, Zeitstempel: 0x5396ef64
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18839, Zeitstempel: 0x553e88ab
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x1248
Startzeit der fehlerhaften Anwendung: 0x4Team-Updater.exe0
Pfad der fehlerhaften Anwendung: 4Team-Updater.exe1
Pfad des fehlerhaften Moduls: 4Team-Updater.exe2
Berichtskennung: 4Team-Updater.exe3

Error: (06/03/2015 09:01:02 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: 4Team-Updater.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.UnauthorizedAccessException
Stapel:
   bei Auto_Updater.MainApplication.ScheduleTask()
   bei Auto_Updater.MainApplication.Main()

Error: (06/02/2015 11:54:04 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Das Stammelement der Manifestdatei muss assembliert sein.

Error: (06/02/2015 09:01:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: 4Team-Updater.exe, Version: 1.0.5274.24706, Zeitstempel: 0x5396ef64
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18839, Zeitstempel: 0x553e88ab
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x2ce0
Startzeit der fehlerhaften Anwendung: 0x4Team-Updater.exe0
Pfad der fehlerhaften Anwendung: 4Team-Updater.exe1
Pfad des fehlerhaften Moduls: 4Team-Updater.exe2
Berichtskennung: 4Team-Updater.exe3

Error: (06/02/2015 09:01:00 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: 4Team-Updater.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.UnauthorizedAccessException
Stapel:
   bei Auto_Updater.MainApplication.ScheduleTask()
   bei Auto_Updater.MainApplication.Main()

Error: (06/01/2015 09:01:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: 4Team-Updater.exe, Version: 1.0.5274.24706, Zeitstempel: 0x5396ef64
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18839, Zeitstempel: 0x553e88ab
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x23ec
Startzeit der fehlerhaften Anwendung: 0x4Team-Updater.exe0
Pfad der fehlerhaften Anwendung: 4Team-Updater.exe1
Pfad des fehlerhaften Moduls: 4Team-Updater.exe2
Berichtskennung: 4Team-Updater.exe3

Error: (06/01/2015 09:01:01 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: 4Team-Updater.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.UnauthorizedAccessException
Stapel:
   bei Auto_Updater.MainApplication.ScheduleTask()
   bei Auto_Updater.MainApplication.Main()

Error: (05/31/2015 04:18:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application bug: DNSServiceResolve(ReadyNAS\032Discovery\032[NAS]._readynas._tcp.local.) active for over two minutes. This places considerable burden on the network.


System errors:
=============
Error: (06/04/2015 09:13:48 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "BlackBerry Device Manager" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.

Error: (06/04/2015 09:13:48 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "BlackBerry Link Communication Manager" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/04/2015 09:13:47 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "RIM MDNS" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.

Error: (06/04/2015 09:13:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Druckwarteschlange" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/04/2015 09:13:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/04/2015 09:13:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Acronis Sync Agent Service" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/04/2015 09:13:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Acronis Nonstop Backup Service" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/04/2015 09:13:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft Office-Klick-und-Los-Dienst" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/04/2015 09:13:47 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ASUS Com Service" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.

Error: (06/04/2015 09:09:58 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office:
=========================
Error: (06/04/2015 09:01:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: 4Team-Updater.exe1.0.5274.247065396ef64KERNELBASE.dll6.1.7601.18869556363bce04343520000c42d4c801d09e9412b82beaC:\Program Files (x86)\4Team Corporation\4Team-Updater\4Team-Updater.exeC:\Windows\syswow64\KERNELBASE.dll76d14e4b-0a87-11e5-80d2-0200754d0801

Error: (06/04/2015 09:01:02 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: 4Team-Updater.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.UnauthorizedAccessException
Stapel:
   bei Auto_Updater.MainApplication.ScheduleTask()
   bei Auto_Updater.MainApplication.Main()

Error: (06/03/2015 09:01:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: 4Team-Updater.exe1.0.5274.247065396ef64KERNELBASE.dll6.1.7601.18839553e88abe04343520000c42d124801d09dcae863a886C:\Program Files (x86)\4Team Corporation\4Team-Updater\4Team-Updater.exeC:\Windows\syswow64\KERNELBASE.dll4c4e4029-09be-11e5-a200-96ebcd04ad1e

Error: (06/03/2015 09:01:02 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: 4Team-Updater.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.UnauthorizedAccessException
Stapel:
   bei Auto_Updater.MainApplication.ScheduleTask()
   bei Auto_Updater.MainApplication.Main()

Error: (06/02/2015 11:54:04 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: C:\Program Files (x86)\cobra\AdressPLUS2009\Programm\Module\adxloader.dll.ManifestC:\Program Files (x86)\cobra\AdressPLUS2009\Programm\Module\adxloader.dll.Manifest2

Error: (06/02/2015 09:01:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: 4Team-Updater.exe1.0.5274.247065396ef64KERNELBASE.dll6.1.7601.18839553e88abe04343520000c42d2ce001d09d01bdf6d79bC:\Program Files (x86)\4Team Corporation\4Team-Updater\4Team-Updater.exeC:\Windows\syswow64\KERNELBASE.dll20d0706e-08f5-11e5-b6c2-02f0a9d80701

Error: (06/02/2015 09:01:00 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: 4Team-Updater.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.UnauthorizedAccessException
Stapel:
   bei Auto_Updater.MainApplication.ScheduleTask()
   bei Auto_Updater.MainApplication.Main()

Error: (06/01/2015 09:01:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: 4Team-Updater.exe1.0.5274.247065396ef64KERNELBASE.dll6.1.7601.18839553e88abe04343520000c42d23ec01d09c3893918c67C:\Program Files (x86)\4Team Corporation\4Team-Updater\4Team-Updater.exeC:\Windows\syswow64\KERNELBASE.dllf72417af-082b-11e5-b6c2-02f0a9d80701

Error: (06/01/2015 09:01:01 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: 4Team-Updater.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.UnauthorizedAccessException
Stapel:
   bei Auto_Updater.MainApplication.ScheduleTask()
   bei Auto_Updater.MainApplication.Main()

Error: (05/31/2015 04:18:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application bug: DNSServiceResolve(ReadyNAS\032Discovery\032[NAS]._readynas._tcp.local.) active for over two minutes. This places considerable burden on the network.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz
Percentage of memory in use: 34%
Total physical RAM: 7894.89 MB
Available physical RAM: 5154.29 MB
Total Pagefile: 15787.98 MB
Available Pagefile: 12872.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:852.01 GB) NTFS
Drive d: (Daten) (Fixed) (Total:931.51 GB) (Free:919.11 GB) NTFS
Drive v: () (Network) (Total:1863.01 GB) (Free:802.02 GB) 
Drive w: () (Network) (Total:1385.12 GB) (Free:423.05 GB) 
Drive x: () (Network) (Total:1385.12 GB) (Free:423.05 GB) 
Drive y: () (Network) (Total:1385.12 GB) (Free:423.05 GB) 
Drive z: () (Network) (Total:1385.12 GB) (Free:423.05 GB) 

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 6957ADBB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 5C403C46)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of log ============================

--- --- ---

Danke Dir für Deine Instruktion. Heb die beiden Logs oben gepostet. Hoffe, das passt so.

schrauber · 04.06.2015, 20:42

hi,

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Member 2015 · 05.06.2015, 09:00

Danke Dir.

mbar.exe habe ich laufen gelassen. Keine Funde. Logfile hier:

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.06.05.01
  rootkit: v2015.06.02.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.17357
NAME :: PCBUERO [administrator]

05.06.2015 08:18:59
mbar-log-2015-06-05 (08-18-59).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 482171
Time elapsed: 23 minute(s), 54 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

TDSSKiller.exe mache ich gleich.

Und hier nun das Logfile von TDSSKiller.exe. Es wurde kein Fund angezeigt.

Code:

ATTFilter

09:47:09.0135 0x2bf4  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
09:47:15.0896 0x2bf4  ============================================================
09:47:15.0896 0x2bf4  Current date / time: 2015/06/05 09:47:15.0896
09:47:15.0896 0x2bf4  SystemInfo:
09:47:15.0896 0x2bf4  
09:47:15.0896 0x2bf4  OS Version: 6.1.7601 ServicePack: 1.0
09:47:15.0896 0x2bf4  Product type: Workstation
09:47:15.0896 0x2bf4  ComputerName: PCBUERO
09:47:15.0896 0x2bf4  UserName: NAME
09:47:15.0896 0x2bf4  Windows directory: C:\Windows
09:47:15.0896 0x2bf4  System windows directory: C:\Windows
09:47:15.0896 0x2bf4  Running under WOW64
09:47:15.0896 0x2bf4  Processor architecture: Intel x64
09:47:15.0896 0x2bf4  Number of processors: 8
09:47:15.0896 0x2bf4  Page size: 0x1000
09:47:15.0896 0x2bf4  Boot type: Normal boot
09:47:15.0896 0x2bf4  ============================================================
09:47:16.0846 0x2bf4  KLMD registered as C:\Windows\system32\drivers\70438579.sys
09:47:17.0416 0x2bf4  System UUID: {88FB4357-3E85-8E1D-B5EC-1E25A23AEFBB}
09:47:18.0226 0x2bf4  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:47:18.0226 0x2bf4  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:47:18.0226 0x2bf4  ============================================================
09:47:18.0226 0x2bf4  \Device\Harddisk0\DR0:
09:47:18.0226 0x2bf4  MBR partitions:
09:47:18.0226 0x2bf4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
09:47:18.0226 0x2bf4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D4000
09:47:18.0226 0x2bf4  \Device\Harddisk1\DR1:
09:47:18.0226 0x2bf4  MBR partitions:
09:47:18.0226 0x2bf4  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705000
09:47:18.0226 0x2bf4  ============================================================
09:47:18.0346 0x2bf4  C: <-> \Device\Harddisk0\DR0\Partition2
09:47:18.0956 0x2bf4  D: <-> \Device\Harddisk1\DR1\Partition1
09:47:18.0956 0x2bf4  ============================================================
09:47:18.0956 0x2bf4  Initialize success
09:47:18.0956 0x2bf4  ============================================================
09:48:25.0874 0x206c  ============================================================
09:48:25.0874 0x206c  Scan started
09:48:25.0874 0x206c  Mode: Manual; SigCheck; TDLFS; 
09:48:25.0874 0x206c  ============================================================
09:48:25.0874 0x206c  KSN ping started
09:50:03.0844 0x206c  KSN ping finished: true
09:50:04.0575 0x206c  ================ Scan system memory ========================
09:50:04.0575 0x206c  System memory - ok
09:50:04.0575 0x206c  ================ Scan services =============================
09:50:04.0685 0x206c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
09:50:04.0835 0x206c  1394ohci - ok
09:50:04.0895 0x206c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
09:50:04.0915 0x206c  ACPI - ok
09:50:04.0965 0x206c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
09:50:05.0005 0x206c  AcpiPmi - ok
09:50:05.0125 0x206c  [ 7736CDCCA38519FD637C82638A06B4FF, 9F6FD63A28BE387AD83707398DC67D88117E5517F8B7499315CE372F90F2B9B8 ] AcrSch2Svc      C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
09:50:05.0255 0x206c  AcrSch2Svc - ok
09:50:05.0495 0x206c  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:50:05.0515 0x206c  AdobeARMservice - ok
09:50:05.0615 0x206c  [ 00CC35F515079F5F94FABC3AC5C7D363, 7CE8B1715009602059DEDD6CBCA9C18EF079EDA344E7809813D6C0A395622B82 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:50:05.0635 0x206c  AdobeFlashPlayerUpdateSvc - ok
09:50:05.0675 0x206c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
09:50:05.0735 0x206c  adp94xx - ok
09:50:05.0745 0x206c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
09:50:05.0755 0x206c  adpahci - ok
09:50:05.0785 0x206c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
09:50:05.0795 0x206c  adpu320 - ok
09:50:05.0825 0x206c  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
09:50:05.0855 0x206c  AeLookupSvc - ok
09:50:05.0885 0x206c  [ ABCF9C80EAACE03021BB7F450EB8993F, 8E38726C423E82954CA85266D6F38B605D010A659420A4EF99D29035A9474BFB ] afcdp           C:\Windows\system32\DRIVERS\afcdp.sys
09:50:05.0905 0x206c  afcdp - ok
09:50:06.0005 0x206c  [ 3625E0DEAE06134C3B6FD4CC90329912, B2DD2931C9CD6B6C1D8BB26D78ABD095723EBEA82B2DF26DB99605B3E106CD10 ] afcdpsrv        C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
09:50:06.0065 0x206c  afcdpsrv - ok
09:50:06.0115 0x206c  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
09:50:06.0185 0x206c  AFD - ok
09:50:06.0205 0x206c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
09:50:06.0225 0x206c  agp440 - ok
09:50:06.0245 0x206c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
09:50:06.0275 0x206c  ALG - ok
09:50:06.0295 0x206c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
09:50:06.0305 0x206c  aliide - ok
09:50:06.0335 0x206c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
09:50:06.0345 0x206c  amdide - ok
09:50:06.0375 0x206c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
09:50:06.0395 0x206c  AmdK8 - ok
09:50:06.0405 0x206c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
09:50:06.0415 0x206c  AmdPPM - ok
09:50:06.0435 0x206c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
09:50:06.0465 0x206c  amdsata - ok
09:50:06.0475 0x206c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
09:50:06.0495 0x206c  amdsbs - ok
09:50:06.0505 0x206c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
09:50:06.0515 0x206c  amdxata - ok
09:50:06.0545 0x206c  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
09:50:06.0565 0x206c  AppID - ok
09:50:06.0575 0x206c  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
09:50:06.0595 0x206c  AppIDSvc - ok
09:50:06.0635 0x206c  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
09:50:06.0685 0x206c  Appinfo - ok
09:50:06.0785 0x206c  [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:50:06.0805 0x206c  Apple Mobile Device Service - ok
09:50:06.0815 0x206c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
09:50:06.0835 0x206c  arc - ok
09:50:06.0835 0x206c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
09:50:06.0845 0x206c  arcsas - ok
09:50:06.0965 0x206c  [ 2ECD858010450A08E6912AC2B9422B80, E0D607C8B816F3303281B6B39A15A2D69CAE38166A3D02DBBE5BCD9919DD247E ] asComSvc        C:\Program Files (x86)\ASUS\AXSP\1.00.12\atkexComSvc.exe
09:50:07.0015 0x206c  asComSvc - ok
09:50:07.0065 0x206c  [ 84077BBCFD2D4DDC68A1F99FEC3D6CE7, 2569538CE6BFA81D14F6C0D331EB017BF5C4969E157ADAC181AA5FF31E40B27A ] asHmComSvc      C:\Program Files (x86)\ASUS\AAHM\1.00.09\aaHMSvc.exe
09:50:07.0085 0x206c  asHmComSvc - ok
09:50:07.0115 0x206c  [ FEF9DD9EA587F8886ADE43C1BEFBDAFE, DDE6F28B3F7F2ABBEE59D4864435108791631E9CB4CDFB1F178E5AA9859956D8 ] AsIO            C:\Windows\syswow64\drivers\AsIO.sys
09:50:07.0125 0x206c  AsIO - ok
09:50:07.0185 0x206c  [ 30284361A316A61306D3494953B72BF8, 169B7E1439A506C8E827988DAD796B37CE81A32B5EB2DEBDD5032AC6C9845380 ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
09:50:07.0205 0x206c  asmthub3 - ok
09:50:07.0235 0x206c  [ 1390ABD16ADE1F2443B5749D06C4C8F2, 3F5BE10CC1D6459B7062206FA4981BF81956B3CBC92D3B596B7B7A383DA4C106 ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
09:50:07.0255 0x206c  asmtxhci - ok
09:50:07.0365 0x206c  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:50:07.0375 0x206c  aspnet_state - ok
09:50:07.0425 0x206c  [ 5C31DFB196CB3A488A041881634D86D2, 419ABEED7FB7CEBBA264802D2F727D18F999CEDA566A0830C38A69AC1680F3EA ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.10\AsSysCtrlService.exe
09:50:07.0465 0x206c  AsSysCtrlService - ok
09:50:07.0495 0x206c  [ 1392B92179B07B672720763D9B1028A5, B4D47EA790920A4531E3DF5A4B4B0721B7FEA6B49A35679F0652F1E590422602 ] AsUpIO          C:\Windows\syswow64\drivers\AsUpIO.sys
09:50:07.0505 0x206c  AsUpIO - ok
09:50:07.0545 0x206c  [ B5B4C90E9F52DA8586F1E5461AD90A5D, D1EAA34E6AEB014E942D22F8CB5FB19BF1E2EADE5B5357274C001F44FDC25F05 ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
09:50:07.0565 0x206c  aswHwid - ok
09:50:07.0645 0x206c  [ 300CB8E510855189CAD0B72FFB5590CB, EB50DC553FA8FD9DE3F60AAFED20702EAFBB1498EBD3220A39CC52A12F694246 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
09:50:07.0665 0x206c  aswMonFlt - ok
09:50:07.0695 0x206c  [ 6D37D8DB30D086739507C5F6E542656A, 746D9E32E729138EA19062F4E6B6C98B6833504020A296E3E2A9CD92E0FED0B9 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
09:50:07.0705 0x206c  aswRdr - ok
09:50:07.0735 0x206c  [ 07E32DFCA422A2920482D762D01957EC, A6502D26266D708E55EB2883897673AD3087C41D9EA0B41CD6BF6BD923EBDCB8 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
09:50:07.0755 0x206c  aswRvrt - ok
09:50:07.0835 0x206c  [ 3B4AC2DBFC86F7247C1FF1FAF2860530, A54A693D01C02AAE2B78BFE9B3900B5A6DD0C2C37C8FA58B14B5F57107032FF5 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
09:50:07.0885 0x206c  aswSnx - ok
09:50:07.0945 0x206c  [ B1368BE5F6BA529E0886F4DA2361BD2D, B95F430B4E4EFE9D257870722AA8F0507FB96FBE3AAB12068C662CCB6A180FE2 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
09:50:07.0975 0x206c  aswSP - ok
09:50:07.0995 0x206c  [ 6E53278ECCFFBC2ACC2A5006745ED4BB, 392170073A8933DB43CD1D64AD087F972F1971BF83BCAFE5B8FA1273C02026CE ] aswStm          C:\Windows\system32\drivers\aswStm.sys
09:50:08.0005 0x206c  aswStm - ok
09:50:08.0035 0x206c  [ 91782404718C6352C26B3242BAC3F0F1, 84B1CDD1EBC83FAEBDCC8F67B13CA405C6CF0C518FC016603889EBE48FC91AB9 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
09:50:08.0055 0x206c  aswVmm - ok
09:50:08.0065 0x206c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
09:50:08.0215 0x206c  AsyncMac - ok
09:50:08.0235 0x206c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
09:50:08.0245 0x206c  atapi - ok
09:50:08.0305 0x206c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:50:08.0355 0x206c  AudioEndpointBuilder - ok
09:50:08.0365 0x206c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
09:50:08.0385 0x206c  AudioSrv - ok
09:50:08.0455 0x206c  [ 54236E79A44F909612391C8A2D70D512, B0DF5BCC4F90AF087D0306F8D81F90B2CAE0176813E3AA6A7D5460F7878677CD ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
09:50:08.0475 0x206c  avast! Antivirus - ok
09:50:08.0505 0x206c  [ 43744F1D3CDE20F3925F10927C9036C2, 47374A71D1A38572B8C247E924C0F3F063A6281743C9B7D818D63CA576B5D289 ] AVMCOWAN        C:\Windows\system32\DRIVERS\AVMCOWAN.sys
09:50:08.0525 0x206c  AVMCOWAN - ok
09:50:08.0575 0x206c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
09:50:08.0655 0x206c  AxInstSV - ok
09:50:08.0685 0x206c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
09:50:08.0725 0x206c  b06bdrv - ok
09:50:08.0745 0x206c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
09:50:08.0775 0x206c  b57nd60a - ok
09:50:08.0805 0x206c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
09:50:08.0825 0x206c  BDESVC - ok
09:50:08.0825 0x206c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
09:50:08.0855 0x206c  Beep - ok
09:50:08.0925 0x206c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
09:50:08.0975 0x206c  BFE - ok
09:50:09.0045 0x206c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
09:50:09.0245 0x206c  BITS - ok
09:50:09.0345 0x206c  [ FBCF6C6B5FF25AFC7A9CBE485ABFCF6E, 858D5435D167FF8AD6552C6151F62DFD273740B7F1E98147DD5A527D6DA350D6 ] BlackBerry Device Manager C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
09:50:09.0365 0x206c  BlackBerry Device Manager - ok
09:50:09.0415 0x206c  [ A4B13A92B81CCF2CCF4AAB187AAEDFD4, C3414B8BC7BF983AB5C812C128E3086419AD5EF82BD1D916B466B64328BA8E0F ] blackberryncm   C:\Windows\system32\DRIVERS\blackberryncm6_AMD64.sys
09:50:09.0445 0x206c  blackberryncm - ok
09:50:09.0455 0x206c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
09:50:09.0475 0x206c  blbdrive - ok
09:50:09.0515 0x206c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:50:09.0535 0x206c  Bonjour Service - ok
09:50:09.0585 0x206c  BotkindSyncService - ok
09:50:09.0615 0x206c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
09:50:09.0665 0x206c  bowser - ok
09:50:09.0675 0x206c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:50:09.0705 0x206c  BrFiltLo - ok
09:50:09.0715 0x206c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:50:09.0735 0x206c  BrFiltUp - ok
09:50:09.0765 0x206c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
09:50:09.0805 0x206c  Browser - ok
09:50:09.0825 0x206c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
09:50:09.0865 0x206c  Brserid - ok
09:50:09.0875 0x206c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
09:50:09.0905 0x206c  BrSerWdm - ok
09:50:09.0925 0x206c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
09:50:09.0935 0x206c  BrUsbMdm - ok
09:50:09.0945 0x206c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
09:50:09.0965 0x206c  BrUsbSer - ok
09:50:09.0975 0x206c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
09:50:09.0985 0x206c  BTHMODEM - ok
09:50:10.0025 0x206c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
09:50:10.0055 0x206c  bthserv - ok
09:50:10.0225 0x206c  [ FECA9F830A5C6BAB9978E6781A26AE2B, CA1681A2F4FA849815B8E823805E078DB9C050CEE86E9E394B2A37B57CC474A6 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
09:50:10.0265 0x206c  c2cautoupdatesvc - ok
09:50:10.0305 0x206c  [ 5B33709F7FE59BB625F113EED86AFC5C, 8D29FE242D55526FDEB2CB4009B5DE19C93972E872BE6328AD3305E360A3D44B ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
09:50:10.0345 0x206c  c2cpnrsvc - ok
09:50:10.0395 0x206c  [ 1778EBA872274C1226D869CD9486847E, C76B8E07DD27E038B243A27C9FE6FB168731726638C83ADA29D18EE673D58835 ] Capture Device Service C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe
09:50:10.0415 0x206c  Capture Device Service - ok
09:50:10.0465 0x206c  [ 040DF73EA6102AF2E3191452FDBF67A5, AF398002D57696DB58D5477CC0E6928DD5C5D4786269BB761B376ED303F06876 ] cbfs5           C:\Windows\system32\drivers\cbfs5.sys
09:50:10.0475 0x206c  cbfs5 - ok
09:50:10.0495 0x206c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
09:50:10.0535 0x206c  cdfs - ok
09:50:10.0555 0x206c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
09:50:10.0575 0x206c  cdrom - ok
09:50:10.0615 0x206c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
09:50:10.0655 0x206c  CertPropSvc - ok
09:50:10.0665 0x206c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
09:50:10.0675 0x206c  circlass - ok
09:50:10.0715 0x206c  [ FF60401F1C659CA2ED4BAE85D3FD14DA, 71EEA0078E1545A2F80B0020BE7113843B713DE1A5CC20D9810BD9F3889A4DB0 ] CISVC           C:\Windows\system32\CISVC.EXE
09:50:10.0795 0x206c  CISVC - ok
09:50:10.0795 0x206c  cleanhlp - ok
09:50:10.0835 0x206c  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
09:50:10.0865 0x206c  CLFS - ok
09:50:11.0025 0x206c  [ 42C5B8010D47EF3F4BAE6D1B427E80F4, 721C24522C43D50081EA01FD521D68EB365B91561CCF2E7AD1F091FBD61E67FB ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
09:50:11.0075 0x206c  ClickToRunSvc - ok
09:50:11.0125 0x206c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:50:11.0165 0x206c  clr_optimization_v2.0.50727_32 - ok
09:50:11.0205 0x206c  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:50:11.0225 0x206c  clr_optimization_v2.0.50727_64 - ok
09:50:11.0285 0x206c  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:50:11.0305 0x206c  clr_optimization_v4.0.30319_32 - ok
09:50:11.0335 0x206c  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:50:11.0355 0x206c  clr_optimization_v4.0.30319_64 - ok
09:50:11.0365 0x206c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
09:50:11.0375 0x206c  CmBatt - ok
09:50:11.0395 0x206c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
09:50:11.0405 0x206c  cmdide - ok
09:50:11.0445 0x206c  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
09:50:11.0475 0x206c  CNG - ok
09:50:11.0475 0x206c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
09:50:11.0485 0x206c  Compbatt - ok
09:50:11.0505 0x206c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
09:50:11.0525 0x206c  CompositeBus - ok
09:50:11.0535 0x206c  COMSysApp - ok
09:50:11.0615 0x206c  [ 620D32545DACFEE5C3FE9D9F10CC80F7, 170C9E1743E84F9CD2219F6142B9AB1EE4B23B2505DA8E7FADC712A9789DE4F5 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
09:50:11.0655 0x206c  cphs - ok
09:50:11.0675 0x206c  cpuz136 - ok
09:50:11.0685 0x206c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
09:50:11.0695 0x206c  crcdisk - ok
09:50:11.0745 0x206c  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
09:50:11.0795 0x206c  CryptSvc - ok
09:50:11.0835 0x206c  CrystalSysInfo - ok
09:50:11.0905 0x206c  [ 46E6A6DB0D36A049C82CBEE26CD0B326, 49036B3B3B8D219A3DE668B148C467EC645C7E3CEE726C8A2F0089C61F314CDC ] cxpl_mhd        C:\Windows\system32\drivers\y_cx88x.sys
09:50:11.0945 0x206c  cxpl_mhd - ok
09:50:11.0985 0x206c  [ D06E443457FADC6B1AFAF3AA4B6936F6, 109B4D05E156604AFB3D63B380CC063B900AEB12F57A1D235B9F9399EE0909C7 ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
09:50:11.0995 0x206c  dc3d - ok
09:50:12.0035 0x206c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
09:50:12.0085 0x206c  DcomLaunch - ok
09:50:12.0105 0x206c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
09:50:12.0135 0x206c  defragsvc - ok
09:50:12.0175 0x206c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
09:50:12.0225 0x206c  DfsC - ok
09:50:12.0265 0x206c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
09:50:12.0375 0x206c  Dhcp - ok
09:50:12.0435 0x206c  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack       C:\Windows\system32\diagtrack.dll
09:50:12.0485 0x206c  DiagTrack - ok
09:50:12.0495 0x206c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
09:50:12.0525 0x206c  discache - ok
09:50:12.0575 0x206c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
09:50:12.0595 0x206c  Disk - ok
09:50:12.0645 0x206c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
09:50:12.0695 0x206c  Dnscache - ok
09:50:12.0765 0x206c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
09:50:12.0825 0x206c  dot3svc - ok
09:50:12.0865 0x206c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
09:50:12.0915 0x206c  DPS - ok
09:50:12.0955 0x206c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
09:50:13.0005 0x206c  drmkaud - ok
09:50:13.0075 0x206c  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
09:50:13.0135 0x206c  DXGKrnl - ok
09:50:13.0165 0x206c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
09:50:13.0195 0x206c  EapHost - ok
09:50:13.0275 0x206c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
09:50:13.0365 0x206c  ebdrv - ok
09:50:13.0395 0x206c  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] EFS             C:\Windows\System32\lsass.exe
09:50:13.0415 0x206c  EFS - ok
09:50:13.0485 0x206c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
09:50:13.0555 0x206c  ehRecvr - ok
09:50:13.0585 0x206c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
09:50:13.0625 0x206c  ehSched - ok
09:50:13.0675 0x206c  [ BE2902E13CA69383F449B6BF927844FB, F092785E305D8E1FE795AF98A7A7B7B4548A0D6687060568C9E078FFA8D65C1C ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
09:50:13.0695 0x206c  ElbyCDIO - ok
09:50:13.0745 0x206c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
09:50:13.0775 0x206c  elxstor - ok
09:50:13.0805 0x206c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
09:50:13.0835 0x206c  ErrDev - ok
09:50:13.0865 0x206c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
09:50:13.0915 0x206c  EventSystem - ok
09:50:13.0955 0x206c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
09:50:13.0985 0x206c  exfat - ok
09:50:13.0995 0x206c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
09:50:14.0025 0x206c  fastfat - ok
09:50:14.0055 0x206c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
09:50:14.0095 0x206c  Fax - ok
09:50:14.0115 0x206c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
09:50:14.0125 0x206c  fdc - ok
09:50:14.0155 0x206c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
09:50:14.0195 0x206c  fdPHost - ok
09:50:14.0205 0x206c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
09:50:14.0235 0x206c  FDResPub - ok
09:50:14.0235 0x206c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
09:50:14.0245 0x206c  FileInfo - ok
09:50:14.0265 0x206c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
09:50:14.0285 0x206c  Filetrace - ok
09:50:14.0375 0x206c  [ 227846995AFEEFA70D328BF5334A86A5, B8EF22DE552B44E7DC352742C775BB6B4992B653AF4B66B231A60182CE7A7201 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
09:50:14.0415 0x206c  FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
09:50:17.0335 0x206c  Detect skipped due to KSN trusted
09:50:17.0335 0x206c  FLEXnet Licensing Service - ok
09:50:17.0355 0x206c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
09:50:17.0375 0x206c  flpydisk - ok
09:50:17.0405 0x206c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
09:50:17.0425 0x206c  FltMgr - ok
09:50:17.0475 0x206c  [ C06AF3D1E7CA6868A6A3064CE6907C4A, A1A357CF99291E1611A4380BF8866B5B594637C186B5FD1EFDF052D4EB69FAB9 ] fltsrv          C:\Windows\system32\DRIVERS\fltsrv.sys
09:50:17.0485 0x206c  fltsrv - ok
09:50:17.0535 0x206c  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\Windows\system32\FntCache.dll
09:50:17.0635 0x206c  FontCache - ok
09:50:17.0715 0x206c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:50:17.0725 0x206c  FontCache3.0.0.0 - ok
09:50:17.0785 0x206c  [ CE7593C10A04D08F9B043890216F5728, 21E4AD5643BCDCB811E49C74F682672032A603078EDD80DE6E37249C9A005407 ] FPCIBASE        C:\Windows\system32\DRIVERS\fpcibase.sys
09:50:17.0835 0x206c  FPCIBASE - ok
09:50:17.0835 0x206c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
09:50:17.0845 0x206c  FsDepends - ok
09:50:17.0885 0x206c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
09:50:17.0925 0x206c  Fs_Rec - ok
09:50:17.0965 0x206c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
09:50:17.0995 0x206c  fvevol - ok
09:50:18.0015 0x206c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
09:50:18.0035 0x206c  gagp30kx - ok
09:50:18.0095 0x206c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:50:18.0105 0x206c  GEARAspiWDM - ok
09:50:18.0155 0x206c  [ 5100D14D7D80119F63483C16DB55A014, 1D87A910C9F8998A7BF36AC6B4F9EA0F177E590D476467CD81CF391BA0951A01 ] GeneStor        C:\Windows\system32\DRIVERS\GeneStor.sys
09:50:18.0185 0x206c  GeneStor - ok
09:50:18.0235 0x206c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
09:50:18.0315 0x206c  gpsvc - ok
09:50:18.0375 0x206c  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:50:18.0395 0x206c  gupdate - ok
09:50:18.0395 0x206c  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:50:18.0415 0x206c  gupdatem - ok
09:50:18.0425 0x206c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
09:50:18.0485 0x206c  hcw85cir - ok
09:50:18.0525 0x206c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:50:18.0565 0x206c  HdAudAddService - ok
09:50:18.0585 0x206c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
09:50:18.0595 0x206c  HDAudBus - ok
09:50:18.0615 0x206c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
09:50:18.0635 0x206c  HidBatt - ok
09:50:18.0645 0x206c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
09:50:18.0675 0x206c  HidBth - ok
09:50:18.0695 0x206c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
09:50:18.0725 0x206c  HidIr - ok
09:50:18.0735 0x206c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
09:50:18.0775 0x206c  hidserv - ok
09:50:18.0805 0x206c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
09:50:18.0845 0x206c  HidUsb - ok
09:50:18.0865 0x206c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
09:50:18.0905 0x206c  hkmsvc - ok
09:50:18.0945 0x206c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:50:18.0965 0x206c  HomeGroupListener - ok
09:50:18.0995 0x206c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:50:19.0025 0x206c  HomeGroupProvider - ok
09:50:19.0045 0x206c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
09:50:19.0055 0x206c  HpSAMD - ok
09:50:19.0165 0x206c  HPSLPSVC - ok
09:50:19.0235 0x206c  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
09:50:19.0285 0x206c  HTTP - ok
09:50:19.0315 0x206c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
09:50:19.0325 0x206c  hwpolicy - ok
09:50:19.0345 0x206c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
09:50:19.0365 0x206c  i8042prt - ok
09:50:19.0415 0x206c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
09:50:19.0445 0x206c  iaStorV - ok
09:50:19.0495 0x206c  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
09:50:19.0515 0x206c  ICCS - ok
09:50:19.0555 0x206c  [ C1010ADD3DDAE1196ED21057AF7B2AAE, 68196851855AD395008D7F29FCEB28BA4BEB1F062B1844A60813E7DD102ACB1C ] ICCWDT          C:\Windows\system32\DRIVERS\ICCWDT.sys
09:50:19.0565 0x206c  ICCWDT - ok
09:50:19.0625 0x206c  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:50:19.0655 0x206c  idsvc - ok
09:50:19.0815 0x206c  [ 79DB4631AA247E791C7F0F085822B6C3, F4F6B7221987E9CC6F1FDA7FF47BD95916866334963CE5DE836493A3A5717451 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
09:50:20.0005 0x206c  igfx - ok
09:50:20.0026 0x206c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
09:50:20.0036 0x206c  iirsp - ok
09:50:20.0076 0x206c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
09:50:20.0106 0x206c  IKEEXT - ok
09:50:20.0266 0x206c  [ 07598029B8B7A18A49095010319E7056, A38FCAC718A11DF92C79E867934CB35825D67942A32C190F6A67230EB20B5878 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:50:20.0376 0x206c  IntcAzAudAddService - ok
09:50:20.0416 0x206c  [ 8E4044C6B71B2F837166F6EDB6BF9100, 441A4EA0C3EF686B8B7884EC96FD8EE1017EB3F462FB4376638F461E41D97C72 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
09:50:20.0446 0x206c  IntcDAud - ok
09:50:20.0466 0x206c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
09:50:20.0476 0x206c  intelide - ok
09:50:20.0486 0x206c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
09:50:20.0496 0x206c  intelppm - ok
09:50:20.0526 0x206c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
09:50:20.0566 0x206c  IPBusEnum - ok
09:50:20.0586 0x206c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:50:20.0606 0x206c  IpFilterDriver - ok
09:50:20.0636 0x206c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
09:50:20.0706 0x206c  iphlpsvc - ok
09:50:20.0736 0x206c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
09:50:20.0756 0x206c  IPMIDRV - ok
09:50:20.0776 0x206c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
09:50:20.0836 0x206c  IPNAT - ok
09:50:20.0886 0x206c  [ E61BB95A7CB49696D25A0C4EBD108156, 65D95A0DBC408AD18D5E344A5E875551E6CC044038DE438E4EA1102A234FC529 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
09:50:20.0906 0x206c  iPod Service - ok
09:50:20.0916 0x206c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
09:50:20.0946 0x206c  IRENUM - ok
09:50:20.0966 0x206c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
09:50:20.0976 0x206c  isapnp - ok
09:50:20.0996 0x206c  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
09:50:21.0006 0x206c  iScsiPrt - ok
09:50:21.0026 0x206c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
09:50:21.0036 0x206c  kbdclass - ok
09:50:21.0046 0x206c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
09:50:21.0066 0x206c  kbdhid - ok
09:50:21.0096 0x206c  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] KeyIso          C:\Windows\system32\lsass.exe
09:50:21.0116 0x206c  KeyIso - ok
09:50:21.0156 0x206c  [ BF69D973523D539A35807946C6DA7E16, 38F2C59B0857131961DBEA48C4A5DFA9BE7B564941935086B8DC8DBEF896F3EC ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
09:50:21.0186 0x206c  KSecDD - ok
09:50:21.0206 0x206c  [ 272C27711C8AA6E7815EE33F8ACA9C66, 0A5A10A7A3E87DB92E06395A6676B94FE8B7AD6704864075D443CDC9BABDB4DF ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
09:50:21.0226 0x206c  KSecPkg - ok
09:50:21.0236 0x206c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
09:50:21.0266 0x206c  ksthunk - ok
09:50:21.0286 0x206c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
09:50:21.0316 0x206c  KtmRm - ok
09:50:21.0336 0x206c  [ 49DAC02261A2B3373818444F6E4E3139, B22429539A65A9E4581236E8318DDEF171CE2E7E69FD1E0D3D5A7407AAF10A03 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
09:50:21.0346 0x206c  L1C - ok
09:50:21.0366 0x206c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
09:50:21.0406 0x206c  LanmanServer - ok
09:50:21.0416 0x206c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:50:21.0446 0x206c  LanmanWorkstation - ok
09:50:21.0456 0x206c  [ B6552D382FF070B4ED34CBD6737277C0, 7C2C24454037170311B0267DEFB797E8DF8D157D62157D271BF7F5F74B2A12F3 ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
09:50:21.0466 0x206c  LHidFilt - ok
09:50:21.0486 0x206c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
09:50:21.0506 0x206c  lltdio - ok
09:50:21.0526 0x206c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
09:50:21.0556 0x206c  lltdsvc - ok
09:50:21.0556 0x206c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
09:50:21.0586 0x206c  lmhosts - ok
09:50:21.0596 0x206c  LMIInfo - ok
09:50:21.0626 0x206c  [ 413ECDCFAD9A82804D3674C8D7EEC24E, C8A65ED0B079D16D1A4449E840B4A9475388FBE61B5A84DFEFC35F4FB3B9A9B1 ] lmimirr         C:\Windows\system32\DRIVERS\lmimirr.sys
09:50:21.0636 0x206c  lmimirr - ok
09:50:21.0646 0x206c  LMIRfsClientNP - ok
09:50:21.0666 0x206c  [ C57D3FAA50E6F395759FFB7C709BD944, 7B0B86F0E710934D57801E1F7BB048AD878F871147B2A16BBF81219A4022B499 ] LMIRfsDriver    C:\Windows\system32\drivers\LMIRfsDriver.sys
09:50:21.0686 0x206c  LMIRfsDriver - ok
09:50:21.0696 0x206c  [ 73C1F563AB73D459DFFE682D66476558, 9B8BEE384C968DC6C37DD54B9128D9C2BA92EDBF7BDF49D753AA7DB165F18D00 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
09:50:21.0716 0x206c  LMouFilt - ok
09:50:21.0756 0x206c  [ 0803906D607A9B83184447B75B60ECC2, A7A599C4CEDD4AC4196A558442E80B4F852AF6C6104A53C8819A79AA5D388DE8 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
09:50:21.0776 0x206c  LMS - ok
09:50:21.0796 0x206c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
09:50:21.0806 0x206c  LSI_FC - ok
09:50:21.0826 0x206c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
09:50:21.0836 0x206c  LSI_SAS - ok
09:50:21.0846 0x206c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:50:21.0866 0x206c  LSI_SAS2 - ok
09:50:21.0866 0x206c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:50:21.0876 0x206c  LSI_SCSI - ok
09:50:21.0896 0x206c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
09:50:21.0926 0x206c  luafv - ok
09:50:21.0946 0x206c  [ A401CFF74982D8DF851F20307C806073, 1D7BA90C9E77FAAE59F60AB5310EC41D9C5B98F1F9A89A3CDB9169E6DEF565DA ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
09:50:21.0966 0x206c  LVRS64 - ok
09:50:22.0096 0x206c  [ 13384CB5F5813E65F31078D6ABFAAF38, A6E7374C15CAECC273197BF62F8F926BA30E9509270A8470756F4710E1DEA126 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
09:50:22.0246 0x206c  LVUVC64 - ok
09:50:22.0286 0x206c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
09:50:22.0296 0x206c  Mcx2Svc - ok
09:50:22.0346 0x206c  [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM             C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
09:50:22.0376 0x206c  MDM - ok
09:50:22.0386 0x206c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
09:50:22.0396 0x206c  megasas - ok
09:50:22.0426 0x206c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
09:50:22.0436 0x206c  MegaSR - ok
09:50:22.0486 0x206c  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
09:50:22.0506 0x206c  MEIx64 - ok
09:50:22.0546 0x206c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
09:50:22.0586 0x206c  MMCSS - ok
09:50:22.0596 0x206c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
09:50:22.0626 0x206c  Modem - ok
09:50:22.0666 0x206c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
09:50:22.0696 0x206c  monitor - ok
09:50:22.0706 0x206c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
09:50:22.0716 0x206c  mouclass - ok
09:50:22.0726 0x206c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
09:50:22.0756 0x206c  mouhid - ok
09:50:22.0796 0x206c  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
09:50:22.0816 0x206c  mountmgr - ok
09:50:22.0856 0x206c  [ 9FC679D10A7377BB04ECC3D0E2E26B53, 24ACD4EC1618A052C29E4463138B28F62C8B78D442DB82F4925E64FC5849A096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:50:22.0876 0x206c  MozillaMaintenance - ok
09:50:22.0896 0x206c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
09:50:22.0956 0x206c  mpio - ok
09:50:23.0006 0x206c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
09:50:23.0066 0x206c  mpsdrv - ok
09:50:23.0116 0x206c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
09:50:23.0216 0x206c  MpsSvc - ok
09:50:23.0246 0x206c  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
09:50:23.0306 0x206c  MRxDAV - ok
09:50:23.0336 0x206c  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
09:50:23.0376 0x206c  mrxsmb - ok
09:50:23.0416 0x206c  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:50:23.0446 0x206c  mrxsmb10 - ok
09:50:23.0456 0x206c  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:50:23.0476 0x206c  mrxsmb20 - ok
09:50:23.0506 0x206c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
09:50:23.0516 0x206c  msahci - ok
09:50:23.0556 0x206c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
09:50:23.0566 0x206c  msdsm - ok
09:50:23.0586 0x206c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
09:50:23.0606 0x206c  MSDTC - ok
09:50:23.0616 0x206c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
09:50:23.0646 0x206c  Msfs - ok
09:50:23.0666 0x206c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
09:50:23.0686 0x206c  mshidkmdf - ok
09:50:23.0706 0x206c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
09:50:23.0716 0x206c  msisadrv - ok
09:50:23.0746 0x206c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
09:50:23.0776 0x206c  MSiSCSI - ok
09:50:23.0786 0x206c  msiserver - ok
09:50:23.0816 0x206c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
09:50:23.0836 0x206c  MSKSSRV - ok
09:50:23.0846 0x206c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
09:50:23.0876 0x206c  MSPCLOCK - ok
09:50:23.0886 0x206c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
09:50:23.0926 0x206c  MSPQM - ok
09:50:23.0946 0x206c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
09:50:23.0966 0x206c  MsRPC - ok
09:50:23.0986 0x206c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
09:50:23.0996 0x206c  mssmbios - ok
09:50:24.0006 0x206c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
09:50:24.0047 0x206c  MSTEE - ok
09:50:24.0057 0x206c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
09:50:24.0077 0x206c  MTConfig - ok
09:50:24.0127 0x206c  [ 9AC4C80D317CF554989944921780D171, 4826E015F50AF548E70BA8F930311DB6E2C276EC8EF4F36243ACE3965406AF8C ] MTSBDA          C:\Windows\system32\Drivers\MtsBda.sys
09:50:24.0187 0x206c  MTSBDA - ok
09:50:24.0207 0x206c  [ 07AD6825D5C658595CAB7F8F5849401C, 21DEC409C781848B8104CE23E42D3D3DFABE9CC2527C78B1ED9167E063DB1542 ] MtsHID          C:\Windows\system32\drivers\MtsHID.sys
09:50:24.0227 0x206c  MtsHID - ok
09:50:24.0247 0x206c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
09:50:24.0257 0x206c  Mup - ok
09:50:24.0297 0x206c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
09:50:24.0387 0x206c  napagent - ok
09:50:24.0447 0x206c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
09:50:24.0477 0x206c  NativeWifiP - ok
09:50:24.0517 0x206c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
09:50:24.0557 0x206c  NDIS - ok
09:50:24.0577 0x206c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
09:50:24.0597 0x206c  NdisCap - ok
09:50:24.0627 0x206c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
09:50:24.0647 0x206c  NdisTapi - ok
09:50:24.0677 0x206c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
09:50:24.0707 0x206c  Ndisuio - ok
09:50:24.0727 0x206c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
09:50:24.0757 0x206c  NdisWan - ok
09:50:24.0777 0x206c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
09:50:24.0797 0x206c  NDProxy - ok
09:50:24.0847 0x206c  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
09:50:24.0857 0x206c  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
09:50:27.0507 0x206c  Detect skipped due to KSN trusted
09:50:27.0507 0x206c  Net Driver HPZ12 - ok
09:50:27.0547 0x206c  [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl         C:\Windows\system32\DRIVERS\netaapl64.sys
09:50:27.0597 0x206c  Netaapl - ok
09:50:27.0607 0x206c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
09:50:27.0637 0x206c  NetBIOS - ok
09:50:27.0677 0x206c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
09:50:27.0707 0x206c  NetBT - ok
09:50:27.0707 0x206c  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] Netlogon        C:\Windows\system32\lsass.exe
09:50:27.0717 0x206c  Netlogon - ok
09:50:27.0747 0x206c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
09:50:27.0787 0x206c  Netman - ok
09:50:27.0857 0x206c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:50:27.0877 0x206c  NetMsmqActivator - ok
09:50:27.0897 0x206c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:50:27.0907 0x206c  NetPipeActivator - ok
09:50:27.0927 0x206c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
09:50:27.0967 0x206c  netprofm - ok
09:50:27.0977 0x206c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:50:27.0987 0x206c  NetTcpActivator - ok
09:50:28.0007 0x206c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:50:28.0017 0x206c  NetTcpPortSharing - ok
09:50:28.0067 0x206c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
09:50:28.0087 0x206c  nfrd960 - ok
09:50:28.0177 0x206c  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
09:50:28.0307 0x206c  NlaSvc - ok
09:50:28.0347 0x206c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
09:50:28.0397 0x206c  Npfs - ok
09:50:28.0407 0x206c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
09:50:28.0427 0x206c  nsi - ok
09:50:28.0427 0x206c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
09:50:28.0457 0x206c  nsiproxy - ok
09:50:28.0517 0x206c  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
09:50:28.0587 0x206c  Ntfs - ok
09:50:28.0617 0x206c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
09:50:28.0637 0x206c  Null - ok
09:50:28.0677 0x206c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
09:50:28.0687 0x206c  nvraid - ok
09:50:28.0707 0x206c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
09:50:28.0717 0x206c  nvstor - ok
09:50:28.0757 0x206c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
09:50:28.0777 0x206c  nv_agp - ok
09:50:28.0807 0x206c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
09:50:28.0827 0x206c  ohci1394 - ok
09:50:28.0887 0x206c  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:50:28.0907 0x206c  ose - ok
09:50:29.0097 0x206c  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:50:29.0267 0x206c  osppsvc - ok
09:50:29.0297 0x206c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
09:50:29.0347 0x206c  p2pimsvc - ok
09:50:29.0377 0x206c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
09:50:29.0397 0x206c  p2psvc - ok
09:50:29.0417 0x206c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
09:50:29.0437 0x206c  Parport - ok
09:50:29.0457 0x206c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
09:50:29.0467 0x206c  partmgr - ok
09:50:29.0507 0x206c  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
09:50:29.0557 0x206c  PcaSvc - ok
09:50:29.0577 0x206c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
09:50:29.0607 0x206c  pci - ok
09:50:29.0627 0x206c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
09:50:29.0647 0x206c  pciide - ok
09:50:29.0667 0x206c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
09:50:29.0677 0x206c  pcmcia - ok
09:50:29.0697 0x206c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
09:50:29.0707 0x206c  pcw - ok
09:50:29.0757 0x206c  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
09:50:29.0797 0x206c  PEAUTH - ok
09:50:29.0857 0x206c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
09:50:29.0887 0x206c  PerfHost - ok
09:50:29.0957 0x206c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
09:50:30.0017 0x206c  pla - ok
09:50:30.0067 0x206c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
09:50:30.0087 0x206c  PlugPlay - ok
09:50:30.0117 0x206c  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
09:50:30.0127 0x206c  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
09:50:32.0817 0x206c  Detect skipped due to KSN trusted
09:50:32.0817 0x206c  Pml Driver HPZ12 - ok
09:50:32.0817 0x206c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
09:50:32.0847 0x206c  PNRPAutoReg - ok
09:50:32.0937 0x206c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
09:50:32.0967 0x206c  PNRPsvc - ok
09:50:33.0037 0x206c  [ E4799B87675C59AA1F620DE5C6F113BB, 094EE16D4CEC68DB316002994482344A6BFCFDE399131F7FA11BB46C2DCBF218 ] Point64         C:\Windows\system32\DRIVERS\point64.sys
09:50:33.0057 0x206c  Point64 - ok
09:50:33.0127 0x206c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
09:50:33.0207 0x206c  PolicyAgent - ok
09:50:33.0227 0x206c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
09:50:33.0257 0x206c  Power - ok
09:50:33.0297 0x206c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
09:50:33.0347 0x206c  PptpMiniport - ok
09:50:33.0357 0x206c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
09:50:33.0367 0x206c  Processor - ok
09:50:33.0397 0x206c  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
09:50:33.0477 0x206c  ProfSvc - ok
09:50:33.0497 0x206c  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] ProtectedStorage C:\Windows\system32\lsass.exe
09:50:33.0517 0x206c  ProtectedStorage - ok
09:50:33.0577 0x206c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
09:50:33.0627 0x206c  Psched - ok
09:50:33.0657 0x206c  [ DEFD557D9B8C0FA3CEA6CC576400114E, 5A969B652EE5F2DE10E936482B9A7D23B7C5F9B3DBC71AC660F004EFFF0CD229 ] pwdrvio         C:\Windows\system32\pwdrvio.sys
09:50:33.0667 0x206c  pwdrvio - ok
09:50:33.0707 0x206c  [ A2EE3B70A9E05F651B888078726C2787, 66F90B23A041F8050510A4DE6612F6CB7F3F259DDDDC2FA1BE7D578300B92188 ] pwdspio         C:\Windows\system32\pwdspio.sys
09:50:33.0727 0x206c  pwdspio - ok
09:50:33.0797 0x206c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
09:50:33.0847 0x206c  ql2300 - ok
09:50:33.0867 0x206c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
09:50:33.0877 0x206c  ql40xx - ok
09:50:33.0887 0x206c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
09:50:33.0907 0x206c  QWAVE - ok
09:50:33.0907 0x206c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
09:50:33.0927 0x206c  QWAVEdrv - ok
09:50:33.0927 0x206c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
09:50:33.0967 0x206c  RasAcd - ok
09:50:33.0987 0x206c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
09:50:34.0017 0x206c  RasAgileVpn - ok
09:50:34.0027 0x206c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
09:50:34.0058 0x206c  RasAuto - ok
09:50:34.0088 0x206c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
09:50:34.0108 0x206c  Rasl2tp - ok
09:50:34.0128 0x206c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
09:50:34.0158 0x206c  RasPppoe - ok
09:50:34.0178 0x206c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
09:50:34.0208 0x206c  RasSstp - ok
09:50:34.0238 0x206c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
09:50:34.0278 0x206c  rdbss - ok
09:50:34.0298 0x206c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
09:50:34.0308 0x206c  rdpbus - ok
09:50:34.0328 0x206c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
09:50:34.0358 0x206c  RDPCDD - ok
09:50:34.0378 0x206c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
09:50:34.0408 0x206c  RDPENCDD - ok
09:50:34.0418 0x206c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
09:50:34.0438 0x206c  RDPREFMP - ok
09:50:34.0498 0x206c  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
09:50:34.0548 0x206c  RdpVideoMiniport - ok
09:50:34.0588 0x206c  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
09:50:34.0628 0x206c  RDPWD - ok
09:50:34.0648 0x206c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
09:50:34.0668 0x206c  rdyboost - ok
09:50:34.0688 0x206c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
09:50:34.0718 0x206c  RemoteAccess - ok
09:50:34.0738 0x206c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
09:50:34.0758 0x206c  RemoteRegistry - ok
09:50:34.0838 0x206c  [ CDE50CCF163E98887704DAF1BC86633C, 38F6DD2BD01231A030743A20FB4C8AFC0EBED498505755B6CBC5FC3102122EF7 ] RIM MDNS        C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
09:50:34.0858 0x206c  RIM MDNS - ok
09:50:34.0898 0x206c  [ BBD221E385125672590D5C0C7AE34469, E25D13F80889B7183DC822C59B046BF3AC73750B52E848D8557E2869A9A8617C ] RIM Tunnel Service C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
09:50:34.0928 0x206c  RIM Tunnel Service - ok
09:50:34.0948 0x206c  [ 968897C7F8184E2534F14B9B10BCFB72, 102E3F2C3AEA16BCD53848C5F6FC52FAB44EC357B7B38A9967AF4B903F0B5E39 ] RimUsb          C:\Windows\system32\Drivers\RimUsb_AMD64.sys
09:50:34.0978 0x206c  RimUsb - ok
09:50:34.0998 0x206c  [ 8D5E629E39FD2A36ADF963BBAECC15D2, 63C857DEC2A28D94519392412CAD1DFAA84FA5BE84AB8EA4862872CA8EE55A92 ] rimvndis        C:\Windows\system32\Drivers\rimvndis6_AMD64.sys
09:50:35.0018 0x206c  rimvndis - ok
09:50:35.0068 0x206c  [ 344604E6913BD6E4EAEC34AF2E0943D7, 4ADFE13AFECD0F263A27F647FC6BA1AB47B2A28F9D70FCAC90F23D0A2FB8C493 ] RimVSerPort     C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
09:50:35.0098 0x206c  RimVSerPort - ok
09:50:35.0108 0x206c  [ 388D3DD1A6457280F3BADBA9F3ACD6B1, 5C534EA15195B1301C917904627AF09FE2ABA3FEE1641B5C87E8F3191BC49058 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
09:50:35.0138 0x206c  ROOTMODEM - ok
09:50:35.0148 0x206c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
09:50:35.0178 0x206c  RpcEptMapper - ok
09:50:35.0198 0x206c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
09:50:35.0228 0x206c  RpcLocator - ok
09:50:35.0278 0x206c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
09:50:35.0318 0x206c  RpcSs - ok
09:50:35.0328 0x206c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
09:50:35.0348 0x206c  rspndr - ok
09:50:35.0408 0x206c  [ FDD485B1C4B3BF17272A29F625856806, 5889B600B0FDC139C2A0CDBAEB7D79F3700F270AC735B5C24B990EE028AFAD82 ] SafePSTShadowCopy C:\Program Files (x86)\4Team Corporation\SafePSTBackup Shadow Copy Service\SafePST.ShadowCopySvc.exe
09:50:35.0428 0x206c  SafePSTShadowCopy - ok
09:50:35.0438 0x206c  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] SamSs           C:\Windows\system32\lsass.exe
09:50:35.0468 0x206c  SamSs - ok
09:50:35.0478 0x206c  SANDRA - ok
09:50:35.0508 0x206c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
09:50:35.0528 0x206c  sbp2port - ok
09:50:35.0558 0x206c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
09:50:35.0588 0x206c  SCardSvr - ok
09:50:35.0598 0x206c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
09:50:35.0638 0x206c  scfilter - ok
09:50:35.0668 0x206c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
09:50:35.0708 0x206c  Schedule - ok
09:50:35.0738 0x206c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
09:50:35.0758 0x206c  SCPolicySvc - ok
09:50:35.0788 0x206c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
09:50:35.0818 0x206c  SDRSVC - ok
09:50:35.0918 0x206c  [ 16B44D246835EAC156F8DAF0AA4F530C, F882BE1B27C0500AEE34BB9D9B69EBD258A19418475DB5552345DC844CDA1ECB ] SeagateDashboardService C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
09:50:35.0938 0x206c  SeagateDashboardService - ok
09:50:35.0958 0x206c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
09:50:36.0008 0x206c  secdrv - ok
09:50:36.0028 0x206c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
09:50:36.0088 0x206c  seclogon - ok
09:50:36.0108 0x206c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
09:50:36.0138 0x206c  SENS - ok
09:50:36.0148 0x206c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
09:50:36.0168 0x206c  SensrSvc - ok
09:50:36.0198 0x206c  [ 8C4E747CBC6CDFF5F5BB6360348161F1, 2308108454842E4DCF9CFFCF839D003B73C9B3992687346955D02BCF12F47E3B ] Serenum         C:\Windows\system32\DRIVERS\nuvserenum.sys
09:50:36.0238 0x206c  Serenum - ok
09:50:36.0258 0x206c  [ 46E579857F593EBC5DD9DE3B16BF234A, FD19840E3A9E8C9D092DE311E6F0B313CAE2D26F9E17EAFD0C1AC45F2AB22AD9 ] Serial          C:\Windows\system32\DRIVERS\nuvserial.sys
09:50:36.0298 0x206c  Serial - ok
09:50:36.0318 0x206c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
09:50:36.0348 0x206c  sermouse - ok
09:50:36.0378 0x206c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
09:50:36.0408 0x206c  SessionEnv - ok
09:50:36.0438 0x206c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
09:50:36.0468 0x206c  sffdisk - ok
09:50:36.0478 0x206c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
09:50:36.0498 0x206c  sffp_mmc - ok
09:50:36.0498 0x206c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
09:50:36.0508 0x206c  sffp_sd - ok
09:50:36.0518 0x206c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
09:50:36.0528 0x206c  sfloppy - ok
09:50:36.0558 0x206c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
09:50:36.0588 0x206c  SharedAccess - ok
09:50:36.0618 0x206c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:50:36.0658 0x206c  ShellHWDetection - ok
09:50:36.0668 0x206c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:50:36.0678 0x206c  SiSRaid2 - ok
09:50:36.0688 0x206c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
09:50:36.0698 0x206c  SiSRaid4 - ok
09:50:36.0768 0x206c  [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
09:50:36.0788 0x206c  SkypeUpdate - ok
09:50:36.0808 0x206c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
09:50:36.0838 0x206c  Smb - ok
09:50:36.0868 0x206c  [ E3E56CAF0472163871B922FC7CBC9654, 1D7208519DB904E1B27F8D5214CA219BD52AB8C1AB64F22F8959DC4E8955AD37 ] snapman         C:\Windows\system32\DRIVERS\snapman.sys
09:50:36.0888 0x206c  snapman - ok
09:50:36.0908 0x206c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
09:50:36.0918 0x206c  SNMPTRAP - ok
09:50:36.0928 0x206c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
09:50:36.0938 0x206c  spldr - ok
09:50:36.0978 0x206c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
09:50:37.0028 0x206c  Spooler - ok
09:50:37.0139 0x206c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
09:50:37.0259 0x206c  sppsvc - ok
09:50:37.0279 0x206c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
09:50:37.0309 0x206c  sppuinotify - ok
09:50:37.0329 0x206c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
09:50:37.0369 0x206c  srv - ok
09:50:37.0399 0x206c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
09:50:37.0419 0x206c  srv2 - ok
09:50:37.0429 0x206c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
09:50:37.0449 0x206c  srvnet - ok
09:50:37.0479 0x206c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
09:50:37.0519 0x206c  SSDPSRV - ok
09:50:37.0529 0x206c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
09:50:37.0559 0x206c  SstpSvc - ok
09:50:37.0569 0x206c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
09:50:37.0579 0x206c  stexstor - ok
09:50:37.0619 0x206c  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
09:50:37.0639 0x206c  StillCam - ok
09:50:37.0689 0x206c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
09:50:37.0729 0x206c  stisvc - ok
09:50:37.0749 0x206c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
09:50:37.0759 0x206c  swenum - ok
09:50:37.0789 0x206c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
09:50:37.0829 0x206c  swprv - ok
09:50:38.0059 0x206c  [ 0A6013B6C86F3A82243CF7D848FED243, A7842027AA74A92DC0B36F994ABF66AE5566503A66936884079278D082DC4287 ] syncagentsrv    C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
09:50:38.0179 0x206c  syncagentsrv - ok
09:50:38.0269 0x206c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
09:50:38.0329 0x206c  SysMain - ok
09:50:38.0359 0x206c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:50:38.0369 0x206c  TabletInputService - ok
09:50:38.0409 0x206c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
09:50:38.0439 0x206c  TapiSrv - ok
09:50:38.0459 0x206c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
09:50:38.0489 0x206c  TBS - ok
09:50:38.0549 0x206c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
09:50:38.0599 0x206c  Tcpip - ok
09:50:38.0649 0x206c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
09:50:38.0689 0x206c  TCPIP6 - ok
09:50:38.0719 0x206c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
09:50:38.0739 0x206c  tcpipreg - ok
09:50:38.0759 0x206c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
09:50:38.0779 0x206c  TDPIPE - ok
09:50:38.0839 0x206c  [ AC28A6FCA485821499FF018695CEDE16, 8BA6086EB1831FDEDB9E195EA7D5F2FE2B0944E4E0B0CDB41CD06971F7DAC805 ] tdrpman         C:\Windows\system32\DRIVERS\tdrpman.sys
09:50:38.0889 0x206c  tdrpman - ok
09:50:38.0909 0x206c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
09:50:38.0919 0x206c  TDTCP - ok
09:50:38.0949 0x206c  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
09:50:38.0979 0x206c  tdx - ok
09:50:39.0169 0x206c  [ FC8DC5DB5F707C96FEBC526AA4CE562A, AB97B53EA9E8C55A18733A6A3DE42E6EBC8BA9150796338DF04AB2DDA5124E1A ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
09:50:39.0269 0x206c  TeamViewer - ok
09:50:39.0289 0x206c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
09:50:39.0299 0x206c  TermDD - ok
09:50:39.0339 0x206c  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
09:50:39.0389 0x206c  TermService - ok
09:50:39.0389 0x206c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
09:50:39.0409 0x206c  Themes - ok
09:50:39.0429 0x206c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
09:50:39.0459 0x206c  THREADORDER - ok
09:50:39.0489 0x206c  [ DE604462206F7D8C203F767F425FCA8D, 149FBF6367C45415B939A9B1A7A10DA7A5E19F28CE533BCBE2B20DA4B78F8645 ] tib             C:\Windows\system32\DRIVERS\tib.sys
09:50:39.0529 0x206c  tib - ok
09:50:39.0539 0x206c  [ 8C750FE6DE38AF13506B99EC2F519F79, 232D18416E9DE3A676C625280CF172ED180B5AF98C69E5B24CC780D480549E35 ] tib_mounter     C:\Windows\system32\DRIVERS\tib_mounter.sys
09:50:39.0549 0x206c  tib_mounter - ok
09:50:39.0559 0x206c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
09:50:39.0589 0x206c  TrkWks - ok
09:50:39.0619 0x206c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:50:39.0679 0x206c  TrustedInstaller - ok
09:50:39.0699 0x206c  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
09:50:39.0739 0x206c  tssecsrv - ok
09:50:39.0769 0x206c  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
09:50:39.0809 0x206c  TsUsbFlt - ok
09:50:39.0839 0x206c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
09:50:39.0899 0x206c  tunnel - ok
09:50:39.0909 0x206c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
09:50:39.0919 0x206c  uagp35 - ok
09:50:39.0949 0x206c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
09:50:39.0999 0x206c  udfs - ok
09:50:40.0019 0x206c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
09:50:40.0029 0x206c  UI0Detect - ok
09:50:40.0089 0x206c  [ 332D341D92B933600D41953B08360DFB, 213A5C84ABB0D627C05B355084A26A5081645D4EC398FF19EF6BBCB690B10055 ] UleadBurningHelper C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
09:50:40.0099 0x206c  UleadBurningHelper - detected UnsignedFile.Multi.Generic ( 1 )
09:50:43.0209 0x206c  Detect skipped due to KSN trusted
09:50:43.0209 0x206c  UleadBurningHelper - ok
09:50:43.0269 0x206c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
09:50:43.0289 0x206c  uliagpkx - ok
09:50:43.0309 0x206c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
09:50:43.0329 0x206c  umbus - ok
09:50:43.0359 0x206c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
09:50:43.0369 0x206c  UmPass - ok
09:50:43.0509 0x206c  [ EB79C6C91A99930015EF29AE7FA802D1, 96D00BA330854C7763BF385D84D47C3D1B87C4085A91D73B558C86829930DC4B ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
09:50:43.0579 0x206c  UNS - ok
09:50:43.0599 0x206c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
09:50:43.0629 0x206c  upnphost - ok
09:50:43.0669 0x206c  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
09:50:43.0709 0x206c  USBAAPL64 - ok
09:50:43.0729 0x206c  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
09:50:43.0759 0x206c  usbaudio - ok
09:50:43.0779 0x206c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
09:50:43.0809 0x206c  usbccgp - ok
09:50:43.0839 0x206c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
09:50:43.0859 0x206c  usbcir - ok
09:50:43.0869 0x206c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
09:50:43.0879 0x206c  usbehci - ok
09:50:43.0899 0x206c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
09:50:43.0929 0x206c  usbhub - ok
09:50:43.0949 0x206c  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
09:50:43.0959 0x206c  usbohci - ok
09:50:43.0969 0x206c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
09:50:43.0979 0x206c  usbprint - ok
09:50:44.0019 0x206c  [ 2C42E595E7E381596B9A14F88F5AE027, 948C2AD7FA0B01184312D1ABE43F2F3D85A934CF0658A8B2BDF9F0919568377B ] usbrndis6       C:\Windows\system32\DRIVERS\usb80236.sys
09:50:44.0049 0x206c  usbrndis6 - ok
09:50:44.0079 0x206c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:50:44.0109 0x206c  USBSTOR - ok
09:50:44.0129 0x206c  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
09:50:44.0159 0x206c  usbuhci - ok
09:50:44.0179 0x206c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
09:50:44.0239 0x206c  UxSms - ok
09:50:44.0259 0x206c  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] VaultSvc        C:\Windows\system32\lsass.exe
09:50:44.0279 0x206c  VaultSvc - ok
09:50:44.0309 0x206c  [ 3C8E2C591345F38149C69FE8E5DF8C90, 9F4BB9BDA09CB2E99A6A888B288F322AE5C460B5D124CD714C6F00FF5029144B ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
09:50:44.0319 0x206c  VClone - ok
09:50:44.0339 0x206c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
09:50:44.0349 0x206c  vdrvroot - ok
09:50:44.0389 0x206c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
09:50:44.0449 0x206c  vds - ok
09:50:44.0459 0x206c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
09:50:44.0479 0x206c  vga - ok
09:50:44.0479 0x206c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
09:50:44.0509 0x206c  VgaSave - ok
09:50:44.0539 0x206c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
09:50:44.0559 0x206c  vhdmp - ok
09:50:44.0589 0x206c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
09:50:44.0599 0x206c  viaide - ok
09:50:44.0609 0x206c  [ 35E8A18D1C558D5C2FF2FFED2FD396F6, 5516AC03964DD33CF239AB3FB1D41BAB7454DB35FB38C45907614C3DB8F23391 ] vididr          C:\Windows\system32\DRIVERS\vididr.sys
09:50:44.0629 0x206c  vididr - ok
09:50:44.0639 0x206c  [ 0DCD5C8F2E0B3650C4A29F6569C074FD, 8FB24D79ADE1541C5DD6241A3395EF2E6575A8376111294CD5C87ECA798EDCFD ] vidsflt         C:\Windows\system32\DRIVERS\vidsflt.sys
09:50:44.0649 0x206c  vidsflt - ok
09:50:44.0659 0x206c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
09:50:44.0669 0x206c  volmgr - ok
09:50:44.0689 0x206c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
09:50:44.0709 0x206c  volmgrx - ok
09:50:44.0729 0x206c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
09:50:44.0739 0x206c  volsnap - ok
09:50:44.0769 0x206c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
09:50:44.0779 0x206c  vsmraid - ok
09:50:44.0839 0x206c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
09:50:44.0899 0x206c  VSS - ok
09:50:44.0909 0x206c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
09:50:44.0939 0x206c  vwifibus - ok
09:50:44.0969 0x206c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
09:50:44.0999 0x206c  W32Time - ok
09:50:45.0019 0x206c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
09:50:45.0029 0x206c  WacomPen - ok
09:50:45.0039 0x206c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
09:50:45.0069 0x206c  WANARP - ok
09:50:45.0069 0x206c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
09:50:45.0089 0x206c  Wanarpv6 - ok
09:50:45.0199 0x206c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
09:50:45.0249 0x206c  WatAdminSvc - ok
09:50:45.0319 0x206c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
09:50:45.0409 0x206c  wbengine - ok
09:50:45.0449 0x206c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
09:50:45.0479 0x206c  WbioSrvc - ok
09:50:45.0509 0x206c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
09:50:45.0529 0x206c  wcncsvc - ok
09:50:45.0549 0x206c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:50:45.0579 0x206c  WcsPlugInService - ok
09:50:45.0589 0x206c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
09:50:45.0599 0x206c  Wd - ok
09:50:45.0639 0x206c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
09:50:45.0669 0x206c  Wdf01000 - ok
09:50:45.0709 0x206c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
09:50:45.0739 0x206c  WdiServiceHost - ok
09:50:45.0749 0x206c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
09:50:45.0769 0x206c  WdiSystemHost - ok
09:50:45.0799 0x206c  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
09:50:45.0839 0x206c  WebClient - ok
09:50:45.0859 0x206c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
09:50:45.0929 0x206c  Wecsvc - ok
09:50:45.0959 0x206c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
09:50:45.0999 0x206c  wercplsupport - ok
09:50:46.0009 0x206c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
09:50:46.0059 0x206c  WerSvc - ok
09:50:46.0069 0x206c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
09:50:46.0099 0x206c  WfpLwf - ok
09:50:46.0169 0x206c  [ 52DED146E4797E6CCF94799E8E22BB2A, 57A29260D81AA3AD3F8C29E9CFA7CE3970D7A8BF673ADD9B256EE76C7DEC080E ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
09:50:46.0189 0x206c  WimFltr - ok
09:50:46.0229 0x206c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
09:50:46.0259 0x206c  WIMMount - ok
09:50:46.0319 0x206c  WinDefend - ok
09:50:46.0339 0x206c  WinHttpAutoProxySvc - ok
09:50:46.0379 0x206c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
09:50:46.0419 0x206c  Winmgmt - ok
09:50:46.0519 0x206c  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
09:50:46.0589 0x206c  WinRM - ok
09:50:46.0639 0x206c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
09:50:46.0669 0x206c  WinUsb - ok
09:50:46.0699 0x206c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
09:50:46.0749 0x206c  Wlansvc - ok
09:50:46.0849 0x206c  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:50:46.0899 0x206c  wlidsvc - ok
09:50:46.0929 0x206c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
09:50:46.0959 0x206c  WmiAcpi - ok
09:50:46.0979 0x206c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
09:50:46.0999 0x206c  wmiApSrv - ok
09:50:47.0009 0x206c  WMPNetworkSvc - ok
09:50:47.0019 0x206c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
09:50:47.0049 0x206c  WPCSvc - ok
09:50:47.0080 0x206c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
09:50:47.0120 0x206c  WPDBusEnum - ok
09:50:47.0120 0x206c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
09:50:47.0210 0x206c  ws2ifsl - ok
09:50:47.0220 0x206c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
09:50:47.0250 0x206c  wscsvc - ok
09:50:47.0280 0x206c  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
09:50:47.0320 0x206c  WSDPrintDevice - ok
09:50:47.0350 0x206c  [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
09:50:47.0380 0x206c  WSDScan - ok
09:50:47.0390 0x206c  WSearch - ok
09:50:47.0480 0x206c  [ 14882A15F5CE7B8EADC8E7F54FD5B53B, 75CE9845C6EE66B070EA3D11F5B49935B9D0A607DCC93D3105130F3987E39443 ] wuauserv        C:\Windows\system32\wuaueng.dll
09:50:47.0570 0x206c  wuauserv - ok
09:50:47.0590 0x206c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
09:50:47.0620 0x206c  WudfPf - ok
09:50:47.0640 0x206c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
09:50:47.0650 0x206c  WUDFRd - ok
09:50:47.0680 0x206c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
09:50:47.0710 0x206c  wudfsvc - ok
09:50:47.0740 0x206c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
09:50:47.0780 0x206c  WwanSvc - ok
09:50:47.0890 0x206c  [ 74983ADDCA2D9618512C088D856D6615, C4592EFC1206BD813221814FD529AD38ED26E4AE086613EB95D3D5E20448A1F0 ] {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054} C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl
09:50:47.0900 0x206c  {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054} - ok
09:50:47.0910 0x206c  ================ Scan global ===============================
09:50:47.0920 0x206c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
09:50:47.0950 0x206c  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
09:50:47.0970 0x206c  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
09:50:48.0000 0x206c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
09:50:48.0050 0x206c  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
09:50:48.0060 0x206c  [ Global ] - ok
09:50:48.0060 0x206c  ================ Scan MBR ==================================
09:50:48.0120 0x206c  [ 305F3085C8E8571895F4C9340B6A4B8E ] \Device\Harddisk0\DR0
09:50:48.0360 0x206c  \Device\Harddisk0\DR0 - ok
09:50:48.0960 0x206c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
09:50:49.0050 0x206c  \Device\Harddisk1\DR1 - ok
09:50:49.0050 0x206c  ================ Scan VBR ==================================
09:50:49.0050 0x206c  [ 37C4460E55B5C8D0C83E08BBA21AB9F5 ] \Device\Harddisk0\DR0\Partition1
09:50:49.0100 0x206c  \Device\Harddisk0\DR0\Partition1 - ok
09:50:49.0110 0x206c  [ 63353C87E08E8611C30A0077BF121E1E ] \Device\Harddisk0\DR0\Partition2
09:50:49.0170 0x206c  \Device\Harddisk0\DR0\Partition2 - ok
09:50:49.0170 0x206c  [ DAE338E96E0A5E2B65FE5C1E8DDBA68D ] \Device\Harddisk1\DR1\Partition1
09:50:49.0230 0x206c  \Device\Harddisk1\DR1\Partition1 - ok
09:50:49.0230 0x206c  ================ Scan generic autorun ======================
09:50:49.0330 0x206c  [ 92B818339D927E6625F3E4BC33B47E52, 9F2345E248EAD4595BB77248B68B15D379E5EDA3953DF6B286ECEF14591CC693 ] C:\Program Files\Dell Printers\Additional Color Laser Software\Launcher\DLQLU.EXE
09:50:49.0370 0x206c  DLQLU - ok
09:50:49.0440 0x206c  [ C320FD6AAC812A0E2F1B297F0155A7C1, 5F1F2AB1082DEC7AC2367B2B86B1CD7C470CB2757EFC0AAB334866BB5C7518C4 ] C:\Windows\system32\igfxtray.exe
09:50:49.0470 0x206c  IgfxTray - ok
09:50:49.0520 0x206c  [ 186B11DB117759DC7541E88AFCD3633A, DD6B4D1E3894E2AD4C47BA339007425A7DD1F111DADAA222E50A718291DBB602 ] C:\Windows\system32\hkcmd.exe
09:50:49.0550 0x206c  HotKeysCmds - ok
09:50:49.0600 0x206c  [ F8470C4F1061D34EAF7ADC0CF56D25A0, 0B97C71033A638F6EC234B0BAAB9F1F7287B4D8E83DADC9BD2DF2E55D2CD9965 ] C:\Windows\system32\igfxpers.exe
09:50:49.0620 0x206c  Persistence - ok
09:50:49.0730 0x206c  [ F5A5DBADCD24BDF33BFDAA789E39C876, A0D931FA339CA1FB6198BF5DF327ECEB0881796FFF92BDE0F9FC2C233C46E83C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
09:50:49.0760 0x206c  AdobeAAMUpdater-1.0 - ok
09:50:49.0810 0x206c  [ 076B3EE149E01ADBAC2DC529554A3FD9, 4F65D9D2EE44829AA2264210112851E899165C2346489BEBE679C41420CF7D07 ] C:\Program Files\iTunes\iTunesHelper.exe
09:50:49.0820 0x206c  iTunesHelper - ok
09:50:50.0020 0x206c  [ 436F9AC7980ED20BF23B77DFF3E05BC7, FCC403F5721ED0E8DC3C79FC2D41498394E6C6E8410021288BFF5C839407A5DF ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
09:50:50.0220 0x206c  RTHDVCPL - ok
09:50:50.0270 0x206c  [ 8FFDB89A0FB7C8ABC3A8825E38047341, B9107FAA3A885CD9A08C20F78D31C3642FA76812E417F41C4F2ADF7D90CA8C72 ] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
09:50:50.0290 0x206c  LWS - ok
09:50:50.0480 0x206c  [ 65C6AA484AD2287D20541C7735989437, 1842787640391F4A4CD9ED0A531298A61F4B2FB09BEC98FEE256313AFB458EDB ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
09:50:50.0570 0x206c  AvastUI.exe - ok
09:50:50.0680 0x206c  [ E38338CC40DBFE16540EC767BF65E4A2, 8BA91F90E92F1F06129930ABB6A9280AF9C33B05D13BF91A3F1185A639D3DE78 ] C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
09:50:50.0730 0x206c  KeePass 2 PreLoad - ok
09:50:50.0790 0x206c  [ 271B0D188430670509CB9943D5229205, 74CB5A9D8B5988AE08C0F65C601FC54F8745BAB6825B6FEEFBA8F068D656D8D7 ] C:\Program Files (x86)\QuickTime\QTTask.exe
09:50:50.0810 0x206c  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
09:50:53.0460 0x206c  Detect skipped due to KSN trusted
09:50:53.0460 0x206c  QuickTime Task - ok
09:50:53.0520 0x206c  [ 3E04F1E482357B1FC8B088197C3D9FF8, 85524ADDC27ADC831EBBD24E079B412CFDC69E5F594BD153319087665A28D546 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
09:50:53.0570 0x206c  Adobe ARM - ok
09:50:53.0630 0x206c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
09:50:53.0730 0x206c  Sidebar - ok
09:50:53.0750 0x206c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
09:50:53.0780 0x206c  mctadmin - ok
09:50:53.0800 0x206c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
09:50:53.0830 0x206c  Sidebar - ok
09:50:53.0830 0x206c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
09:50:53.0850 0x206c  mctadmin - ok
09:50:53.0890 0x206c  [ 0FC5C4AB0D5D0E710133F59589479739, 913A5BF8276676FB9F50023B0E1AA49B1C319748400C7412497AB65058E5F5E7 ] C:\Program Files\Allway Sync\Bin\syncappw.exe
09:50:53.0900 0x206c  Allway Sync - ok
09:50:53.0910 0x206c  [ 4D5256E494B5B3944987B52EBF9B24C2, 8763A623F275A187F1835EB9759334C547491ACE07E39EFDB0C37E0C98BC93CE ] C:\Program Files\HotSwap_5.0.0.0\64bit\HotSwap!.EXE
09:50:53.0920 0x206c  HotSwap! Applet - detected UnsignedFile.Multi.Generic ( 1 )
09:50:56.0550 0x206c  Detect skipped due to KSN trusted
09:50:56.0550 0x206c  HotSwap! Applet - ok
09:50:56.0620 0x206c  GoogleDriveSync - ok
09:50:56.0760 0x206c  [ E38338CC40DBFE16540EC767BF65E4A2, 8BA91F90E92F1F06129930ABB6A9280AF9C33B05D13BF91A3F1185A639D3DE78 ] C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
09:50:56.0810 0x206c  KeePass Password Safe 2 - ok
09:50:56.0820 0x206c  Skype - ok
09:50:56.0820 0x206c  Waiting for KSN requests completion. In queue: 6
09:50:57.0820 0x206c  Waiting for KSN requests completion. In queue: 6
09:50:58.0821 0x206c  Waiting for KSN requests completion. In queue: 6
09:50:59.0851 0x206c  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.2.2218.942 ), 0x41000 ( enabled : updated )
09:50:59.0861 0x206c  Win FW state via NFP2: enabled
09:51:02.0601 0x206c  ============================================================
09:51:02.0601 0x206c  Scan finished
09:51:02.0601 0x206c  ============================================================
09:51:02.0611 0x0d28  Detected object count: 0
09:51:02.0611 0x0d28  Actual detected object count: 0

FYI anbei die jüngste Meldung von AVAST. Die Webseiten ändern sich, die Fehlermeldung bezieht sich immer auf C:\Windows\System32\svchost.exe

URL: hxxp://bestdriverstar.net/4141/BorderlineRunner_142669490017530.dll
Infektion: URL:Mal
Prozess: C:\Windows\System32\svchost.exe

schrauber · 05.06.2015, 19:45

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Member 2015 · 05.06.2015, 21:35

Dankeschön.
Anbei das Logfile nach Combofix Scan.

Code:

ATTFilter

ComboFix 15-05-31.01 - NAME 05.06.2015  21:49:03.1.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.7895.4503 [GMT 2:00]
ausgeführt von:: c:\users\NAME\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.pol
c:\users\NAME\AppData\Local\assembly\tmp
c:\users\NAME\AppData\Local\Temp\_MEI56322\_ctypes.pyd
c:\users\NAME\AppData\Local\Temp\_MEI56322\_elementtree.pyd
c:\users\NAME\AppData\Local\Temp\_MEI56322\_hashlib.pyd
c:\users\NAME\AppData\Local\Temp\_MEI56322\_multiprocessing.pyd
c:\users\NAME\AppData\Local\Temp\_MEI56322\_psutil_windows.pyd
c:\users\NAME\AppData\Local\Temp\_MEI56322\_socket.pyd
c:\users\NAME\AppData\Local\Temp\_MEI56322\_ssl.pyd
c:\users\NAME\AppData\Local\Temp\_MEI56322\_yappi.pyd
c:\users\NAME\AppData\Local\Temp\_MEI56322\common.time34.pyd
c:\users\NAME\AppData\Local\Temp\_MEI56322\hashobjs_ext.pyd
c:\users\NAME\AppData\Local\Temp\_MEI56322\pyexpat.pyd
c:\users\NAME\AppData\Local\Temp\_MEI56322\pysqlite2._sqlite.pyd
c:\users\NAME\AppData\Local\Temp\_MEI56322\python27.dll
c:\users\NAME\AppData\Local\Temp\_MEI56322\pythoncom27.dll
c:\users\NAME\AppData\Local\Temp\_MEI56322\PyWinTypes27.dll
c:\users\NAME\AppData\Local\Temp\_MEI56322\select.pyd
c:\users\NAME\AppData\Local\Temp\_MEI56322\unicodedata.pyd
c:\users\NAME\AppData\Local\Temp\_MEI56322\usb_ext.pyd
c:\users\NAME\AppData\Local\Temp\_MEI56322\win32api.pyd
c:\users\NAME\AppData\Local\Temp\_MEI56322\win32com.shell.shell.pyd
c:\users\NAME\AppData\Local\Temp\_MEI56322\win32crypt.pyd
c:\users\NAME\AppData\Local\Temp\_MEI56322\win32event.pyd
c:\users\NAME\AppData\Local\Temp\_MEI56322\win32file.pyd
c:\users\NAME\AppData\Local\Temp\_MEI56322\win32gui.pyd
c:\users\NAME\AppData\Local\Temp\_MEI56322\win32inet.pyd
c:\users\NAME\AppData\Local\Temp\_MEI56322\win32pdh.pyd
c:\users\NAME\AppData\Local\Temp\_MEI56322\win32pipe.pyd
c:\users\NAME\AppData\Local\Temp\_MEI56322\win32process.pyd
c:\users\NAME\AppData\Local\Temp\_MEI56322\win32profile.pyd
c:\users\NAME\AppData\Local\Temp\_MEI56322\win32security.pyd
c:\users\NAME\AppData\Local\Temp\_MEI56322\win32ts.pyd
c:\users\NAME\AppData\Local\Temp\_MEI56322\windows._lib_cacheinvalidation.pyd
c:\users\NAME\AppData\Local\Temp\_MEI56322\wx._animate.pyd
c:\users\NAME\AppData\Local\Temp\_MEI56322\wx._controls_.pyd
c:\users\NAME\AppData\Local\Temp\_MEI56322\wx._core_.pyd
c:\users\NAME\AppData\Local\Temp\_MEI56322\wx._gdi_.pyd
c:\users\NAME\AppData\Local\Temp\_MEI56322\wx._html2.pyd
c:\users\NAME\AppData\Local\Temp\_MEI56322\wx._misc_.pyd
c:\users\NAME\AppData\Local\Temp\_MEI56322\wx._windows_.pyd
c:\users\NAME\AppData\Local\Temp\_MEI56322\wx._wizard.pyd
c:\users\NAME\AppData\Local\Temp\_MEI56322\wxbase294u_net_vc90.dll
c:\users\NAME\AppData\Local\Temp\_MEI56322\wxbase294u_vc90.dll
c:\users\NAME\AppData\Local\Temp\_MEI56322\wxmsw294u_adv_vc90.dll
c:\users\NAME\AppData\Local\Temp\_MEI56322\wxmsw294u_core_vc90.dll
c:\users\NAME\AppData\Local\Temp\_MEI56322\wxmsw294u_html_vc90.dll
c:\users\NAME\AppData\Local\Temp\_MEI56322\wxmsw294u_webview_vc90.dll
c:\windows\IsUn0407.exe
c:\windows\msdownld.tmp
c:\windows\SysWow64\out.txt . . . . Nicht in der Lage zu löschen
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-05-05 bis 2015-06-05  ))))))))))))))))))))))))))))))
.
.
2015-06-05 20:13 . 2015-06-05 20:13	--------	d-----w-	c:\users\DefaultAppPool\AppData\Local\temp
2015-06-04 09:35 . 2015-06-04 09:37	--------	d-----w-	C:\FRST
2015-06-04 07:22 . 2015-06-05 06:50	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-06-04 07:09 . 2015-06-04 07:09	--------	d-----w-	C:\RegBackup
2015-06-03 19:01 . 2015-05-03 03:16	12214312	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{52A37BA9-2B60-4D3D-BC98-14CAE9446602}\mpengine.dll
2015-06-03 19:01 . 2015-05-22 18:18	700416	----a-w-	c:\windows\system32\generaltel.dll
2015-06-03 19:01 . 2015-05-22 18:18	757248	----a-w-	c:\windows\system32\invagent.dll
2015-06-03 19:01 . 2015-05-22 18:18	423424	----a-w-	c:\windows\system32\devinv.dll
2015-06-03 19:01 . 2015-05-22 18:18	1021440	----a-w-	c:\windows\system32\appraiser.dll
2015-06-03 19:01 . 2015-05-22 18:18	45568	----a-w-	c:\windows\system32\acmigration.dll
2015-06-03 19:01 . 2015-05-22 18:18	227328	----a-w-	c:\windows\system32\aepdu.dll
2015-06-03 19:01 . 2015-05-22 18:13	1119232	----a-w-	c:\windows\system32\aeinv.dll
2015-06-03 19:01 . 2015-05-21 13:19	193536	----a-w-	c:\windows\system32\aepic.dll
2015-05-30 08:44 . 2015-05-30 08:44	--------	d-----w-	c:\program files\Realtek
2015-05-30 08:44 . 2015-05-30 08:44	--------	d-----w-	c:\windows\SysWow64\RTCOM
2015-05-30 08:42 . 2000-01-01 00:00	451096	----a-w-	c:\windows\system32\SRAPO64.dll
2015-05-30 08:41 . 2000-01-01 00:00	712296	----a-w-	c:\windows\system32\DTSSymmetryDLL64.dll
2015-05-29 21:23 . 2015-05-29 21:23	--------	d-----w-	c:\users\NAME\AppData\Roaming\Mythicsoft
2015-05-29 21:23 . 2015-05-29 21:23	--------	d-----w-	c:\program files\Mythicsoft
2015-05-29 21:16 . 2015-05-29 21:21	--------	d-----w-	c:\programdata\Copernic
2015-05-29 20:53 . 2015-05-29 20:53	--------	d-----w-	c:\programdata\SlimWare Utilities, Inc
2015-05-29 20:50 . 2015-05-29 20:50	--------	d-----w-	c:\program files\Tor Browser
2015-05-29 14:10 . 2015-05-31 07:42	--------	d-----w-	C:\Indexordner
2015-05-20 04:50 . 2015-04-11 03:19	69888	----a-w-	c:\windows\system32\drivers\stream.sys
2015-05-17 09:39 . 2015-05-17 09:53	--------	d-----w-	c:\program files (x86)\SmartDVB
2015-05-17 06:55 . 2015-05-17 06:55	--------	d-----w-	c:\programdata\eBay
2015-05-17 06:55 . 2015-05-17 06:55	--------	d-----w-	c:\program files (x86)\eBay
2015-05-16 08:40 . 2015-05-16 08:40	--------	d-----w-	c:\users\NAME\AppData\Roaming\SolidDocuments
2015-05-14 14:51 . 2015-06-05 06:18	136408	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-05-14 14:51 . 2015-06-05 06:18	107736	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-05-14 14:51 . 2015-05-14 14:51	--------	d-----w-	c:\program files (x86)\ Malwarebytes Anti-Malware 
2015-05-14 14:51 . 2015-04-14 07:37	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2015-05-14 14:51 . 2015-04-14 07:37	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2015-05-14 06:56 . 2015-05-01 13:17	124112	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 06:56 . 2015-05-01 13:16	102608	----a-w-	c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-05-08 20:29 . 2008-07-12 06:18	3851784	----a-w-	c:\windows\SysWow64\D3DX9_39.dll
2015-05-08 20:27 . 2015-05-08 20:27	--------	d-----w-	c:\program files (x86)\Microsoft Visual Studio 8
2015-05-08 20:27 . 2015-05-08 20:27	--------	d-----w-	c:\program files (x86)\Microsoft Expression
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-06-04 06:49 . 2012-04-13 20:48	778416	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-06-04 06:49 . 2011-05-20 07:26	142512	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-05-25 18:01 . 2015-06-03 19:00	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-05-14 06:59 . 2011-05-12 20:38	140425016	----a-w-	c:\windows\system32\MRT.exe
2015-04-24 21:50 . 2015-04-24 21:50	320424	----a-w-	c:\windows\system32\javaws.exe
2015-04-24 21:50 . 2015-04-24 21:50	189864	----a-w-	c:\windows\system32\javaw.exe
2015-04-24 21:50 . 2015-04-24 21:50	189864	----a-w-	c:\windows\system32\java.exe
2015-04-24 21:50 . 2015-04-24 21:50	111016	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2015-04-21 21:12 . 2014-01-01 20:24	137288	----a-w-	c:\windows\system32\drivers\aswStm.sys
2015-04-21 21:12 . 2014-01-01 20:22	442264	----a-w-	c:\windows\system32\drivers\aswSP.sys
2015-04-21 21:12 . 2013-11-15 20:11	65736	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2015-04-21 21:12 . 2013-11-15 20:11	272248	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2015-04-21 21:12 . 2013-11-15 20:11	89944	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2015-04-21 21:12 . 2015-04-21 21:12	364472	----a-w-	c:\windows\system32\aswBoot.exe
2015-04-21 21:12 . 2014-04-19 09:51	29168	----a-w-	c:\windows\system32\drivers\aswHwid.sys
2015-04-21 21:12 . 2013-11-15 20:11	93528	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2015-04-21 21:12 . 2015-04-21 21:12	43112	----a-w-	c:\windows\avastSS.scr
2015-04-21 21:12 . 2013-11-15 20:11	1047320	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2015-03-19 11:09 . 2015-03-19 11:09	507904	----a-r-	c:\windows\SysWow64\btwapi.dll
2015-03-19 10:22 . 2015-03-19 10:22	18432	----a-w-	c:\windows\system32\drivers\rimvndis6_AMD64.sys
2015-03-14 03:21 . 2015-04-21 21:28	82944	----a-w-	c:\windows\system32\dwmapi.dll
2015-03-14 03:21 . 2015-04-21 21:28	1632768	----a-w-	c:\windows\system32\dwmcore.dll
2015-03-14 03:04 . 2015-04-21 21:28	67584	----a-w-	c:\windows\SysWow64\dwmapi.dll
2015-03-14 03:04 . 2015-04-21 21:28	1372160	----a-w-	c:\windows\SysWow64\dwmcore.dll
2015-03-10 07:22 . 2014-11-15 11:38	627920	----a-w-	c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2015-03-10 03:25 . 2015-04-20 12:24	1882624	----a-w-	c:\windows\system32\msxml3.dll
2015-03-10 03:21 . 2015-04-20 12:24	2048	----a-w-	c:\windows\system32\msxml3r.dll
2015-03-10 03:08 . 2015-04-20 12:24	1237504	----a-w-	c:\windows\SysWow64\msxml3.dll
2015-03-10 03:05 . 2015-04-20 12:24	2048	----a-w-	c:\windows\SysWow64\msxml3r.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Allway Sync"="c:\program files\Allway Sync\Bin\syncappw.exe" [2015-04-20 96456]
"HotSwap! Applet"="c:\program files\HotSwap_5.0.0.0\64bit\HotSwap!.EXE" [2012-02-18 117248]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2015-04-28 25700400]
"KeePass Password Safe 2"="c:\program files (x86)\KeePass Password Safe 2\KeePass.exe" [2015-04-10 2715536]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-04-17 31280256]
"Safe PST Backup"="c:\program files (x86)\4Team Corporation\Safe PST Backup\SafePSTBackup.exe" [2014-08-05 5162832]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-11-21 7063832]
"Visual Subst"="c:\program files (x86)\Visual Subst\VSubst.exe" [2008-02-02 139672]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2015-04-26 43816]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2015-04-26 43816]
"iCloudDrive"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe" [2015-04-26 43816]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2012-09-12 204136]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-05-11 5515496]
"KeePass 2 PreLoad"="c:\program files (x86)\KeePass Password Safe 2\KeePass.exe" [2015-04-10 2715536]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-10-02 421888]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-12-19 1022152]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe" [2015-05-01 3498728]
"Syncios device service"="c:\program files (x86)\Syncios\SynciosDeviceService.exe" [2015-03-06 778752]
.
c:\users\NAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
HiDrive.lnk - c:\program files (x86)\Strato\HiDrive\HiDrive.App.exe /hideexp [2015-4-1 9164912]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 blackberryncm;BlackBerryNCM Service;c:\windows\system32\DRIVERS\blackberryncm6_AMD64.sys;c:\windows\SYSNATIVE\DRIVERS\blackberryncm6_AMD64.sys [x]
R3 cleanhlp;cleanhlp;c:\program files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys;c:\program files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 cxpl_mhd;Cinergy T PCIe Dual;c:\windows\system32\drivers\y_cx88x.sys;c:\windows\SYSNATIVE\drivers\y_cx88x.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys;c:\windows\SYSNATIVE\DRIVERS\ICCWDT.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 usbrndis6;USB-RNDIS6-Adapter;c:\windows\system32\DRIVERS\usb80236.sys;c:\windows\SYSNATIVE\DRIVERS\usb80236.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys;c:\windows\SYSNATIVE\DRIVERS\fltsrv.sys [x]
S0 tib;Acronis TIB Manager;c:\windows\system32\DRIVERS\tib.sys;c:\windows\SYSNATIVE\DRIVERS\tib.sys [x]
S0 tib_mounter;Acronis TIB Mounter;c:\windows\system32\DRIVERS\tib_mounter.sys;c:\windows\SYSNATIVE\DRIVERS\tib_mounter.sys [x]
S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys;c:\windows\SYSNATIVE\DRIVERS\vididr.sys [x]
S0 vidsflt;Acronis Disk Storage Filter;c:\windows\system32\DRIVERS\vidsflt.sys;c:\windows\SYSNATIVE\DRIVERS\vidsflt.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 cbfs5;cbfs5;c:\windows\system32\drivers\cbfs5.sys;c:\windows\SYSNATIVE\drivers\cbfs5.sys [x]
S2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};Power Control [2011/05/10 21:03];c:\program files (x86)\CyberLink\PowerDVD8\000.fcl;c:\program files (x86)\CyberLink\PowerDVD8\000.fcl [x]
S2 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.12\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.00.12\atkexComSvc.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.09\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.09\aaHMSvc.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.10\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.10\AsSysCtrlService.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 BotkindSyncService;Botkind Service;c:\program files\Allway Sync\Bin\SyncService.exe service;c:\program files\Allway Sync\Bin\SyncService.exe service [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 ClickToRunSvc;Microsoft Office-Klick-und-Los-Dienst;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 RIM MDNS;RIM MDNS;c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe;c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [x]
S2 RIM Tunnel Service;BlackBerry Link Communication Manager;c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe service;c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe service [x]
S2 SafePSTShadowCopy;SafePSTBackup Shadow Copy Service;c:\program files (x86)\4Team Corporation\SafePSTBackup Shadow Copy Service\SafePST.ShadowCopySvc.exe;c:\program files (x86)\4Team Corporation\SafePSTBackup Shadow Copy Service\SafePST.ShadowCopySvc.exe [x]
S2 SeagateDashboardService;Seagate Dashboard Service;c:\program files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe;c:\program files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [x]
S2 syncagentsrv;Acronis Sync Agent Service;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys;c:\windows\SYSNATIVE\DRIVERS\afcdp.sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 AVMCOWAN;AVM ISDN CoNDIS WAN CAPI Driver;c:\windows\system32\DRIVERS\AVMCOWAN.sys;c:\windows\SYSNATIVE\DRIVERS\AVMCOWAN.sys [x]
S3 BlackBerry Device Manager;BlackBerry Device Manager;c:\program files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe;c:\program files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
S3 FPCIBASE;AVM FRITZ!Card PCI;c:\windows\system32\DRIVERS\fpcibase.sys;c:\windows\SYSNATIVE\DRIVERS\fpcibase.sys [x]
S3 GeneStor;Genesys Logic Storage Driver;c:\windows\system32\DRIVERS\GeneStor.sys;c:\windows\SYSNATIVE\DRIVERS\GeneStor.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech HD Webcam C270(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
S3 MTSBDA;TechniSat CableStar HD2;c:\windows\system32\Drivers\MtsBda.sys;c:\windows\SYSNATIVE\Drivers\MtsBda.sys [x]
S3 MtsHID;TechniSat Mantis BDA HID Driver;c:\windows\system32\drivers\MtsHID.sys;c:\windows\SYSNATIVE\drivers\MtsHID.sys [x]
S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
S3 rimvndis;BlackBerry Virtual Private Network;c:\windows\system32\Drivers\rimvndis6_AMD64.sys;c:\windows\SYSNATIVE\Drivers\rimvndis6_AMD64.sys [x]
S3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{B17A6CEB-057D-47DE-9F7C-0BB3FDF30F4C}]
2010-11-20 12:17	73216	----a-w-	c:\windows\SysWOW64\msiexec.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-06-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 06:49]
.
2015-05-31 c:\windows\Tasks\Allway Sync_{4526EC8052B0DD6E9FE27029D0A8F297}.job
- c:\program files\Allway Sync\Bin\syncappw.exe [2011-05-10 22:37]
.
2015-05-30 c:\windows\Tasks\Allway Sync_{47DB885EEF89F1BFADE380163D5D1ABD}.job
- c:\program files\Allway Sync\Bin\syncappw.exe [2011-05-10 22:37]
.
2015-05-31 c:\windows\Tasks\Allway Sync_{4D5D44EA8CFE20E67E17FB2D2B9557A2}.job
- c:\program files\Allway Sync\Bin\syncappw.exe [2011-05-10 22:37]
.
2015-05-31 c:\windows\Tasks\Allway Sync_{4F0C1497E9A5A062AD06B978802E02AB}.job
- c:\program files\Allway Sync\Bin\syncappw.exe [2011-05-10 22:37]
.
2015-06-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-13 20:21]
.
2015-06-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-13 20:21]
.
2015-06-05 c:\windows\Tasks\MT66 Software Update.job
- c:\program files (x86)\Common Files\MT66 Software Update\UpdateClient.exe [2014-03-15 17:44]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-04-14 14:30	2334936	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-04-14 14:30	2334936	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-04-14 14:30	2334936	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-04-21 21:12	722400	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2015-04-28 09:34	774984	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2015-04-28 09:34	774984	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2015-04-28 09:34	774984	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2015-04-28 09:34	774984	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2015-04-28 09:34	774984	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\HiDriveOverlayIcon1]
@="{45a23d58-ebdc-3d73-ae36-80fd48cb363e}"
[HKEY_CLASSES_ROOT\CLSID\{45a23d58-ebdc-3d73-ae36-80fd48cb363e}]
2010-11-05 01:57	444752	----a-w-	c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\HiDriveOverlayIcon2]
@="{654b0053-308a-3fcf-8a68-08cc1f1e7783}"
[HKEY_CLASSES_ROOT\CLSID\{654b0053-308a-3fcf-8a68-08cc1f1e7783}]
2010-11-05 01:57	444752	----a-w-	c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DLQLU"="c:\program files\Dell Printers\Additional Color Laser Software\Launcher\DLQLU.EXE" [2013-02-25 1244136]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2015-01-30 174480]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2015-01-30 402320]
"Persistence"="c:\windows\system32\igfxpers.exe" [2015-01-30 445328]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2014-02-27 558496]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-04-06 169768]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2000-01-01 7659224]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
IE: add to &BOM - c:\\PROGRA~2\\BIET-O~1\\\\AddToBOM.hta
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\NAME\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
Trusted Zone: dell.com
TCP: Interfaces\{ECCA7DF3-97D5-4CE0-9D74-741776634C45}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
FF - ProfilePath - c:\users\NAME\AppData\Roaming\Mozilla\Firefox\Profiles\fjh6c24b.default-1430949737863\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.de/
FF - prefs.js: network.proxy.type - 4
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
SafeBoot-CleanHlp
SafeBoot-CleanHlp.sys
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
AddRemove-Essential XML Editor - c:\programdata\{DB074885-BBA6-46B1-AD15-3339F4915375}\Essential XML Editor Setup.exe
AddRemove-FRITZ! 2.0 - c:\windows\IsUn0407.exe
AddRemove-{43B74FAB-FB58-447D-8D3A-5F638AF36FD1} - c:\programdata\{DD034EDF-8A92-4F84-A64A-26BF9B7AE354}\Netzmanager1.070.0305_111110b.exe
AddRemove-{97D23E68-AF01-4B69-B31E-7DFC209D01F3} - c:\programdata\{DB074885-BBA6-46B1-AD15-3339F4915375}\Essential XML Editor Setup.exe
AddRemove-{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23} - c:\program files (x86)\InstallShield Installation Information\{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}\setup.exe
AddRemove-UnityWebPlayer - c:\users\NAME\AppData\Local\Unity\WebPlayer\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD8\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\program files (x86)\ASUS\AI Suite II\AsRoutineController.exe
c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
c:\program files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
c:\program files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
c:\program files (x86)\TeamViewer\TeamViewer.exe
c:\program files (x86)\ASUS\AI Suite II\AI Suite II.exe
c:\program files (x86)\TeamViewer\tv_w32.exe
c:\program files\Microsoft Office 15\Root\Office15\MsoSync.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-06-05  22:23:25 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-06-05 20:23
.
Vor Suchlauf: 14 Verzeichnis(se), 911.422.730.240 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 911.208.218.624 Bytes frei
.
- - End Of File - - E058CDD23B9E2B6AAB1D99D4197B81DA
305F3085C8E8571895F4C9340B6A4B8E

schrauber · 06.06.2015, 16:24

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Member 2015 · 07.06.2015, 16:57

Danke Dir.

Hier MBAM.TXT

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 06.06.2015
Suchlauf-Zeit: 17:39:15
Logdatei: Malwarebytes Anti-Malware Log.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.06.06.03
Rootkit Datenbank: v2015.06.02.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: NAME

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 496892
Verstrichene Zeit: 23 Min, 14 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 0
(Keine schädliche Elemente gefunden)

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)

Hier ADWCLEANER.TXT

Code:

ATTFilter

# AdwCleaner v4.113 - Bericht erstellt 06/06/2015 um 18:07:57
# Aktualisiert 22/03/2015 von Xplode
# Datenbank : 2015-06-05.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : NAME - PCBUERO
# Gestarted von : C:\Program Files\AdwareCleaner\adwcleaner_4.113.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****

-\\ Internet Explorer v10.0.9200.17356


-\\ Mozilla Firefox v38.0.5 (x86 de)


-\\ Google Chrome v


*************************

AdwCleaner[R15].txt - [1386 Bytes] - [01/03/2015 15:06:16]
AdwCleaner[R20].txt - [581 Bytes] - [02/06/2015 21:48:59]
AdwCleaner[R21].txt - [1002 Bytes] - [06/06/2015 18:04:49]
AdwCleaner[R22].txt - [1062 Bytes] - [06/06/2015 18:06:56]
AdwCleaner[S10].txt - [976 Bytes] - [02/06/2015 21:50:09]
AdwCleaner[S11].txt - [985 Bytes] - [06/06/2015 18:07:57]

########## EOF - C:\AdwCleaner\AdwCleaner[S11].txt - [1044  Bytes] ##########

Und hier noch die JRT.TXT

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.8.8 (06.03.2015:1)
OS: Windows 7 Home Premium x64
Ran by NAME on 06.06.2015 at 18:14:49,18
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06.06.2015 at 18:17:28,98
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Habe die letzte Stunde keine AVAST-Warnung mehr gesehen. Wegen Neustart kann ich den AVAST-Befehl Letztes Popup anzeigen nicht anklicken.

Seit gestern 1700 Uhr zeigt AVAST kein Popup "Webseite blockiert" mehr an.

Kann es sein, dass das Malware-Zeug nun komplett entfernt wurde?

Keine Popups mehr den ganzen Tag. Hoffe, damit bin ich das Zeug losgeworden.
Ich danke Dir, Schrauber, für Deine umfassende und schnelle Hilfe.

schrauber · 08.06.2015, 10:20

Noch Kontrollscans

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Member 2015 · 09.06.2015, 06:41

Danke Dir. Hier zunächst das ESET-Log.

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=4e9a6112dc0b5c4da6d0133298876aa0
# end=init
# utc_time=2015-06-08 06:53:43
# local_time=2015-06-08 08:53:43 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 24233
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=4e9a6112dc0b5c4da6d0133298876aa0
# end=updated
# utc_time=2015-06-08 06:55:19
# local_time=2015-06-08 08:55:19 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=4e9a6112dc0b5c4da6d0133298876aa0
# engine=24233
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-06-09 03:06:12
# local_time=2015-06-09 05:06:12 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 97 2231132 49276531 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 156850 185449022 0 0
# scanned=652387
# found=2
# cleaned=2
# scan_time=29452
sh=4661569D524B9A9C2B5A0D6FAF1573881B987892 ft=1 fh=250619b746ab45ad vn="Win32/Toolbar.Widgi evtl. unerwÃ¼nschte Anwendung (gelÃ¶scht - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Indexordner\NAME\Software- und Softwaresicherungen\Rendering\Setup_FreeVideoConverter(1).exe"
sh=F1DAA8FD7A64B1E36EB25DAF1FCE5AE1E49AE867 ft=1 fh=f01866555881a4dd vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwÃ¼nschte Anwendung (gelÃ¶scht - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Indexordner\NAME\Software- und Softwaresicherungen\Streaming\TVersitySetup_1_9_3.exe"

schrauber · 09.06.2015, 20:24

und weiter

Member 2015 · 09.06.2015, 21:06

War unterwegs ;-)

Jetzt das Log Security Check.

Code:

ATTFilter

 Results of screen317's Security Check version 1.002  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 10 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 JavaFX 2.1.1    
 Java 7 Update 60  
 Java version 32-bit out of Date! 
 Adobe Flash Player 17.0.0.188  
 Mozilla Firefox (38.0.5) 
````````Process Check: objlist.exe by Laurent````````  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast avastui.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

und gleich FRST

und hier das FRST Log von eben. Keine Probleme mehr. Herzlichen Dank für Deine Hilfe.
Meinst Du, die Kiste ist wieder sauber?

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:03-06-2015
Ran by NAME (administrator) on PCBUERO on 09-06-2015 22:03:59
Running from C:\Users\NAME\Downloads
Loaded Profiles: NAME (Available Profiles: NAME)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.09\aaHMSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Memeo) C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.12\atkexComSvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
() C:\Program Files (x86)\Strato\HiDrive\HiDrive.App.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
(Dominik Reichl) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
() C:\Program Files\Allway Sync\Bin\syncappw.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmprph.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [DLQLU] => C:\Program Files\Dell Printers\Additional Color Laser Software\Launcher\DLQLU.EXE [1244136 2013-02-25] (Dell Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7659224 2000-01-01] (Realtek Semiconductor)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2715536 2015-04-10] (Dominik Reichl)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498728 2015-05-01] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Syncios\SynciosDeviceService.exe [778752 2015-03-06] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [X]
HKU\S-1-5-21-4059485407-2828597014-2479886380-1000\...\Run: [Allway Sync] => C:\Program Files\Allway Sync\Bin\syncappw.exe [96456 2015-04-21] ()
HKU\S-1-5-21-4059485407-2828597014-2479886380-1000\...\Run: [HotSwap! Applet] => C:\Program Files\HotSwap_5.0.0.0\64bit\HotSwap!.EXE [117248 2012-02-18] (Kazuyuki Nakayama)
HKU\S-1-5-21-4059485407-2828597014-2479886380-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [21969480 2015-05-19] (Google)
HKU\S-1-5-21-4059485407-2828597014-2479886380-1000\...\Run: [KeePass Password Safe 2] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2715536 2015-04-10] (Dominik Reichl)
HKU\S-1-5-21-4059485407-2828597014-2479886380-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-4059485407-2828597014-2479886380-1000\...\Run: [Safe PST Backup] => C:\Program Files (x86)\4Team Corporation\Safe PST Backup\SafePSTBackup.exe [5162832 2014-08-05] (4Team Corporation)
HKU\S-1-5-21-4059485407-2828597014-2479886380-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-4059485407-2828597014-2479886380-1000\...\Run: [Visual Subst] => C:\Program Files (x86)\Visual Subst\VSubst.exe [139672 2008-02-02] (NTWind Software)
HKU\S-1-5-21-4059485407-2828597014-2479886380-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-4059485407-2828597014-2479886380-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-4059485407-2828597014-2479886380-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-4059485407-2828597014-2479886380-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
Startup: C:\Users\NAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HiDrive.lnk [2014-10-23]
ShortcutTarget: HiDrive.lnk -> C:\Program Files (x86)\Strato\HiDrive\HiDrive.App.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-21] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [HiDriveOverlayIcon1] -> {45a23d58-ebdc-3d73-ae36-80fd48cb363e} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [HiDriveOverlayIcon2] -> {654b0053-308a-3fcf-8a68-08cc1f1e7783} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4059485407-2828597014-2479886380-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4059485407-2828597014-2479886380-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4059485407-2828597014-2479886380-1000 -> {F08562FF-F3FE-43A7-99E6-44A9DE6C2924} URL = https://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-04-24] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-25] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-04-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-04-24] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO-x32: No Name -> {120A8821-2BEE-4C29-BCDA-62C577781992} ->  No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-25] (Avast Software s.r.o.)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - No Name - {120A8821-2BEE-4C29-BCDA-62C577781992} -  No File
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-4059485407-2828597014-2479886380-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\..\Interfaces\{ECCA7DF3-97D5-4CE0-9D74-741776634C45}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

FireFox:
========
FF ProfilePath: C:\Users\NAME\AppData\Roaming\Mozilla\Firefox\Profiles\fjh6c24b.default-1430949737863
FF DefaultSearchEngine.US: Google
FF Homepage: https://www.google.de/
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-04] ()
FF Plugin: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-04-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-04-24] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-04] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-11-15] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2015-03-19] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin HKU\S-1-5-21-4059485407-2828597014-2479886380-1000: @hola.org/vlc,version=1.7.116 -> C:\Users\NAME\AppData\Local\Hola\firefox\app\vlc No File
FF Plugin HKU\S-1-5-21-4059485407-2828597014-2479886380-1000: @phonostar.de/phonostar -> C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll No File
FF Plugin HKU\S-1-5-21-4059485407-2828597014-2479886380-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\NAME\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-01-23] (Unity Technologies ApS)
FF Extension: Flash Video Downloader - YouTube HD Downloader [4K] - C:\Users\NAME\AppData\Roaming\Mozilla\Firefox\Profiles\fjh6c24b.default-1430949737863\Extensions\artur.dubovoy@gmail.com [2015-05-29]
FF Extension: FoxyProxy Standard - C:\Users\NAME\AppData\Roaming\Mozilla\Firefox\Profiles\fjh6c24b.default-1430949737863\Extensions\foxyproxy@eric.h.jung [2015-05-30]
FF Extension: Youtube Downloader - 4K Download - C:\Users\NAME\AppData\Roaming\Mozilla\Firefox\Profiles\fjh6c24b.default-1430949737863\Extensions\paulsaintuzb@gmail.com [2015-05-29]
FF Extension: EPUBReader - C:\Users\NAME\AppData\Roaming\Mozilla\Firefox\Profiles\fjh6c24b.default-1430949737863\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2015-05-29]
FF Extension: Forecastfox (fix version) - C:\Users\NAME\AppData\Roaming\Mozilla\Firefox\Profiles\fjh6c24b.default-1430949737863\Extensions\forecastfox@s3_fix_version.xpi [2015-05-07]
FF Extension: Screengrab  (fix version) - C:\Users\NAME\AppData\Roaming\Mozilla\Firefox\Profiles\fjh6c24b.default-1430949737863\Extensions\{02450914-cdd9-410f-b1da-db004e18c671}.xpi [2015-05-07]
FF Extension: All-in-One Sidebar - C:\Users\NAME\AppData\Roaming\Mozilla\Firefox\Profiles\fjh6c24b.default-1430949737863\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2015-05-07]
FF Extension: Download YouTube Videos as MP4 - C:\Users\NAME\AppData\Roaming\Mozilla\Firefox\Profiles\fjh6c24b.default-1430949737863\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2015-05-07]
FF Extension: Adblock Plus - C:\Users\NAME\AppData\Roaming\Mozilla\Firefox\Profiles\fjh6c24b.default-1430949737863\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-07]
FF Extension: Recorder Toolbar - C:\Program Files (x86)\Mozilla Firefox\extensions\{10743931-94DF-476f-A987-4391233C17A2} [2015-06-03]
FF Extension: avast! Ad Blocker - C:\Program Files (x86)\Mozilla Firefox\extensions\adblocker@avast.com.xpi [2015-06-03]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-06-03]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-15]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-03-21]
FF HKU\S-1-5-21-4059485407-2828597014-2479886380-1000\...\Firefox\Extensions: [{b9aa91db-385d-4c69-8a2f-96790aa9405b}] - c:\program files (x86)\copernic\desktopsearch4\firefoxconnector

Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Browser\nppdf32.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (RIM Handheld Application Loader) - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Profile: C:\Users\NAME\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-01]
CHR Extension: (Google Drive) - C:\Users\NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-01]
CHR Extension: (YouTube) - C:\Users\NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-01]
CHR Extension: (Google Search) - C:\Users\NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-01]
CHR Extension: (Chrome In-App Payments service) - C:\Users\NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-01]
CHR Extension: (Gmail) - C:\Users\NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-01]
CHR HKU\S-1-5-21-4059485407-2828597014-2479886380-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cnnbdaahphjgdgfhliignpepgnbnfomp] - c:\program files (x86)\copernic\desktopsearch4\ChromeConnector\ChromeConnector.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2015-05-01]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-03]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.12\atkexComSvc.exe [917120 2010-10-28] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.09\aaHMSvc.exe [909440 2010-11-03] ()
S2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.10\AsSysCtrlService.exe [586880 2010-10-21] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-21] (Avast Software s.r.o.)
R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [588024 2014-10-31] (BlackBerry Limited)
S2 BotkindSyncService; C:\Program Files\Allway Sync\Bin\SyncService.exe [262144 2015-04-13] () [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S2 Capture Device Service; C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2011-08-23] (Macrovision Europe Ltd.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 RasMan; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 RasMan; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [396024 2015-03-19] (Apple Inc.)
R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1354488 2015-03-19] (BlackBerry Limited)
S2 SafePSTShadowCopy; C:\Program Files (x86)\4Team Corporation\SafePSTBackup Shadow Copy Service\SafePST.ShadowCopySvc.exe [16736 2014-08-05] (4Team)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-01] (TeamViewer GmbH)
S3 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2005-01-31] (Ulead Systems, Inc.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 HPSLPSVC; C:\Users\NAME\AppData\Local\Temp\7zS7869\hpslpsvc64.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-21] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-21] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-21] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-21] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-21] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-21] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-21] ()
R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [79872 2009-06-10] (AVM GmbH)
S3 blackberryncm; C:\Windows\System32\DRIVERS\blackberryncm6_AMD64.sys [25088 2014-09-08] (BlackBerry)
R1 cbfs5; C:\Windows\system32\drivers\cbfs5.sys [421568 2015-01-23] (EldoS Corporation)
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-05] (Microsoft Corporation)
R3 FPCIBASE; C:\Windows\System32\DRIVERS\fpcibase.sys [899328 2009-06-10] (AVM Berlin)
R3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [111336 2014-04-28] (GenesysLogic)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2013-11-29] (Qualcomm Atheros Co., Ltd.)
S4 LMIRfsClientNP; No ImagePath
R3 MTSBDA; C:\Windows\System32\Drivers\MtsBda.sys [344592 2009-07-14] (TechniSat Provide)
R3 MtsHID; C:\Windows\System32\drivers\MtsHID.sys [27664 2011-01-23] (TechniSat Provide)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-08-20] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-08-20] ()
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2014-05-06] (BlackBerry Limited)
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [18432 2015-03-19] (BlackBerry Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [23552 2014-01-12] (Windows (R) Win 7 DDK provider)
R3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [86016 2014-01-12] (Nuvoton Technology Corp.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-01-18] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2014-01-18] (Acronis)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2014-01-18] (Acronis International GmbH)
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl [146928 2009-08-28] (CyberLink Corp.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfoX64.sys [X]
U3 DfSdkS; No ImagePath
S2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [X]
S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP4c\WNt500x64\Sandra.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-09 22:01 - 2015-06-09 22:01 - 00000842 _____ C:\Users\NAME\Downloads\checkup.txt
2015-06-09 21:59 - 2015-06-09 21:59 - 00852639 _____ C:\Users\NAME\Downloads\SecurityCheck.exe
2015-06-08 20:52 - 2015-06-08 20:52 - 02870984 _____ (ESET) C:\Users\NAME\Downloads\esetsmartinstaller_deu.exe
2015-06-07 09:33 - 2015-06-07 09:33 - 00000000 ____D C:\Unklare Dateien auf C
2015-06-06 18:17 - 2015-06-06 18:17 - 00000599 _____ C:\Users\NAME\Downloads\JRT.txt
2015-06-06 18:11 - 2015-06-06 18:11 - 00001124 _____ C:\Users\NAME\Downloads\AdwCleaner[S11].txt
2015-06-06 18:05 - 2015-06-06 18:06 - 02942610 _____ (Thisisu) C:\Users\NAME\Downloads\JRT.exe
2015-06-06 18:03 - 2015-06-06 18:18 - 00001230 _____ C:\Users\NAME\Downloads\MBAM.txt
2015-06-05 21:46 - 2015-06-05 22:23 - 00000000 ____D C:\Qoobox
2015-06-05 21:46 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-06-05 21:46 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-06-05 21:46 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-06-05 21:46 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-06-05 21:46 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-06-05 21:46 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-06-05 21:46 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-06-05 21:46 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-06-05 21:45 - 2015-06-05 22:20 - 00000000 ____D C:\Windows\erdnt
2015-06-05 21:43 - 2015-06-05 21:44 - 05628238 ____R (Swearware) C:\Users\NAME\Downloads\ComboFix.exe
2015-06-05 08:55 - 2015-06-05 08:55 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\NAME\Downloads\tdsskiller.exe
2015-06-05 08:18 - 2015-06-05 08:50 - 00000000 ____D C:\Users\NAME\Downloads\mbar
2015-06-05 08:13 - 2015-06-05 08:13 - 16502728 _____ (Malwarebytes Corp.) C:\Users\NAME\Downloads\mbar-1.09.1.1004.exe
2015-06-04 11:36 - 2015-06-09 22:03 - 00032463 _____ C:\Users\NAME\Downloads\FRST.txt
2015-06-04 11:36 - 2015-06-04 11:38 - 00064882 _____ C:\Users\NAME\Downloads\Addition.txt
2015-06-04 11:35 - 2015-06-09 22:04 - 00000000 ____D C:\FRST
2015-06-04 11:35 - 2015-06-04 11:35 - 02108928 _____ (Farbar) C:\Users\NAME\Downloads\FRST64.exe
2015-06-04 09:22 - 2015-06-05 08:50 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-06-04 09:09 - 2015-06-04 09:09 - 00000207 _____ C:\Windows\tweaking.com-regbackup-PCBUERO-Windows-7-Home-Premium-(64-bit).dat
2015-06-04 09:09 - 2015-06-04 09:09 - 00000000 ____D C:\RegBackup
2015-06-04 08:42 - 2015-06-05 22:14 - 00000910 _____ C:\Windows\PFRO.log
2015-06-03 23:45 - 2015-06-03 23:45 - 00002156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2015-06-03 21:01 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-03 21:01 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-03 21:01 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-03 21:01 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-03 21:01 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-03 21:01 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-03 21:01 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-03 21:01 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-03 21:00 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-03 21:00 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-03 21:00 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-03 21:00 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-03 21:00 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-03 21:00 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-03 21:00 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-03 21:00 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-03 21:00 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-03 21:00 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-03 21:00 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-03 21:00 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-03 21:00 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-03 21:00 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-03 21:00 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-03 21:00 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-03 21:00 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-03 21:00 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-03 21:00 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-03 21:00 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-03 21:00 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-03 21:00 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-03 21:00 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-03 21:00 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-03 21:00 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-03 21:00 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-03 21:00 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-03 21:00 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-03 21:00 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-03 21:00 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-03 21:00 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-03 21:00 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-03 21:00 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-03 21:00 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-03 21:00 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-03 21:00 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-03 21:00 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-03 21:00 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-03 21:00 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-03 21:00 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-03 21:00 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-03 21:00 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-03 21:00 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-03 21:00 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-03 21:00 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-03 21:00 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-03 21:00 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-03 21:00 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-03 21:00 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-03 21:00 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-03 21:00 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-03 21:00 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-03 21:00 - 2015-05-09 05:27 - 03147776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-06-03 21:00 - 2015-05-09 05:27 - 02589184 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-06-03 21:00 - 2015-05-09 05:27 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-06-03 21:00 - 2015-05-09 05:27 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-06-03 21:00 - 2015-05-09 05:27 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-06-03 21:00 - 2015-05-09 05:27 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-06-03 21:00 - 2015-05-09 05:27 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-06-03 21:00 - 2015-05-09 05:26 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-06-03 21:00 - 2015-05-09 05:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-06-03 21:00 - 2015-05-09 05:26 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-06-03 21:00 - 2015-05-09 05:26 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-06-03 21:00 - 2015-05-09 05:14 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-06-03 21:00 - 2015-05-09 05:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-06-03 21:00 - 2015-05-09 05:14 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-06-03 21:00 - 2015-05-09 05:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-06-03 21:00 - 2015-05-09 05:13 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-06-03 00:24 - 2015-06-04 08:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-05-31 09:46 - 2015-06-04 07:40 - 00000000 ____D C:\Users\NAME\Documents\Turbo Lister Backup
2015-05-31 01:00 - 2015-06-06 18:09 - 00000840 _____ C:\Windows\setupact.log
2015-05-31 01:00 - 2015-05-31 01:00 - 00000000 _____ C:\Windows\setuperr.log
2015-05-30 10:44 - 2015-05-30 10:44 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2015-05-30 10:44 - 2015-05-30 10:44 - 00000000 ____D C:\Program Files\Realtek
2015-05-30 10:43 - 2000-01-01 02:00 - 02162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2015-05-30 10:43 - 2000-01-01 02:00 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2015-05-30 10:43 - 2000-01-01 02:00 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2015-05-30 10:43 - 2000-01-01 02:00 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2015-05-30 10:43 - 2000-01-01 02:00 - 00856992 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2015-05-30 10:43 - 2000-01-01 02:00 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2015-05-30 10:43 - 2000-01-01 02:00 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2015-05-30 10:43 - 2000-01-01 02:00 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2015-05-30 10:43 - 2000-01-01 02:00 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2015-05-30 10:43 - 2000-01-01 02:00 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2015-05-30 10:43 - 2000-01-01 02:00 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2015-05-30 10:43 - 2000-01-01 02:00 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2015-05-30 10:43 - 2000-01-01 02:00 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 72461312 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2015-05-30 10:42 - 2000-01-01 02:00 - 14048512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 12967680 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2015-05-30 10:42 - 2000-01-01 02:00 - 05234952 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 04270424 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-05-30 10:42 - 2000-01-01 02:00 - 03186544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 02860760 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 02827632 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-05-30 10:42 - 2000-01-01 02:00 - 01499984 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 01445764 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-05-30 10:42 - 2000-01-01 02:00 - 01411096 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 01360640 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 01313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 01287384 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 01136728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 01048824 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00995120 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00979280 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00959704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00922880 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00889592 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00724728 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00629464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00451096 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00366104 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00326680 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00326680 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00303776 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00246008 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2015-05-30 10:42 - 2000-01-01 02:00 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 06218072 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 01550528 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 00109848 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-05-30 10:41 - 2000-01-01 02:00 - 00096568 _____ C:\Windows\system32\audioLibVc.dll
2015-05-29 23:30 - 2015-05-29 23:30 - 00001668 _____ C:\Users\NAME\Desktop\FileLocator.lnk
2015-05-29 23:23 - 2015-05-29 23:23 - 00000000 ____D C:\Users\NAME\AppData\Roaming\Mythicsoft
2015-05-29 23:23 - 2015-05-29 23:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileLocator Lite
2015-05-29 23:23 - 2015-05-29 23:23 - 00000000 ____D C:\Program Files\Mythicsoft
2015-05-29 23:16 - 2015-05-29 23:21 - 00000000 ____D C:\ProgramData\Copernic
2015-05-29 22:54 - 2015-05-29 23:05 - 00001065 _____ C:\Users\NAME\Desktop\Start Tor Browser.lnk
2015-05-29 22:53 - 2015-05-29 22:53 - 00000000 ____D C:\ProgramData\SlimWare Utilities, Inc
2015-05-29 22:51 - 2015-05-29 22:51 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2015-05-29 22:51 - 2015-05-29 22:51 - 00000000 ____D C:\ProgramData\Documents\Downloaded Installers
2015-05-29 22:50 - 2015-05-29 22:50 - 00000828 _____ C:\Users\NAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2015-05-29 22:50 - 2015-05-29 22:50 - 00000000 ____D C:\Program Files\Tor Browser
2015-05-29 16:37 - 2015-05-29 16:37 - 00013157 _____ C:\Users\NAME\Desktop\Indizierungsoptionen.lnk
2015-05-29 16:10 - 2015-05-31 09:42 - 00000000 ____D C:\Indexordner
2015-05-25 17:30 - 2015-05-25 17:46 - 00000054 _____ C:\Users\NAME\Documents\default.dad
2015-05-23 17:02 - 2015-05-23 17:02 - 00000000 ____D C:\Users\NAME\Documents\StreamTransport
2015-05-20 06:50 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-05-17 11:39 - 2015-05-17 11:53 - 00000000 ____D C:\Program Files (x86)\SmartDVB
2015-05-17 09:17 - 2015-05-17 09:17 - 00000000 ____D C:\Users\NAME\Documents\Turbo Lister
2015-05-17 08:55 - 2015-05-17 08:55 - 00002045 _____ C:\Users\Public\Desktop\eBay Turbo Lister 2.lnk
2015-05-17 08:55 - 2015-05-17 08:55 - 00002045 _____ C:\ProgramData\Desktop\eBay Turbo Lister 2.lnk
2015-05-17 08:55 - 2015-05-17 08:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay
2015-05-17 08:55 - 2015-05-17 08:55 - 00000000 ____D C:\ProgramData\eBay
2015-05-17 08:55 - 2015-05-17 08:55 - 00000000 ____D C:\Program Files (x86)\eBay
2015-05-16 17:35 - 2015-05-16 17:35 - 00000000 _____ C:\autoexec.bat
2015-05-14 16:51 - 2015-06-06 17:39 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-14 16:51 - 2015-06-05 08:18 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-14 16:51 - 2015-05-14 16:51 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-05-14 16:51 - 2015-05-14 16:51 - 00001106 _____ C:\ProgramData\Desktop\ Malwarebytes Anti-Malware .lnk
2015-05-14 16:51 - 2015-05-14 16:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-05-14 16:51 - 2015-05-14 16:51 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-05-14 16:51 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-14 16:51 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-14 08:56 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 08:56 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 08:52 - 2015-04-21 16:33 - 14374400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-14 08:52 - 2015-04-21 16:33 - 13771776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-14 08:52 - 2015-04-21 16:33 - 02864640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-14 08:52 - 2015-04-21 16:33 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-14 08:52 - 2015-04-21 16:33 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-14 08:52 - 2015-04-21 16:33 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-14 08:52 - 2015-04-21 16:33 - 00690176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-14 08:52 - 2015-04-21 16:33 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-14 08:52 - 2015-04-21 16:33 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-14 08:52 - 2015-04-21 16:33 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-14 08:52 - 2015-04-21 16:33 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-14 08:52 - 2015-04-21 16:33 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-14 08:52 - 2015-04-21 16:33 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-14 08:52 - 2015-04-21 16:33 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-14 08:52 - 2015-04-21 16:33 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-05-14 08:52 - 2015-04-21 16:33 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-14 08:52 - 2015-04-21 16:33 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-14 08:52 - 2015-04-21 16:33 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-14 08:52 - 2015-04-21 16:33 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-14 08:52 - 2015-04-21 16:32 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-14 08:52 - 2015-04-21 15:53 - 02237440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-14 08:52 - 2015-04-21 15:53 - 01409536 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-14 08:52 - 2015-04-21 15:53 - 00601600 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-14 08:52 - 2015-04-21 15:53 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-14 08:52 - 2015-04-21 15:53 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-14 08:52 - 2015-04-21 15:52 - 19291136 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-14 08:52 - 2015-04-21 15:52 - 15414784 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-14 08:52 - 2015-04-21 15:52 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-14 08:52 - 2015-04-21 15:52 - 02656768 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-14 08:52 - 2015-04-21 15:52 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-14 08:52 - 2015-04-21 15:52 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-14 08:52 - 2015-04-21 15:52 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-14 08:52 - 2015-04-21 15:52 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-14 08:52 - 2015-04-21 15:52 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-14 08:52 - 2015-04-21 15:52 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-14 08:52 - 2015-04-21 15:52 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-14 08:52 - 2015-04-21 15:52 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-05-14 08:52 - 2015-04-21 15:52 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-14 08:52 - 2015-04-21 15:52 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-14 08:52 - 2015-04-21 15:52 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-14 08:52 - 2015-04-21 15:52 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-14 08:52 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-14 08:52 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-14 08:52 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-14 08:52 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-14 08:52 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-14 08:52 - 2015-04-18 05:06 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-14 08:52 - 2015-04-18 04:59 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-14 08:52 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-14 08:52 - 2015-04-18 04:37 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-14 08:52 - 2015-04-18 04:34 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-14 08:52 - 2015-04-18 04:12 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-05-14 08:52 - 2015-04-18 04:09 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-05-14 08:52 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-14 08:52 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-14 08:52 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-14 08:52 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-10 18:08 - 2015-05-10 18:08 - 00001488 _____ C:\Users\NAME\Desktop\Skype.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-09 21:58 - 2013-10-05 01:42 - 00000000 ____D C:\Users\NAME\AppData\Local\CrashDumps
2015-06-09 21:49 - 2011-07-13 23:16 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-09 21:43 - 2011-07-13 23:16 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-09 21:41 - 2012-08-23 10:52 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-09 21:10 - 2013-07-26 20:53 - 00000000 ____D C:\Users\NAME\AppData\Roaming\Skype
2015-06-09 20:49 - 2011-09-10 16:16 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{A9C5EE0F-E1FC-451A-8B1C-454518492B63}
2015-06-09 20:37 - 2015-02-16 20:20 - 00000000 ____D C:\Users\NAME\AppData\Local\9F983EEF-7CB2-41EA-959B-EBA701ABEDBA.aplzod
2015-06-09 19:19 - 2014-03-15 22:23 - 00000314 _____ C:\Windows\Tasks\MT66 Software Update.job
2015-06-09 10:48 - 2011-12-04 16:21 - 01153308 _____ C:\Windows\WindowsUpdate.log
2015-06-08 23:34 - 2014-11-15 13:58 - 00005132 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for PCBUERO-NAME PCBUERO
2015-06-08 08:02 - 2012-02-23 22:39 - 00000372 _____ C:\Windows\Tasks\Allway Sync_{4D5D44EA8CFE20E67E17FB2D2B9557A2}.job
2015-06-07 09:43 - 2014-08-29 10:41 - 00000000 __SHD C:\Users\NAME\wc
2015-06-07 03:04 - 2012-02-23 22:41 - 00000372 _____ C:\Windows\Tasks\Allway Sync_{4526EC8052B0DD6E9FE27029D0A8F297}.job
2015-06-07 02:03 - 2012-02-23 22:42 - 00000372 _____ C:\Windows\Tasks\Allway Sync_{4F0C1497E9A5A062AD06B978802E02AB}.job
2015-06-07 01:07 - 2012-02-15 08:23 - 00000372 _____ C:\Windows\Tasks\Allway Sync_{47DB885EEF89F1BFADE380163D5D1ABD}.job
2015-06-06 23:36 - 2009-07-14 06:45 - 00023264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-06 23:36 - 2009-07-14 06:45 - 00023264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-06 22:46 - 2014-08-23 18:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-06-06 18:11 - 2015-02-16 20:17 - 00000000 ___RD C:\Users\NAME\iCloudDrive
2015-06-06 18:11 - 2014-08-23 18:59 - 00000000 ___RD C:\Users\NAME\Google Drive
2015-06-06 18:11 - 2013-09-30 23:58 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-06-06 18:09 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-06 18:07 - 2015-03-01 15:06 - 00000000 ____D C:\AdwCleaner
2015-06-06 03:54 - 2015-04-15 08:14 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-06-05 22:15 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-06-05 22:13 - 2011-05-10 01:35 - 00000000 ____D C:\Users\NAME\AppData\Roaming\KeePass
2015-06-05 22:04 - 2011-05-10 20:52 - 00000000 ____D C:\ProgramData\TEMP
2015-06-04 15:17 - 2009-07-14 19:58 - 00705952 _____ C:\Windows\system32\perfh007.dat
2015-06-04 15:17 - 2009-07-14 19:58 - 00152262 _____ C:\Windows\system32\perfc007.dat
2015-06-04 15:17 - 2009-07-14 07:13 - 01638820 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-04 10:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-04 08:49 - 2014-08-14 14:35 - 00000000 ____D C:\Users\NAME\AppData\Local\Adobe
2015-06-04 08:49 - 2012-08-23 10:52 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-04 08:49 - 2012-04-13 22:48 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-04 08:49 - 2011-05-20 09:26 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-04 08:42 - 2013-01-31 22:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-04 08:41 - 2014-12-10 07:47 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-04 08:41 - 2014-04-22 20:05 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-04 08:41 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-03 23:45 - 2011-07-13 23:16 - 00000000 ____D C:\Program Files (x86)\Google
2015-05-31 20:51 - 2011-05-10 00:05 - 00000000 ____D C:\Users\NAME\AppData\Local\FRITZ!
2015-05-31 16:04 - 2014-01-18 15:33 - 00000000 ____D C:\ProgramData\Acronis
2015-05-30 11:26 - 2011-05-10 01:30 - 00000000 ____D C:\Users\NAME\AppData\Roaming\vlc
2015-05-30 10:45 - 2013-07-07 12:50 - 00000000 ___HD C:\Program Files (x86)\Temp
2015-05-30 10:41 - 2011-05-09 22:56 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-05-29 15:44 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-05-26 21:39 - 2013-07-26 20:53 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-05-25 15:09 - 2011-05-09 22:53 - 00000000 ____D C:\Users\NAME
2015-05-24 09:31 - 2014-11-15 13:33 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-05-22 19:27 - 2011-05-10 20:17 - 00000000 ____D C:\ProgramData\Skype
2015-05-16 21:38 - 2011-07-13 23:16 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-16 21:38 - 2011-07-13 23:16 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-16 17:48 - 2011-05-09 23:41 - 00000000 ____D C:\Windows\Panther
2015-05-15 13:05 - 2015-03-21 17:40 - 00002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2015-05-15 13:05 - 2015-03-21 17:40 - 00002210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2015-05-15 13:05 - 2015-03-21 17:40 - 00002049 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2015-05-14 16:37 - 2014-11-10 23:55 - 00001404 _____ C:\Users\Public\Desktop\Avast.lnk
2015-05-14 16:37 - 2014-11-10 23:55 - 00001404 _____ C:\ProgramData\Desktop\Avast.lnk
2015-05-14 09:22 - 2012-04-13 22:27 - 00541872 _____ C:\Windows\system32\FNTCACHE.DAT
2015-05-14 09:20 - 2014-12-10 21:34 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-14 09:20 - 2014-12-10 21:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-14 09:19 - 2009-07-14 20:18 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-14 09:05 - 2013-08-15 03:02 - 00000000 ____D C:\Windows\system32\MRT
2015-05-14 08:59 - 2011-05-12 22:38 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-14 08:56 - 2014-12-10 21:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-10 18:07 - 2014-12-25 23:56 - 00025035 _____ C:\Windows\SysWOW64\msrsb04.dll
2015-05-10 18:06 - 2014-12-25 23:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iDevice Manager

==================== Files in the root of some directories =======

2012-02-05 10:42 - 2012-02-05 11:13 - 0000121 _____ () C:\Users\NAME\AppData\Roaming\Camdata.ini
2012-02-05 10:42 - 2012-02-05 11:13 - 0000408 _____ () C:\Users\NAME\AppData\Roaming\CamLayout.ini
2012-02-05 10:42 - 2012-02-05 11:13 - 0000408 _____ () C:\Users\NAME\AppData\Roaming\CamShapes.ini
2014-01-22 23:53 - 2014-01-22 23:54 - 0000005 _____ () C:\Users\NAME\AppData\Roaming\mbam.context.scan
2015-04-24 23:14 - 2015-04-24 23:54 - 0000627 _____ () C:\Users\NAME\AppData\Roaming\Requiem.log
2011-05-10 01:40 - 2014-08-18 19:51 - 0035628 _____ () C:\Users\NAME\AppData\Roaming\Rim.Desktop.Exception.log
2011-05-10 01:40 - 2014-08-20 23:00 - 0011770 _____ () C:\Users\NAME\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2011-09-11 13:55 - 2014-08-18 19:51 - 0027027 _____ () C:\Users\NAME\AppData\Roaming\Rim.DesktopHelper.Exception.log
2012-06-08 00:08 - 2012-07-27 09:36 - 0002695 _____ () C:\Users\NAME\AppData\Roaming\Rim.Transcoder.Exception.log
2013-11-03 13:48 - 2013-11-03 13:48 - 0013883 _____ () C:\Users\NAME\AppData\Roaming\UserTile.png
2011-09-14 23:31 - 2012-06-17 16:47 - 0123122 _____ () C:\Users\NAME\AppData\Local\ars.cache
2011-09-14 23:31 - 2012-06-17 16:47 - 0933511 _____ () C:\Users\NAME\AppData\Local\census.cache
2011-05-17 23:08 - 2015-04-20 21:19 - 0018432 _____ () C:\Users\NAME\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-09-14 23:21 - 2011-09-14 23:21 - 0000036 _____ () C:\Users\NAME\AppData\Local\housecall.guid.cache
2011-12-29 00:57 - 2012-05-03 22:41 - 0000605 _____ () C:\Users\NAME\AppData\Local\process.log
2014-10-25 13:09 - 2014-10-25 13:09 - 0001672 _____ () C:\Users\NAME\AppData\Local\recently-used.xbel
2011-06-30 16:00 - 2015-03-29 22:18 - 0007604 _____ () C:\Users\NAME\AppData\Local\Resmon.ResmonCfg
2014-07-25 22:39 - 2014-07-25 22:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2011-05-10 20:22 - 2011-05-10 20:22 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2011-05-10 21:27 - 2011-08-23 22:08 - 0003269 _____ () C:\ProgramData\hpzinstall.log
2013-09-29 12:17 - 2013-09-29 13:33 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

Files to move or delete:
====================
C:\Users\Public\IK_PosLen.dat
C:\Users\Public\VR-IBAN-Konverter.dat


Some files in TEMP:
====================
C:\Users\NAME\AppData\Local\Temp\Quarantine.exe
C:\Users\NAME\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-03 00:48

==================== End of log ============================

schrauber · 10.06.2015, 16:46

Java updaten.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

C:\Indexordner\NAME\Software- und Softwaresicherungen\Rendering\Setup_FreeVideoConverter(1).exe

C:\Indexordner\NAME\Software- und Softwaresicherungen\Streaming\TVersitySetup_1_9_3.exe
Tcpip\..\Interfaces\{ECCA7DF3-97D5-4CE0-9D74-741776634C45}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Frisches FRST log bitte.

09.06.2015, 20:24	#13
schrauber /// the machine /// TB-Ausbilder	Avast meldet "schädliche Webseite blockiert " - svchost und weiter __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Avast meldet "schädliche Webseite blockiert " - svchost

Plagegeister aller Art und deren Bekämpfung: Avast meldet "schädliche Webseite blockiert " - svchost