JollyWallet, Coupon Werbung und unsichtbare Links in Chrome

RVD85 · 27.07.2015, 12:46

Guten Tag,

wie die Überschrift sagt, habe ich so meine Probleme im Chrome Browser. Zu den Symptomen:

JollyWallet und Coupon Werbung poppt auf bestimmten Seiten auf. Die Seiten laden erst ganz normal und dann sieht man wie der ganze Mist nachgeladen wird. Außerdem scheine ich willkürlich auf alle Seiten einen unsichtbaren Layer mit Link auf andere Seiten zu bekommen, so dass sich die Seiten öffnen, sobald ich irgendwo hin klicke. Da werde ich dann teilweise 4 mal direkt hintereinander weitergeleitet.

Ich habe keinen Schimmer, wo ich mir das eingefangen haben könnte, ich habe lediglich ein Java Update in den letzten Tagen gemacht, sonst gar nichts installiert oder so. Ich finde auch nirgendwo ein Programm auf dem System, genau so wenig eine Erweiterung oder Extension in Chrome. ADWCleaner und Junkware Removal Tool hab ich beides mal laufen lassen, die haben auch einiges gefunden und gelöscht, was sich so anhört, als wäre es für meinen Spuk hier verantwortlich, aber gebessert oder geändert hat sich nichts.

Bin da gerade recht ratlos, was ich da noch tun soll. Bringt Chrome zurücksetzen oder neu installieren etwas?

M-K-D-B · 27.07.2015, 12:57

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

M-K-D-B · 27.07.2015, 12:58

Zitat:

Zitat von Warlord711

menno

RVD85 · 27.07.2015, 15:55

Also wenn ich FRST herunter laden will, wird mir die letzte Seite zum Download (hxxp://download.bleepingcomputer.com/farbar/FRST64.exe) von Chrome geblockt. Chrome sagt mir, da befinden sich schädliche Programme. Ignoriere ich das, löscht es mir Chrome nach dem Download sofort, bzw blockiert ihn.

Hierie FRST.txt Log Datei

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:26-07-2015
durchgeführt von Admin (Administrator) auf LIVINGROOM (27-07-2015 16:37:15)
Gestartet von C:\Users\Admin\Desktop
Geladene Profile: Admin (Verfügbare Profile: Admin & Dori)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Advanced Micro Devices, Inc.) I:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(DATA BECKER GmbH & Co KG) C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
() I:\Program Files\ShrewSoft\VPN Client\dtpd.exe
(DTS) C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
() I:\Program Files\ShrewSoft\VPN Client\iked.exe
() I:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(O&O Software GmbH) I:\Program Files\OO Software\Defrag\oodag.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Seagate Technology LLC) I:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(ASUSTeK Computer Inc.) C:\Users\Admin\ASUS\AI Suite\AI Suite II\AsRoutineController.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(TomTom) I:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareTray.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Valve Corporation) I:\Program Files (x86)\Steam\Steam.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Samsung) I:\Program Files (x86)\Kies\Kies.exe
(Unified Intents AB) I:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
() I:\Program Files (x86)\Launchy\Launchy.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Dropbox, Inc.) C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
(ASUSTeK Computer Inc.) C:\Users\Admin\ASUS\AI Suite\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc.) C:\Users\Admin\ASUS\AI Suite\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Users\Admin\ASUS\AI Suite\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Gembird Europe B.V.) I:\Program Files (x86)\Gembird\Power Manager\pm.exe
(ZF Electronics GmbH) I:\Program Files (x86)\Cherry\KeyMan\KeyMan.exe
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Advanced Micro Devices Inc.) I:\Program Files\AMD\ATI.ACE\Core-Static\MOM.exe
(ZF Electronics GmbH) I:\Program Files (x86)\Cherry\CDI\cdi.exe
(Advanced Micro Devices Inc.) I:\Program Files\AMD\ATI.ACE\Core-Static\CCC.exe
(ZF Electronics GmbH) C:\Program Files (x86)\Common Files\Cherry\Common\kbdhook64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Valve Corporation) I:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
() I:\Program Files (x86)\SABnzbd\SABnzbd.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) I:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Users\Dori\AppData\Local\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7560296 2011-12-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-24] (CANON INC.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [7406392 2012-11-29] (Logitech Inc.)
HKLM\...\Run: [OODefragTray] => I:\Program Files\OO Software\Defrag\oodtray.exe
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [Power Manager] => I:\Program Files (x86)\Gembird\Power Manager\pm.exe [10043392 2010-12-09] (Gembird Europe B.V.)
HKLM-x32\...\Run: [CherryKeyMan] => I:\Program Files (x86)\Cherry\KeyMan\KeyMan.exe [258100 2009-07-29] (ZF Electronics GmbH)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [140640 2010-03-02] (CANON INC.)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [StartCCC] => I:\Program Files\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-06-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [708496 2015-04-20] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3730344 2015-07-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKU\S-1-5-21-500210103-394823293-4185795276-1000\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44544 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-500210103-394823293-4185795276-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22012688 2015-06-20] (Google)
HKU\S-1-5-21-500210103-394823293-4185795276-1000\...\Run: [Steam] => I:\Program Files (x86)\Steam\steam.exe [2895552 2015-07-24] (Valve Corporation)
HKU\S-1-5-21-500210103-394823293-4185795276-1000\...\Run: [Google Update] => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-19] (Google Inc.)
HKU\S-1-5-21-500210103-394823293-4185795276-1000\...\Run: [DAEMON Tools Lite] => I:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3478336 2012-01-24] (DT Soft Ltd)
HKU\S-1-5-21-500210103-394823293-4185795276-1000\...\Run: [KiesPDLR] => I:\Program Files (x86)\Kies\External\FirmwareUpdate\KiesPDLR.exe [843568 2014-05-28] (Samsung)
HKU\S-1-5-21-500210103-394823293-4185795276-1000\...\Run: [KiesPreload] => I:\Program Files (x86)\Kies\Kies.exe [1563440 2014-05-28] (Samsung)
HKU\S-1-5-21-500210103-394823293-4185795276-1000\...\Run: [Unified Remote V3] => I:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe [4205776 2015-03-21] (Unified Intents AB)
HKU\S-1-5-21-500210103-394823293-4185795276-1000\...\Run: [Dropbox Update] => C:\Users\Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-20] (Dropbox, Inc.)
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012-01-26]
ShortcutTarget: Dropbox.lnk -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launchy.lnk [2012-01-15]
ShortcutTarget: Launchy.lnk -> I:\Program Files (x86)\Launchy\Launchy.exe ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-07-07] (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ATTENTION

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKU\S-1-5-21-500210103-394823293-4185795276-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKLM -> {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fR9JlWm-ZsY5JeD_2W7SpKI-ZjDf0b2-WI2YzZCfMnzgySGbesVqibSqni18DXtuK3oGuupu87Co8LS5qQ50JP6g2a13tdsu4lWiGGRPzKOElnNf6c15PSzE_qRon9yVxEi5rFMwoF9mcopgOaZFDvygZrsvgHfHmT7xHMJQer1bSZBZ&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-500210103-394823293-4185795276-1000 -> {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-13] (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (CANON INC.)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-13] (Advanced Micro Devices)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> I:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> I:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Microsoft-Webtestaufzeichnung 10.0-Hilfsprogramm -> {DDA57003-0068-4ed2-9D32-4D1EC707D94D} -> C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2010-03-19] (Microsoft Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)
Toolbar: HKU\S-1-5-21-500210103-394823293-4185795276-1000 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  Keine Datei
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - I:\Program Files (x86)\AVG\AVG2012\avgpp.dll Keine Datei
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0BEBD939-8AE5-4899-9639-03587D2994CF}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{1E3AB28C-61E6-4230-89A0-4DC7DCD53725}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{3B12CA59-DD93-43EF-B982-DADDB917290C}: [NameServer] 141.99.2.2,141.99.1.12
Tcpip\..\Interfaces\{F290B9ED-8147-463F-A2DA-056CD7A0CEE2}: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ix0ui9a2.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-18] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-18] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> I:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2012-03-06] ()
FF Plugin-x32: @canon.com/EPPEX -> I:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-04-14] (CANON INC.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2013-08-28] (DivX, LLC)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> I:\PROGRA~3\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> I:\PROGRA~3\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-18] (Google Inc.)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.19 -> I:\Program Files (x86)\Veetle\plugins\npVeetle.dll [2012-01-14] (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> I:\Program Files (x86)\Veetle\Player\npvlc.dll [2012-01-14] (Veetle Inc)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> I:\Program Files (x86)\VLC\npvlc.dll [2013-04-11] (VideoLAN)
FF Plugin HKU\S-1-5-21-500210103-394823293-4185795276-1000: @acestream.net/acestreamplugin,version=2.2.4-next -> C:\Users\Admin\AppData\Roaming\ACEStream\player\npace_plugin.dll Keine Datei
FF Plugin HKU\S-1-5-21-500210103-394823293-4185795276-1000: @protectdisc.com/NPPDLicenseHelper -> C:\Users\Admin\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll [2009-06-25] ( )
FF Plugin HKU\S-1-5-21-500210103-394823293-4185795276-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-500210103-394823293-4185795276-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-18] (Google Inc.)
FF Extension: YouTube Unblocker - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ix0ui9a2.default\Extensions\youtubeunblocker@unblocker.yt [2015-04-20]
FF Extension: Download videos and MP3s from YouTube - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ix0ui9a2.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} [2014-12-18]
FF Extension: YouTube mp3 - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ix0ui9a2.default\Extensions\info@youtube-mp3.org.xpi [2015-02-24]
FF Extension: Search Player - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ix0ui9a2.default\Extensions\{762f7e46-54a5-4ff3-bf85-db0dd64a8c25}.xpi [2015-04-25]
FF Extension: {9d10929f-a4e5-4e4c-992c-2bdd7b01c19e} - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ix0ui9a2.default\Extensions\{9d10929f-a4e5-4e4c-992c-2bdd7b01c19e}.xpi [2014-11-30]
FF HKU\S-1-5-21-500210103-394823293-4185795276-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF HKU\S-1-5-21-500210103-394823293-4185795276-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-12-18]
StartMenuInternet: FIREFOX.EXE - C:\Users\Dori\AppData\Local\Mozilla Firefox\firefox.exe

Chrome: 
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2014-11-29]
CHR Extension: (VLC for YouTube™) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ablmclcliiiegfmpbkfhnhipoejclmel [2013-07-06]
CHR Extension: (Youtube Video Downloader) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajcdokmfhjckfhjdgjhdcjpmjgnihkad [2013-07-06]
CHR Extension: (Lucidchart Diagrams - Online) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apboafhkiegglekeafbckfjldecefkhn [2014-11-06]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-05]
CHR Extension: (ColorZilla) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2015-01-18]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-05-04]
CHR Extension: (Firebug Lite for Google Chrome™) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench [2012-12-05]
CHR Extension: (Adblock Plus) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2012-03-14]
CHR Extension: (Webpage Screenshot) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki [2012-03-14]
CHR Extension: (Google Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-05-04]
CHR Extension: (Mendeley Web Importer) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcekngoadbakijofhmkeddpbeagodnmj [2012-05-03]
CHR Extension: (Axure RP Extension for Chrome) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dogkpdfcklifaemcdfbildhcofnopogp [2015-02-09]
CHR Extension: (Zotero Connector) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2014-06-12]
CHR Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2012-03-14]
CHR Extension: (Ggoal) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gchpchgegkdmbbhdikfmplpllehnfnmk [2012-12-01]
CHR Extension: (The QR Code Generator) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcmhlmapohffdglflokbgknlknnmogbb [2012-03-14]
CHR Extension: (Full Screen Flash) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejijbmhbanhbllpkhfojmimfolkjgdl [2014-11-06]
CHR Extension: (What's My Page Rank?) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjdlgkedhmidgicfpepbdbdkhbfeoekn [2012-12-29]
CHR Extension: (TinEye Reverse Image Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2012-08-27]
CHR Extension: (Picnik Extension for Chrome) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcifofgaphfkfdcjbdogpamghiihilkl [2012-03-14]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2012-03-14]
CHR Extension: (Bitly 
 Unleash the power of the link) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic [2012-03-14]
CHR Extension: (Yulia Brodskaya) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgdloilieclkegafohackmhffbmdpko [2014-03-22]
CHR Extension: (Show Just Image 2) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkmfdgbckjnonfaeppcjoacnnfncain [2012-03-14]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (muube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfkbedgidedjmehpinfglihpnakiogac [2012-12-25]
CHR Extension: (Explain and Send Screenshots) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdddabjhelpilpnpgondfmehhcplpiin [2012-03-14]
CHR Extension: (Kein Name) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim [2015-07-27]
CHR Extension: (SEO Webpage Analysis Tool) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfhheamcohgngngnmpckfgcfmdabmno [2012-12-29]
CHR Extension: (Pinner for Pinterest) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndiedfldbpmieeknpleihpglnhgonlni [2013-08-13]
CHR Extension: (Kein Name) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nknonnojlmhnmjhpeokdbeineeajcemh [2015-07-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR Extension: (Better Pop Up Blocker) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpeeekfhbmikbdhlpjbfmnpgcbeggic [2013-10-30]
CHR Extension: (Show Apps in new tab) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nohbdifokmdgjcbbeobglcbaifinhfip [2014-03-22]
CHR Extension: (G+me for Google Plus™) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacdcllhgpddmlnhajiacfakhlilbicp [2012-03-14]
CHR Extension: (Adblock Pro) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2013-10-30]
CHR Extension: (SABconnect++) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\okphadhbbjadcifjplhifajfacbkkbod [2014-11-06]
CHR Extension: (ChopChop) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pblooemobkabfekpcecennnbfekjcadg [2012-12-25]
CHR Extension: (Google Reader) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjjhlfkghdhmijklfnahfkpgmhcmfgcm [2012-10-24]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-05-04]
CHR HKU\S-1-5-21-500210103-394823293-4185795276-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Admin\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-04]
CHR HKU\S-1-5-21-500210103-394823293-4185795276-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [heoldelcflnigdllmlopiefhkkobendj] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [ochbjojkpcmlfeagbaahkofepalngihg] - No Path Or update_url value
StartMenuInternet: Google Chrome - C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; I:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-06-22] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [922240 2011-10-07] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [915584 2011-10-07] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2011-10-07] ()
S2 avgfws; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [1528432 2015-07-07] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3518376 2015-07-07] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [314304 2015-07-07] (AVG Technologies CZ, s.r.o.)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [Datei ist nicht signiert]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R3 Cherry Device Interface; I:\Program Files (x86)\Cherry\CDI\cdi.exe [585774 2009-05-28] (ZF Electronics GmbH) [Datei ist nicht signiert]
R2 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [2650112 2010-05-28] (DATA BECKER GmbH & Co KG) [Datei ist nicht signiert]
R2 dtpd; I:\Program Files\ShrewSoft\VPN Client\dtpd.exe [56592 2010-10-08] ()
R2 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [210024 2011-05-31] (DTS)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
R2 iked; I:\Program Files\ShrewSoft\VPN Client\iked.exe [957712 2010-10-08] ()
R2 ipsecd; I:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [697616 2010-10-08] ()
S2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareService.exe [716664 2015-06-24] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 Microsoft SharePoint Workspace Audit Service; I:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [30814400 2013-12-19] (Microsoft Corporation)
R2 MSSQL$JTLWAWI; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
R2 OODefragAgent; I:\Program Files\OO Software\Defrag\oodag.exe [1656616 2013-12-16] (O&O Software GmbH)
S3 Origin Client Service; I:\Spiele\Origin\OriginClientService.exe [1910640 2015-03-15] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-05-29] ()
R2 PSI_SVC_2_x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
S3 SandraAgentSrv; I:\Program Files\SiSoftware\SiSoftware Sandra Business 2012.SP1\RpcAgentSrv.exe [95896 2008-12-12] (SiSoftware) [Datei ist nicht signiert]
R2 Seagate Dashboard Services; I:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [14528 2012-07-02] (Seagate Technology LLC)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2011-06-16] (Microsoft Corporation) [Datei ist nicht signiert]
R2 TomTomHOMEService; I:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [92592 2012-04-20] (TomTom)
S4 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [14407384 2014-10-29] ()
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1195920 2015-07-23] ()

==================== Drivers (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [138360 2012-01-29] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [138360 2012-01-29] (SlySoft, Inc.)
R2 AODDriver4.3; I:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2011-10-07] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-10-07] (MCCI Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [67552 2015-04-14] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [293296 2015-06-26] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [253408 2015-05-12] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [259040 2015-06-16] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [226784 2015-06-10] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [281568 2015-05-12] (AVG Technologies CZ, s.r.o.)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-02-02] (DT Soft Ltd)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-10-30] () [Datei ist nicht signiert]
S3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-22] (AVM GmbH)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66360 2012-10-03] (Logitech Inc.)
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 SANDRA; I:\Program Files\SiSoftware\SiSoftware Sandra Business 2012.SP1\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [452040 2015-01-22] (BitDefender S.R.L.)
R3 uvhid; C:\Windows\System32\DRIVERS\uvhid.sys [25592 2015-03-21] (Windows (R) Win 7 DDK provider)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2014-10-16] (Cisco Systems, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 NLNdisMP; system32\DRIVERS\nlndis.sys [X]
S3 NLNdisPT; system32\DRIVERS\nlndis.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
U4 SR; No ImagePath
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-07-27 16:37 - 2015-07-27 16:37 - 00044723 _____ C:\Users\Admin\Desktop\FRST.txt
2015-07-27 16:36 - 2015-07-27 16:37 - 00000000 ____D C:\FRST
2015-07-27 16:32 - 2015-07-27 16:32 - 02146816 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2015-07-27 14:09 - 2015-07-27 14:09 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Admin\Desktop\tdsskiller.exe
2015-07-27 13:06 - 2015-07-27 13:06 - 00114358 _____ C:\Users\Admin\Desktop\JRT.txt
2015-07-27 04:48 - 2015-07-27 12:33 - 00002896 _____ C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
2015-07-27 04:48 - 2015-07-27 12:33 - 00002896 _____ C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-07-27 04:48 - 2015-07-27 04:48 - 00000000 ____D C:\Users\Admin\AppData\Roaming\LavasoftStatistics
2015-07-27 04:48 - 2015-06-08 14:13 - 00428880 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2015-07-27 04:48 - 2015-06-08 14:13 - 00348488 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2015-07-27 04:47 - 2015-07-27 13:23 - 00002321 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2015-07-27 04:47 - 2015-07-27 13:00 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Lavasoft
2015-07-27 04:47 - 2015-07-27 04:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-07-27 04:47 - 2015-07-27 04:47 - 00000000 ____D C:\Program Files\Lavasoft
2015-07-27 04:45 - 2015-07-27 04:45 - 00000000 ____D C:\Program Files\Common Files\Lavasoft
2015-07-27 04:44 - 2015-07-27 13:00 - 00000000 ____D C:\ProgramData\Lavasoft
2015-07-27 03:11 - 2015-07-27 13:21 - 00000000 ____D C:\AdwCleaner
2015-07-26 20:34 - 2015-07-26 20:34 - 01522728 _____ C:\Windows\Minidump\072615-31621-01.dmp
2015-07-23 07:45 - 2015-07-23 07:45 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-22 12:12 - 2015-07-22 12:12 - 00001342 _____ C:\Users\Admin\Desktop\Knuddels.de.lnk
2015-07-22 12:12 - 2015-07-22 12:12 - 00000000 ____D C:\Program Files\Java
2015-07-21 08:56 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 08:56 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 08:56 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 08:56 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 08:56 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 08:56 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 08:56 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 08:56 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 08:56 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 08:56 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-18 20:03 - 2015-07-18 20:03 - 00062779 _____ C:\Windows\SysWOW64\CCCInstall_201507182003112237.log
2015-07-18 20:03 - 2015-07-18 20:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-07-18 20:00 - 2015-07-09 19:59 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-18 20:00 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-18 20:00 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-18 20:00 - 2015-07-09 19:58 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-18 20:00 - 2015-07-09 19:58 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-18 20:00 - 2015-07-09 19:58 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-18 20:00 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-18 20:00 - 2015-07-09 19:58 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-18 20:00 - 2015-07-09 19:58 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-18 20:00 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-18 20:00 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-18 20:00 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-18 20:00 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-18 20:00 - 2015-07-09 19:58 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-18 20:00 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-18 20:00 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-18 20:00 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-18 20:00 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-18 20:00 - 2015-07-09 19:50 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-18 20:00 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-18 20:00 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-18 20:00 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-18 20:00 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-18 20:00 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-18 20:00 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-18 20:00 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-18 20:00 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-18 20:00 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-18 20:00 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-18 20:00 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-18 20:00 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-18 20:00 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-18 20:00 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-18 20:00 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-18 20:00 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-18 20:00 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-18 20:00 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-18 20:00 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-18 20:00 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-18 20:00 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-18 20:00 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-18 20:00 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-18 20:00 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-18 20:00 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-18 20:00 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-18 20:00 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-18 20:00 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-18 20:00 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-18 20:00 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-18 20:00 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-18 20:00 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-18 20:00 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-18 20:00 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-18 20:00 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-18 20:00 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-18 20:00 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-18 20:00 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-18 20:00 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-18 20:00 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-18 20:00 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-18 20:00 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-18 20:00 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-18 20:00 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-18 20:00 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-18 20:00 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-18 20:00 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-18 20:00 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-18 20:00 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-18 20:00 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-18 20:00 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-18 20:00 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-18 20:00 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-18 20:00 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-18 20:00 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-18 20:00 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-18 20:00 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-18 20:00 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-18 20:00 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-18 20:00 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-18 20:00 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-18 20:00 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-18 20:00 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-18 20:00 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-18 20:00 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-18 20:00 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-18 20:00 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-18 20:00 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-18 20:00 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-18 20:00 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-18 20:00 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-18 20:00 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-18 20:00 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-18 20:00 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-18 20:00 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-18 20:00 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-18 20:00 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-18 20:00 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-18 20:00 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-18 20:00 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-18 20:00 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-18 20:00 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-18 20:00 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-18 20:00 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-18 20:00 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-18 20:00 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-18 20:00 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-18 20:00 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-18 20:00 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-18 20:00 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-18 20:00 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-18 20:00 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-18 20:00 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-18 20:00 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-18 20:00 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-18 20:00 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-18 20:00 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-18 20:00 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-18 20:00 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-18 20:00 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-18 20:00 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-18 20:00 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-18 20:00 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-18 20:00 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-18 20:00 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-18 20:00 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-18 20:00 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-18 20:00 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-18 20:00 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-18 20:00 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-18 20:00 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-18 20:00 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-18 20:00 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-18 20:00 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-18 20:00 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-18 20:00 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-18 20:00 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-18 20:00 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-18 20:00 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-18 20:00 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-18 20:00 - 2015-06-11 19:56 - 01112576 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-18 20:00 - 2015-06-11 19:16 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-07-18 20:00 - 2015-06-11 19:15 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-07-18 20:00 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-18 20:00 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-18 20:00 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-18 20:00 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-18 20:00 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-18 20:00 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-18 20:00 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-18 20:00 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-18 20:00 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-18 20:00 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-18 19:54 - 2015-07-18 19:54 - 00000000 ____D C:\Users\Admin\AppData\Roaming\AVG2015
2015-07-18 19:53 - 2015-07-27 14:01 - 00000000 ____D C:\Program Files\Common Files\AV
2015-07-18 19:53 - 2015-07-18 19:53 - 00000981 _____ C:\Users\Public\Desktop\AVG 2015.lnk
2015-07-18 19:52 - 2015-07-24 09:41 - 00000000 ____D C:\ProgramData\AVG2015
2015-07-18 19:52 - 2015-07-18 19:52 - 00000000 ____D C:\Program Files (x86)\AVG
2015-06-29 19:00 - 2015-06-29 19:00 - 00000219 _____ C:\Users\Admin\Desktop\Counter-Strike Global Offensive.url

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-07-27 16:34 - 2012-01-14 00:14 - 01720345 _____ C:\Windows\WindowsUpdate.log
2015-07-27 16:26 - 2012-10-02 23:22 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-27 16:26 - 2012-01-14 02:10 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-500210103-394823293-4185795276-1000UA.job
2015-07-27 16:24 - 2015-06-20 00:13 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-500210103-394823293-4185795276-1000UA.job
2015-07-27 16:03 - 2012-01-14 23:13 - 00000000 ____D C:\ProgramData\MFAData
2015-07-27 15:54 - 2012-09-07 10:34 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-27 15:39 - 2009-07-14 06:45 - 00026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-27 15:39 - 2009-07-14 06:45 - 00026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-27 14:01 - 2015-03-10 14:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-07-27 13:28 - 2011-04-12 09:43 - 00855206 _____ C:\Windows\system32\perfh007.dat
2015-07-27 13:28 - 2011-04-12 09:43 - 00209274 _____ C:\Windows\system32\perfc007.dat
2015-07-27 13:28 - 2009-07-14 07:13 - 02032322 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-27 13:24 - 2015-06-20 00:13 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-500210103-394823293-4185795276-1000Core.job
2015-07-27 13:24 - 2015-01-19 01:51 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2015-07-27 13:24 - 2012-02-05 16:46 - 00000000 ____D C:\Windows\pss
2015-07-27 13:23 - 2015-03-19 18:46 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Raptr
2015-07-27 13:23 - 2015-01-18 23:49 - 00000000 ____D C:\ProgramData\VMware
2015-07-27 13:23 - 2012-10-02 23:22 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-27 13:23 - 2012-01-26 01:54 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Dropbox
2015-07-27 13:22 - 2010-11-21 05:47 - 02358410 _____ C:\Windows\PFRO.log
2015-07-27 13:22 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-27 13:22 - 2009-07-14 06:51 - 00203044 _____ C:\Windows\setupact.log
2015-07-27 13:18 - 2012-01-17 01:42 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-07-27 13:18 - 2012-01-17 01:41 - 00000000 ____D C:\ProgramData\Adobe
2015-07-27 12:44 - 2014-11-22 05:21 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-27 04:32 - 2015-03-24 09:19 - 00000000 ____D C:\ProgramData\Unified Remote
2015-07-27 04:30 - 2014-11-07 13:43 - 00029683 _____ C:\Windows\SysWOW64\debug.log
2015-07-27 04:19 - 2012-01-28 14:33 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Skype
2015-07-27 03:03 - 2012-01-14 00:14 - 00000000 ____D C:\Users\Admin
2015-07-26 20:34 - 2012-01-30 15:59 - 00000000 ____D C:\Windows\Minidump
2015-07-25 12:03 - 2015-04-07 01:34 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-23 20:26 - 2012-01-14 02:10 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-500210103-394823293-4185795276-1000Core.job
2015-07-23 17:53 - 2012-01-14 11:01 - 00000000 ____D C:\Users\Admin\AppData\Roaming\vlc
2015-07-23 13:26 - 2014-11-07 13:42 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2015-07-22 12:12 - 2014-11-22 05:23 - 00001346 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Knuddels.de.lnk
2015-07-22 12:12 - 2014-11-22 05:23 - 00001342 _____ C:\Users\Dori\Desktop\Knuddels.de.lnk
2015-07-22 12:09 - 2013-11-10 07:42 - 00000000 ____D C:\ProgramData\Oracle
2015-07-22 04:36 - 2012-01-15 01:07 - 00000000 ____D C:\Users\Admin\AppData\Roaming\foobar2000
2015-07-21 13:10 - 2009-07-14 06:45 - 00429888 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-20 20:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-20 14:44 - 2012-01-19 04:22 - 00000000 ____D C:\ProgramData\CanonIJPLM
2015-07-19 21:38 - 2014-11-07 13:42 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2015-07-19 13:19 - 2015-06-20 00:13 - 00004198 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-500210103-394823293-4185795276-1000UA
2015-07-19 13:19 - 2015-06-20 00:13 - 00003802 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-500210103-394823293-4185795276-1000Core
2015-07-19 03:35 - 2015-04-07 01:34 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-19 03:35 - 2014-12-12 08:08 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-19 03:35 - 2014-05-06 22:22 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-19 03:35 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-19 03:16 - 2012-01-14 23:34 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-19 03:11 - 2013-08-14 03:00 - 00000000 ____D C:\Windows\system32\MRT
2015-07-19 01:32 - 2012-10-02 23:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-07-18 20:54 - 2012-09-07 10:34 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-18 20:54 - 2012-09-07 10:34 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-18 20:54 - 2012-01-19 05:40 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-18 20:46 - 2012-01-28 14:33 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-18 20:46 - 2012-01-28 14:33 - 00000000 ____D C:\ProgramData\Skype
2015-07-18 20:21 - 2012-10-02 23:22 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-18 20:21 - 2012-10-02 23:22 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-18 20:21 - 2012-01-14 02:10 - 00004094 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-500210103-394823293-4185795276-1000UA
2015-07-18 20:21 - 2012-01-14 02:10 - 00003698 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-500210103-394823293-4185795276-1000Core
2015-07-18 20:03 - 2015-03-19 18:46 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-07-18 20:02 - 2012-03-15 03:18 - 00000000 ____D C:\Program Files\AMD
2015-07-18 20:02 - 2012-03-15 03:17 - 00000000 ____D C:\ProgramData\AMD
2015-07-18 19:54 - 2012-08-28 16:20 - 00000000 ___HD C:\$AVG
2015-07-18 19:47 - 2012-08-12 14:18 - 00000000 ____D C:\AMD
2015-07-06 16:40 - 2015-03-16 18:42 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Audacity
2015-07-03 23:36 - 2012-01-15 00:47 - 00646551 _____ C:\Windows\DirectX.log
2015-07-03 08:43 - 2012-01-15 22:58 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2012-01-16 00:29 - 2012-03-15 03:47 - 11296768 _____ () C:\Users\Admin\AppData\Roaming\Sandra.mdb
2013-04-24 00:01 - 2013-04-24 00:01 - 0026900 _____ () C:\Users\Admin\AppData\Local\dt.dat
2015-03-25 15:02 - 2015-03-25 15:02 - 0007605 _____ () C:\Users\Admin\AppData\Local\Resmon.ResmonCfg
2015-01-29 00:18 - 2015-01-29 00:18 - 0000032 RSHOT () C:\Users\Admin\AppData\Local\t70rc.dat
2012-02-09 05:32 - 2014-08-28 10:49 - 0000124 ___SH () C:\ProgramData\.zreglib

==================== Bamital & volsnap Check =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe
[2011-06-16 19:09] - [2011-06-18 01:30] - 2871808 ____A (Microsoft Corporation) 5740B1555D51D56547043181789027A5

C:\Windows\SysWOW64\explorer.exe
[2011-06-16 19:09] - [2011-06-18 01:35] - 2616320 ____A (Microsoft Corporation) 88B413E78ADB75A062AB947C1BF6D49A

C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-07-23 14:47

==================== Ende von log ============================

RVD85 · 27.07.2015, 15:56

die addition.txt

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:26-07-2015
durchgeführt von Admin an 2015-07-27 16:37:58
Gestartet von C:\Users\Admin\Desktop
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Admin (S-1-5-21-500210103-394823293-4185795276-1000 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-500210103-394823293-4185795276-500 - Administrator - Disabled)
Dori (S-1-5-21-500210103-394823293-4185795276-1002 - Limited - Enabled) => C:\Users\Dori
Gast (S-1-5-21-500210103-394823293-4185795276-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-500210103-394823293-4185795276-1012 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: AVG Internet Security 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security 2015 (Disabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-PDF Split & Merge Version 2.0.3 (Build 264) (HKLM-x32\...\7-PDF Split & Merge_is1) (Version: 7-PDF Split & Merge - Version 2.0.3 (Build 264) - 7-PDF, Germany - Thorsten Hodes)
ABBYY PDF Transformer+ (HKLM\...\{FA400000-0001-6400-0000-074957833700}) (Version: 4.1.241 - ABBYY Production LLC)
abgx360 v1.0.6 (HKLM-x32\...\abgx360) (Version:  - )
Ad-Aware Antivirus (HKLM\...\{A041066D-37EF-46FC-9DF7-465A07F1C5CF}_AdAwareUpdater) (Version: 11.7.485.8398 - Lavasoft)
AdAwareInstaller (Version: 11.7.485.8398 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.7.485.8398 - Lavasoft) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 1.02.03 - ASUSTeK Computer Inc.)
AMD Catalyst Install Manager (HKLM\...\{14D58A97-B60E-A858-34D8-95469C02F7EC}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AntimalwareEngine (Version: 3.0.98.0 - Lavasoft) Hidden
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.0.0.0 - SlySoft)
Apple Application Support (HKLM-x32\...\{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}) (Version: 2.1.7 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}) (Version: 5.1.1.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Verifier (x64) (HKLM\...\{361A49FA-59B3-49FB-8C3E-08AF3EA5791A}) (Version: 4.0.917 - Microsoft Corporation)
ARIS Express (HKLM-x32\...\{1252F398-5142-4D81-AD31-8B0204C26E8C}) (Version: 1.00 - Ihr Firmenname)
Ashampoo Burning Studio 14 v.14.0.1 (HKLM-x32\...\{91B33C97-7BCF-CDFE-4321-58EBF3E8641C}_is1) (Version: 14.0.1 - Ashampoo GmbH & Co. KG)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.1.0 - Asmedia Technology)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6086 - AVG Technologies)
AVG 2015 (Version: 15.0.4401 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.6086 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.1.5.143 - AVG Technologies)
Avidemux 2.5 (HKLM-x32\...\Avidemux 2.5 (64-bit)) (Version: 2.5.6.7716 - )
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version:  - AVM Berlin)
Axure RP Pro 7.0 (HKLM-x32\...\Axure RP Pro 7.0) (Version: 7.0.0.3174 - Axure Software Solutions, Inc.)
Axure RP Pro 7.0 (x32 Version: 7.0.0.3174 - Axure Software Solutions, Inc.) Hidden
Balsamiq Mockups For Desktop (HKLM-x32\...\BalsamiqMockupsForDesktop.EDE15CF69E11F7F7D45B5430C7D37CC6C3545E3C.1) (Version: 2.2.6 - Balsamiq, SRL)
Balsamiq Mockups For Desktop (x32 Version: 2.2.6 - Balsamiq, SRL) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version:  - )
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Canon MG5200 series Benutzerregistrierung (HKLM-x32\...\Canon MG5200 series Benutzerregistrierung) (Version:  - )
Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version:  - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version:  - )
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.08009 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.08009 - Cisco Systems, Inc.) Hidden
CloneCD (HKLM-x32\...\CloneCD) (Version:  - SlySoft)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.2.8 - Elaborate Bytes)
Corel PaintShop Pro X7  (HKLM-x32\...\_{176F50D6-6857-49CE-B731-65F757EE3F0D}) (Version: 17.0.0.199 - Corel Corporation)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.0.0.0 - Electronic Arts)
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.2.0287 - DT Soft Ltd)
DATA BECKER BewerbungsGenie 7 (HKLM-x32\...\BewerbungsGenie 7_is1) (Version: 6.0.10.49 - DATA BECKER GmbH & Co. KG)
Dear Esther (HKLM-x32\...\Dear Esther_is1) (Version:  - )
Debugging Tools for Windows (x64) (HKLM\...\{7F2E5C3B-DBDF-469D-AD8D-F686D3B71176}) (Version: 6.11.1.404 - Microsoft Corporation)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.84 - DivX, LLC)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve )
Dropbox (HKU\S-1-5-21-500210103-394823293-4185795276-1000\...\Dropbox) (Version: 3.6.9 - Dropbox, Inc.)
EA Sports FIFA World (HKLM-x32\...\{8F9AC744-EEF6-43DB-A4B6-FA1A18F1C640}) (Version: 7.0.0.47449 - Electronic Arts, Inc.)
FINAL FANTASY VII (HKLM-x32\...\Steam App 39140) (Version:  - Square Enix)
FINAL FANTASY VIII (HKLM-x32\...\Steam App 39150) (Version:  - SQUARE ENIX)
foobar2000 v1.1.10 (HKLM-x32\...\foobar2000) (Version: 1.1.10 - Peter Pawlowski)
Football Manager 2014 version 14.1.4 (HKLM-x32\...\Football Manager 2014_is1) (Version: 14.1.4 - Sega)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free YouTube to MP3 Converter version 3.12.50.1122 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.50.1122 - DVDVideoSoft Ltd.)
GanttProject (HKLM-x32\...\GanttProject) (Version:  - )
Geometry Wars 3 Dimensions (HKLM-x32\...\Geometry Wars 3 Dimensions_is1) (Version:  - )
Google Chrome (HKU\S-1-5-21-500210103-394823293-4185795276-1000\...\Google Chrome) (Version: 44.0.2403.107 - Google Inc.)
Google Drive (HKLM-x32\...\{6EA8B94E-D869-4D96-88DF-5E1ECE1D6876}) (Version: 1.23.9648.8824 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
HashCheck Shell Extension (x86-32) (HKLM-x32\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
HashCheck Shell Extension (x86-64) (HKLM\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
Hotfix für Microsoft Team Foundation Server 2010-Objektmodell - DEU (KB2890573) (HKLM-x32\...\{A1F50E06-E514-393D-AAEB-2F989F0B7C68}.KB2890573) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2010 Ultimate - DEU (KB2529927) (HKLM-x32\...\{4135C790-0387-36D7-9C2A-1B09A5900460}.KB2529927) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2010 Ultimate - DEU (KB2548139) (HKLM-x32\...\{4135C790-0387-36D7-9C2A-1B09A5900460}.KB2548139) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2010 Ultimate - DEU (KB2549864) (HKLM-x32\...\{4135C790-0387-36D7-9C2A-1B09A5900460}.KB2549864) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2010 Ultimate - DEU (KB2635973) (HKLM-x32\...\{4135C790-0387-36D7-9C2A-1B09A5900460}.KB2635973) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2010 Ultimate - DEU (KB2890573) (HKLM-x32\...\{4135C790-0387-36D7-9C2A-1B09A5900460}.KB2890573) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2010 Ultimate - DEU (KB3002340) (HKLM-x32\...\{4135C790-0387-36D7-9C2A-1B09A5900460}.KB3002340) (Version: 1 - Microsoft Corporation)
ICA (x32 Version: 17.0.0.199 - Corel Corporation) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.6.0 - LIGHTNING UK!)
IPM_PSP_COM64 (Version: 17.0.0.199 - Corel Corporation) Hidden
iTunes (HKLM\...\{CF8FFD12-602B-422D-AF1D-511B411E7632}) (Version: 10.6.1.7 - Apple Inc.)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader Packages (HKU\S-1-5-21-500210103-394823293-4185795276-1000\...\JDownloader Packages) (Version:  - ) <==== ATTENTION
KeyMan V4.0 Build 5 (HKLM-x32\...\{DC627AE5-A2B1-4D16-AF56-178D10EC3E81}) (Version: 4.0.0.5 - ZF Electronics GmbH)
K-Lite Codec Pack 8.1.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.1.0 - )
KProbe 2.5.2 (HKLM-x32\...\KProbe) (Version:  - )
Launchy 2.5 (HKLM-x32\...\Launchy_21344213_is1) (Version:  - Code Jelly)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Logitech Gaming Software 8.40 (HKLM\...\Logitech Gaming Software) (Version: 8.40.83 - Logitech Inc.)
Logitech Vid (HKLM-x32\...\{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}) (Version: 1.10.1009 - Logitech Inc.)
Logitech Webcam Software (HKLM\...\{987FE247-4E69-4A2E-A961-D14F901FDBF6}) (Version: 12.10.1113 - Logitech Inc.)
Logitech Webcam Software-Treiberpaket (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - DEU (HKLM-x32\...\{E4E9CBC9-1CF5-48E3-AF6F-1AB44A856346}) (Version: 2.0.50331.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - DEU (HKLM-x32\...\{31C3C6EA-E991-405F-A3AA-2C070CCCC47C}) (Version: 2.0.50331.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK - Deutsch (HKLM-x32\...\{91F54E1D-804A-46D8-A56C-53EA9C4B3177}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK - Deutsch (HKLM-x32\...\{803910CC-3A39-45E3-A594-0D5512A60A86}) (Version: 4.0.50826.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{8325FD0C-2FDB-46C3-921A-3A78385EA972}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (x64) (HKLM\...\{5ADA62BD-2FC0-4ECE-93AA-C933E69B2AB5}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL-Sprachdienst (HKLM-x32\...\{BB1E119E-CF4B-4183-910E-A8C2B379F2C6}) (Version: 10.50.1752.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework (HKLM-x32\...\{919E5477-D20B-4F64-AE8B-8199469F7817}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Projekt (HKLM-x32\...\{103A5E44-DD5B-46D5-AD1E-9DF2260CA023}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7C39E0D1-E138-42B1-B083-213EC2CF7692}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C668416A-9213-4058-B7F2-01A42D85559D}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{0D432429-C79C-462D-ABD8-4D82B83A954B}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) de (HKLM\...\{7AC5FFA7-6815-4AED-B16D-8E0D7CC4B221}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 de (HKLM-x32\...\{08DA8E46-ED67-451A-9246-50E0FF6959C9}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) de (HKLM\...\{EF9A1373-9238-4E11-8FF8-7B83996F5BE5}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) de (HKLM\...\{11EB3D68-A5BE-43EA-8D31-43B08ADB0DA4}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft Team Foundation Server 2010-Objektmodell - DEU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319 (HKLM\...\{95A2AD24-BD44-3E39-A31F-CE928276577E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ Compilers 2008 Standard Edition - enu - x64 (HKLM\...\{965DF723-5688-359E-84D2-417CAFE644B5}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ Compilers 2008 Standard Edition - enu - x86 (HKLM-x32\...\{44D9A2CB-0692-3180-B5E2-26F4E807D067}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime Language Pack - DEU (HKLM-x32\...\{681F4E9F-34E0-36BD-BF2C-100554E403A5}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 IntelliTrace Collection (x64) (HKLM\...\{E1C1D175-C23E-38F4-9AC1-ABE5167022CF}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Ultimate - DEU (HKLM-x32\...\Microsoft Visual Studio 2010 Ultimate - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools - DEU Language Pack (HKLM-x32\...\Microsoft Visual Studio Macro Tools - DEU Language Pack) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Windows SDK for Windows 7 (7.0) (HKLM\...\SDKSetup_7.0.7600.16385.40715) (Version: 7.0.7600.16385.40715 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Middle Earth Shadow of Mordor (HKLM-x32\...\Middle Earth Shadow of Mordor_is1) (Version:  - )
Might & Magic Heroes VI (HKLM-x32\...\{745D37C2-26F4-4B65-BA13-F9840EBFA75B}) (Version: 1.1 - Ubisoft)
MKVToolNix 6.2.0 (HKLM-x32\...\MKVToolNix) (Version: 6.2.0 - Moritz Bunkus)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0.2 - Mozilla)
MyFreeCodec (HKU\S-1-5-21-500210103-394823293-4185795276-1000\...\MyFreeCodec) (Version:  - )
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.2 - F.J. Wechselberger)
Nmap 5.51 (HKLM-x32\...\Nmap) (Version:  - )
No23 Recorder (HKLM-x32\...\No23 Recorder) (Version: 2.1.0.3 - No23)
No23 Recorder (x32 Version: 2.1.0.3 - No23) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.3 - Notepad++ Team)
O&O Defrag Professional (HKLM\...\{C34D47BA-7A0E-4AFE-954B-254CCABCC032}) (Version: 17.0.490 - O&O Software GmbH)
One Finger Death Punch (HKLM-x32\...\Steam App 264200) (Version:  - Silver Dollar Games)
Ontrack EasyRecovery Professional (HKLM-x32\...\InstallShield_{268723B7-A994-4286-9F85-B974D5CAFC7B}) (Version: 6.22.01 - Kroll Ontrack Inc.)
Ontrack EasyRecovery Professional (x32 Version: 6.22.01 - Kroll Ontrack Inc.) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.3.10.4710 - Electronic Arts, Inc.)
Pesgalaxy.com Patch 2015 (HKLM-x32\...\Pesgalaxy.com Patch 2015 4.00) (Version: 4.00 - Pesgalaxy)
Pesgalaxy.com Patch 2015 DLC Installer (HKLM-x32\...\Pesgalaxy.com Patch 2015 DLC Installer 4.00) (Version: 4.00 - Pesgalaxy)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
Power Manager (HKLM-x32\...\{CA2CE23E-6751-4828-AF8B-66EA06E697F6}) (Version: 4.0.2.1 - Gembird Electronics Ltd.)
Pro Evolution Soccer 2015 (HKLM-x32\...\Steam App 287680) (Version:  - KONAMI Digital Entertainment)
Project CARS (HKLM-x32\...\UHJvamVjdENBUlM=_is1) (Version: 1 - )
Protect Disc License Helper 1.0.125 (IE) (HKU\S-1-5-21-500210103-394823293-4185795276-1000\...\Protect Disc License Helper) (Version: 1.0.125 - Protect Disc)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
PSPPContent (x32 Version: 17.0.0.199 - Corel Corporation) Hidden
PSPPHelp (x32 Version: 17.0.0.199 - Corel Corporation) Hidden
PSPPro64 (Version: 17.0.0.199 - Corel Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QIP 2012 4.0.7058 (HKU\S-1-5-21-500210103-394823293-4185795276-1000\...\QIP 2012) (Version: 4.0.7058 - )
Quake Live (HKLM-x32\...\Steam App 282440) (Version:  - id Software)
QuickMark (HKLM-x32\...\{53B0213C-CC0C-4340-90BF-BFC7D3FE5BB4}) (Version: 3.8.0 - SimpleAct)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.43.321.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6526 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.42 - Piriform)
Rogue Legacy (HKLM-x32\...\Steam App 241600) (Version:  - Cellar Door Games)
Rosetta Stone Version 3 (HKLM-x32\...\{80F7CA44-F3A5-4853-8BA6-DDF57CD4F078}) (Version: 3.4.7.0 - Rosetta Stone Ltd.)
SABnzbd 0.7.20 (HKLM-x32\...\SABnzbd) (Version: 0.7.20 - The SABnzbd Team)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.2.0.12014_18 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.2.0.12014_18 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.43.0 - SAMSUNG Electronics Co., Ltd.)
Seagate Dashboard 2.0 (HKLM-x32\...\{43C423D9-E6D6-4607-ADC9-EBB54F690C57}) (Version: 2.0.3602.0 - Seagate)
Service Pack 1 für SQL Server 2008 (KB 968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Setup (x32 Version: 17.0.0.199 - Ihr Firmenname) Hidden
Shrew Soft VPN Client (HKLM\...\Shrew Soft VPN Client) (Version:  - )
Sicherheitsupdate für Microsoft Visual Studio 2010 Ultimate - DEU (KB2645410) (HKLM-x32\...\{4135C790-0387-36D7-9C2A-1B09A5900460}.KB2645410) (Version: 1 - Microsoft Corporation)
Sid Meiers Civilization Beyond Earth (HKLM-x32\...\U2lkTWVpZXJzQ2l2aWxpemF0aW9uQmV5b25kRWFydGg=_is1) (Version: 1 - )
SiSoftware Sandra Business 2012.SP1 (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1) (Version: 18.24.2012.1 - SiSoftware)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
SnapaShot Pro 4.0.5.0 (HKLM-x32\...\{CC4A651E-C818-4089-8307-6764AFF04D2E}) (Version: 4.0.50 - NiceKit)
SopCast 3.4.8 (HKLM-x32\...\SopCast) (Version: 3.4.8 - www.sopcast.com)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Sweet Home 3D version 4.3 (HKLM\...\Sweet Home 3D_is1) (Version:  - eTeks)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)
The Elder Scrolls V - Skyrim (HKLM-x32\...\The Elder Scrolls V - Skyrim_is1) (Version:  - )
The Elder Scrolls V Skyrim - High Resolution Texture Pack (HKLM-x32\...\The Elder Scrolls V Skyrim - High Resolution Texture Pack_is1) (Version:  - )
The Witcher 2 (HKLM-x32\...\{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}) (Version: 1.00.0000 - CD Projekt Red)
The Witcher 3 Wild Hunt Version 1.02 (HKLM-x32\...\{0E0E1973-8765-48CD-8CB8-5F3C050A3404}_is1) (Version: 1.02 - Rapid Games)
TomTom HOME 2.8.4.2596 (HKLM-x32\...\TomTom HOME) (Version: 2.8.4.2596 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Tor 0.2.3.25 (HKLM-x32\...\Tor) (Version:  - )
TreeSize Professional V5.5.3 (HKLM-x32\...\TreeSize Professional_is1) (Version: 5.5.3 - JAM Software)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unified Remote (HKLM-x32\...\{415B4714-4F8C-49C6-B310-881EAF892CFB}_is1) (Version: 3.2.4 - Unified Intents AB)
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM-x32\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.5000.00 - Microsoft Corporation)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Veetle TV (HKLM-x32\...\Veetle TV) (Version: 0.9.19 - Veetle, Inc)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 Prerequisites - English (HKLM\...\{53952792-BF16-300E-ADF2-E7E4367E00CF}) (Version: 10.0.40219 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.6 (HKLM-x32\...\VLC media player) (Version: 2.0.6 - VideoLAN)
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 10.0.4 - VMware, Inc)
VMware Workstation (Version: 10.0.4 - VMware, Inc.) Hidden
WCF RIA Services V1.0 SP1 (HKLM-x32\...\{D9E6001A-5DC3-4620-AF7A-80B6CD48645D}) (Version: 4.1.60114.0 - Microsoft Corporation)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
WhoCrashed 4.01 (HKLM\...\WhoCrashed_is1) (Version:  - Resplendence Software Projects Sp.)
Wichtiges Update für Microsoft Visual Studio 2010 Ultimate - DEU (KB2938807) (HKLM-x32\...\{4135C790-0387-36D7-9C2A-1B09A5900460}.KB2938807) (Version: 1 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.3-0 - Bitnami)
Zotero Standalone 4.0.20 (x86 en-US) (HKLM-x32\...\Zotero Standalone 4.0.20 (x86 en-US)) (Version: 4.0.20 - Zotero)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-500210103-394823293-4185795276-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-500210103-394823293-4185795276-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-500210103-394823293-4185795276-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-500210103-394823293-4185795276-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-500210103-394823293-4185795276-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-500210103-394823293-4185795276-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-500210103-394823293-4185795276-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-500210103-394823293-4185795276-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-500210103-394823293-4185795276-1000_Classes\CLSID\{DDD5A6D8-BC35-305A-CDA1-5139EBA1CE52}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-500210103-394823293-4185795276-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-500210103-394823293-4185795276-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-500210103-394823293-4185795276-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-500210103-394823293-4185795276-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-500210103-394823293-4185795276-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-500210103-394823293-4185795276-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-500210103-394823293-4185795276-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-500210103-394823293-4185795276-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-500210103-394823293-4185795276-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-500210103-394823293-4185795276-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-500210103-394823293-4185795276-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll Keine Datei

==================== Wiederherstellungspunkte =========================

27-07-2015 04:44:58 AA11
27-07-2015 04:47:46 LavasoftWeCompanion
27-07-2015 12:40:11 JavaFX 2.1.1 wird entfernt
27-07-2015 12:40:43 Removed Java 8 Update 25
27-07-2015 12:42:55 Removed Java 8 Update 25 (64-bit)
27-07-2015 12:44:24 Removed Java 8 Update 51
27-07-2015 12:58:12 JRT Pre-Junkware Removal
27-07-2015 13:00:14 LavasoftWeCompanion
27-07-2015 13:17:57 Removed Adobe Reader X (10.1.15) - Deutsch.
27-07-2015 13:59:41 Installed AVG 2015

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {09B9908D-D194-4062-BB17-CCC08ACFFA71} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Users\Admin\ASUS\AI Suite\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-10] ()
Task: {2139FE22-776F-49BA-9F18-B9BE87211895} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-01-19] ()
Task: {263CB289-3979-4C47-ABE3-D6C71ABD2B0B} - System32\Tasks\Admin Merge => I:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2012-07-02] (Seagate Technology LLC)
Task: {3681667D-0AAF-4DA0-A1A9-D1AF1116F664} - System32\Tasks\Admin DBAgent 2 0 => I:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2012-07-02] (Seagate Technology LLC)
Task: {560509F5-4ECB-4FD3-9413-49A9FFD716A8} - System32\Tasks\Admin => I:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2012-07-02] (Seagate Technology LLC)
Task: {5BBDA84B-B6B2-4904-BB1D-CA75E17968AE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-14] (Google Inc.)
Task: {87CDCEA4-96CC-4E23-B459-E79786CE5865} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-06-08] (Oracle Corporation)
Task: {9BF13928-B45D-4102-954F-212A6CFCAF17} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-500210103-394823293-4185795276-1000UA => C:\Users\Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {9FE20538-AF2E-43B7-BC62-E4FF8C1375F9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-14] (Google Inc.)
Task: {A108CDCA-2014-446B-A1C3-A491BF7E6674} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-500210103-394823293-4185795276-1000Core => C:\Users\Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {DD5AFC66-F422-4A21-9334-F00676F16DAE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-18] (Adobe Systems Incorporated)
Task: {E2820C24-A83B-49E2-A05E-0DBF50EB303F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-500210103-394823293-4185795276-1000Core => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {EFEAFE41-75F4-48DF-9ADF-6B6752EC9528} - System32\Tasks\{BBD87979-BAB0-4CD4-A69B-D1BA0B897D68} => Chrome.exe hxxp://ui.skype.com/ui/0/7.2.0.103/de/abandoninstall?page=tsMain
Task: {F3D994EE-1EB3-48F9-A952-C99F0EFFF69C} - System32\Tasks\elbyExecuteWithUAC => I:\Program Files (x86)\Elaborate Bytes\CloneDVD2\ExecuteWithUAC.exe [2008-06-27] ()
Task: {FD8D8F91-0314-4AE8-8EDC-3B0FDC02A92F} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Users\Admin\ASUS\AI Suite\AI Suite II\AsRoutineController.exe [2010-11-26] (ASUSTeK Computer Inc.)
Task: {FF0DD1DB-6294-45E6-9493-1D8E036FD7D1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-500210103-394823293-4185795276-1000UA => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-500210103-394823293-4185795276-1000Core.job => C:\Users\Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-500210103-394823293-4185795276-1000UA.job => C:\Users\Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-500210103-394823293-4185795276-1000Core.job => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-500210103-394823293-4185795276-1000UA.job => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-06-23 00:24 - 2015-07-23 13:26 - 01195920 _____ () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2015-06-22 21:37 - 2015-06-22 21:37 - 00214528 _____ () I:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () I:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () I:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2012-01-24 21:42 - 2011-10-07 12:34 - 00922240 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
2012-01-24 21:42 - 2011-10-07 12:34 - 00915584 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
2012-01-24 21:43 - 2011-10-07 12:35 - 00586880 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
2010-10-08 07:18 - 2010-10-08 07:18 - 00056592 _____ () I:\Program Files\ShrewSoft\VPN Client\dtpd.exe
2010-09-02 09:24 - 2010-09-02 09:24 - 00017920 _____ () I:\Program Files\ShrewSoft\VPN Client\libith.dll
2010-09-02 09:24 - 2010-09-02 09:24 - 00019456 _____ () I:\Program Files\ShrewSoft\VPN Client\libdtp.dll
2010-09-02 09:24 - 2010-09-02 09:24 - 00026624 _____ () I:\Program Files\ShrewSoft\VPN Client\libidb.dll
2010-09-02 09:24 - 2010-09-02 09:24 - 00013312 _____ () I:\Program Files\ShrewSoft\VPN Client\liblog.dll
2010-09-02 09:24 - 2010-09-02 09:24 - 00035328 _____ () I:\Program Files\ShrewSoft\VPN Client\libvflt.dll
2010-09-02 09:24 - 2010-09-02 09:24 - 00119296 _____ () I:\Program Files\ShrewSoft\VPN Client\libip.dll
2012-01-31 20:06 - 2010-04-05 12:55 - 00116104 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2010-10-08 07:18 - 2010-10-08 07:18 - 00957712 _____ () I:\Program Files\ShrewSoft\VPN Client\iked.exe
2010-09-02 09:24 - 2010-09-02 09:24 - 00028160 _____ () I:\Program Files\ShrewSoft\VPN Client\libike.dll
2010-09-02 09:25 - 2010-09-02 09:25 - 00040448 _____ () I:\Program Files\ShrewSoft\VPN Client\libvnet.dll
2010-09-02 09:24 - 2010-09-02 09:24 - 00030720 _____ () I:\Program Files\ShrewSoft\VPN Client\libpfk.dll
2010-10-08 07:18 - 2010-10-08 07:18 - 00697616 _____ () I:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
2014-05-29 02:54 - 2014-05-29 02:54 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-06-24 19:18 - 2015-06-24 19:18 - 02790408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareShellExtension.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 03480032 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\RCF.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 00122904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\boost_filesystem-vc120-mt-1_58.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 00025616 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\boost_system-vc120-mt-1_58.dll
2014-05-12 11:49 - 2014-05-12 11:49 - 00222720 _____ () I:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 09549808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareTray.exe
2015-06-24 19:18 - 2015-06-24 19:18 - 00056856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\boost_date_time-vc120-mt-1_58.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 00107536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\boost_thread-vc120-mt-1_58.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 00034832 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\boost_chrono-vc120-mt-1_58.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 00492048 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\boost_locale-vc120-mt-1_58.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 02266104 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\HtmlFramework.dll
2015-06-24 19:18 - 2015-06-24 19:18 - 00868360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareTrayDefaultSkin.dll
2012-01-15 00:15 - 2010-11-10 20:38 - 00380928 _____ () I:\Program Files (x86)\Launchy\Launchy.exe
2013-08-29 02:23 - 2013-08-29 02:23 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2015-06-22 21:37 - 2015-06-22 21:37 - 00102400 _____ () I:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2012-02-03 21:28 - 2015-02-04 13:42 - 00104960 _____ () I:\Program Files (x86)\SABnzbd\SABnzbd.exe
2015-04-20 17:46 - 2015-04-20 17:46 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2012-02-20 21:29 - 2012-02-20 21:29 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 21:28 - 2012-02-20 21:28 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-01-24 21:42 - 2015-07-27 13:22 - 00033280 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.14\PEbiosinterface32.dll
2012-01-24 21:42 - 2011-10-07 12:34 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.14\ATKEX.dll
2014-10-29 16:01 - 2014-10-29 16:01 - 01261272 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2014-01-11 23:28 - 2015-07-03 18:12 - 00778240 _____ () I:\Program Files (x86)\Steam\SDL2.dll
2015-01-20 06:18 - 2015-07-03 18:12 - 04962816 _____ () I:\Program Files (x86)\Steam\v8.dll
2015-01-20 06:18 - 2015-07-03 18:12 - 01556992 _____ () I:\Program Files (x86)\Steam\icui18n.dll
2015-01-20 06:18 - 2015-07-03 18:12 - 01187840 _____ () I:\Program Files (x86)\Steam\icuuc.dll
2014-05-22 14:04 - 2015-07-24 01:24 - 02410176 _____ () I:\Program Files (x86)\Steam\video.dll
2014-08-29 06:36 - 2014-12-01 23:31 - 02396672 _____ () I:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 06:36 - 2014-12-01 23:31 - 00442880 _____ () I:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 06:36 - 2014-12-01 23:31 - 00479744 _____ () I:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 06:36 - 2014-12-01 23:31 - 00332800 _____ () I:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-29 06:36 - 2014-12-01 23:31 - 00485888 _____ () I:\Program Files (x86)\Steam\libswscale-3.dll
2013-02-15 14:08 - 2015-07-24 01:23 - 00703168 _____ () I:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-27 13:23 - 2015-07-27 13:23 - 00098816 _____ () G:\Temp\_MEI56242\win32api.pyd
2015-07-27 13:23 - 2015-07-27 13:23 - 00110080 _____ () G:\Temp\_MEI56242\pywintypes27.dll
2015-07-27 13:23 - 2015-07-27 13:23 - 00364544 _____ () G:\Temp\_MEI56242\pythoncom27.dll
2015-07-27 13:23 - 2015-07-27 13:23 - 00045568 _____ () G:\Temp\_MEI56242\_socket.pyd
2015-07-27 13:23 - 2015-07-27 13:23 - 01161216 _____ () G:\Temp\_MEI56242\_ssl.pyd
2015-07-27 13:23 - 2015-07-27 13:23 - 00320512 _____ () G:\Temp\_MEI56242\win32com.shell.shell.pyd
2015-07-27 13:23 - 2015-07-27 13:23 - 00713216 _____ () G:\Temp\_MEI56242\_hashlib.pyd
2015-07-27 13:23 - 2015-07-27 13:23 - 01175040 _____ () G:\Temp\_MEI56242\wx._core_.pyd
2015-07-27 13:23 - 2015-07-27 13:23 - 00805888 _____ () G:\Temp\_MEI56242\wx._gdi_.pyd
2015-07-27 13:23 - 2015-07-27 13:23 - 00811008 _____ () G:\Temp\_MEI56242\wx._windows_.pyd
2015-07-27 13:23 - 2015-07-27 13:23 - 01062400 _____ () G:\Temp\_MEI56242\wx._controls_.pyd
2015-07-27 13:23 - 2015-07-27 13:23 - 00735232 _____ () G:\Temp\_MEI56242\wx._misc_.pyd
2015-07-27 13:23 - 2015-07-27 13:23 - 00682496 _____ () G:\Temp\_MEI56242\pysqlite2._sqlite.pyd
2015-07-27 13:23 - 2015-07-27 13:23 - 00087552 _____ () G:\Temp\_MEI56242\_ctypes.pyd
2015-07-27 13:23 - 2015-07-27 13:23 - 00119808 _____ () G:\Temp\_MEI56242\win32file.pyd
2015-07-27 13:23 - 2015-07-27 13:23 - 00108544 _____ () G:\Temp\_MEI56242\win32security.pyd
2015-07-27 13:23 - 2015-07-27 13:23 - 00007168 _____ () G:\Temp\_MEI56242\hashobjs_ext.pyd
2015-07-27 13:23 - 2015-07-27 13:23 - 00068096 _____ () G:\Temp\_MEI56242\usb_ext.pyd
2015-07-27 13:23 - 2015-07-27 13:23 - 00167936 _____ () G:\Temp\_MEI56242\win32gui.pyd
2015-07-27 13:23 - 2015-07-27 13:23 - 00018432 _____ () G:\Temp\_MEI56242\win32event.pyd
2015-07-27 13:23 - 2015-07-27 13:23 - 00128512 _____ () G:\Temp\_MEI56242\_elementtree.pyd
2015-07-27 13:23 - 2015-07-27 13:23 - 00127488 _____ () G:\Temp\_MEI56242\pyexpat.pyd
2015-07-27 13:23 - 2015-07-27 13:23 - 00013824 _____ () G:\Temp\_MEI56242\common.time34.pyd
2015-07-27 13:23 - 2015-07-27 13:23 - 00036864 _____ () G:\Temp\_MEI56242\_psutil_windows.pyd
2015-07-27 13:23 - 2015-07-27 13:23 - 00038912 _____ () G:\Temp\_MEI56242\win32inet.pyd
2015-07-27 13:23 - 2015-07-27 13:23 - 00011264 _____ () G:\Temp\_MEI56242\win32crypt.pyd
2015-07-27 13:23 - 2015-07-27 13:23 - 00070656 _____ () G:\Temp\_MEI56242\wx._html2.pyd
2015-07-27 13:23 - 2015-07-27 13:23 - 00027136 _____ () G:\Temp\_MEI56242\_multiprocessing.pyd
2015-07-27 13:23 - 2015-07-27 13:23 - 00020480 _____ () G:\Temp\_MEI56242\_yappi.pyd
2015-07-27 13:23 - 2015-07-27 13:23 - 00035840 _____ () G:\Temp\_MEI56242\win32process.pyd
2015-07-27 13:23 - 2015-07-27 13:23 - 00686080 _____ () G:\Temp\_MEI56242\unicodedata.pyd
2015-07-27 13:23 - 2015-07-27 13:23 - 00122368 _____ () G:\Temp\_MEI56242\wx._wizard.pyd
2015-07-27 13:23 - 2015-07-27 13:23 - 00024064 _____ () G:\Temp\_MEI56242\win32pipe.pyd
2015-07-27 13:23 - 2015-07-27 13:23 - 00010240 _____ () G:\Temp\_MEI56242\select.pyd
2015-07-27 13:23 - 2015-07-27 13:23 - 00025600 _____ () G:\Temp\_MEI56242\win32pdh.pyd
2015-07-27 13:23 - 2015-07-27 13:23 - 00525640 _____ () G:\Temp\_MEI56242\windows._lib_cacheinvalidation.pyd
2015-07-27 13:23 - 2015-07-27 13:23 - 00017408 _____ () G:\Temp\_MEI56242\win32profile.pyd
2015-07-27 13:23 - 2015-07-27 13:23 - 00022528 _____ () G:\Temp\_MEI56242\win32ts.pyd
2015-07-27 13:23 - 2015-07-27 13:23 - 00078336 _____ () G:\Temp\_MEI56242\wx._animate.pyd
2012-01-15 00:15 - 2009-12-16 23:13 - 08314880 _____ () I:\Program Files (x86)\Launchy\QtGui4.dll
2012-01-15 00:15 - 2009-12-16 22:54 - 02236416 _____ () I:\Program Files (x86)\Launchy\QtCore4.dll
2012-01-15 00:15 - 2009-12-16 22:56 - 00712704 _____ () I:\Program Files (x86)\Launchy\QtNetwork4.dll
2012-01-15 00:15 - 2009-12-17 01:18 - 00233472 _____ () I:\Program Files (x86)\Launchy\imageformats\qmng4.dll
2012-01-15 00:15 - 2010-11-10 20:39 - 00081920 _____ () I:\Program Files (x86)\Launchy\plugins\calcy.dll
2012-01-15 00:15 - 2010-11-10 20:39 - 00090112 _____ () I:\Program Files (x86)\Launchy\plugins\controly.dll
2012-01-15 00:15 - 2010-11-10 20:38 - 00024064 _____ () I:\Program Files (x86)\Launchy\plugins\gcalc.dll
2012-01-15 00:15 - 2010-11-10 20:38 - 00094208 _____ () I:\Program Files (x86)\Launchy\plugins\runner.dll
2012-01-15 00:15 - 2010-11-10 20:38 - 00057344 _____ () I:\Program Files (x86)\Launchy\plugins\verby.dll
2012-01-15 00:15 - 2010-11-10 20:38 - 00122880 _____ () I:\Program Files (x86)\Launchy\plugins\weby.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-07-27 13:23 - 2015-07-27 13:23 - 00043008 _____ () g:\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpprfen4.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00750080 _____ () C:\Users\Admin\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00047616 _____ () C:\Users\Admin\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00865280 _____ () C:\Users\Admin\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00200704 _____ () C:\Users\Admin\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\Admin\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00726016 _____ () C:\Users\Admin\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\Admin\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2012-01-24 21:43 - 2011-07-12 20:14 - 00147456 _____ () C:\Users\Admin\ASUS\AI Suite\AI Suite II\AssistFunc.dll
2012-01-24 21:43 - 2010-10-05 09:22 - 00253952 _____ () C:\Users\Admin\ASUS\AI Suite\AI Suite II\pngio.dll
2012-01-24 21:43 - 2011-08-12 16:48 - 00985088 _____ () C:\Users\Admin\ASUS\AI Suite\AI Suite II\BarGadget\BarGadget.dll
2012-01-24 21:43 - 2011-07-26 17:16 - 00880128 _____ () C:\Users\Admin\ASUS\AI Suite\AI Suite II\Sensor\Sensor.dll
2012-01-24 21:43 - 2011-07-29 12:44 - 01611776 _____ () C:\Users\Admin\ASUS\AI Suite\AI Suite II\Sensor Graph\SensorGraph.dll
2012-01-24 21:43 - 2011-08-09 13:15 - 01242624 _____ () C:\Users\Admin\ASUS\AI Suite\AI Suite II\Settings\Settings.dll
2012-01-24 21:43 - 2011-07-21 10:06 - 00846848 _____ () C:\Users\Admin\ASUS\AI Suite\AI Suite II\Splitter\Splitter.dll
2012-01-24 21:43 - 2011-07-21 21:33 - 00885760 _____ () C:\Users\Admin\ASUS\AI Suite\AI Suite II\TabGadget\TabGadget.dll
2012-01-24 21:42 - 2011-10-07 12:34 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMLib.dll
2012-01-24 21:43 - 2010-10-05 09:22 - 00208896 _____ () C:\Users\Admin\ASUS\AI Suite\AI Suite II\ImageHelper.dll
2012-01-24 21:43 - 2010-06-21 16:21 - 00208896 _____ () C:\Users\Admin\ASUS\AI Suite\AI Suite II\Sensor\AlertHelper\ImageHelper.dll
2006-02-22 16:47 - 2006-02-22 16:47 - 00073728 ____R () I:\Program Files (x86)\Cherry\KeyMan\zlib1.dll
2006-02-22 16:47 - 2006-02-22 16:47 - 00114688 ____R () I:\Program Files (x86)\Cherry\KeyMan\libpng13.dll
2013-08-29 02:25 - 2013-08-29 02:25 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2013-01-22 05:22 - 2015-07-03 18:12 - 39553928 _____ () I:\Program Files (x86)\Steam\bin\libcef.dll
2015-07-26 04:27 - 2015-07-24 00:39 - 01405768 _____ () C:\Users\Admin\AppData\Local\Google\Chrome\Application\44.0.2403.107\libglesv2.dll
2015-07-26 04:27 - 2015-07-24 00:39 - 00081224 _____ () C:\Users\Admin\AppData\Local\Google\Chrome\Application\44.0.2403.107\libegl.dll
2010-01-31 17:11 - 2015-02-04 13:42 - 00053248 _____ () I:\Program Files (x86)\SABnzbd\lib\_socket.pyd
2010-01-31 17:11 - 2015-02-04 13:42 - 00671744 _____ () I:\Program Files (x86)\SABnzbd\lib\_ssl.pyd
2010-01-31 17:11 - 2015-02-04 13:42 - 00294912 _____ () I:\Program Files (x86)\SABnzbd\lib\_hashlib.pyd
2010-01-31 16:56 - 2015-02-04 13:42 - 00102400 _____ () I:\Program Files (x86)\SABnzbd\lib\win32api.pyd
2010-01-31 17:14 - 2015-02-04 13:42 - 00118784 _____ () I:\Program Files (x86)\SABnzbd\lib\pywintypes25.dll
2010-01-31 16:54 - 2015-02-04 13:42 - 00013824 _____ () I:\Program Files (x86)\SABnzbd\lib\win32event.pyd
2010-01-31 16:56 - 2015-02-04 13:42 - 00036864 _____ () I:\Program Files (x86)\SABnzbd\lib\win32service.pyd
2010-11-01 18:52 - 2015-02-04 13:42 - 00057344 _____ () I:\Program Files (x86)\SABnzbd\lib\OpenSSL.crypto.pyd
2010-11-01 18:52 - 2015-02-04 13:42 - 00007168 _____ () I:\Program Files (x86)\SABnzbd\lib\OpenSSL.rand.pyd
2010-11-01 18:52 - 2015-02-04 13:42 - 00037888 _____ () I:\Program Files (x86)\SABnzbd\lib\OpenSSL.SSL.pyd
2010-01-31 17:11 - 2015-02-04 13:42 - 00086016 _____ () I:\Program Files (x86)\SABnzbd\lib\_ctypes.pyd
2010-01-31 17:11 - 2015-02-04 13:42 - 00049152 _____ () I:\Program Files (x86)\SABnzbd\lib\_sqlite3.pyd
2010-10-08 04:37 - 2015-02-04 13:42 - 00546205 _____ () I:\Program Files (x86)\SABnzbd\lib\sqlite3.dll
2010-01-31 17:11 - 2015-02-04 13:42 - 00008192 _____ () I:\Program Files (x86)\SABnzbd\lib\select.pyd
2006-08-12 17:47 - 2015-02-04 13:42 - 00009728 _____ () I:\Program Files (x86)\SABnzbd\lib\_yenc.pyd
2009-03-03 19:21 - 2015-02-04 13:42 - 00012288 _____ () I:\Program Files (x86)\SABnzbd\lib\Cheetah._namemapper.pyd
2010-01-31 17:11 - 2015-02-04 13:42 - 00135168 _____ () I:\Program Files (x86)\SABnzbd\lib\pyexpat.pyd
2010-01-31 16:54 - 2015-02-04 13:42 - 00040960 _____ () I:\Program Files (x86)\SABnzbd\lib\win32process.pyd
2010-01-31 16:54 - 2015-02-04 13:42 - 00110592 _____ () I:\Program Files (x86)\SABnzbd\lib\win32file.pyd
2010-01-31 16:54 - 2015-02-04 13:42 - 00014848 _____ () I:\Program Files (x86)\SABnzbd\lib\win32evtlog.pyd
2010-01-31 16:56 - 2015-02-04 13:42 - 00024576 _____ () I:\Program Files (x86)\SABnzbd\lib\servicemanager.pyd
2010-01-31 16:54 - 2015-02-04 13:42 - 00019968 _____ () I:\Program Files (x86)\SABnzbd\lib\win32pipe.pyd
2012-08-14 22:25 - 2015-02-04 13:42 - 00155648 _____ () I:\Program Files (x86)\SABnzbd\lib\win32gui.pyd
2012-08-14 22:25 - 2015-02-04 13:42 - 00176128 _____ () I:\Program Files (x86)\SABnzbd\lib\winxpgui.pyd
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2015-03-13 18:20 - 2015-03-13 18:20 - 03758192 _____ () C:\Users\Dori\AppData\Local\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer trusted/restricted ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-500210103-394823293-4185795276-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-500210103-394823293-4185795276-1000\...\webcompanion.com -> hxxp://webcompanion.com


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-500210103-394823293-4185795276-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 0) (EnableLUA: 0)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Produktregistrierung.lnk => C:\Windows\pss\Logitech . Produktregistrierung.lnk.Startup
MSCONFIG\startupreg: AdAwareTray => "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareTray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "I:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
MSCONFIG\startupreg: CloneCDTray => "I:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s
MSCONFIG\startupreg: DAEMON Tools Lite => "I:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DBAgent => "I:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStart
MSCONFIG\startupreg: Google Update => "C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: iLivid => "C:\Program Files (x86)\iLivid\iLivid.exe" -autorun
MSCONFIG\startupreg: Infium => "I:\Program Files (x86)\QIP 2012\qip.exe" /autorun
MSCONFIG\startupreg: iTunesHelper => "I:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesHelper => I:\Program Files (x86)\Kies\KiesHelper.exe /s
MSCONFIG\startupreg: KiesPDLR => I:\Program Files (x86)\Kies\External\FirmwareUpdate\KiesPDLR.exe
MSCONFIG\startupreg: KiesTrayAgent => I:\Program Files (x86)\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Logitech Vid => "I:\Program Files\Logitech\Logitech Vid\vid.exe" -bootmode
MSCONFIG\startupreg: LogitechQuickCamRibbon => "I:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: Steam => "I:\Spiele\Shogun2\Steam.exe" -silent
MSCONFIG\startupreg: TomTomHOME.exe => "I:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
MSCONFIG\startupreg: Uploader => I:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
MSCONFIG\startupreg: vmware-tray.exe => "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
MSCONFIG\startupreg: Web Companion => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [TCP Query User{DA8B16C5-BE90-40EA-827E-2EB7C52B0EA8}I:\program files (x86)\qip 2012\qip.exe] => (Allow) I:\program files (x86)\qip 2012\qip.exe
FirewallRules: [UDP Query User{BBFB236B-3C59-411B-9BA8-13E22649E395}I:\program files (x86)\qip 2012\qip.exe] => (Allow) I:\program files (x86)\qip 2012\qip.exe
FirewallRules: [{8BC7C635-B55F-4EF5-8438-6223B40D4A80}] => (Allow) I:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{F4D2F6EF-B0BB-47EE-961A-37C7B153E8F0}] => (Allow) I:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{AFE7696E-2626-4CE4-AB98-864DFF54B436}] => (Allow) I:\Program Files\SiSoftware\SiSoftware Sandra Business 2012.SP1\RpcAgentSrv.exe
FirewallRules: [{362EE47C-9839-45F0-B2B5-2BAB03546E58}] => (Allow) C:\Spiele\KONAMI\Pro Evolution Soccer 2012\pes2012.exe
FirewallRules: [{19FA7D7D-FCE5-4133-9E56-A505077BE123}] => (Allow) C:\Spiele\KONAMI\Pro Evolution Soccer 2012\pes2012.exe
FirewallRules: [{FEAA08D5-1F62-4746-8502-6C8E35AD3AD4}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{89D83809-0329-4E93-9BBC-8F29947A1F6C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{7E8D0281-4E3D-42E6-8C8B-CBCE14158C15}] => (Allow) I:\Spiele\Ubisoft\Might & Magic Heroes VI\Might & Magic Heroes VI.exe
FirewallRules: [{D2940AD0-EC65-4E66-82FE-5993E30F4857}] => (Allow) I:\Spiele\Ubisoft\Might & Magic Heroes VI\Might & Magic Heroes VI.exe
FirewallRules: [{5955373F-CE8A-4702-B083-83FE94F2CF0C}] => (Allow) I:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe
FirewallRules: [{C74EA9EC-C3E1-478D-9D8D-4121CD67F358}] => (Allow) I:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe
FirewallRules: [{A4B35129-520A-4D22-9439-E769F6464314}] => (Allow) I:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe
FirewallRules: [{EDE36322-5FEB-4116-A24C-0A8E37EBE3F7}] => (Allow) I:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe
FirewallRules: [{0401DEE8-6C56-46D7-BD3D-68C3DD114DC8}] => (Allow) C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{96B950BC-63B4-4374-AD70-0490E0DA7948}] => (Allow) C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{07845E60-9CD3-42AF-9DCA-A6493B8D815E}] => (Allow) I:\Program Files (x86)\MirandaFusion\miranda32.exe
FirewallRules: [{5ABB16A8-F1E4-4662-94A8-C2218E58E695}] => (Allow) I:\Program Files (x86)\MirandaFusion\miranda32.exe
FirewallRules: [{63D7AAF9-70F3-4274-98E8-F1469964D069}] => (Allow) I:\Program Files (x86)\MirandaFusion\fusiontools\updater.exe
FirewallRules: [{344C8FB4-5E3B-493C-9EEB-F4E3A503E934}] => (Allow) I:\Program Files (x86)\MirandaFusion\fusiontools\updater.exe
FirewallRules: [{0E1CFE8E-8E51-4BAB-BDC6-1F55B40B4BDC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{60156986-F05F-4B44-B56A-1B6296FFCA4F}] => (Allow) I:\Program Files (x86)\Veetle\Player\VeetleNet.exe
FirewallRules: [{0E5E8547-8C1C-4FF2-A6CD-04BE4BDD0BB3}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{D6494379-CA32-419C-9161-11CF8F0CB2E7}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{1C07C517-3B5D-440E-8E59-B9ED88FCE7FF}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{8EB90E80-4711-408D-9B52-85382808D083}] => (Allow) LPort=2869
FirewallRules: [{E592F7EA-5498-4FD8-84F9-403CAE992B2A}] => (Allow) LPort=1900
FirewallRules: [{3328D48A-C369-48D9-A0DA-BAA29331C542}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{67E46703-985D-4D43-80DC-6D6BE9C1D8B5}] => (Allow) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
FirewallRules: [{429B5E54-A9D8-4DDD-81FE-3F7B05676ACD}] => (Allow) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
FirewallRules: [{7C722773-66FB-4F9A-89EC-BACA2FFC0C83}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{643EEACE-F60F-4B95-9A5D-6E93AA9AD08C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C25BBC8C-1F24-4F79-B3EC-5493341A9E8D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1D1C9799-404B-40B7-8F23-58DA1C06B7A6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F057F700-6E39-4191-8C76-8466AD3A371B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D64842BC-1FB7-4B7B-9570-06536E65C93C}] => (Allow) I:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{3A72BC0D-0D37-4F3D-B862-BDEDE8A06E10}] => (Allow) C:\Spiele\KONAMI\Pro Evolution Soccer 2012\pes2012.exe
FirewallRules: [{37722471-2BE3-4C12-8B7C-322EF6D3204E}] => (Allow) C:\Spiele\KONAMI\Pro Evolution Soccer 2012\pes2012.exe
FirewallRules: [{4398A648-238B-4A09-9C0A-FB54437DB8E5}] => (Allow) C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\pes2013.exe
FirewallRules: [{CA9385B3-F70A-4C01-A51A-D6AF1A5F8B72}] => (Allow) C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2013\pes2013.exe
FirewallRules: [{E109636D-820D-4439-B85F-EDF9C1E8D15E}] => (Allow) C:\Spiele\KONAMI\Pro Evolution Soccer 2013\pes2013.exe
FirewallRules: [{AD9987BD-1C12-4441-9B11-2CA40DDFAF81}] => (Allow) C:\Spiele\KONAMI\Pro Evolution Soccer 2013\pes2013.exe
FirewallRules: [{662B62DD-ECC8-4B0C-8C77-0DE526D49089}] => (Allow) C:\Spiele\KONAMI\Pro Evolution Soccer 2013\Pesgalaxy.com Patch 2013\pes2013.exe
FirewallRules: [{7AE125AE-51A1-49AB-8D30-0EC90E410EC7}] => (Allow) C:\Spiele\KONAMI\Pro Evolution Soccer 2013\Pesgalaxy.com Patch 2013\pes2013.exe
FirewallRules: [{DBBA6DE9-9593-4D21-AC2B-AA001DF6DE6F}] => (Allow) C:\Spiele\KONAMI\Pro Evolution Soccer 2013\pes2013.exe
FirewallRules: [{53EBF171-B2ED-4236-8462-CD4985D151B7}] => (Allow) C:\Spiele\KONAMI\Pro Evolution Soccer 2013\pes2013.exe
FirewallRules: [{CF8EBDF8-2147-4186-AC19-DB5F620935CC}] => (Allow) C:\Spiele\KONAMI\Pro Evolution Soccer 2013\Pesgalaxy.com Patch 2013\pes2013.exe
FirewallRules: [{EC84D4B5-2BDA-4C21-8981-F76E120EF62F}] => (Allow) C:\Spiele\KONAMI\Pro Evolution Soccer 2013\Pesgalaxy.com Patch 2013\pes2013.exe
FirewallRules: [{D925962D-FC57-429B-A000-482E648FB0F8}] => (Allow) I:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{724A9BCD-7B6A-46C7-AA37-0458EB6B52CF}] => (Allow) I:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{99905495-7B1E-4A75-AF05-55A63D82FD4B}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{7B456905-3203-44B8-8BD2-444A12450C89}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{7CB416A5-05FE-4A3E-B75C-B6409113D941}] => (Allow) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
FirewallRules: [{3C22040D-E846-4702-A26C-61390E0BE1A1}] => (Allow) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
FirewallRules: [{C5D49E73-F4DE-4AFB-9E11-1A7AFC9664D4}] => (Allow) C:\Users\Admin\AppData\Roaming\TorrentStream\engine\tsengine.exe
FirewallRules: [{0A8E48F2-035F-4B03-A9E3-42F995851267}] => (Allow) C:\Users\Admin\AppData\Roaming\TorrentStream\engine\tsengine.exe
FirewallRules: [{8B9EDA0D-15D2-4C54-A967-6514CD0AE0FF}] => (Allow) I:\Program Files\Logitech\Logitech Vid\Vid.exe
FirewallRules: [{F68ADFC3-0BCC-43E1-B299-97708A087050}] => (Allow) I:\Program Files\Logitech\Logitech Vid\Vid.exe
FirewallRules: [{B7DA221D-BBE0-45C0-8510-AC6ED56BD1D8}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{ADEA4D7E-67C4-41AF-B654-5CC08427F36B}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [TCP Query User{63EC74B4-EB18-4D2F-9AAF-8D7C44BD8D05}I:\program files (x86)\gembird\power manager\pm.exe] => (Allow) I:\program files (x86)\gembird\power manager\pm.exe
FirewallRules: [UDP Query User{E690A155-70F6-401D-9D82-5A331677DD59}I:\program files (x86)\gembird\power manager\pm.exe] => (Allow) I:\program files (x86)\gembird\power manager\pm.exe
FirewallRules: [TCP Query User{A402614A-8B59-4625-AD98-8961ABDE1A48}I:\program files (x86)\gembird\power manager\pm.exe] => (Allow) I:\program files (x86)\gembird\power manager\pm.exe
FirewallRules: [UDP Query User{E1E875BB-7831-43BB-B61B-18414486DE94}I:\program files (x86)\gembird\power manager\pm.exe] => (Allow) I:\program files (x86)\gembird\power manager\pm.exe
FirewallRules: [{7A4F5E0B-F7F6-413E-A12D-92A3EBA60213}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{44D41D10-29CC-4163-B2D9-0E3A06E90392}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{009A8772-ED14-4BD7-A60F-08E58C4C84BB}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{98117CFE-02E4-48BE-85E1-01C30A3DBE37}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{4A5727EB-16BD-4B3F-9D7A-93044872A2B0}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{6AE47FEE-E88E-4A59-9F42-2D31017B3378}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{1A11A178-C737-4B29-AB2B-9E48AE7FE104}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{671EAD44-A446-45D5-BBFA-663054284BA5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{DE4BA6E6-ADC4-4C8D-B3C2-C8AF7AD801E3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{C479E420-FD02-4CA6-AC75-DF80AF559421}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{A355DD9E-1308-489B-9C88-DEC05B478FFB}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{39F53DFE-6304-46CC-B2B8-1907E770DD92}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{D71831B4-90C7-4B1A-83AE-74F8BCC1F677}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{B4B0A17C-CA89-48D4-A332-36063BD4EA67}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{9FDE980F-979E-4989-A226-E1A50203EF64}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{A172864A-5B49-48BE-B3F0-F9316BB9968F}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{B56B05E3-22DD-4E46-B0AC-D8140356E25A}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{9C861C18-776C-416E-A65C-B27AF2BC4209}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{B87C9DD5-5FB0-495F-BA17-8717C92DF98E}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Rogue Legacy\RogueLegacy.exe
FirewallRules: [{220A5D30-C98A-4FD8-B0E4-A51F13C9649D}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Rogue Legacy\RogueLegacy.exe
FirewallRules: [{6A31F993-39B0-477D-95F5-57FB037FF7B2}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY VIII\FF8_Launcher.exe
FirewallRules: [{11486E23-BCDA-47CA-9A48-D744951F54FC}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY VIII\FF8_Launcher.exe
FirewallRules: [{3EEF7F57-68BB-4A18-9366-CE65958D55FD}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{0A3759DE-0340-44AB-BB75-D8891789E014}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [TCP Query User{6B7E7A41-8B0B-4E1C-94F4-6A2F4D56D43A}I:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) I:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [UDP Query User{5852FD27-A7C2-4B4E-B036-AFD2F263361B}I:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) I:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [TCP Query User{545628FC-9C6E-4D8C-90D6-F4B9EFF6C0B3}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{C680CB0D-FFD9-4CCA-93E5-081244976B4B}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{307D98F2-08D4-4950-BDCE-F2CCEB1650F4}I:\program files (x86)\sopcast\sopcast.exe] => (Allow) I:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [UDP Query User{EA45DD32-5B84-4D74-9AF5-F50BF777EEA5}I:\program files (x86)\sopcast\sopcast.exe] => (Allow) I:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [{1EDF1FB2-4890-4401-88E5-37D3DC463639}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{1BF7DA1B-A913-495E-8D98-3BE627EA07A0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{65D5665E-4A5F-488F-9588-8BBF2DF04991}] => (Allow) I:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{E9BB800C-4E34-44C4-BBDF-879F7C72D334}] => (Allow) I:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{40774BCD-EBF3-4DBB-82FF-0661E7F415BC}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{C623C620-2E9B-48C0-8978-88D24940F63C}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{6F617A60-D3CE-473A-B6DF-6D99BE718553}I:\program files (x86)\sopcast\sopcast.exe] => (Allow) I:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [UDP Query User{34CFEEF9-08F7-447D-B03F-3B5FB10811E9}I:\program files (x86)\sopcast\sopcast.exe] => (Allow) I:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [TCP Query User{24F2A94C-85DE-4FAD-A84F-97E53F1253CC}I:\spiele\pro evolution soccer 2014\pes2014.exe] => (Allow) I:\spiele\pro evolution soccer 2014\pes2014.exe
FirewallRules: [UDP Query User{BFA2FC11-613A-42C0-B65E-3C1A8C923DC6}I:\spiele\pro evolution soccer 2014\pes2014.exe] => (Allow) I:\spiele\pro evolution soccer 2014\pes2014.exe
FirewallRules: [{3EFE3C44-E51A-466C-96BE-EF6AFB82E693}] => (Allow) C:\Users\Admin\AppData\Roaming\ACEStream\engine\ace_engine.exe
FirewallRules: [{3A1609E6-DFE5-4351-A464-F32D3D0380F7}] => (Allow) C:\Users\Admin\AppData\Roaming\ACEStream\engine\ace_engine.exe
FirewallRules: [{6F7FDED0-235E-477D-B7E7-9E3A3CBE4D7D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{2FFCDB85-C562-4715-A56B-6EB4A6ACAB93}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{6221A8D9-C192-4605-B9DC-626D8D97B77C}] => (Allow) G:\Origin Games\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{F279A456-E9E0-430D-BDBB-BF17577BBE95}] => (Allow) G:\Origin Games\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{63EF3EFF-3EBA-49FF-B88C-9DEF3947813F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2AB36BAA-E192-4477-AA91-2D0D5AC6CB4B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D7762DF8-BFC1-402B-8B33-FA0F0154D8D7}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E144CEBA-2EAE-44F7-B9AC-E84754133A70}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{FD6A79F4-6AAF-4A40-A1AD-0F9E26721706}] => (Allow) G:\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{0AC8CCAC-4208-438E-883E-97825AB5AC7D}] => (Allow) G:\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{3FF7376C-70FA-41F9-B0DE-86FEDC096268}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{C8CC5276-DABB-4B14-A206-B3E881439B48}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{74881FD2-5264-4BD4-92A6-C8CE47D701FD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{31EA935D-9C24-433F-9617-62DE00A87C88}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [TCP Query User{98CF1771-0E6C-4F52-BF56-29AB4E5D2A92}I:\spiele\divinity original sin\shipping\eocapp.exe] => (Block) I:\spiele\divinity original sin\shipping\eocapp.exe
FirewallRules: [UDP Query User{47807778-B09B-4256-B568-86D4DD197A74}I:\spiele\divinity original sin\shipping\eocapp.exe] => (Block) I:\spiele\divinity original sin\shipping\eocapp.exe
FirewallRules: [{7E4FBE01-30EE-482F-92D8-438D4179DB1C}] => (Allow) I:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{67AA91B7-07CB-4545-946D-E4B72F9AD57D}] => (Allow) I:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{546527AB-0121-4826-A9B7-2C7ECD5CF209}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{A6EFCFEB-2C91-4FE6-B1C2-4582B05FC7E9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{0644E69B-2437-4DFD-A3A5-83F987C2C4B2}] => (Allow) I:\Program Files (x86)\Origin Games\FIFA World\fifaworld.exe
FirewallRules: [{B0E016FB-8173-449F-B4CE-EE19F5008545}] => (Allow) I:\Program Files (x86)\Origin Games\FIFA World\fifaworld.exe
FirewallRules: [{20B834F7-169E-4B2A-928D-427DA0C24727}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{DA16898C-69E6-4E29-B779-D1B8DE179DB0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{177E0E07-33DC-4066-B195-F3D169C66AFE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{05238314-5001-4210-AC93-76678CF4B46E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{6CFAA827-F9B0-49EE-9BC3-55B7906A3EFD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{5AD4F365-C0CB-43A9-B446-9E8613459E11}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{1BD42C09-FCC0-4478-8177-F566200EC1AB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{BFD697F0-5884-45D5-97DA-6073C3C82AED}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{AAB3A8FC-D53D-49ED-9531-9898F701143B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{55719414-C766-414B-A666-BEF2582BDE7B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{11C97E03-8523-4A87-8682-53D2DBED28AD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{60E525EF-38B7-4A32-9871-2224D7550405}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{CEF3BA47-48EB-44F9-AF94-5B320B8D7CD5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{DA7D1730-8FC9-4C91-8690-996034BB1C4D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{D214B8B2-13E0-4880-9205-DC5490BD2C41}] => (Allow) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
FirewallRules: [{63D286EA-1EA1-446F-AD8C-11062C04E028}] => (Allow) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
FirewallRules: [{067961E8-23AA-4AD7-9911-C8EB95D4FF4D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{85ED6F17-5E2F-4D3E-8E62-81D68D2DAFAE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{FE681703-1045-428D-9CFB-818BA8E07967}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{C76EC2B7-CA42-4C24-8FDF-E7D78D02753B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{88D4F973-FD87-4D3B-8067-DCB8BBD8A337}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{6E51B1CA-57A9-4765-8D59-C3BAAEA903DF}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [TCP Query User{9BE1AE84-9D13-4C43-B424-7D6A9B7A9F3B}I:\spiele\pro evolution soccer 2015\pes2015.exe] => (Allow) I:\spiele\pro evolution soccer 2015\pes2015.exe
FirewallRules: [UDP Query User{D0AC4E49-CCF8-4CAC-B607-6DF7399BF3E8}I:\spiele\pro evolution soccer 2015\pes2015.exe] => (Allow) I:\spiele\pro evolution soccer 2015\pes2015.exe
FirewallRules: [{7122C35C-B6C6-4E6E-86A2-AACBDEF834EE}] => (Allow) G:\SteamLibrary\SteamApps\common\Pro Evolution Soccer 2015\PES2015.exe
FirewallRules: [{29462748-3F10-4424-9DEF-90AAB302C1D0}] => (Allow) G:\SteamLibrary\SteamApps\common\Pro Evolution Soccer 2015\PES2015.exe
FirewallRules: [{8E8957D1-C55C-4E31-B900-9B46379E6C3A}] => (Allow) I:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
FirewallRules: [{0F26E076-AF8F-4402-865A-A397FBE47234}] => (Allow) I:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
FirewallRules: [{A6460428-A9EE-4551-AAB1-9919A8CB9FE7}] => (Allow) I:\Program Files (x86)\AVG\AVG2012\avgdiagex.exe
FirewallRules: [{A33E8FE9-D05D-4FFE-8822-FC73F3DC550A}] => (Allow) I:\Program Files (x86)\AVG\AVG2012\avgdiagex.exe
FirewallRules: [{1AC7AE59-22CC-4C22-9325-1B9387438B71}] => (Allow) I:\Program Files (x86)\AVG\AVG2012\avgemca.exe
FirewallRules: [{86AA2786-26BF-4AB7-A66B-6E5E665FACDF}] => (Allow) I:\Program Files (x86)\AVG\AVG2012\avgemca.exe
FirewallRules: [TCP Query User{750FD61C-DEBE-412E-9723-59374283BC20}I:\spiele\sierra activision aspyr\geometry wars 3 dimensions\gw3.exe] => (Block) I:\spiele\sierra activision aspyr\geometry wars 3 dimensions\gw3.exe
FirewallRules: [UDP Query User{E1E8AA2F-D28F-46E6-912D-0012C96D29E0}I:\spiele\sierra activision aspyr\geometry wars 3 dimensions\gw3.exe] => (Block) I:\spiele\sierra activision aspyr\geometry wars 3 dimensions\gw3.exe
FirewallRules: [{B4D9749E-B708-4D9D-9DDC-A48E8A4459BD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{C55D1012-3D11-4966-B4BE-07B0171EF8DE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{D7891E90-3D5E-4E71-91E6-74F2470568D6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{19BAF5E7-C630-4E87-BFC9-E875AC3E101F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [TCP Query User{934E83F4-23D0-44FF-87C7-0957C34C00B3}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{AFB751F7-169D-440A-BADA-70F25F4545B6}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{97D5122A-DE93-4E9D-94DE-560DDB0A915E}I:\program files\xampp\apache\bin\httpd.exe] => (Allow) I:\program files\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{17F86DA3-A1F5-4BAD-83C4-B630DA509607}I:\program files\xampp\apache\bin\httpd.exe] => (Allow) I:\program files\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{9268B190-BF64-4AF9-BA9F-73477A9597F5}I:\program files\xampp\mysql\bin\mysqld.exe] => (Allow) I:\program files\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{A68F1A97-6293-4687-8C2B-C6F7F0BAF8BF}I:\program files\xampp\mysql\bin\mysqld.exe] => (Allow) I:\program files\xampp\mysql\bin\mysqld.exe
FirewallRules: [{67B5231F-8ADB-4FF5-B36A-FFC60C1F237C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{26B8BF3D-7228-4D1C-83F2-DE5FF771D4BD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{5264E2C9-606F-4009-B7F1-5024B7B5CF2B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{AA931175-D489-4128-8800-0F69680CD7A3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{239C8B4D-9F39-41AD-B84F-B4B337CA2D72}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{5BE02404-C7E9-47D1-86EF-91C9E127B4B2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{C29A9D4D-8EFB-467C-833B-1BF942E44643}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{66370EA6-F85A-4580-AC31-6AF8A17B72EB}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{392FEB61-2B82-41AF-BCA8-8350B63A0D60}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{93E85BE7-1F1B-4FE5-A119-3E828992E3FA}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{6C8B2C10-6A54-4171-AA94-A2B884369D0C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{27CD20F3-07EF-400F-99B1-E284BFE05B17}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{4C385DC4-C490-457A-9FFF-885810C64C9A}] => (Allow) G:\SteamLibrary\SteamApps\common\Quake Live\quakelive_steam.exe
FirewallRules: [{598B1C43-5AC4-46CA-B4CB-0268F622174E}] => (Allow) G:\SteamLibrary\SteamApps\common\Quake Live\quakelive_steam.exe
FirewallRules: [TCP Query User{1559CE4F-EBBC-434F-93D4-CBBD3AC0B908}G:\steamlibrary\steamapps\common\pro evolution soccer 2015\pes2015 - modern - nesa24.exe] => (Allow) G:\steamlibrary\steamapps\common\pro evolution soccer 2015\pes2015 - modern - nesa24.exe
FirewallRules: [UDP Query User{6748B5FC-83AB-49E2-80E3-FF5B2C36DF55}G:\steamlibrary\steamapps\common\pro evolution soccer 2015\pes2015 - modern - nesa24.exe] => (Allow) G:\steamlibrary\steamapps\common\pro evolution soccer 2015\pes2015 - modern - nesa24.exe
FirewallRules: [{55F96811-D542-4AD3-A2FB-1AAE0741376E}] => (Block) G:\steamlibrary\steamapps\common\pro evolution soccer 2015\pes2015 - modern - nesa24.exe
FirewallRules: [{B4A5676B-82D8-4F67-A9F8-860D9696FE8D}] => (Block) G:\steamlibrary\steamapps\common\pro evolution soccer 2015\pes2015 - modern - nesa24.exe
FirewallRules: [{5AFFAF25-4C99-4203-8748-62E29395211C}] => (Allow) I:\Program Files\SiSoftware\SiSoftware Sandra Business 2012.SP1\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{2E8C2002-15B2-4CB1-B0DC-5E9AE99BA086}] => (Allow) I:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
FirewallRules: [{4D1C1F4D-154B-45CE-BB5F-973BADCEB950}] => (Allow) I:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
FirewallRules: [{01FCB0B7-D5E9-4179-8020-3D547D91E3CA}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{2323FEB1-3673-4C70-93D5-06706DAF2530}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{A5330042-8A8A-4EFA-BF39-C18DBDFD4D23}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{7178C640-F4BA-45BC-BB03-33F9464587DA}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [TCP Query User{B5A2A9B5-8D58-44B8-9693-0C4D838BF8C2}G:\dokumente\downloads\turbohud 15.4.20.0 (v4) stable for diablo iii 2.2.0.30894a\turbohud.exe] => (Allow) G:\dokumente\downloads\turbohud 15.4.20.0 (v4) stable for diablo iii 2.2.0.30894a\turbohud.exe
FirewallRules: [UDP Query User{BDB94D6A-5650-4EE1-AA64-6085D0B16BAE}G:\dokumente\downloads\turbohud 15.4.20.0 (v4) stable for diablo iii 2.2.0.30894a\turbohud.exe] => (Allow) G:\dokumente\downloads\turbohud 15.4.20.0 (v4) stable for diablo iii 2.2.0.30894a\turbohud.exe
FirewallRules: [{5B635C6E-0C8C-4864-A333-0AB7C8939BDE}] => (Block) G:\dokumente\downloads\turbohud 15.4.20.0 (v4) stable for diablo iii 2.2.0.30894a\turbohud.exe
FirewallRules: [{FB176797-B9BA-47EE-A426-E8E7CEB16A1A}] => (Block) G:\dokumente\downloads\turbohud 15.4.20.0 (v4) stable for diablo iii 2.2.0.30894a\turbohud.exe
FirewallRules: [TCP Query User{76D0C968-5490-44BD-B6BE-733CF7C09504}G:\dokumente\downloads\turbohud 15.4.20.0 (v4) stable for diablo iii 2.2.0.30894a\test.exe] => (Allow) G:\dokumente\downloads\turbohud 15.4.20.0 (v4) stable for diablo iii 2.2.0.30894a\test.exe
FirewallRules: [UDP Query User{9414CF60-207B-468E-963F-CB18B8E6BC85}G:\dokumente\downloads\turbohud 15.4.20.0 (v4) stable for diablo iii 2.2.0.30894a\test.exe] => (Allow) G:\dokumente\downloads\turbohud 15.4.20.0 (v4) stable for diablo iii 2.2.0.30894a\test.exe
FirewallRules: [{62800BC7-647B-48D5-A81E-6D264B4FEA39}] => (Block) G:\dokumente\downloads\turbohud 15.4.20.0 (v4) stable for diablo iii 2.2.0.30894a\test.exe
FirewallRules: [{7B24E092-E864-4D79-8896-79718766A4B4}] => (Block) G:\dokumente\downloads\turbohud 15.4.20.0 (v4) stable for diablo iii 2.2.0.30894a\test.exe
FirewallRules: [{F92D3E68-0D80-46D4-904E-26645B2B4429}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{760E89FA-6A6E-4026-84AC-7679B006AB6F}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{F0122ABE-D7E4-4882-9DAF-81A5E8B6A7CC}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{2DD7FA52-91FD-4ECB-9953-37FDA3C44AF5}] => (Allow) I:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{67B73862-FB62-474D-8136-1F60B3EE7D96}] => (Allow) G:\SteamLibrary\SteamApps\common\FINAL FANTASY VII\FF7_Launcher.exe
FirewallRules: [{325CD692-B642-48F3-9E67-0F5CA6CB3937}] => (Allow) G:\SteamLibrary\SteamApps\common\FINAL FANTASY VII\FF7_Launcher.exe
FirewallRules: [{6E481CEB-2803-4D24-A8E6-201907F17ED9}] => (Allow) G:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{03F2D851-82F7-46F0-A413-27761EAECEE3}] => (Allow) G:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{3589CD91-E258-4B2E-999B-1029301D2301}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{A30CEBE1-2227-4371-B476-4BC0F3C8BCB8}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{DFCC8903-182A-4040-852E-167AC8D41C97}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{70831CAB-C418-4D43-9700-1E0D8C7C3937}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{3732328F-8CC0-4FF7-AEDC-1EE1AB7C90F9}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{9625A327-9DF4-4CB7-9E9A-4948FCEACAED}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{775A1104-026F-47D2-9777-5F64944C47AE}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{0590F458-0DCD-44C3-BDC7-D138CEA53FA9}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{0DDC93C9-951B-4A06-9513-2C62E6756591}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{6F341878-9A59-40A0-B440-202514C4F814}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{224D9513-CAEC-4D16-9E7A-2A1B75DBFA9D}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{D97AE7D4-2DFA-442E-9404-78FB8B31D5A5}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{A5208F0F-2202-4D06-A0E2-F2E273C3CA16}] => (Allow) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Shrew Soft Virtual Adapter
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/27/2015 01:24:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/27/2015 12:33:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/27/2015 04:32:17 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/27/2015 04:30:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AI Suite II.exe, Version: 1.0.2.51, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18869, Zeitstempel: 0x556363bc
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x1d20
Startzeit der fehlerhaften Anwendung: 0xAI Suite II.exe0
Pfad der fehlerhaften Anwendung: AI Suite II.exe1
Pfad des fehlerhaften Moduls: AI Suite II.exe2
Berichtskennung: AI Suite II.exe3

Error: (07/26/2015 08:34:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/26/2015 07:00:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Timed out waiting for acknowledgement of machine sleep

Error: (07/26/2015 05:23:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WlanNetService.exe, Version: 1.1.0.26, Zeitstempel: 0x4cbea834
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x016cbdc0
ID des fehlerhaften Prozesses: 0x968
Startzeit der fehlerhaften Anwendung: 0xWlanNetService.exe0
Pfad der fehlerhaften Anwendung: WlanNetService.exe1
Pfad des fehlerhaften Moduls: WlanNetService.exe2
Berichtskennung: WlanNetService.exe3

Error: (07/26/2015 04:06:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/25/2015 04:03:59 PM) (Source: MsiInstaller) (EventID: 11721) (User: LivingRoom)
Description: Produkt: Java 8 Update 51 -- Fehler 1721. Problem mit diesem Windows Installer-Paket. Ein für den Abschluss der Installation erforderliches Programm konnte nicht ausgeführt werden. Wenden Sie sich an den Support oder den Hersteller des Pakets. Aktion: installexe, Pfad: C:\Program Files (x86)\Java\jre1.8.0_51\installer.exe, Befehl: /s INSTALLDIR="C:\Program Files (x86)\Java\jre1.8.0_51\\" REPAIRMODE=1

Error: (07/25/2015 11:53:44 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


Systemfehler:
=============
Error: (07/27/2015 01:21:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/27/2015 01:21:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "AVG WatchDog" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/27/2015 01:21:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/27/2015 01:21:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/27/2015 01:21:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/27/2015 01:21:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/27/2015 01:21:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "VMware USB Arbitration Service" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/27/2015 01:21:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/27/2015 01:21:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.

Error: (07/27/2015 01:21:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "VMware NAT Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office:
=========================
Error: (07/27/2015 01:24:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/27/2015 12:33:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/27/2015 04:32:17 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/27/2015 04:30:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: AI Suite II.exe1.0.2.5100000000KERNELBASE.dll6.1.7601.18869556363bc0eedfade0000c42d1d2001d0c7d1cac008ccC:\Users\Admin\ASUS\AI Suite\AI Suite II\AI Suite II.exeC:\Windows\syswow64\KERNELBASE.dll67d716ce-3407-11e5-8def-001bdc0f997f

Error: (07/26/2015 08:34:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/26/2015 07:00:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Timed out waiting for acknowledgement of machine sleep

Error: (07/26/2015 05:23:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: WlanNetService.exe1.1.0.264cbea834unknown0.0.0.000000000c0000005016cbdc096801d0c7478cf7039dC:\Program Files (x86)\avmwlanstick\WlanNetService.exeunknownad1257db-3345-11e5-b68e-001bdc0f997f

Error: (07/26/2015 04:06:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/25/2015 04:03:59 PM) (Source: MsiInstaller) (EventID: 11721) (User: LivingRoom)
Description: Produkt: Java 8 Update 51 -- Fehler 1721. Problem mit diesem Windows Installer-Paket. Ein für den Abschluss der Installation erforderliches Programm konnte nicht ausgeführt werden. Wenden Sie sich an den Support oder den Hersteller des Pakets. Aktion: installexe, Pfad: C:\Program Files (x86)\Java\jre1.8.0_51\installer.exe, Befehl: /s INSTALLDIR="C:\Program Files (x86)\Java\jre1.8.0_51\\" REPAIRMODE=1 (NULL)(NULL)(NULL)(NULL)(NULL)

Error: (07/25/2015 11:53:44 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Fehler:
===================================
  Date: 2014-06-18 12:27:45.986
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-17 11:10:05.788
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-14 12:38:19.578
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-23 16:27:02.842
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-13 14:28:44.599
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-09 15:12:03.689
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-09 14:58:44.987
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-09 08:12:57.673
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-09 06:41:58.532
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-09 06:32:34.874
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Processor: AMD FX(tm)-6100 Six-Core Processor 
Percentage of memory in use: 78%
Total physical RAM: 8138.38 MB
Available physical RAM: 1775.73 MB
Total Virtual: 16274.96 MB
Available Virtual: 8587.26 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.24 GB) (Free:21.32 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive g: (Volume) (Fixed) (Total:1863.01 GB) (Free:356.95 GB) NTFS
Drive i: (Software und Spiele) (Fixed) (Total:232.88 GB) (Free:29.43 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 08D508D5)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=42)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 7BE21FF1)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: FDA660FB)
Partition 1: (Active) - (Size=119.2 GB) - (Type=07 NTFS)

==================== Ende von log ============================

RVD85 · 27.07.2015, 15:58

und die tdsskiller log datei teil 1

Code:

ATTFilter

16:47:23.0733 0x09dc  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
16:47:26.0842 0x09dc  ============================================================
16:47:26.0842 0x09dc  Current date / time: 2015/07/27 16:47:26.0842
16:47:26.0842 0x09dc  SystemInfo:
16:47:26.0842 0x09dc  
16:47:26.0842 0x09dc  OS Version: 6.1.7601 ServicePack: 1.0
16:47:26.0842 0x09dc  Product type: Workstation
16:47:26.0842 0x09dc  ComputerName: LIVINGROOM
16:47:26.0842 0x09dc  UserName: Admin
16:47:26.0842 0x09dc  Windows directory: C:\Windows
16:47:26.0842 0x09dc  System windows directory: C:\Windows
16:47:26.0842 0x09dc  Running under WOW64
16:47:26.0842 0x09dc  Processor architecture: Intel x64
16:47:26.0842 0x09dc  Number of processors: 6
16:47:26.0842 0x09dc  Page size: 0x1000
16:47:26.0842 0x09dc  Boot type: Normal boot
16:47:26.0842 0x09dc  ============================================================
16:47:27.0060 0x09dc  KLMD registered as C:\Windows\system32\drivers\12125031.sys
16:47:27.0310 0x09dc  System UUID: {6A9086E1-93C8-F892-9ECA-1E74982362F6}
16:47:27.0904 0x09dc  Drive \Device\Harddisk2\DR2 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:47:27.0914 0x09dc  Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:47:27.0934 0x09dc  Drive \Device\Harddisk0\DR0 - Size: 0x3A38A25E00 ( 232.88 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:47:27.0954 0x09dc  ============================================================
16:47:27.0954 0x09dc  \Device\Harddisk2\DR2:
16:47:27.0954 0x09dc  MBR partitions:
16:47:27.0954 0x09dc  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xEE7B000
16:47:27.0954 0x09dc  \Device\Harddisk1\DR1:
16:47:27.0954 0x09dc  MBR partitions:
16:47:27.0954 0x09dc  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
16:47:27.0954 0x09dc  \Device\Harddisk0\DR0:
16:47:27.0954 0x09dc  MBR partitions:
16:47:27.0954 0x09dc  ============================================================
16:47:27.0954 0x09dc  C: <-> \Device\Harddisk2\DR2\Partition1
16:47:27.0977 0x09dc  G: <-> \Device\Harddisk1\DR1\Partition1
16:47:27.0977 0x09dc  ============================================================
16:47:27.0977 0x09dc  Initialize success
16:47:27.0977 0x09dc  ============================================================
16:48:37.0985 0x2544  ============================================================
16:48:37.0985 0x2544  Scan started
16:48:37.0985 0x2544  Mode: Manual; SigCheck; TDLFS; 
16:48:37.0985 0x2544  ============================================================
16:48:37.0985 0x2544  KSN ping started
16:48:53.0417 0x2544  KSN ping finished: true
16:48:53.0953 0x2544  ================ Scan system memory ========================
16:48:53.0954 0x2544  System memory - ok
16:48:53.0954 0x2544  ================ Scan services =============================
16:48:53.0997 0x2544  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:48:54.0058 0x2544  1394ohci - ok
16:48:54.0072 0x2544  [ A3769020F7E8A70FD3E824C050F33306, BAAB18DD28C753EC90E9552BD5FFC316AD8815505A7998BCE51D21448B373D86 ] acedrv11        C:\Windows\system32\drivers\acedrv11.sys
16:48:54.0087 0x2544  acedrv11 - ok
16:48:54.0097 0x2544  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:48:54.0117 0x2544  ACPI - ok
16:48:54.0117 0x2544  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:48:54.0137 0x2544  AcpiPmi - ok
16:48:54.0137 0x2544  [ D0B11E40EA74A98A5E133DF1F5276240, BAD5885CD8CC271D59DFA95159EFC3AC36D2BA11B6DA593AAED0C45F1C2F280F ] acsock          C:\Windows\system32\DRIVERS\acsock64.sys
16:48:54.0162 0x2544  acsock - ok
16:48:54.0179 0x2544  [ 9B3355B29942AF67F014EA90CE1EA960, FBB155F72984045BCD99CC2059B9EDAABD3A52104C3864A290D8A355991F94D3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:48:54.0199 0x2544  AdobeFlashPlayerUpdateSvc - ok
16:48:54.0209 0x2544  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
16:48:54.0229 0x2544  adp94xx - ok
16:48:54.0250 0x2544  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
16:48:54.0260 0x2544  adpahci - ok
16:48:54.0278 0x2544  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
16:48:54.0288 0x2544  adpu320 - ok
16:48:54.0298 0x2544  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:48:54.0308 0x2544  AeLookupSvc - ok
16:48:54.0318 0x2544  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
16:48:54.0348 0x2544  AFD - ok
16:48:54.0348 0x2544  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
16:48:54.0358 0x2544  agp440 - ok
16:48:54.0368 0x2544  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
16:48:54.0388 0x2544  ALG - ok
16:48:54.0388 0x2544  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:48:54.0403 0x2544  aliide - ok
16:48:54.0413 0x2544  [ E8E046DB17671161DE74D1BB4E42D4B5, 49E0989DBA83AD0E6343FF85183C272C3DDDFF46A82D4F03C96E1EF84732020B ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:48:54.0430 0x2544  AMD External Events Utility - ok
16:48:54.0430 0x2544  AMD FUEL Service - ok
16:48:54.0440 0x2544  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
16:48:54.0450 0x2544  amdide - ok
16:48:54.0450 0x2544  [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys
16:48:54.0460 0x2544  amdiox64 - ok
16:48:54.0470 0x2544  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
16:48:54.0480 0x2544  AmdK8 - ok
16:48:54.0490 0x2544  amdkmdag - ok
16:48:54.0510 0x2544  [ D3714915E9DFE9ED65AC8AFA7BC2AC19, 1DCDACE2F6A1237BFA8CEE5ECDE33BD32F8CD94DC8E566174E2A16E092740D37 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
16:48:54.0535 0x2544  amdkmdap - ok
16:48:54.0545 0x2544  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
16:48:54.0555 0x2544  AmdPPM - ok
16:48:54.0565 0x2544  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:48:54.0575 0x2544  amdsata - ok
16:48:54.0585 0x2544  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
16:48:54.0595 0x2544  amdsbs - ok
16:48:54.0605 0x2544  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:48:54.0622 0x2544  amdxata - ok
16:48:54.0630 0x2544  [ 87C85800AD1C38933FDB8B6DF1E250FA, 37F69A1CB0E4D5125973DAA391934ABAA9F4CA3F91739A44472E12EABCD93E9E ] AnyDVD          C:\Windows\system32\Drivers\AnyDVD.sys
16:48:54.0644 0x2544  AnyDVD - ok
16:48:54.0646 0x2544  AODDriver4.3 - ok
16:48:54.0654 0x2544  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
16:48:54.0667 0x2544  AppID - ok
16:48:54.0671 0x2544  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:48:54.0683 0x2544  AppIDSvc - ok
16:48:54.0689 0x2544  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\Windows\System32\appinfo.dll
16:48:54.0702 0x2544  Appinfo - ok
16:48:54.0713 0x2544  [ 7EF47644B74EBE721CC32211D3C35E76, 1381908E70567AAE5A8C96C4B7BF8E68748F64DE3243FD0FA8CC0E72DEEDA9A7 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:48:54.0724 0x2544  Apple Mobile Device - ok
16:48:54.0734 0x2544  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
16:48:54.0750 0x2544  AppMgmt - ok
16:48:54.0757 0x2544  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
16:48:54.0769 0x2544  arc - ok
16:48:54.0774 0x2544  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
16:48:54.0787 0x2544  arcsas - ok
16:48:54.0813 0x2544  [ 6E3F4538B33BC19259E99BE1826286A3, 90B85FB8CD90451F4B09082EDEC835652A46030CC33C587F502C27342FEE7454 ] asComSvc        C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
16:48:54.0856 0x2544  asComSvc - ok
16:48:54.0884 0x2544  [ A63173897EA1A73A75D0E65036DE5B15, 07A83172B525DFC895056612F542420F4DF3C6192624C5B3141C726501163912 ] asHmComSvc      C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
16:48:54.0940 0x2544  asHmComSvc - ok
16:48:54.0947 0x2544  [ FEF9DD9EA587F8886ADE43C1BEFBDAFE, DDE6F28B3F7F2ABBEE59D4864435108791631E9CB4CDFB1F178E5AA9859956D8 ] AsIO            C:\Windows\syswow64\drivers\AsIO.sys
16:48:54.0955 0x2544  AsIO - ok
16:48:54.0962 0x2544  [ 6D9C024AA8F24065A6DBEAB1F431D854, 1A3CA36F7321130924171967228F304E8B5FCAD624B6078877A44616BE186E9A ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
16:48:54.0978 0x2544  asmthub3 - ok
16:48:54.0992 0x2544  [ ECAD22F15D8F17CC04F24E9A6FB00F2F, DAE3042C7C0DC96D3EEF6AC763B57C729CE3557D740A3D2952B6EB7964F4AA45 ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
16:48:55.0017 0x2544  asmtxhci - ok
16:48:55.0033 0x2544  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:48:55.0049 0x2544  aspnet_state - ok
16:48:55.0066 0x2544  [ 5C31DFB196CB3A488A041881634D86D2, 419ABEED7FB7CEBBA264802D2F727D18F999CEDA566A0830C38A69AC1680F3EA ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
16:48:55.0090 0x2544  AsSysCtrlService - ok
16:48:55.0096 0x2544  [ A5E4CDB420540095D1293C874B5F89AA, EBC082FF94872537649F00D91AF22E0AFB4D538ACDB4731C9A95D209C7B144FD ] ASUSFILTER      C:\Windows\syswow64\drivers\ASUSFILTER.sys
16:48:55.0107 0x2544  ASUSFILTER - ok
16:48:55.0112 0x2544  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:48:55.0147 0x2544  AsyncMac - ok
16:48:55.0153 0x2544  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
16:48:55.0165 0x2544  atapi - ok
16:48:55.0172 0x2544  [ 4EB5F2611381CB79DDDD627F3F1503CB, 53584998C32B1D2AD6B898CBDBEAC72100B8FAC25B5BCFDA88E0C3588244F335 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
16:48:55.0186 0x2544  AtiHDAudioService - ok
16:48:55.0206 0x2544  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:48:55.0234 0x2544  AudioEndpointBuilder - ok
16:48:55.0254 0x2544  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:48:55.0282 0x2544  AudioSrv - ok
16:48:55.0292 0x2544  [ E7C8FBDCB1C079C332F962DD1C075E5E, 4931B016C14B8ABE3CA5C8C0A3AC27253F2C72486CF43C299183EB65F93C06D4 ] Avgdiska        C:\Windows\system32\DRIVERS\avgdiska.sys
16:48:55.0307 0x2544  Avgdiska - ok
16:48:55.0313 0x2544  [ 64A90A57573D0E7421900383223AF7A5, E85069B920D48647ECE05C3311EF1FE730541B3E6293D234E8E977EE5CF92F2A ] Avgfwfd         C:\Windows\system32\DRIVERS\avgfwd6a.sys
16:48:55.0325 0x2544  Avgfwfd - ok
16:48:55.0366 0x2544  [ BAA40C8AC63AB0497842BDAA9B43C0B6, 2784C392DA429D45B56A4597BE4E163D54184E0A3E969A8A915814CA6D8354C9 ] avgfws          C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
16:48:55.0422 0x2544  avgfws - ok
16:48:55.0510 0x2544  [ E7FAE655001C18A7ECBD58B3BA971BF9, 25947054B1C8DA2128CDB3BA6231F692AC4655FFDE64A93DDCA59C2D2B4AAC1E ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
16:48:55.0611 0x2544  AVGIDSAgent - ok
16:48:55.0628 0x2544  [ E3DC1089EDAD57F5279804167E6142E9, 454E6E735B531D1A90FA3E64558B7C125A6E9460C8C30736DD8E43B0ADDB28F1 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
16:48:55.0647 0x2544  AVGIDSDriver - ok
16:48:55.0658 0x2544  [ 54384FC2230B4469E7EDF938B7CF5FF7, 93EF11C8D1EC307A71B43578EE3EFFF3FBAFB26AE0A94E4CFD54342CAA4C108C ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
16:48:55.0675 0x2544  AVGIDSHA - ok
16:48:55.0685 0x2544  [ 0CFB17D66DC1D76214F50E33C41CC8B6, 344E0D99C8D741C63F62859A29284D328E76E07A409692F1B6FB1F9DB3946420 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
16:48:55.0703 0x2544  Avgldx64 - ok
16:48:55.0716 0x2544  [ 7EC2B7BBA7A30691D2E0D8478F219B90, EBB18E34D502E85F6450E944B3A1AD7B86692F2F0C9041B927F69CE40E7802A6 ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
16:48:55.0735 0x2544  Avgloga - ok
16:48:55.0745 0x2544  [ BC3016B9921753DD3A3CF1082FBCF146, E50C49C208297A6DBB8A7A7D8A3DF47128C7205A411F9E47335887DEE07B053A ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
16:48:55.0763 0x2544  Avgmfx64 - ok
16:48:55.0768 0x2544  [ 719EF00B1C5BED9CF5675274A4F774B9, 3883B41AC13AC7B2E2D58AA3209B3D479C53469A3F423CAC151A3F25DA462E3D ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
16:48:55.0779 0x2544  Avgrkx64 - ok
16:48:55.0790 0x2544  [ EB9606C7C31E2C90BD9A81B0BEE01C28, D07A064C069124DEAF2782438E606BB497EF7E866FF9069C1C474B2A7CC0A61A ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
16:48:55.0808 0x2544  Avgtdia - ok
16:48:55.0820 0x2544  [ FE9742B20DD5FCF12D245D08BF5AAF98, 620024EDABC8C06C94D9F4A7EDD1E4D91929E9ADA685C5BF995E282D22B7CA35 ] avgwd           C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
16:48:55.0840 0x2544  avgwd - ok
16:48:55.0855 0x2544  [ C6F4C466B654C1BE98AF31418BB5AC30, 62AA4456F8E22A6E508EB44DE4309615057117AAF923C13BBED15AA39630E76B ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
16:48:55.0869 0x2544  AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic ( 1 )
16:48:58.0206 0x2544  Detect skipped due to KSN trusted
16:48:58.0206 0x2544  AVM WLAN Connection Service - ok
16:48:58.0216 0x2544  [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject        C:\Windows\system32\drivers\avmeject.sys
16:48:58.0226 0x2544  avmeject - ok
16:48:58.0226 0x2544  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:48:58.0246 0x2544  AxInstSV - ok
16:48:58.0256 0x2544  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
16:48:58.0276 0x2544  b06bdrv - ok
16:48:58.0286 0x2544  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:48:58.0306 0x2544  b57nd60a - ok
16:48:58.0316 0x2544  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:48:58.0326 0x2544  BDESVC - ok
16:48:58.0336 0x2544  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:48:58.0368 0x2544  Beep - ok
16:48:58.0388 0x2544  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
16:48:58.0418 0x2544  BFE - ok
16:48:58.0445 0x2544  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
16:48:58.0498 0x2544  BITS - ok
16:48:58.0498 0x2544  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:48:58.0508 0x2544  blbdrive - ok
16:48:58.0528 0x2544  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:48:58.0548 0x2544  Bonjour Service - ok
16:48:58.0548 0x2544  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:48:58.0558 0x2544  bowser - ok
16:48:58.0568 0x2544  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
16:48:58.0578 0x2544  BrFiltLo - ok
16:48:58.0578 0x2544  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
16:48:58.0598 0x2544  BrFiltUp - ok
16:48:58.0598 0x2544  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] Bridge          C:\Windows\system32\DRIVERS\bridge.sys
16:48:58.0638 0x2544  Bridge - ok
16:48:58.0640 0x2544  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
16:48:58.0677 0x2544  BridgeMP - ok
16:48:58.0684 0x2544  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
16:48:58.0699 0x2544  Browser - ok
16:48:58.0710 0x2544  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:48:58.0728 0x2544  Brserid - ok
16:48:58.0733 0x2544  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:48:58.0748 0x2544  BrSerWdm - ok
16:48:58.0752 0x2544  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:48:58.0767 0x2544  BrUsbMdm - ok
16:48:58.0771 0x2544  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:48:58.0782 0x2544  BrUsbSer - ok
16:48:58.0787 0x2544  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
16:48:58.0800 0x2544  BthEnum - ok
16:48:58.0806 0x2544  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
16:48:58.0824 0x2544  BTHMODEM - ok
16:48:58.0832 0x2544  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
16:48:58.0856 0x2544  BthPan - ok
16:48:58.0873 0x2544  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
16:48:58.0898 0x2544  BTHPORT - ok
16:48:58.0905 0x2544  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
16:48:58.0940 0x2544  bthserv - ok
16:48:58.0945 0x2544  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
16:48:58.0955 0x2544  BTHUSB - ok
16:48:58.0995 0x2544  [ FECA9F830A5C6BAB9978E6781A26AE2B, CA1681A2F4FA849815B8E823805E078DB9C050CEE86E9E394B2A37B57CC474A6 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
16:48:59.0041 0x2544  c2cautoupdatesvc - ok
16:48:59.0087 0x2544  [ 5B33709F7FE59BB625F113EED86AFC5C, 8D29FE242D55526FDEB2CB4009B5DE19C93972E872BE6328AD3305E360A3D44B ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
16:48:59.0141 0x2544  c2cpnrsvc - ok
16:48:59.0151 0x2544  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:48:59.0208 0x2544  cdfs - ok
16:48:59.0215 0x2544  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:48:59.0230 0x2544  cdrom - ok
16:48:59.0236 0x2544  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
16:48:59.0271 0x2544  CertPropSvc - ok
16:48:59.0273 0x2544  Cherry Device Interface - ok
16:48:59.0279 0x2544  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
16:48:59.0293 0x2544  circlass - ok
16:48:59.0304 0x2544  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
16:48:59.0323 0x2544  CLFS - ok
16:48:59.0331 0x2544  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:48:59.0343 0x2544  clr_optimization_v2.0.50727_32 - ok
16:48:59.0351 0x2544  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:48:59.0362 0x2544  clr_optimization_v2.0.50727_64 - ok
16:48:59.0374 0x2544  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:48:59.0392 0x2544  clr_optimization_v4.0.30319_32 - ok
16:48:59.0403 0x2544  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:48:59.0419 0x2544  clr_optimization_v4.0.30319_64 - ok
16:48:59.0424 0x2544  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
16:48:59.0437 0x2544  CmBatt - ok
16:48:59.0442 0x2544  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:48:59.0452 0x2544  cmdide - ok
16:48:59.0467 0x2544  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
16:48:59.0495 0x2544  CNG - ok
16:48:59.0500 0x2544  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
16:48:59.0510 0x2544  Compbatt - ok
16:48:59.0515 0x2544  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
16:48:59.0530 0x2544  CompositeBus - ok
16:48:59.0533 0x2544  COMSysApp - ok
16:48:59.0538 0x2544  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
16:48:59.0548 0x2544  crcdisk - ok
16:48:59.0558 0x2544  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:48:59.0574 0x2544  CryptSvc - ok
16:48:59.0590 0x2544  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
16:48:59.0613 0x2544  CSC - ok
16:48:59.0633 0x2544  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
16:48:59.0653 0x2544  CscService - ok
16:48:59.0723 0x2544  [ BD989CFC6E296373A7EA59514E17A199, 2259B966B8780B08EF6B8E27039C8125D5A751E3C01AB92F20E77F5467B40DEC ] DBService       C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
16:48:59.0783 0x2544  DBService - detected UnsignedFile.Multi.Generic ( 1 )
16:49:02.0165 0x2544  Detect skipped due to KSN trusted
16:49:02.0168 0x2544  DBService - ok
16:49:02.0188 0x2544  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:49:02.0235 0x2544  DcomLaunch - ok
16:49:02.0248 0x2544  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
16:49:02.0283 0x2544  defragsvc - ok
16:49:02.0283 0x2544  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:49:02.0313 0x2544  DfsC - ok
16:49:02.0323 0x2544  dgderdrv - ok
16:49:02.0323 0x2544  [ 1E0F456A03E204F92D24437CD907A512, 8BB28AF33BDEFFECC4EC5C6BFBFBDA525A32FA6A26382353E01FF94BAD2A200C ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
16:49:02.0343 0x2544  dg_ssudbus - ok
16:49:02.0353 0x2544  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:49:02.0373 0x2544  Dhcp - ok
16:49:02.0404 0x2544  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack       C:\Windows\system32\diagtrack.dll
16:49:02.0437 0x2544  DiagTrack - ok
16:49:02.0447 0x2544  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
16:49:02.0477 0x2544  discache - ok
16:49:02.0487 0x2544  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
16:49:02.0497 0x2544  Disk - ok
16:49:02.0502 0x2544  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
16:49:02.0507 0x2544  dmvsc - ok
16:49:02.0525 0x2544  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:49:02.0535 0x2544  Dnscache - ok
16:49:02.0545 0x2544  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:49:02.0575 0x2544  dot3svc - ok
16:49:02.0585 0x2544  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
16:49:02.0615 0x2544  DPS - ok
16:49:02.0625 0x2544  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:49:02.0635 0x2544  drmkaud - ok
16:49:02.0635 0x2544  dtpd - ok
16:49:02.0645 0x2544  [ 44BB65B1D3827043978FC8E11CA7C0B4, 9198D43F853DE25CB704CC208F41E649727356E122C7451C411DD49542A5A582 ] DTSAudioService C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
16:49:02.0655 0x2544  DTSAudioService - ok
16:49:02.0665 0x2544  [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
16:49:02.0685 0x2544  dtsoftbus01 - ok
16:49:02.0707 0x2544  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:49:02.0745 0x2544  DXGKrnl - ok
16:49:02.0752 0x2544  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
16:49:02.0777 0x2544  EapHost - ok
16:49:02.0858 0x2544  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
16:49:02.0950 0x2544  ebdrv - ok
16:49:02.0960 0x2544  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] EFS             C:\Windows\System32\lsass.exe
16:49:02.0970 0x2544  EFS - ok
16:49:02.0993 0x2544  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:49:03.0023 0x2544  ehRecvr - ok
16:49:03.0023 0x2544  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
16:49:03.0043 0x2544  ehSched - ok
16:49:03.0043 0x2544  [ 9387A484D31209D7FC3F795A787294DB, 3CAFA3403B8A3547811B7233FB399FA8BB9FF54C82AC317955EDACE2E13519E5 ] ElbyCDFL        C:\Windows\system32\Drivers\ElbyCDFL.sys
16:49:03.0053 0x2544  ElbyCDFL - ok
16:49:03.0063 0x2544  [ A05FC7ECA0966EBB70E4D17B855A853B, 16A0C8138A3BBD8BE2658261131F9777940CFB1431018A10710E5C1A88AB70EA ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
16:49:03.0073 0x2544  ElbyCDIO - ok
16:49:03.0083 0x2544  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
16:49:03.0103 0x2544  elxstor - ok
16:49:03.0113 0x2544  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:49:03.0123 0x2544  ErrDev - ok
16:49:03.0133 0x2544  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
16:49:03.0178 0x2544  EventSystem - ok
16:49:03.0188 0x2544  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
16:49:03.0218 0x2544  exfat - ok
16:49:03.0228 0x2544  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:49:03.0260 0x2544  fastfat - ok
16:49:03.0283 0x2544  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
16:49:03.0303 0x2544  Fax - ok
16:49:03.0313 0x2544  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
16:49:03.0323 0x2544  fdc - ok
16:49:03.0323 0x2544  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
16:49:03.0363 0x2544  fdPHost - ok
16:49:03.0363 0x2544  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:49:03.0389 0x2544  FDResPub - ok
16:49:03.0399 0x2544  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:49:03.0409 0x2544  FileInfo - ok
16:49:03.0409 0x2544  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:49:03.0449 0x2544  Filetrace - ok
16:49:03.0461 0x2544  [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:49:03.0481 0x2544  FLEXnet Licensing Service - ok
16:49:03.0491 0x2544  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
16:49:03.0504 0x2544  flpydisk - ok
16:49:03.0514 0x2544  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:49:03.0524 0x2544  FltMgr - ok
16:49:03.0559 0x2544  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\Windows\system32\FntCache.dll
16:49:03.0589 0x2544  FontCache - ok
16:49:03.0599 0x2544  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:49:03.0629 0x2544  FontCache3.0.0.0 - ok
16:49:03.0629 0x2544  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:49:03.0639 0x2544  FsDepends - ok
16:49:03.0659 0x2544  [ DDEE99DC54EFA20BD5A442CD733C4462, 941D6C5D91F6419198F1A53BF7D33AA2D9118CEAC028B6ED8E5308751810B9B5 ] FsUsbExDisk     C:\Windows\SysWOW64\FsUsbExDisk.SYS
16:49:03.0669 0x2544  FsUsbExDisk - detected UnsignedFile.Multi.Generic ( 1 )
16:49:06.0021 0x2544  Detect skipped due to KSN trusted
16:49:06.0021 0x2544  FsUsbExDisk - ok
16:49:06.0037 0x2544  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:49:06.0053 0x2544  Fs_Rec - ok
16:49:06.0057 0x2544  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:49:06.0077 0x2544  fvevol - ok
16:49:06.0097 0x2544  [ 15585492E45E2F30768B2D5B57929D99, C5E6A943C78AAFE10FD9C913324083DD4B3D2F1D998A38C8B69FDEAF22246527 ] fwlanusbn       C:\Windows\system32\DRIVERS\fwlanusbn.sys
16:49:06.0117 0x2544  fwlanusbn - ok
16:49:06.0127 0x2544  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
16:49:06.0137 0x2544  gagp30kx - ok
16:49:06.0137 0x2544  [ E403AACF8C7BB11375122D2464560311, 0427B8FFD999D256EA1A5135F218692959A7577CB32354D3087CF0FB4F0577DF ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:49:06.0147 0x2544  GEARAspiWDM - ok
16:49:06.0167 0x2544  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
16:49:06.0219 0x2544  gpsvc - ok
16:49:06.0219 0x2544  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:49:06.0229 0x2544  gupdate - ok
16:49:06.0239 0x2544  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:49:06.0249 0x2544  gupdatem - ok
16:49:06.0249 0x2544  [ BDDBCFF870442B3C24C158CD53079132, 62314C296ACF1EF9EB38FB70B66B57D1BB9917C8536B39892272D172BC58A5C3 ] hcmon           C:\Windows\system32\drivers\hcmon.sys
16:49:06.0259 0x2544  hcmon - ok
16:49:06.0269 0x2544  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:49:06.0279 0x2544  hcw85cir - ok
16:49:06.0294 0x2544  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:49:06.0317 0x2544  HdAudAddService - ok
16:49:06.0324 0x2544  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
16:49:06.0334 0x2544  HDAudBus - ok
16:49:06.0344 0x2544  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
16:49:06.0351 0x2544  HidBatt - ok
16:49:06.0361 0x2544  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
16:49:06.0371 0x2544  HidBth - ok
16:49:06.0381 0x2544  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
16:49:06.0391 0x2544  HidIr - ok
16:49:06.0391 0x2544  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
16:49:06.0421 0x2544  hidserv - ok
16:49:06.0431 0x2544  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:49:06.0441 0x2544  HidUsb - ok
16:49:06.0441 0x2544  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:49:06.0482 0x2544  hkmsvc - ok
16:49:06.0482 0x2544  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:49:06.0502 0x2544  HomeGroupListener - ok
16:49:06.0512 0x2544  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:49:06.0522 0x2544  HomeGroupProvider - ok
16:49:06.0532 0x2544  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:49:06.0547 0x2544  HpSAMD - ok
16:49:06.0562 0x2544  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:49:06.0592 0x2544  HTTP - ok
16:49:06.0592 0x2544  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:49:06.0602 0x2544  hwpolicy - ok
16:49:06.0614 0x2544  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
16:49:06.0618 0x2544  i8042prt - ok
16:49:06.0638 0x2544  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:49:06.0648 0x2544  iaStorV - ok
16:49:06.0678 0x2544  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:49:06.0698 0x2544  idsvc - ok
16:49:06.0708 0x2544  IEEtwCollectorService - ok
16:49:06.0708 0x2544  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
16:49:06.0726 0x2544  iirsp - ok
16:49:06.0733 0x2544  [ AD5DF6F4FBBC798636EDC66BFEC7D0DE, 837C9BCB6C23FE0901F0F66A57FAB5985984F0EAD9E34F84A9F78349EDE0394F ] IJPLMSVC        C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
16:49:06.0743 0x2544  IJPLMSVC - ok
16:49:06.0743 0x2544  iked - ok
16:49:06.0763 0x2544  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
16:49:06.0809 0x2544  IKEEXT - ok
16:49:06.0925 0x2544  [ 150AC23F21DBDBF8488408BA944B0D65, 77A3A0FB5208AA061224CFACC4D136A260132CC4BA01D105AE1532B749968708 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:49:07.0040 0x2544  IntcAzAudAddService - ok
16:49:07.0056 0x2544  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
16:49:07.0068 0x2544  intelide - ok
16:49:07.0076 0x2544  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
16:49:07.0081 0x2544  intelppm - ok
16:49:07.0091 0x2544  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:49:07.0121 0x2544  IPBusEnum - ok
16:49:07.0131 0x2544  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:49:07.0161 0x2544  IpFilterDriver - ok
16:49:07.0171 0x2544  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:49:07.0191 0x2544  iphlpsvc - ok
16:49:07.0201 0x2544  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:49:07.0211 0x2544  IPMIDRV - ok
16:49:07.0221 0x2544  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:49:07.0251 0x2544  IPNAT - ok
16:49:07.0278 0x2544  [ 50D6CCC6FF5561F9F56946B3E6164FB8, 27529E751D3CB13B651B54474F04A17DF5737AD0170CD41F601E779F90603D11 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
16:49:07.0311 0x2544  iPod Service - ok
16:49:07.0313 0x2544  ipsecd - ok
16:49:07.0321 0x2544  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:49:07.0336 0x2544  IRENUM - ok
16:49:07.0338 0x2544  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:49:07.0348 0x2544  isapnp - ok
16:49:07.0358 0x2544  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:49:07.0368 0x2544  iScsiPrt - ok
16:49:07.0378 0x2544  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:49:07.0388 0x2544  kbdclass - ok
16:49:07.0388 0x2544  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
16:49:07.0398 0x2544  kbdhid - ok
16:49:07.0408 0x2544  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] KeyIso          C:\Windows\system32\lsass.exe
16:49:07.0414 0x2544  KeyIso - ok
16:49:07.0424 0x2544  [ C0A6C3D6E02B61B5D100FE17306C276F, F57C7BCC39B30F1DF739D07B76BA18EB68D12D8D1BD13B6AC8DC712C29119495 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:49:07.0434 0x2544  KSecDD - ok
16:49:07.0434 0x2544  [ 7A7328E427694CC7244235C3BC299F80, 7FC2E1F3F93B3334C3A8961CA58B4F38524650F6D8DA9FFA1FB43E1A2B86B710 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:49:07.0454 0x2544  KSecPkg - ok
16:49:07.0454 0x2544  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:49:07.0492 0x2544  ksthunk - ok
16:49:07.0496 0x2544  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:49:07.0536 0x2544  KtmRm - ok
16:49:07.0546 0x2544  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:49:07.0586 0x2544  LanmanServer - ok
16:49:07.0594 0x2544  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:49:07.0624 0x2544  LanmanWorkstation - ok
16:49:07.0644 0x2544  [ C1F026BF2D053011535EE43D323E622C, FD6CD8258FAE6E83926E6655BF43CC3A04A7ADEDD5EE4E831AAE540E47D434BE ] LavasoftAdAwareService11 C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareService.exe
16:49:07.0664 0x2544  LavasoftAdAwareService11 - ok
16:49:07.0678 0x2544  [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
16:49:07.0678 0x2544  LGBusEnum - ok
16:49:07.0688 0x2544  [ F7205E939F50B1C8D16F895916BE6756, 914326BAF54691AE880F6A3817B277F027F32AD7EF507A83F9A60DCA02901EDA ] LGSHidFilt      C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
16:49:07.0698 0x2544  LGSHidFilt - ok
16:49:07.0698 0x2544  [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
16:49:07.0708 0x2544  LGVirHid - ok
16:49:07.0718 0x2544  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:49:07.0748 0x2544  lltdio - ok
16:49:07.0753 0x2544  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:49:07.0793 0x2544  lltdsvc - ok
16:49:07.0793 0x2544  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:49:07.0841 0x2544  lmhosts - ok
16:49:07.0873 0x2544  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
16:49:07.0888 0x2544  LSI_FC - ok
16:49:07.0893 0x2544  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
16:49:07.0898 0x2544  LSI_SAS - ok
16:49:07.0908 0x2544  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
16:49:07.0918 0x2544  LSI_SAS2 - ok
16:49:07.0928 0x2544  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
16:49:07.0938 0x2544  LSI_SCSI - ok
16:49:07.0948 0x2544  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
16:49:07.0979 0x2544  luafv - ok
16:49:07.0979 0x2544  [ 4A503882318BB2F59218D401614E6AF6, 678FDE29EAE20353E780F53CFB9E79EA8B43E1E8BAC77890C178918DC5CCBA0E ] lvpepf64        C:\Windows\system32\DRIVERS\lv302a64.sys
16:49:07.0998 0x2544  lvpepf64 - ok
16:49:07.0998 0x2544  [ DED333DBDBBCC3555A6E6244522E2F1A, 6909875090A9013685BA16EAAC666C173F138F0AF7172A40E746E6EFDE02D133 ] LVPr2M64        C:\Windows\system32\DRIVERS\LVPr2M64.sys
16:49:08.0008 0x2544  LVPr2M64 - ok
16:49:08.0008 0x2544  [ DED333DBDBBCC3555A6E6244522E2F1A, 6909875090A9013685BA16EAAC666C173F138F0AF7172A40E746E6EFDE02D133 ] LVPr2Mon        C:\Windows\system32\DRIVERS\LVPr2M64.sys
16:49:08.0018 0x2544  LVPr2Mon - ok
16:49:08.0028 0x2544  [ A35679E56E78091E1042A2D7ADBF2958, F2282B697DCDD5767F65D99FEA374D3757C6133D42BD5A9C582C217619213290 ] LVPrcS64        C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
16:49:08.0038 0x2544  LVPrcS64 - ok
16:49:08.0048 0x2544  [ 125AE13C293889001B8456CF3EB04A40, EB4B7135691935A9AC515099ED8C2767BC02308068AB9BEB2869B6E841268848 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
16:49:08.0058 0x2544  LVRS64 - ok
16:49:08.0068 0x2544  [ 5C3FF68267A5D242EE79EE01B993D6CE, 853637AC30A16698F2F583693E98B67104ECE5B8F80C6FB88266665162623B92 ] LVUSBS64        C:\Windows\system32\drivers\LVUSBS64.sys
16:49:08.0078 0x2544  LVUSBS64 - ok
16:49:08.0093 0x2544  [ 1704A8189EE5580AB147CFD25C5C8770, DFA076FD36B5CC844D4BE3B865E9A1F809E14CCB1D78D82A2D8D8EE38210E6EB ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
16:49:08.0103 0x2544  McComponentHostService - ok
16:49:08.0113 0x2544  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:49:08.0125 0x2544  Mcx2Svc - ok
16:49:08.0125 0x2544  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
16:49:08.0135 0x2544  megasas - ok
16:49:08.0145 0x2544  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
16:49:08.0165 0x2544  MegaSR - ok
16:49:08.0165 0x2544  Microsoft SharePoint Workspace Audit Service - ok
16:49:08.0175 0x2544  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
16:49:08.0205 0x2544  MMCSS - ok
16:49:08.0205 0x2544  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
16:49:08.0235 0x2544  Modem - ok
16:49:08.0246 0x2544  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:49:08.0259 0x2544  monitor - ok
16:49:08.0262 0x2544  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:49:08.0272 0x2544  mouclass - ok
16:49:08.0272 0x2544  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:49:08.0302 0x2544  mouhid - ok
16:49:08.0302 0x2544  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:49:08.0312 0x2544  mountmgr - ok
16:49:08.0322 0x2544  [ B4E9C7383A705628AD491CF0F87D901F, 5C0CD7133D4F5B1E0466CDB2A2210ECA57206A8BC41F37BC6324120AE5501C70 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:49:08.0332 0x2544  MozillaMaintenance - ok
16:49:08.0344 0x2544  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:49:08.0357 0x2544  mpio - ok
16:49:08.0364 0x2544  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:49:08.0398 0x2544  mpsdrv - ok
16:49:08.0421 0x2544  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:49:08.0474 0x2544  MpsSvc - ok
16:49:08.0483 0x2544  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:49:08.0497 0x2544  MRxDAV - ok
16:49:08.0506 0x2544  [ 1877EB1495CFBDAB27D6A32F6DDF3818, 3818055C66AB12A335A905CFFE5D05347F15AE488861C5C183E62E8E0881DA86 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:49:08.0521 0x2544  mrxsmb - ok
16:49:08.0532 0x2544  [ 21AF322605D8C7F2A627C22634D1C9C9, 6B783F95D093FEFB260EA9568926BBB3CB8ED0783184DB3A18733E211933BADD ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:49:08.0550 0x2544  mrxsmb10 - ok
16:49:08.0557 0x2544  [ 45A03A0B6461EFBEE77E0A6AC2816EDA, CFB0C11387F2EC49FD6B69EF747962114EBA6F8B4B4DEC3627E9E969775C4D7E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:49:08.0571 0x2544  mrxsmb20 - ok
16:49:08.0577 0x2544  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:49:08.0588 0x2544  msahci - ok
16:49:08.0595 0x2544  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:49:08.0608 0x2544  msdsm - ok
16:49:08.0616 0x2544  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
16:49:08.0632 0x2544  MSDTC - ok
16:49:08.0640 0x2544  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:49:08.0673 0x2544  Msfs - ok
16:49:08.0677 0x2544  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:49:08.0710 0x2544  mshidkmdf - ok
16:49:08.0714 0x2544  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:49:08.0725 0x2544  msisadrv - ok
16:49:08.0733 0x2544  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:49:08.0771 0x2544  MSiSCSI - ok
16:49:08.0774 0x2544  msiserver - ok
16:49:08.0778 0x2544  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:49:08.0812 0x2544  MSKSSRV - ok
16:49:08.0817 0x2544  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:49:08.0849 0x2544  MSPCLOCK - ok
16:49:08.0854 0x2544  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:49:08.0887 0x2544  MSPQM - ok
16:49:08.0899 0x2544  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:49:08.0920 0x2544  MsRPC - ok
16:49:08.0927 0x2544  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
16:49:08.0937 0x2544  mssmbios - ok
16:49:08.0942 0x2544  MSSQL$JTLWAWI - ok
16:49:08.0946 0x2544  MSSQL$SQLEXPRESS - ok
16:49:08.0950 0x2544  [ 1D89EB4E2A99CABD4E81225F4F4C4B25, B9C4D956E3F74CB463A1A14287F4B550381FBB3E4B2DF9418E041E02A159E31E ] MSSQLServerADHelper C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
16:49:08.0959 0x2544  MSSQLServerADHelper - ok
16:49:08.0964 0x2544  [ 7A2A8C975356858EB38466A6B1592E8D, 97C3DFCCBE1BA92EE7E4848993D6F369D543A53344A6512C84EF03E7D737A482 ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
16:49:08.0975 0x2544  MSSQLServerADHelper100 - ok
16:49:08.0979 0x2544  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:49:09.0012 0x2544  MSTEE - ok
16:49:09.0016 0x2544  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
16:49:09.0028 0x2544  MTConfig - ok
16:49:09.0033 0x2544  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
16:49:09.0044 0x2544  Mup - ok
16:49:09.0059 0x2544  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
16:49:09.0104 0x2544  napagent - ok
16:49:09.0116 0x2544  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:49:09.0139 0x2544  NativeWifiP - ok
16:49:09.0169 0x2544  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:49:09.0253 0x2544  NDIS - ok
16:49:09.0259 0x2544  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:49:09.0294 0x2544  NdisCap - ok
16:49:09.0302 0x2544  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:49:09.0341 0x2544  NdisTapi - ok
16:49:09.0348 0x2544  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:49:09.0382 0x2544  Ndisuio - ok
16:49:09.0390 0x2544  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:49:09.0426 0x2544  NdisWan - ok
16:49:09.0431 0x2544  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:49:09.0465 0x2544  NDProxy - ok
16:49:09.0469 0x2544  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:49:09.0504 0x2544  NetBIOS - ok
16:49:09.0514 0x2544  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:49:09.0553 0x2544  NetBT - ok
16:49:09.0557 0x2544  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] Netlogon        C:\Windows\system32\lsass.exe
16:49:09.0570 0x2544  Netlogon - ok
16:49:09.0583 0x2544  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
16:49:09.0626 0x2544  Netman - ok
16:49:09.0640 0x2544  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:49:09.0656 0x2544  NetMsmqActivator - ok
16:49:09.0663 0x2544  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:49:09.0679 0x2544  NetPipeActivator - ok
16:49:09.0694 0x2544  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
16:49:09.0740 0x2544  netprofm - ok
16:49:09.0747 0x2544  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:49:09.0762 0x2544  NetTcpActivator - ok
16:49:09.0769 0x2544  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:49:09.0784 0x2544  NetTcpPortSharing - ok
16:49:09.0789 0x2544  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
16:49:09.0800 0x2544  nfrd960 - ok
16:49:09.0812 0x2544  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:49:09.0844 0x2544  NlaSvc - ok
16:49:09.0851 0x2544  NLNdisMP - ok
16:49:09.0857 0x2544  NLNdisPT - ok
16:49:09.0864 0x2544  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:49:09.0901 0x2544  Npfs - ok
16:49:09.0906 0x2544  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
16:49:09.0942 0x2544  nsi - ok
16:49:09.0946 0x2544  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:49:09.0980 0x2544  nsiproxy - ok
16:49:10.0026 0x2544  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:49:10.0076 0x2544  Ntfs - ok
16:49:10.0086 0x2544  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
16:49:10.0126 0x2544  Null - ok
16:49:10.0129 0x2544  nvlddmkm - ok
16:49:10.0137 0x2544  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:49:10.0150 0x2544  nvraid - ok
16:49:10.0158 0x2544  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:49:10.0171 0x2544  nvstor - ok
16:49:10.0171 0x2544  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:49:10.0191 0x2544  nv_agp - ok
16:49:10.0191 0x2544  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:49:10.0201 0x2544  ohci1394 - ok
16:49:10.0211 0x2544  OODefragAgent - ok
16:49:10.0211 0x2544  Origin Client Service - ok
16:49:10.0229 0x2544  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:49:10.0242 0x2544  ose - ok
16:49:10.0363 0x2544  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:49:10.0482 0x2544  osppsvc - ok
16:49:10.0512 0x2544  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:49:10.0535 0x2544  p2pimsvc - ok
16:49:10.0550 0x2544  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
16:49:10.0573 0x2544  p2psvc - ok
16:49:10.0579 0x2544  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
16:49:10.0595 0x2544  Parport - ok
16:49:10.0602 0x2544  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:49:10.0615 0x2544  partmgr - ok
16:49:10.0623 0x2544  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:49:10.0642 0x2544  PcaSvc - ok
16:49:10.0651 0x2544  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
16:49:10.0667 0x2544  pci - ok
16:49:10.0673 0x2544  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
16:49:10.0684 0x2544  pciide - ok
16:49:10.0694 0x2544  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
16:49:10.0709 0x2544  pcmcia - ok
16:49:10.0714 0x2544  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:49:10.0726 0x2544  pcw - ok
16:49:10.0745 0x2544  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:49:10.0775 0x2544  PEAUTH - ok
16:49:10.0813 0x2544  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
16:49:10.0859 0x2544  PeerDistSvc - ok
16:49:10.0879 0x2544  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:49:10.0899 0x2544  PerfHost - ok
16:49:10.0974 0x2544  [ AE0B94363DA0F60D42B9D05B352F61ED, 284EA0123798BDBBAA93F912AD45B3D3F1F662FDDA5C73C0AC0D76AC2F9033C0 ] PID_PEPI        C:\Windows\system32\DRIVERS\LV302V64.SYS
16:49:11.0040 0x2544  PID_PEPI - ok
16:49:11.0081 0x2544  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
16:49:11.0156 0x2544  pla - ok
16:49:11.0172 0x2544  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:49:11.0196 0x2544  PlugPlay - ok
16:49:11.0200 0x2544  PnkBstrA - ok
16:49:11.0205 0x2544  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:49:11.0219 0x2544  PNRPAutoReg - ok
16:49:11.0231 0x2544  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:49:11.0251 0x2544  PNRPsvc - ok
16:49:11.0268 0x2544  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:49:11.0314 0x2544  PolicyAgent - ok
16:49:11.0324 0x2544  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
16:49:11.0369 0x2544  Power - ok
16:49:11.0376 0x2544  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:49:11.0412 0x2544  PptpMiniport - ok
16:49:11.0417 0x2544  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
16:49:11.0430 0x2544  Processor - ok
16:49:11.0440 0x2544  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:49:11.0459 0x2544  ProfSvc - ok
16:49:11.0466 0x2544  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] ProtectedStorage C:\Windows\system32\lsass.exe
16:49:11.0479 0x2544  ProtectedStorage - ok
16:49:11.0487 0x2544  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:49:11.0524 0x2544  Psched - ok
16:49:11.0537 0x2544  [ 6C112DA6C86DB7FB2C50522EFDDA706A, 46BB9970F3C58E47143C133B34423ABE5D19F2A865280852CE672BF57EC2F98A ] PSI_SVC_2_x64   C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
16:49:11.0555 0x2544  PSI_SVC_2_x64 - ok
16:49:11.0597 0x2544  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
16:49:11.0646 0x2544  ql2300 - ok
16:49:11.0656 0x2544  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
16:49:11.0670 0x2544  ql40xx - ok
16:49:11.0679 0x2544  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
16:49:11.0703 0x2544  QWAVE - ok
16:49:11.0708 0x2544  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:49:11.0725 0x2544  QWAVEdrv - ok
16:49:11.0729 0x2544  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:49:11.0764 0x2544  RasAcd - ok
16:49:11.0770 0x2544  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:49:11.0808 0x2544  RasAgileVpn - ok
16:49:11.0816 0x2544  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
16:49:11.0864 0x2544  RasAuto - ok
16:49:11.0873 0x2544  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:49:11.0912 0x2544  Rasl2tp - ok
16:49:11.0926 0x2544  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
16:49:11.0969 0x2544  RasMan - ok
16:49:11.0975 0x2544  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:49:12.0011 0x2544  RasPppoe - ok
16:49:12.0017 0x2544  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:49:12.0052 0x2544  RasSstp - ok
16:49:12.0063 0x2544  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:49:12.0102 0x2544  rdbss - ok
16:49:12.0107 0x2544  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
16:49:12.0122 0x2544  rdpbus - ok
16:49:12.0126 0x2544  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:49:12.0150 0x2544  RDPCDD - ok
16:49:12.0160 0x2544  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
16:49:12.0178 0x2544  RDPDR - ok
16:49:12.0183 0x2544  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:49:12.0213 0x2544  RDPENCDD - ok
16:49:12.0213 0x2544  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:49:12.0249 0x2544  RDPREFMP - ok
16:49:12.0249 0x2544  [ 065F79543D7999EC28B687F87E96B803, 6B235C422DCA79ABF0D051C066B2866643333F7ADB7AF914F6EEAC448AA59AAF ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:49:12.0259 0x2544  RdpVideoMiniport - ok
16:49:12.0269 0x2544  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:49:12.0289 0x2544  RDPWD - ok
16:49:12.0297 0x2544  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:49:12.0307 0x2544  rdyboost - ok
16:49:12.0317 0x2544  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:49:12.0347 0x2544  RemoteAccess - ok
16:49:12.0357 0x2544  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:49:12.0403 0x2544  RemoteRegistry - ok
16:49:12.0411 0x2544  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
16:49:12.0430 0x2544  RFCOMM - ok
16:49:12.0436 0x2544  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:49:12.0473 0x2544  RpcEptMapper - ok
16:49:12.0478 0x2544  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
16:49:12.0493 0x2544  RpcLocator - ok
16:49:12.0511 0x2544  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
16:49:12.0558 0x2544  RpcSs - ok
16:49:12.0570 0x2544  [ CD553B8633466A6D1C115812F2619F1F, B39B38DE8B97209BEABDBF062832A1BDE2303450238B9A4723829958C5C81A6B ] RsFx0103        C:\Windows\system32\DRIVERS\RsFx0103.sys
16:49:12.0586 0x2544  RsFx0103 - ok
16:49:12.0593 0x2544  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:49:12.0631 0x2544  rspndr - ok
16:49:12.0646 0x2544  [ 16D4E350420BAA7E63E16E3FC033E1F5, ED972E45A286161F02A2F3924B5A0EF86466F2FBC28B24AD4287CCDD68E76A80 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
16:49:12.0667 0x2544  RTL8167 - ok
16:49:12.0672 0x2544  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
16:49:12.0685 0x2544  s3cap - ok
16:49:12.0689 0x2544  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] SamSs           C:\Windows\system32\lsass.exe
16:49:12.0704 0x2544  SamSs - ok
16:49:12.0707 0x2544  SANDRA - ok
16:49:12.0711 0x2544  SandraAgentSrv - ok
16:49:12.0719 0x2544  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:49:12.0733 0x2544  sbp2port - ok
16:49:12.0742 0x2544  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:49:12.0783 0x2544  SCardSvr - ok
16:49:12.0788 0x2544  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:49:12.0823 0x2544  scfilter - ok
16:49:12.0862 0x2544  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
16:49:12.0930 0x2544  Schedule - ok
16:49:12.0938 0x2544  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:49:12.0973 0x2544  SCPolicySvc - ok
16:49:12.0981 0x2544  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:49:12.0998 0x2544  SDRSVC - ok
16:49:13.0001 0x2544  Seagate Dashboard Services - ok
16:49:13.0007 0x2544  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:49:13.0042 0x2544  secdrv - ok
16:49:13.0047 0x2544  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
16:49:13.0081 0x2544  seclogon - ok
16:49:13.0086 0x2544  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
16:49:13.0124 0x2544  SENS - ok
16:49:13.0129 0x2544  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:49:13.0142 0x2544  SensrSvc - ok
16:49:13.0147 0x2544  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
16:49:13.0160 0x2544  Serenum - ok
16:49:13.0166 0x2544  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
16:49:13.0181 0x2544  Serial - ok
16:49:13.0185 0x2544  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
16:49:13.0198 0x2544  sermouse - ok
16:49:13.0210 0x2544  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
16:49:13.0248 0x2544  SessionEnv - ok
16:49:13.0253 0x2544  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:49:13.0268 0x2544  sffdisk - ok
16:49:13.0273 0x2544  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:49:13.0287 0x2544  sffp_mmc - ok
16:49:13.0291 0x2544  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:49:13.0306 0x2544  sffp_sd - ok
16:49:13.0310 0x2544  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
16:49:13.0322 0x2544  sfloppy - ok
16:49:13.0335 0x2544  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:49:13.0380 0x2544  SharedAccess - ok
16:49:13.0394 0x2544  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:49:13.0437 0x2544  ShellHWDetection - ok
16:49:13.0443 0x2544  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
16:49:13.0456 0x2544  SiSRaid2 - ok
16:49:13.0467 0x2544  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
16:49:13.0481 0x2544  SiSRaid4 - ok
16:49:13.0493 0x2544  [ 0B70786BD1062CD4C6B58E412B9C3E55, 60ED027642FFF97BFFA55AE3EFFCCBB6D6AD8196D35E9ED06F9AF431E3C0402A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
16:49:13.0513 0x2544  SkypeUpdate - ok
16:49:13.0521 0x2544  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:49:13.0564 0x2544  Smb - ok
16:49:13.0576 0x2544  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:49:13.0595 0x2544  SNMPTRAP - ok
16:49:13.0601 0x2544  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:49:13.0613 0x2544  spldr - ok
16:49:13.0631 0x2544  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
16:49:13.0658 0x2544  Spooler - ok
16:49:13.0748 0x2544  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
16:49:13.0879 0x2544  sppsvc - ok
16:49:13.0892 0x2544  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:49:13.0928 0x2544  sppuinotify - ok
16:49:13.0943 0x2544  [ 12E6D95CDE974B131DEFAA44BAB8B056, 3FEF55D97915BDB222E3A60B50D53BBD8D9C0FDFF85EDC025B8EFD33E575E596 ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
16:49:13.0963 0x2544  SQLAgent$SQLEXPRESS - ok
16:49:13.0973 0x2544  [ B54B48F6D92423440C264E91225C5FF1, 7484D90CE309555E1FB54F011A2980D8491354223111B7AA16D1D2473570DC19 ] SQLBrowser      c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
16:49:13.0991 0x2544  SQLBrowser - ok
16:49:14.0001 0x2544  [ 6D65985945B03CA59B67D0B73702FC7B, B491EEFBCA2BB1145047AAF6A2DA02B012F3530F8B9306425486462358BD82CA ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
16:49:14.0017 0x2544  SQLWriter - ok
16:49:14.0036 0x2544  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:49:14.0061 0x2544  srv - ok
16:49:14.0076 0x2544  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:49:14.0099 0x2544  srv2 - ok
16:49:14.0108 0x2544  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:49:14.0125 0x2544  srvnet - ok
16:49:14.0135 0x2544  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:49:14.0176 0x2544  SSDPSRV - ok
16:49:14.0182 0x2544  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:49:14.0216 0x2544  SstpSvc - ok
16:49:14.0226 0x2544  [ F38232291F05CE25BA1C47FB51EB64CB, 7F72E87D02F3072E0D61D528BEBB8F4BFB6AD67FC94A93745493C9A0907FF435 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
16:49:14.0240 0x2544  ssudmdm - ok
16:49:14.0264 0x2544  [ 0A3544D7E9AF7D8C991C904339157EDC, 1E1DE4D808AE1174B0CB37E93EBADFC98FEBCD70D612CFE393DDA513581CD123 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
16:49:14.0292 0x2544  Steam Client Service - ok
16:49:14.0298 0x2544  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
16:49:14.0309 0x2544  stexstor - ok
16:49:14.0327 0x2544  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
16:49:14.0366 0x2544  stisvc - ok
16:49:14.0373 0x2544  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
16:49:14.0386 0x2544  storflt - ok
16:49:14.0392 0x2544  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
16:49:14.0403 0x2544  storvsc - ok
16:49:14.0408 0x2544  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
16:49:14.0418 0x2544  swenum - ok
16:49:14.0435 0x2544  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
16:49:14.0484 0x2544  swprv - ok
16:49:14.0491 0x2544  [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc      C:\Windows\system32\drivers\synth3dvsc.sys
16:49:14.0505 0x2544  Synth3dVsc - ok
16:49:14.0552 0x2544  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
16:49:14.0618 0x2544  SysMain - ok
16:49:14.0632 0x2544  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:49:14.0654 0x2544  TabletInputService - ok
16:49:14.0666 0x2544  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:49:14.0710 0x2544  TapiSrv - ok
16:49:14.0717 0x2544  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
16:49:14.0755 0x2544  TBS - ok
16:49:14.0807 0x2544  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:49:14.0880 0x2544  Tcpip - ok
16:49:14.0933 0x2544  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:49:14.0995 0x2544  TCPIP6 - ok
16:49:15.0006 0x2544  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:49:15.0020 0x2544  tcpipreg - ok
16:49:15.0027 0x2544  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:49:15.0040 0x2544  TDPIPE - ok
16:49:15.0045 0x2544  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:49:15.0058 0x2544  TDTCP - ok
16:49:15.0065 0x2544  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:49:15.0081 0x2544  tdx - ok
16:49:15.0221 0x2544  [ E99CD4524662A2DA7C73372C626669D8, 694DF29BF6CFF8CA06B8C701BBD148DCF58D6A6ECE3CF6CC900B0D0E5A3DFDF2 ] TeamViewer9     C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
16:49:15.0383 0x2544  TeamViewer9 - ok
16:49:15.0399 0x2544  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
16:49:15.0413 0x2544  TermDD - ok
16:49:15.0419 0x2544  [ 2B5BDFF688EC9871D7EC5837833374E9, BD6C629FA2938987ABF95B790B20F0B7D4D023D5013E575F343A802D6213074E ] terminpt        C:\Windows\system32\drivers\terminpt.sys
16:49:15.0433 0x2544  terminpt - ok
16:49:15.0456 0x2544  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
16:49:15.0488 0x2544  TermService - ok
16:49:15.0495 0x2544  [ 9201BE2BAB8A9FF8E20D8439AE3BB04D, D973C4FE5B8D02B15476D72B49105840A04DBFF8BCB77117C0354D046E6C02FB ] Themes          C:\Windows\system32\themeservice.dll
16:49:15.0502 0x2544  Themes - detected UnsignedFile.Multi.Generic ( 1 )
16:49:17.0834 0x2544  Detect skipped due to KSN trusted
16:49:17.0834 0x2544  Themes - ok
16:49:17.0842 0x2544  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
16:49:17.0888 0x2544  THREADORDER - ok
16:49:17.0892 0x2544  TomTomHOMEService - ok
16:49:17.0901 0x2544  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
16:49:17.0940 0x2544  TrkWks - ok
16:49:17.0956 0x2544  [ 3E75A47D2DEFD2683DCA409572FBE8B2, 33964B1A05E045D3B878CDFD9F52A9086B4FA54D6D4D1DC38062D2874CACD4A0 ] Trufos          C:\Windows\system32\DRIVERS\Trufos.sys
16:49:17.0979 0x2544  Trufos - ok
16:49:17.0989 0x2544  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:49:18.0027 0x2544  TrustedInstaller - ok
16:49:18.0034 0x2544  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:49:18.0047 0x2544  tssecsrv - ok
16:49:18.0053 0x2544  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:49:18.0067 0x2544  TsUsbFlt - ok
16:49:18.0072 0x2544  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
16:49:18.0084 0x2544  TsUsbGD - ok
16:49:18.0091 0x2544  [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
16:49:18.0107 0x2544  tsusbhub - ok
16:49:18.0114 0x2544  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:49:18.0151 0x2544  tunnel - ok
16:49:18.0156 0x2544  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
16:49:18.0168 0x2544  uagp35 - ok
16:49:18.0180 0x2544  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:49:18.0221 0x2544  udfs - ok
16:49:18.0232 0x2544  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:49:18.0248 0x2544  UI0Detect - ok
16:49:18.0254 0x2544  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:49:18.0265 0x2544  uliagpkx - ok
16:49:18.0271 0x2544  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:49:18.0285 0x2544  umbus - ok
16:49:18.0290 0x2544  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
16:49:18.0303 0x2544  UmPass - ok
16:49:18.0312 0x2544  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
16:49:18.0330 0x2544  UmRdpService - ok
16:49:18.0343 0x2544  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
16:49:18.0388 0x2544  upnphost - ok
16:49:18.0394 0x2544  [ FB251567F41BC61988B26731DEC19E4B, 6A535F5A18EB43DD2E18AF0A05301630A1D1484B7D85DA79A7CD122DA4D018E2 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
16:49:18.0406 0x2544  USBAAPL64 - ok
16:49:18.0413 0x2544  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
16:49:18.0426 0x2544  usbaudio - ok
16:49:18.0433 0x2544  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:49:18.0447 0x2544  usbccgp - ok
16:49:18.0453 0x2544  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:49:18.0466 0x2544  usbcir - ok
16:49:18.0472 0x2544  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
16:49:18.0485 0x2544  usbehci - ok
16:49:18.0498 0x2544  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:49:18.0518 0x2544  usbhub - ok
16:49:18.0524 0x2544  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
16:49:18.0536 0x2544  usbohci - ok
16:49:18.0542 0x2544  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
16:49:18.0557 0x2544  usbprint - ok
16:49:18.0564 0x2544  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:49:18.0577 0x2544  USBSTOR - ok
16:49:18.0583 0x2544  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
16:49:18.0597 0x2544  usbuhci - ok
16:49:18.0605 0x2544  [ 3D1F9830BC50520B3DAF4495861CBCE9, 43326D31DBA22B5DA90EB030FEF6131C2955966B8A4AC501C2C609648750B202 ] uvhid           C:\Windows\system32\DRIVERS\uvhid.sys
16:49:18.0635 0x2544  uvhid - ok
16:49:18.0641 0x2544  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
16:49:18.0675 0x2544  UxSms - ok
16:49:18.0680 0x2544  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] VaultSvc        C:\Windows\system32\lsass.exe
16:49:18.0695 0x2544  VaultSvc - ok
16:49:18.0701 0x2544  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:49:18.0712 0x2544  vdrvroot - ok
16:49:18.0735 0x2544  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
16:49:18.0787 0x2544  vds - ok
16:49:18.0794 0x2544  [ 00C7DF4F50962BA218AB60D32869100B, 035968E4127B24E08FAC26C029B054967562B6096F25EBF445E4DF9852339CF4 ] vflt            C:\Windows\system32\DRIVERS\vfilter.sys
16:49:18.0807 0x2544  vflt - ok
16:49:18.0813 0x2544  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:49:18.0831 0x2544  vga - ok
16:49:18.0836 0x2544  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:49:18.0876 0x2544  VgaSave - ok
16:49:18.0880 0x2544  VGPU - ok
16:49:18.0891 0x2544  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:49:18.0906 0x2544  vhdmp - ok
16:49:18.0911 0x2544  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:49:18.0921 0x2544  viaide - ok
16:49:18.0930 0x2544  [ 1AA9C2331234786211A261C8FC69EB25, BC0D3F0A3473A9C3F3A62E706AC639DE643FF9EC2ABFF85BDC32F5C4B492DDD6 ] VMAuthdService  C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
16:49:18.0941 0x2544  VMAuthdService - ok
16:49:18.0950 0x2544  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
16:49:18.0965 0x2544  vmbus - ok
16:49:18.0971 0x2544  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
16:49:18.0983 0x2544  VMBusHID - ok
16:49:18.0989 0x2544  [ BE8E5E5D53ACF71D4E8E686B68C99B04, 4F30A360095FCB2627068FA6A65A951688058E8FDDF5CE895E2AE39500A413B1 ] vmci            C:\Windows\system32\DRIVERS\vmci.sys
16:49:19.0001 0x2544  vmci - ok
16:49:19.0007 0x2544  [ A088B197747CE99FB91ED12C1B8DD60F, F06C4C743465AC81B89D25CAE5FCC818A4BB912C92CE5521D8D590C5D7FAAE87 ] vmkbd           C:\Windows\system32\drivers\VMkbd.sys
16:49:19.0017 0x2544  vmkbd - ok
16:49:19.0023 0x2544  [ 18AA5F4A3B1204AD00045EE5AD39BCDB, 0211A8E94F169A2A52CD39CD580293907EBE104E52038DC36B988DE1CA7F2392 ] VMnetAdapter    C:\Windows\system32\DRIVERS\vmnetadapter.sys
16:49:19.0032 0x2544  VMnetAdapter - ok
16:49:19.0038 0x2544  [ 04CD4347CD9E8C40F78AD51F7FF426D0, BCA3E593E118BCA30142B23CD1CBE6905442D31C3DEB4C71B06D721E601F7BD8 ] VMnetBridge     C:\Windows\system32\DRIVERS\vmnetbridge.sys
16:49:19.0049 0x2544  VMnetBridge - ok
16:49:19.0053 0x2544  VMnetDHCP - ok
16:49:19.0059 0x2544  [ 0554C979222692C8DB07AF39279EC67D, 02632D9F7F8F9EBEAA79FC169904E370E3213CED840D977CC90AADAD4FBA528D ] VMnetuserif     C:\Windows\system32\drivers\vmnetuserif.sys
16:49:19.0068 0x2544  VMnetuserif - ok
16:49:19.0095 0x2544  [ 41FAE6618768DC93D98DDAF3F8282D3E, 95995542026CC111B8FFAA01AC9E55B2F942A9108F5F00502A35339C13BBF20D ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
16:49:19.0131 0x2544  VMUSBArbService - ok
16:49:19.0140 0x2544  VMware NAT Service - ok
16:49:19.0505 0x2544  [ B99741CE1B6AD69E2EF6C2450D906F8E, A5C40E1F371600E956721E252B9E962F68071D468CAB65FFA77D03229C4BAD3A ] VMwareHostd     C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
16:49:19.0905 0x2544  VMwareHostd - ok
16:49:19.0940 0x2544  [ 3459BF60AA9B66E308A3D1656AEFD6C3, 71A43696570ADB551895408C879AEDA4DB8B78E58E4292A8B3B06D91790F6E07 ] vmx86           C:\Windows\system32\drivers\vmx86.sys
16:49:19.0951 0x2544  vmx86 - ok
16:49:19.0956 0x2544  [ A99CA064AD11266FE7067A79BF78BBB5, B5AFFBA1A9A6E51639A89B9F6C0678E70F73D2BF37D5F88F4AD45DFC6798597D ] vnet            C:\Windows\system32\DRIVERS\virtualnet.sys
16:49:19.0967 0x2544  vnet - ok
16:49:19.0973 0x2544  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:49:19.0985 0x2544  volmgr - ok
16:49:19.0998 0x2544  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:49:20.0019 0x2544  volmgrx - ok
16:49:20.0031 0x2544  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:49:20.0051 0x2544  volsnap - ok
16:49:20.0070 0x2544  [ 0BD37CBF66CF79F43A68F7ADEDD6769D, 33A7DA47AA3689AE37929B0011A3DB9F55E8BDDB166C13DF2F4BE07000804264 ] vpnagent        C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
16:49:20.0094 0x2544  vpnagent - ok
16:49:20.0102 0x2544  [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva           C:\Windows\system32\DRIVERS\vpnva64-6.sys
16:49:20.0112 0x2544  vpnva - ok
16:49:20.0120 0x2544  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
16:49:20.0137 0x2544  vsmraid - ok
16:49:20.0143 0x2544  [ CB4D2E3C5E8BFA3CF6AFFF6DDC6CC70D, 32A891045AF36FEAC62373894B98ABDCEA437978BDE027169C22EBC2C72D586E ] vsock           C:\Windows\system32\drivers\vsock.sys
16:49:20.0154 0x2544  vsock - ok
16:49:20.0162 0x2544  [ CA64A8838B4674D14BDF88ABA2F253EA, 05A44396FB7AC8BC4D45BB5C4E522FCFECC64C60828F2F36E5EB716507DE4245 ] VSPerfDrv100    C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys
16:49:20.0174 0x2544  VSPerfDrv100 - ok
16:49:20.0216 0x2544  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
16:49:20.0294 0x2544  VSS - ok
16:49:20.0319 0x2544  [ E7CE8988B98202A5CF429CA358D26CC5, 773E38E263D2EB179E8767809ED4B98CDECEA4BD970AAE0BB31FD6D219E5E079 ] vstor2-mntapi20-shared C:\Windows\syswow64\drivers\vstor2-mntapi20-shared.sys
16:49:20.0330 0x2544  vstor2-mntapi20-shared - ok
16:49:20.0335 0x2544  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
16:49:20.0351 0x2544  vwifibus - ok
16:49:20.0368 0x2544  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
16:49:20.0415 0x2544  W32Time - ok
16:49:20.0423 0x2544  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
16:49:20.0436 0x2544  WacomPen - ok
16:49:20.0443 0x2544  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:49:20.0479 0x2544  WANARP - ok
16:49:20.0484 0x2544  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:49:20.0520 0x2544  Wanarpv6 - ok
16:49:20.0562 0x2544  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
16:49:20.0616 0x2544  wbengine - ok
16:49:20.0630 0x2544  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:49:20.0656 0x2544  WbioSrvc - ok
16:49:20.0671 0x2544  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:49:20.0699 0x2544  wcncsvc - ok
16:49:20.0705 0x2544  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:49:20.0720 0x2544  WcsPlugInService - ok
16:49:20.0726 0x2544  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
16:49:20.0737 0x2544  Wd - ok
16:49:20.0762 0x2544  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:49:20.0794 0x2544  Wdf01000 - ok
16:49:20.0803 0x2544  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:49:20.0825 0x2544  WdiServiceHost - ok
16:49:20.0834 0x2544  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:49:20.0856 0x2544  WdiSystemHost - ok
16:49:20.0868 0x2544  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
16:49:20.0891 0x2544  WebClient - ok
16:49:20.0901 0x2544  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:49:20.0963 0x2544  Wecsvc - ok
16:49:20.0970 0x2544  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:49:21.0011 0x2544  wercplsupport - ok
16:49:21.0019 0x2544  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:49:21.0056 0x2544  WerSvc - ok
16:49:21.0061 0x2544  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:49:21.0094 0x2544  WfpLwf - ok
16:49:21.0100 0x2544  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:49:21.0112 0x2544  WIMMount - ok
16:49:21.0115 0x2544  WinDefend - ok
16:49:21.0124 0x2544  WinHttpAutoProxySvc - ok
16:49:21.0140 0x2544  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:49:21.0180 0x2544  Winmgmt - ok
16:49:21.0233 0x2544  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
16:49:21.0297 0x2544  WinRM - ok
16:49:21.0311 0x2544  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
16:49:21.0326 0x2544  WinUsb - ok
16:49:21.0353 0x2544  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:49:21.0393 0x2544  Wlansvc - ok
16:49:21.0456 0x2544  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:49:21.0523 0x2544  wlidsvc - ok
16:49:21.0532 0x2544  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
16:49:21.0544 0x2544  WmiAcpi - ok
16:49:21.0556 0x2544  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:49:21.0574 0x2544  wmiApSrv - ok
16:49:21.0578 0x2544  WMPNetworkSvc - ok
16:49:21.0584 0x2544  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:49:21.0599 0x2544  WPCSvc - ok
16:49:21.0607 0x2544  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:49:21.0627 0x2544  WPDBusEnum - ok
16:49:21.0631 0x2544  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:49:21.0669 0x2544  ws2ifsl - ok
16:49:21.0676 0x2544  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
16:49:21.0696 0x2544  wscsvc - ok
16:49:21.0701 0x2544  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
16:49:21.0715 0x2544  WSDPrintDevice - ok
16:49:21.0720 0x2544  [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
16:49:21.0732 0x2544  WSDScan - ok
16:49:21.0736 0x2544  WSearch - ok
16:49:21.0769 0x2544  [ FC4A9F237444993FC2E732C3E20C2787, 9F841C4DE9253400C5A1B36BD09F57E8976556CBE742C3DE7E98A4FD0BAB73A2 ] WtuSystemSupport C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
16:49:21.0799 0x2544  WtuSystemSupport - ok
16:49:21.0877 0x2544  [ AA3E844A2595B1AA5825C70CA50D963E, F9C7D64D9563CA5167EC9B0D957473B55C02E9456E041AE2CDA6ABFA9641D176 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:49:21.0954 0x2544  wuauserv - ok
16:49:21.0964 0x2544  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:49:21.0974 0x2544  WudfPf - ok
16:49:21.0988 0x2544  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\drivers\WUDFRd.sys
16:49:21.0997 0x2544  WUDFRd - ok
16:49:22.0007 0x2544  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:49:22.0018 0x2544  wudfsvc - ok
16:49:22.0028 0x2544  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:49:22.0051 0x2544  WwanSvc - ok
16:49:22.0053 0x2544  [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
16:49:22.0063 0x2544  xusb21 - ok
16:49:22.0093 0x2544  ================ Scan global ===============================
16:49:22.0093 0x2544  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:49:22.0103 0x2544  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
16:49:22.0122 0x2544  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
16:49:22.0132 0x2544  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:49:22.0145 0x2544  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
16:49:22.0145 0x2544  [ Global ] - ok
16:49:22.0145 0x2544

RVD85 · 27.07.2015, 15:59

und teil 2

Code:

ATTFilter

================ Scan MBR ==================================
16:49:22.0155 0x2544  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
16:49:22.0460 0x2544  \Device\Harddisk2\DR2 - ok
16:49:22.0463 0x2544  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
16:49:22.0557 0x2544  \Device\Harddisk1\DR1 - ok
16:49:22.0577 0x2544  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:49:22.0636 0x2544  \Device\Harddisk0\DR0 - ok
16:49:22.0636 0x2544  ================ Scan VBR ==================================
16:49:22.0638 0x2544  [ BC168C5728FDF2750E6E42C50D0226EA ] \Device\Harddisk2\DR2\Partition1
16:49:22.0640 0x2544  \Device\Harddisk2\DR2\Partition1 - ok
16:49:22.0642 0x2544  [ 9B9DC054481145CB21B833669904710B ] \Device\Harddisk1\DR1\Partition1
16:49:22.0734 0x2544  \Device\Harddisk1\DR1\Partition1 - ok
16:49:22.0734 0x2544  ================ Scan generic autorun ======================
16:49:22.0932 0x2544  [ B7826A4D54C39019D8BC19A484D5D5EC, BCBA7D3CB1BC5BF3F092FD11BD2C1878290EED8A9D8E086F946553B5FAD565C9 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
16:49:23.0117 0x2544  RTHDVCPL - ok
16:49:23.0180 0x2544  [ 2F1CDD465E74E123A29C5C7CF0CF8E6F, CC29CD38095CBDEE4298BADBF6A6A20B6D485D3B0CEC76BFC0C61090B0EEA12A ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
16:49:23.0250 0x2544  RtHDVBg_DTS - ok
16:49:23.0315 0x2544  [ 8629773FE7379BB7095A61936CC6BD24, 819E5108B50614D83C34A0A91D30D4EEAE88E17F22D4D15FD469E53932DC1292 ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
16:49:23.0375 0x2544  CanonMyPrinter - ok
16:49:23.0558 0x2544  [ 430FEA290AC80AB313D54AC5718219FB, 81254380E2C0E1AFEA0F447B6C19C2F2A7A87641CA81E2F55611E5E319730BFA ] C:\Program Files\Logitech Gaming Software\LCore.exe
16:49:23.0750 0x2544  Launch LCore - ok
16:49:23.0760 0x2544  OODefragTray - ok
16:49:23.0780 0x2544  [ ED43758BF94B8A5221D69F1B7F63F13D, F6E7418823E45085F4D4F50DD25A55ED517C0A335C6C2F69A1139B30677D3DA9 ] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
16:49:23.0810 0x2544  XboxStat - ok
16:49:23.0810 0x2544  Power Manager - ok
16:49:23.0810 0x2544  CherryKeyMan - ok
16:49:23.0821 0x2544  [ C14CF3A71C99E7AD48ECC928886317AC, A1D363ACFA79C08EE6DD32A572BB389EC02A42D12E0E14FF1680AE6987754833 ] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
16:49:23.0826 0x2544  IJNetworkScanUtility - ok
16:49:23.0881 0x2544  [ 504C916D52ABA407FD4DC1E709AEA71E, 8F279620247481F28DF7D9FD4A81173396E39EB807E24587E89CAF1172CC846C ] C:\Program Files (x86)\avmwlanstick\wlangui.exe
16:49:23.0946 0x2544  AVMWlanClient - detected UnsignedFile.Multi.Generic ( 1 )
16:49:26.0320 0x2544  Detect skipped due to KSN trusted
16:49:26.0320 0x2544  AVMWlanClient - ok
16:49:26.0388 0x2544  [ FB1A303207C1124C2B61A50E5A32AC21, 5BE93B9FDE657DCDAF4E8C02BC3F364C58B115DCE3AD10044FBCDC0FF90C2EBC ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
16:49:26.0438 0x2544  DivXUpdate - ok
16:49:26.0438 0x2544  StartCCC - ok
16:49:26.0458 0x2544  [ 41864A56D8CCA3834788BA1E6CE9C97F, 268C90AD8800625582BFDDEB1BEA66C7ECB4749DBC90F52DA992C8CBF863950B ] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
16:49:26.0490 0x2544  Cisco AnyConnect Secure Mobility Agent for Windows - ok
16:49:26.0573 0x2544  [ 054E022EFFB77DB202A85E5B29A56508, B0A2FC36DE38040ACDC371F1BAF6E62D0B09E141E978F79F590B9DEF8F5EB40B ] C:\Program Files (x86)\AVG\AVG2015\avgui.exe
16:49:26.0668 0x2544  AVG_UI - ok
16:49:26.0688 0x2544  [ 4F9DD96AECDC12373D4203253D665C6D, 871FF2367ACD5F9A378FED53574BF28A8129224C4B7C4AF074809ED7CF870904 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
16:49:26.0698 0x2544  SunJavaUpdateSched - ok
16:49:26.0735 0x2544  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:49:26.0775 0x2544  Sidebar - ok
16:49:26.0785 0x2544  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:49:26.0795 0x2544  mctadmin - ok
16:49:26.0836 0x2544  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:49:26.0881 0x2544  Sidebar - ok
16:49:26.0884 0x2544  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:49:26.0904 0x2544  mctadmin - ok
16:49:26.0904 0x2544  [ 173D93AB55B6602C115E1E0BCDA3BDBC, 938C02C2C682B542788F0D94ABAB2FA7D80D00E1B8A55E19BEE49AF31AB10D9F ] C:\Windows\Speech\Common\sapisvr.exe
16:49:26.0924 0x2544  Speech Recognition - ok
16:49:26.0924 0x2544  GoogleDriveSync - ok
16:49:26.0924 0x2544  Steam - ok
16:49:26.0944 0x2544  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe
16:49:26.0954 0x2544  Google Update - ok
16:49:26.0954 0x2544  DAEMON Tools Lite - ok
16:49:26.0954 0x2544  KiesPDLR - ok
16:49:26.0964 0x2544  KiesPreload - ok
16:49:26.0964 0x2544  Unified Remote V3 - ok
16:49:26.0964 0x2544  [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe
16:49:26.0979 0x2544  Dropbox Update - ok
16:49:26.0979 0x2544  Infium - ok
16:49:26.0979 0x2544  Waiting for KSN requests completion. In queue: 91
16:49:27.0986 0x2544  Waiting for KSN requests completion. In queue: 91
16:49:28.0994 0x2544  Waiting for KSN requests completion. In queue: 11
16:49:30.0027 0x2544  AV detected via SS2: Ad-Aware Antivirus, C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareSecurityCenter.exe ( 11.7.485.8398 ), 0x40010 ( disabled : outofdate )
16:49:30.0029 0x2544  AV detected via SS2: AVG Internet Security 2015, C:\Program Files (x86)\AVG\AVG2015\avgwsc.exe ( 15.0.0.6086 ), 0x41000 ( enabled : updated )
16:49:30.0029 0x2544  FW detected via SS2: AVG Internet Security 2015, C:\Program Files (x86)\AVG\AVG2015\avgwsc.exe ( 15.0.0.6086 ), 0x40010 ( disabled )
16:49:30.0032 0x2544  FW detected via SS2: Ad-Aware Firewall, C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareSecurityCenter.exe ( 11.7.485.8398 ), 0x40010 ( disabled )
16:49:30.0034 0x2544  Win FW state via NFP2: enabled ( trusted )
16:49:32.0463 0x2544  ============================================================
16:49:32.0463 0x2544  Scan finished
16:49:32.0463 0x2544  ============================================================
16:49:32.0471 0x05fc  Detected object count: 0
16:49:32.0471 0x05fc  Actual detected object count: 0
16:55:02.0575 0x2868  Deinitialize success

M-K-D-B · 28.07.2015, 04:48

Servus,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

RVD85 · 28.07.2015, 13:57

Ich habe das Programm jetzt einmal laufen lassen und bei Stufe 5 hat er ewig fest gehangen. Da steht ja, dass der Scan 10 Min oder doppelt so lang dauern kann, alleine bei Stufe 5 habe ich ihn 30 Min laufen lassen, nichts ist passiert und auch der Rechner hat keine Geräusche mehr gemacht, dass er arbeitet. Es hat dann nur ein Neustart geholfen, weil das Programm scheinbar das Internet unterbrochen hat. Ich werde es jetzt nochmal versuchen

M-K-D-B · 28.07.2015, 14:06

Servus,

ok, evtl. im abgesicherten Modus mit Netzwerkunterstützung probieren.

Wenn es wieder nicht geht, bitte einfach sagen.

RVD85 · 28.07.2015, 16:46

Im abgesicherten Modus muss ich dann mal noch probieren. Habe es gerade ganz normal nochmal laufen lassen, da gingen die ersten 4 Stufen wieder innerhalb 3 Minuten und danach hat sich nichts mehr getan

Im abgesicherten Modus ging es. hier der Log:

Code:

ATTFilter

ComboFix 15-07-23.01 - Admin 28.07.2015  15:47:22.3.6 - x64 NETWORK
Microsoft Windows 7 eXtreme   6.1.7601.1.1252.49.1031.18.8138.7232 [GMT 2:00]
ausgeführt von:: c:\users\Admin\Desktop\ComboFix.exe
AV: AVG Internet Security 2015 *Enabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
FW: AVG Internet Security 2015 *Disabled* {757AB44A-78C2-7D1A-E37F-CA42A037B368}
SP: AVG Internet Security 2015 *Enabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
C:\STF5A60.tmp
C:\STF79E.tmp
C:\STF9512.tmp
C:\STFB496.tmp
C:\STFDD06.tmp
c:\users\Admin\AppData\Local\assembly\tmp
c:\windows\iun6002.exe
c:\windows\msdownld.tmp
c:\windows\SysWow64\DEBUG.log
c:\windows\XSxS
I:\AUTORUN.INF
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ACEDRV11
-------\Service_acedrv11
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-06-28 bis 2015-07-28  ))))))))))))))))))))))))))))))
.
.
2015-07-28 13:57 . 2015-07-28 13:57	--------	d-----w-	c:\users\Dori\AppData\Local\temp
2015-07-27 17:11 . 2015-07-27 22:20	--------	d-----w-	c:\users\Dori\AppData\Local\Mozilla Firefox
2015-07-27 14:36 . 2015-07-27 14:38	--------	d-----w-	C:\FRST
2015-07-27 12:00 . 2015-07-27 12:00	--------	d-----w-	c:\users\Admin\AppData\Local\Avg
2015-07-27 11:58 . 2015-07-27 11:58	--------	d-----w-	c:\users\Admin\AppData\Local\MFAData
2015-07-27 02:48 . 2015-06-08 12:13	428880	----a-w-	c:\windows\system32\LavasoftTcpService64.dll
2015-07-27 02:48 . 2015-06-08 12:13	348488	----a-w-	c:\windows\SysWow64\LavasoftTcpService.dll
2015-07-27 01:11 . 2015-07-27 11:21	--------	d-----w-	C:\AdwCleaner
2015-07-22 10:12 . 2015-07-22 10:12	--------	d-----w-	c:\program files\Java
2015-07-22 10:07 . 2015-07-22 10:07	--------	d-----w-	c:\program files (x86)\Common Files\Java
2015-07-22 09:46 . 2015-07-22 09:46	--------	d-----w-	c:\users\Admin\AppData\Local\CEF
2015-07-21 06:56 . 2015-07-15 03:19	41984	----a-w-	c:\windows\system32\lpk.dll
2015-07-21 06:56 . 2015-07-15 03:19	100864	----a-w-	c:\windows\system32\fontsub.dll
2015-07-21 06:56 . 2015-07-15 03:19	14336	----a-w-	c:\windows\system32\dciman32.dll
2015-07-21 06:56 . 2015-07-15 03:19	46080	----a-w-	c:\windows\system32\atmlib.dll
2015-07-21 06:56 . 2015-07-15 02:55	70656	----a-w-	c:\windows\SysWow64\fontsub.dll
2015-07-21 06:56 . 2015-07-15 02:55	10240	----a-w-	c:\windows\SysWow64\dciman32.dll
2015-07-21 06:56 . 2015-07-15 02:55	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2015-07-21 06:56 . 2015-07-15 02:54	25600	----a-w-	c:\windows\SysWow64\lpk.dll
2015-07-21 06:56 . 2015-07-15 01:59	372224	----a-w-	c:\windows\system32\atmfd.dll
2015-07-21 06:56 . 2015-07-15 01:52	299008	----a-w-	c:\windows\SysWow64\atmfd.dll
2015-07-18 17:54 . 2015-07-18 17:54	--------	d-----w-	c:\users\Admin\AppData\Roaming\AVG2015
2015-07-18 17:53 . 2015-07-27 12:01	--------	d-----w-	c:\program files\Common Files\AV
2015-07-18 17:52 . 2015-07-24 07:41	--------	d-----w-	c:\programdata\AVG2015
2015-07-18 17:52 . 2015-07-18 17:52	--------	d-----w-	c:\program files (x86)\AVG
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-18 18:54 . 2012-09-07 08:34	778416	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-07-18 18:54 . 2012-01-19 03:40	142512	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-03 06:43 . 2012-01-15 20:58	130333168	----a-w-	c:\windows\system32\MRT.exe
2015-06-26 07:49 . 2015-06-26 07:49	293296	----a-w-	c:\windows\system32\drivers\avgidsdrivera.sys
2015-06-23 23:29 . 2015-06-23 23:29	1217192	----a-w-	c:\windows\SysWow64\FM20.DLL
2015-06-23 02:09 . 2015-06-23 02:09	78432	----a-w-	c:\windows\system32\atimpc64.dll
2015-06-23 02:09 . 2015-06-23 02:09	78432	----a-w-	c:\windows\system32\amdpcom64.dll
2015-06-23 02:09 . 2015-06-23 02:09	71704	----a-w-	c:\windows\SysWow64\atimpc32.dll
2015-06-23 02:09 . 2015-06-23 02:09	71704	----a-w-	c:\windows\SysWow64\amdpcom32.dll
2015-06-23 02:08 . 2015-06-23 02:08	152056	----a-w-	c:\windows\system32\atiuxp64.dll
2015-06-23 02:08 . 2015-06-23 02:08	133016	----a-w-	c:\windows\SysWow64\atiuxpag.dll
2015-06-23 02:08 . 2015-06-23 02:08	120144	----a-w-	c:\windows\system32\atiu9p64.dll
2015-06-23 02:08 . 2015-06-23 02:08	102616	----a-w-	c:\windows\SysWow64\atiu9pag.dll
2015-06-23 02:08 . 2015-06-23 02:08	1440592	----a-w-	c:\windows\system32\aticfx64.dll
2015-06-23 02:08 . 2015-06-23 02:08	1191320	----a-w-	c:\windows\SysWow64\aticfx32.dll
2015-06-23 02:08 . 2015-06-23 02:08	11941000	----a-w-	c:\windows\system32\atidxx64.dll
2015-06-23 02:08 . 2015-06-23 02:08	10087472	----a-w-	c:\windows\SysWow64\atidxx32.dll
2015-06-23 02:08 . 2015-06-23 02:08	7927568	----a-w-	c:\windows\SysWow64\atiumdva.dll
2015-06-23 02:08 . 2015-06-23 02:08	7407400	----a-w-	c:\windows\SysWow64\atiumdag.dll
2015-06-23 02:08 . 2015-06-23 02:08	8890576	----a-w-	c:\windows\system32\atiumd6a.dll
2015-06-23 02:08 . 2015-06-23 02:08	8786040	----a-w-	c:\windows\system32\atiumd64.dll
2015-06-23 02:05 . 2015-06-23 02:05	297672	----a-w-	c:\windows\system32\drivers\amdacpksd.sys
2015-06-23 02:03 . 2015-06-23 02:03	21612032	----a-w-	c:\windows\system32\drivers\atikmdag.sys
2015-06-23 01:59 . 2015-06-23 01:59	235008	----a-w-	c:\windows\system32\clinfo.exe
2015-06-23 01:59 . 2015-06-23 01:59	47782912	----a-w-	c:\windows\system32\amdocl64.dll
2015-06-23 01:58 . 2015-06-23 01:58	39712256	----a-w-	c:\windows\SysWow64\amdocl.dll
2015-06-23 01:57 . 2015-06-23 01:57	65024	----a-w-	c:\windows\system32\OpenCL.dll
2015-06-23 01:57 . 2015-06-23 01:57	59392	----a-w-	c:\windows\SysWow64\OpenCL.dll
2015-06-23 01:55 . 2015-06-23 01:55	27535872	----a-w-	c:\windows\system32\amdocl12cl64.dll
2015-06-23 01:55 . 2015-06-23 01:55	22318592	----a-w-	c:\windows\SysWow64\amdocl12cl.dll
2015-06-23 01:33 . 2015-06-23 01:33	127488	----a-w-	c:\windows\system32\mantle64.dll
2015-06-23 01:33 . 2015-06-23 01:33	113664	----a-w-	c:\windows\SysWow64\mantle32.dll
2015-06-23 01:33 . 2015-06-23 01:33	6476288	----a-w-	c:\windows\system32\amdmantle64.dll
2015-06-23 01:28 . 2015-06-23 01:28	5067264	----a-w-	c:\windows\SysWow64\amdmantle32.dll
2015-06-23 01:27 . 2012-07-28 03:19	30749184	----a-w-	c:\windows\system32\atio6axx.dll
2015-06-23 01:25 . 2015-06-23 01:25	93184	----a-w-	c:\windows\system32\mantleaxl64.dll
2015-06-23 01:25 . 2015-06-23 01:25	86528	----a-w-	c:\windows\SysWow64\mantleaxl32.dll
2015-06-23 01:22 . 2015-06-23 01:22	50688	----a-w-	c:\windows\system32\amdmmcl6.dll
2015-06-23 01:22 . 2015-06-23 01:22	39424	----a-w-	c:\windows\SysWow64\amdmmcl.dll
2015-06-23 01:21 . 2015-06-23 01:21	865792	----a-w-	c:\windows\system32\coinst_15.20.dll
2015-06-23 01:21 . 2015-06-23 01:21	25296896	----a-w-	c:\windows\SysWow64\atioglxx.dll
2015-06-23 01:19 . 2015-06-23 01:19	367104	----a-w-	c:\windows\system32\atiapfxx.exe
2015-06-23 01:19 . 2015-06-23 01:19	62464	----a-w-	c:\windows\system32\aticalrt64.dll
2015-06-23 01:19 . 2015-06-23 01:19	52224	----a-w-	c:\windows\SysWow64\aticalrt.dll
2015-06-23 01:19 . 2015-06-23 01:19	55808	----a-w-	c:\windows\system32\aticalcl64.dll
2015-06-23 01:19 . 2015-06-23 01:19	49152	----a-w-	c:\windows\SysWow64\aticalcl.dll
2015-06-23 01:18 . 2015-06-23 01:18	15716864	----a-w-	c:\windows\system32\aticaldd64.dll
2015-06-23 01:18 . 2015-06-23 01:18	14302208	----a-w-	c:\windows\SysWow64\aticaldd.dll
2015-06-23 01:14 . 2015-06-23 01:14	442368	----a-w-	c:\windows\system32\atidemgy.dll
2015-06-23 01:14 . 2015-06-23 01:14	160256	----a-w-	c:\windows\system32\atieah64.exe
2015-06-23 01:14 . 2015-06-23 01:14	143872	----a-w-	c:\windows\SysWow64\atieah32.exe
2015-06-23 01:14 . 2015-06-23 01:14	204800	----a-w-	c:\windows\system32\amdgfxinfo64.dll
2015-06-23 01:14 . 2015-06-23 01:14	189952	----a-w-	c:\windows\SysWow64\amdgfxinfo32.dll
2015-06-23 01:14 . 2015-06-23 01:14	670720	----a-w-	c:\windows\system32\atieclxx.exe
2015-06-23 01:14 . 2015-06-23 01:14	29696	----a-w-	c:\windows\system32\atimuixx.dll
2015-06-23 01:14 . 2015-06-23 01:14	245760	----a-w-	c:\windows\system32\atiesrxx.exe
2015-06-23 01:14 . 2015-06-23 01:14	190976	----a-w-	c:\windows\system32\atitmm64.dll
2015-06-23 01:11 . 2012-07-28 01:15	1246208	----a-w-	c:\windows\system32\atiadlxx.dll
2015-06-23 01:11 . 2015-06-23 01:11	926720	----a-w-	c:\windows\SysWow64\atiadlxy.dll
2015-06-23 01:11 . 2015-06-23 01:11	926720	----a-w-	c:\windows\SysWow64\atiadlxx.dll
2015-06-23 01:10 . 2015-06-23 01:10	69632	----a-w-	c:\windows\SysWow64\atiglpxx.dll
2015-06-23 01:10 . 2015-06-23 01:10	69632	----a-w-	c:\windows\system32\atiglpxx.dll
2015-06-23 01:10 . 2012-07-28 01:15	75264	----a-w-	c:\windows\system32\atig6pxx.dll
2015-06-23 01:10 . 2012-07-28 01:15	156672	----a-w-	c:\windows\system32\atig6txx.dll
2015-06-23 01:10 . 2015-06-23 01:10	141824	----a-w-	c:\windows\SysWow64\atigktxx.dll
2015-06-23 01:10 . 2015-06-23 01:10	663552	----a-w-	c:\windows\system32\drivers\atikmpag.sys
2015-06-23 01:09 . 2015-06-23 01:09	102912	----a-w-	c:\windows\system32\hsa-thunk64.dll
2015-06-23 01:09 . 2015-06-23 01:09	102400	----a-w-	c:\windows\SysWow64\hsa-thunk.dll
2015-06-23 01:07 . 2015-06-23 01:07	43520	----a-w-	c:\windows\system32\drivers\ati2erec.dll
2015-06-16 13:55 . 2015-06-16 13:55	259040	----a-w-	c:\windows\system32\drivers\avgldx64.sys
2015-06-10 14:38 . 2015-06-10 14:38	226784	----a-w-	c:\windows\system32\drivers\avgmfx64.sys
2015-05-25 18:24 . 2015-06-10 06:50	5569984	----a-w-	c:\windows\system32\ntoskrnl.exe
2015-05-25 18:21 . 2015-06-10 06:50	1728960	----a-w-	c:\windows\system32\ntdll.dll
2015-05-25 18:19 . 2015-06-10 06:50	243712	----a-w-	c:\windows\system32\wow64.dll
2015-05-25 18:19 . 2015-06-10 06:50	362496	----a-w-	c:\windows\system32\wow64win.dll
2015-05-25 18:19 . 2015-06-10 06:50	13312	----a-w-	c:\windows\system32\wow64cpu.dll
2015-05-25 18:19 . 2015-06-10 06:50	215040	----a-w-	c:\windows\system32\winsrv.dll
2015-05-25 18:19 . 2015-06-10 06:50	1255424	----a-w-	c:\windows\system32\diagtrack.dll
2015-05-25 18:19 . 2015-06-10 06:50	879104	----a-w-	c:\windows\system32\tdh.dll
2015-05-25 18:19 . 2015-06-10 06:50	503808	----a-w-	c:\windows\system32\srcore.dll
2015-05-25 18:19 . 2015-06-10 06:50	113664	----a-w-	c:\windows\system32\sechost.dll
2015-05-25 18:19 . 2015-06-10 06:50	50176	----a-w-	c:\windows\system32\srclient.dll
2015-05-25 18:19 . 2015-06-10 06:50	16384	----a-w-	c:\windows\system32\ntvdm64.dll
2015-05-25 18:19 . 2015-06-10 06:50	424960	----a-w-	c:\windows\system32\KernelBase.dll
2015-05-25 18:19 . 2015-06-10 06:50	1162752	----a-w-	c:\windows\system32\kernel32.dll
2015-05-25 18:18 . 2015-06-10 06:50	43520	----a-w-	c:\windows\system32\csrsrv.dll
2015-05-25 18:18 . 2015-06-10 06:50	879104	----a-w-	c:\windows\system32\advapi32.dll
2015-05-25 18:18 . 2015-06-10 06:50	404992	----a-w-	c:\windows\system32\tracerpt.exe
2015-05-25 18:18 . 2015-06-10 06:50	47104	----a-w-	c:\windows\system32\typeperf.exe
2015-05-25 18:18 . 2015-06-10 06:50	112640	----a-w-	c:\windows\system32\smss.exe
2015-05-25 18:18 . 2015-06-10 06:50	296960	----a-w-	c:\windows\system32\rstrui.exe
2015-05-25 18:18 . 2015-06-10 06:50	43008	----a-w-	c:\windows\system32\relog.exe
2015-05-25 18:18 . 2015-06-10 06:50	104448	----a-w-	c:\windows\system32\logman.exe
2015-05-25 18:18 . 2015-06-10 06:50	19456	----a-w-	c:\windows\system32\diskperf.exe
2015-05-25 18:18 . 2015-06-10 06:50	338432	----a-w-	c:\windows\system32\conhost.exe
2015-05-25 18:11 . 2015-06-10 06:50	4608	---ha-w-	c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:50	4608	---ha-w-	c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:50	4096	---ha-w-	c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:50	4096	---ha-w-	c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:50	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2011-08-09 . B6365B1E0EB9191ED4D916B2A94EBA67 . 2868224 . . [6.1.7600.16385] .. c:\windows\Resources\Themes\Explorer\x64\BIG\Explorer.exe
[-] 2011-08-09 . 9880F8FADFF45A0175E0BBDFD9D31F5B . 2868224 . . [6.1.7600.16385] .. c:\windows\Resources\Themes\Explorer\x64\SMALL\Explorer.exe
[-] 2011-06-17 . 5740B1555D51D56547043181789027A5 . 2871808 . . [6.1.7600.16385] .. c:\windows\explorer.exe
[-] 2011-06-17 . 5740B1555D51D56547043181789027A5 . 2871808 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[7] 2011-06-16 . 3B69712041F3D63605529BD66DC00C48 . 2871808 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[7] 2010-11-21 . AC4C51EB24AA95B77F705AB159189E24 . 2872320 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24	151576	----a-w-	c:\users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24	151576	----a-w-	c:\users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24	151576	----a-w-	c:\users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24	151576	----a-w-	c:\users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24	151576	----a-w-	c:\users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24	151576	----a-w-	c:\users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24	151576	----a-w-	c:\users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24	151576	----a-w-	c:\users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24	151576	----a-w-	c:\users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24	151576	----a-w-	c:\users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24	151576	----a-w-	c:\users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24	151576	----a-w-	c:\users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24	151576	----a-w-	c:\users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24	151576	----a-w-	c:\users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24	151576	----a-w-	c:\users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24	151576	----a-w-	c:\users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Speech Recognition"="c:\windows\Speech\Common\sapisvr.exe" [2009-07-14 44544]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2015-06-20 22012688]
"Steam"="i:\program files (x86)\Steam\steam.exe" [2015-07-23 2895552]
"DAEMON Tools Lite"="i:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-01-24 3478336]
"KiesPDLR"="i:\program files (x86)\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2014-05-28 843568]
"KiesPreload"="i:\program files (x86)\Kies\Kies.exe" [2014-05-28 1563440]
"Unified Remote V3"="i:\program files (x86)\Unified Remote 3\RemoteServerWin.exe" [2015-03-20 4205776]
"Dropbox Update"="c:\users\Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe" [2015-06-19 134512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Power Manager"="i:\program files (x86)\Gembird\Power Manager\pm.exe" [2010-12-09 10043392]
"CherryKeyMan"="i:\program files (x86)\Cherry\KeyMan\KeyMan.exe" [2009-07-29 258100]
"IJNetworkScanUtility"="c:\program files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe" [2010-03-02 140640]
"AVMWlanClient"="c:\program files (x86)\avmwlanstick\wlangui.exe" [2010-10-22 2105344]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2013-08-29 1861968]
"StartCCC"="i:\program files\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2015-06-22 767176]
"Cisco AnyConnect Secure Mobility Agent for Windows"="c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" [2015-04-20 708496]
"AVG_UI"="c:\program files (x86)\AVG\AVG2015\avgui.exe" [2015-07-07 3730344]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-06-08 334896]
.
c:\users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-5-5 44236896]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Launchy.lnk - i:\program files (x86)\Launchy\Launchy.exe [2012-1-15 380928]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 0 (0x0)
"EnableInstallerDetection"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoThumbnailCache"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 acsock;acsock;c:\windows\system32\DRIVERS\acsock64.sys;c:\windows\SYSNATIVE\DRIVERS\acsock64.sys [x]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys;c:\windows\SYSNATIVE\drivers\avmeject.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys;c:\windows\SYSNATIVE\drivers\dgderdrv.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS;c:\windows\SysWOW64\FsUsbExDisk.SYS [x]
R3 fwlanusbn;FRITZ!WLAN N;c:\windows\system32\DRIVERS\fwlanusbn.sys;c:\windows\SYSNATIVE\DRIVERS\fwlanusbn.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe [x]
R3 NLNdisMP;NLNdisMP;c:\windows\system32\DRIVERS\nlndis.sys;c:\windows\SYSNATIVE\DRIVERS\nlndis.sys [x]
R3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\DRIVERS\nlndis.sys;c:\windows\SYSNATIVE\DRIVERS\nlndis.sys [x]
R3 Origin Client Service;Origin Client Service;i:\spiele\Origin\OriginClientService.exe;i:\spiele\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SandraAgentSrv;SiSoftware Deployment Agent Service;i:\program files\SiSoftware\SiSoftware Sandra Business 2012.SP1\RpcAgentSrv.exe;i:\program files\SiSoftware\SiSoftware Sandra Business 2012.SP1\RpcAgentSrv.exe [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 vnet;Shrew Soft Virtual Adapter;c:\windows\system32\DRIVERS\virtualnet.sys;c:\windows\SYSNATIVE\DRIVERS\virtualnet.sys [x]
R3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys;c:\program files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [x]
R3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
R4 MSSQLServerADHelper100;SQL Server Hilfsdienst für Active Directory;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0103.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server-Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
R4 VMwareHostd;VMware Workstation Server;c:\program files (x86)\VMware\VMware Workstation\vmware-hostd.exe;c:\program files (x86)\VMware\VMware Workstation\vmware-hostd.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
S0 vsock;vSockets Driver;c:\windows\system32\drivers\vsock.sys;c:\windows\SYSNATIVE\drivers\vsock.sys [x]
S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys;c:\windows\SYSNATIVE\DRIVERS\avgfwd6a.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 vflt;Shrew Soft Lightweight Filter;c:\windows\system32\DRIVERS\vfilter.sys;c:\windows\SYSNATIVE\DRIVERS\vfilter.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;i:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe;i:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.3;AODDriver4.3;i:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys;i:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [x]
S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2015\avgfws.exe;c:\program files (x86)\AVG\AVG2015\avgfws.exe [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2015\avgidsagent.exe;c:\program files (x86)\AVG\AVG2015\avgidsagent.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2015\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2015\avgwdsvc.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 DBService;DATA BECKER Update Service;c:\program files (x86)\Common Files\DATA BECKER Shared\DBService.exe;c:\program files (x86)\Common Files\DATA BECKER Shared\DBService.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 dtpd;ShrewSoft DNS Proxy Daemon;i:\program files\ShrewSoft\VPN Client\dtpd.exe;i:\program files\ShrewSoft\VPN Client\dtpd.exe [x]
S2 DTSAudioService;DTSAudioService;c:\program files\Realtek\Audio\HDA\DTSAudioService64.exe;c:\program files\Realtek\Audio\HDA\DTSAudioService64.exe [x]
S2 iked;ShrewSoft IKE Daemon;i:\program files\ShrewSoft\VPN Client\iked.exe;i:\program files\ShrewSoft\VPN Client\iked.exe [x]
S2 ipsecd;ShrewSoft IPSEC Daemon;i:\program files\ShrewSoft\VPN Client\ipsecd.exe;i:\program files\ShrewSoft\VPN Client\ipsecd.exe [x]
S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [x]
S2 MSSQL$JTLWAWI;SQL Server (JTLWAWI);c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe;c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [x]
S2 OODefragAgent;O&O Defrag;i:\program files\OO Software\Defrag\oodag.exe;i:\program files\OO Software\Defrag\oodag.exe [x]
S2 PSI_SVC_2_x64;Corel License Validation Service V2 x64, Powered by arvato;c:\program files\Common Files\Protexis\License Service\PsiService_2.exe;c:\program files\Common Files\Protexis\License Service\PsiService_2.exe [x]
S2 Seagate Dashboard Services;Seagate Dashboard Services;i:\program files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe;i:\program files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 TomTomHOMEService;TomTomHOMEService;i:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe;i:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [x]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [x]
S2 vpnagent;Cisco AnyConnect Secure Mobility Agent;c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe;c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [x]
S2 vstor2-mntapi20-shared;Vstor2 MntApi 2.0 Driver (shared);SysWOW64\drivers\vstor2-mntapi20-shared.sys;SysWOW64\drivers\vstor2-mntapi20-shared.sys [x]
S2 WtuSystemSupport;WtuSystemSupport;c:\program files (x86)\AVG Web TuneUp\WtuSystemSupport.exe;c:\program files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 ASUSFILTER;ASUSFILTER;SysWow64\drivers\ASUSFILTER.sys;SysWow64\drivers\ASUSFILTER.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 Cherry Device Interface;Cherry Device Interface;i:\program files (x86)\Cherry\CDI\cdi.exe;i:\program files (x86)\Cherry\CDI\cdi.exe [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 lvpepf64;Volume Adapter;c:\windows\system32\DRIVERS\lv302a64.sys;c:\windows\SYSNATIVE\DRIVERS\lv302a64.sys [x]
S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys;c:\windows\SYSNATIVE\DRIVERS\LVPr2M64.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys;c:\windows\SYSNATIVE\drivers\LVUSBS64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 uvhid;Unified Virtual HID;c:\windows\system32\DRIVERS\uvhid.sys;c:\windows\SYSNATIVE\DRIVERS\uvhid.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2015-07-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-07 18:54]
.
2015-07-27 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-500210103-394823293-4185795276-1000Core.job
- c:\users\Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19 22:13]
.
2015-07-28 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-500210103-394823293-4185795276-1000UA.job
- c:\users\Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19 22:13]
.
2015-07-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-02 19:33]
.
2015-07-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-02 19:33]
.
2015-07-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-500210103-394823293-4185795276-1000Core.job
- c:\users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-14 01:58]
.
2015-07-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-500210103-394823293-4185795276-1000UA.job
- c:\users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-14 01:58]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24	184856	----a-w-	c:\users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24	184856	----a-w-	c:\users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24	184856	----a-w-	c:\users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24	184856	----a-w-	c:\users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24	184856	----a-w-	c:\users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24	184856	----a-w-	c:\users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24	184856	----a-w-	c:\users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24	184856	----a-w-	c:\users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2015-06-20 11:48	774984	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2015-06-20 11:48	774984	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2015-06-20 11:48	774984	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2015-06-20 11:48	774984	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2015-06-20 11:48	774984	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2015-06-20 11:48	774984	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-12-12 7560296]
"RtHDVBg_DTS"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 2277992]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-24 2726728]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2012-11-29 7406392]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 825184]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com
IE: An OneNote s&enden - i:\progra~3\MICROS~1\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - i:\progra~3\MICROS~1\Office14\EXCEL.EXE/3000
Trusted Zone: localhost
Trusted Zone: webcompanion.com
TCP: DhcpNameServer = 192.168.178.1
TCP: Interfaces\{3B12CA59-DD93-43EF-B982-DADDB917290C}: NameServer = 141.99.2.2,141.99.1.12
FF - ProfilePath - c:\users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ix0ui9a2.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-OODefragTray - i:\program files\OO Software\Defrag\oodtray.exe
AddRemove-Football Manager 2014_is1 - i:\spiele\Football Manager 2014\unins000.exe
AddRemove-KProbe - c:\windows\iun6002.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_209_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_209_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_209_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_209_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.18"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG17.00.00.01PROFESSIONAL"="4C1071BFE267838923DE9854A810F6D302058A6E426CCF44FDE90007D7BC257E6FC69577C33902DC59610EBEC6F0299C649F9C11CB107259686548BEB7D926DD884956E94E0BFB3EDD8DC988A3FDA041AFFB75BC1EA649A1C0FB13F48A56DB972608F8613B57A4B6386B56BCBF551F198457FC5924944ADF60BFC90D417C0DF87C0B09E1A5ECB3C09417FA98806AEDEC280361822A136C4AC5569AA134E803C5E0EE541F0C6D614D43BF4A8FAC82577984638F07622A2E89927BF3FC1D0C0CB44EE26C8352CDEEBFFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D14078EDD5E5BE2F6E667C038D530D6EB3452A9C6AECB7A5D1407D42EA649BD14DA44BB9DB347A4B5FA33DCD31A89E91083FEBD1F4D823CFEB00A63E0E351158A0674ECB706F71EBFC4B84003E4D91DDDEF15C0B554977E4A66C91EEFDE2DE2D705262B78FAEAC2E362E3C97648B8A1BD9155E5045B294EDAF9DF008E9DDE3964BB48C70ABE42518F2AD2C3EAAE84FDBFD0A990FC2FF21B08852227036FA08D6E94BEB9A4BED2E70378139FAD474E99CC17EF4926DE65B37F245A54A764DDBA847EDF9D192C270954A9AA70A606DFC09E5776BE96C023CF3F7847EEEAD0B7000DE876314B7F7C1DEEA1906E4CA03024438284417E6A04869B261A004D50837E40CA415730EFC46F0F4632F5AA92EFD71F9052C41EB914D73C55F8B567BEC8BD2B9CF417D57D24AEC703ED85621C015469FD8DE2494E12A29CB2FDE0623C43A7ADDD371BD96A75EE7D4718422840F9762B4BD5586A8D712E0EF0B7F8FC2FE50AFD8E2432EF3DC4A7E983F9F344C4267FC2F94287FE9CDAA3B241A71709405298A335C8D05F3DD5B49C2F4E869136821165125972186A288E03DFC4796CDDE3E8FBDAA98B827C1C54F4C545890362C3B518A19AC35AA6E9E2CA077702A3B6A475380EBE9E4B4A42A9ABC503B01A5E4DD9B6B5F4C8014563F4A8F79E363AC1D69C5B607169B9BEA53E4831205570003C4CEE62CEF0D67C8CFD92770CC0D3386EA0416621EC673257FAA88F28F0B2625FC343C001D1BECB901BCECE866E25971428933BA052FE441DB1FE6A9AA49F6436560C6AD7A5ADF0CFCEF8C947B17B1E24BDD4FAB7623FD57114D151ECB48D2B7A82738015C7AB705BFD02397CA1B2D42F4F59489F0E7B0E8039F9D60689631B16A777A6EDB858147E712D71C875BE82F8B04A488A661C562C1E251143AD9DE1A50A6B040B1FE265B0D6924C410E2335FB9623A598A31BDD8A21D51AF1D1CCEC7DD0764488C212B7A4C01C25EF6A7D3DE21BB68D62A08896E406E1935849956FA30B131778903E1B3CA20C5D54337A308E3F28B072DB873538F3F21C2E8CAE6153288F30609955EB8FD774D95FAFDB689462F0C5C8"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\avmwlanstick\WlanNetService.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\program files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
c:\users\Admin\ASUS\AI Suite\AI Suite II\AsRoutineController.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\vmnat.exe
c:\program files (x86)\VMware\VMware Workstation\vmware-authd.exe
c:\windows\SysWOW64\vmnetdhcp.exe
c:\users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-07-28  16:05:32 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-07-28 14:05
.
Vor Suchlauf: 11 Verzeichnis(se), 22.593.232.896 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 24.670.990.336 Bytes frei
.
- - End Of File - - 882BD730FA2F73301C6B5CE2B58A5A4E
A36C5E4F47E84449FF07ED3517B43A31

und nun funktioniert mein firefox nicht mehr, den ich alternativ genutzt habe, weil da irgendwas gelöscht wurde ...

edit: ok aus irgendeinem grund wurde es nur aus dem startmenü gelöscht.

vielleicht noch als kleines detail. bei den werbeseiten, die sich öffnen, ist mir jetzt schon des öfteren klein geschrieben "presented by lyrics" aufgefallen

noch ein kurzer nachtrag. combofix scheint irgendwie alle startmenüeinträge, die "launchy" (programm, dass mit alt und leertaste eine eingabe zum starten von software öffnet). kann man das wieder hin biegen? ist das bekannt? nicht, dass es schlimm ist, nur zur info und aus neugier

M-K-D-B · 28.07.2015, 19:27

Servus,

kann ich noch nicht sagen, ob wir das mit dem Startmenü wieder hinbekommen. Aber wir versuchen es auf jeden Fall.

Schritt 1
Bitte lade dir rKill von Grinler auf deinen Desktop von einem der folgenden Links: RKill oder http://www.trojaner-board.de/85629-rkill-download.html

Starte nun das Programm durch einen Doppelklick.
Wenn sich jetzt kein schwarzes Fenster öffnet, dann versuche einen der anderen Downloadlinks.
Das Tool wird jetzt einige Minuten lang laufen und verschiedene Einstellungen prüfen und neu setzen.
Nach dem Ende der Abarbeitung öffnet sich automatisch die Logdatei rkill.txt.
Bitte poste sie in deinen Thread in CODE-Tags (Anleitung).

Schritt 2
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 3
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 4

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Schritt 5[*]Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.[*]FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).[*]Poste mir beide Logdateien mit deiner nächsten Antwort.[/list]

Bitte poste mit deiner nächsten Antwort

die Logdatei von rKill,
die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die Logdatei von JRT,
die beiden neuen Logdateien von FRST.

RVD85 · 30.07.2015, 09:23

rkill.txt:

Code:

ATTFilter

Rkill 2.7.0 by Lawrence Abrams (Grinler)
hxxp://www.bleepingcomputer.com/
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
 hxxp://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 07/30/2015 09:26:48 AM in x64 mode.
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\Users\Admin\ASUS\AI Suite\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe (PID: 7604) [UP-HEUR]

1 proccess terminated!

Possibly Patched Files.

 * C:\Windows\Explorer.EXE

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * System Restore Disabled

   [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
   "DisableSR" = dword:00000001

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Policies\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity: 

 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual

Searching for Missing Digital Signatures: 

 * C:\Windows\System32\UxTheme.dll : 332.288 : 06/16/2011 10:52 PM : 8bf20c54ffb37cfb960f708ffa813fa7 [NoSig]
 +-> C:\Windows\SysWOW64\uxtheme.dll : 245.760 : 07/14/2009 03:11 AM : 43964fa89ccf97ba6be34d69455ac65f [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-uxtheme_31bf3856ad364e35_6.1.7600.16385_none_01d98c7b2040a1b9\uxtheme.dll : 332.288 : 06/16/2011 10:52 PM : 8bf20c54ffb37cfb960f708ffa813fa7 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-uxtheme_31bf3856ad364e35_6.1.7600.16385_none_0c2e36cd54a163b4\uxtheme.dll : 245.760 : 07/14/2009 03:11 AM : 43964fa89ccf97ba6be34d69455ac65f [Pos Repl]

 * C:\Windows\explorer.exe : 2.871.808 : 06/18/2011 01:30 AM : 5740b1555d51d56547043181789027a5 [NoSig]
 +-> C:\Windows\Resources\Themes\Explorer\x64\BIG\Explorer.exe : 2.868.224 : 08/09/2011 04:29 PM : b6365b1e0eb9191ed4d916b2a94eba67 [Pos Repl]
 +-> C:\Windows\Resources\Themes\Explorer\x64\SMALL\Explorer.exe : 2.868.224 : 08/09/2011 04:29 PM : 9880f8fadff45a0175e0bbdfd9d31f5b [Pos Repl]
 +-> C:\Windows\Resources\Themes\Explorer\x86\BIG\Explorer.exe : 2.613.248 : 08/09/2011 04:29 PM : b29fceebee938506fb23b8a9ce898b9c [Pos Repl]
 +-> C:\Windows\Resources\Themes\Explorer\x86\SMALL\Explorer.exe : 2.613.248 : 08/09/2011 04:29 PM : d1fa2634386b7e4e96cffb9063ee6833 [Pos Repl]
 +-> C:\Windows\SysWOW64\explorer.exe : 2.616.320 : 06/18/2011 01:35 AM : 88b413e78adb75a062ab947c1bf6d49a [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe : 2.872.320 : 11/21/2010 05:24 AM : ac4c51eb24aa95b77f705ab159189e24 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe : 2.871.808 : 06/18/2011 01:30 AM : 5740b1555d51d56547043181789027a5 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe : 2.871.808 : 06/16/2011 07:09 PM : 3b69712041f3d63605529bd66dc00c48 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe : 2.616.320 : 11/21/2010 05:24 AM : 40d777b7a95e00593eb1568c68514493 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe : 2.616.320 : 06/18/2011 01:35 AM : 88b413e78adb75a062ab947c1bf6d49a [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe : 2.616.320 : 06/16/2011 07:09 PM : 0fb9c74046656d1579a64660ad67b746 [Pos Repl]

Checking HOSTS File: 

 * HOSTS file entries found: 

  127.0.0.1       localhost

Program finished at: 07/30/2015 09:27:34 AM
Execution time: 0 hours(s), 0 minute(s), and 46 seconds(s)

dann der adwcleaner log:

Code:

ATTFilter

# AdwCleaner v4.208 - Bericht erstellt 30/07/2015 um 09:33:37
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-07-26.2 [Server]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (x64)
# Benutzername : Admin - LIVINGROOM
# Gestarted von : C:\Users\Admin\Desktop\AdwCleaner_4.208 (1).exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim
Ordner Gelöscht : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nknonnojlmhnmjhpeokdbeineeajcemh
Datei Gelöscht : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\iefogiieekeeeeaiklglonbockmhmkgd
Datei Gelöscht : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage
Datei Gelöscht : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage-journal

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\adawarebp

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17909


-\\ Mozilla Firefox v39.0 (x86 de)


-\\ Google Chrome v


-\\ Chromium v


*************************

AdwCleaner[R0].txt - [27360 Bytes] - [27/07/2015 03:11:42]
AdwCleaner[R1].txt - [27327 Bytes] - [27/07/2015 04:24:40]
AdwCleaner[R2].txt - [1856 Bytes] - [27/07/2015 13:19:37]
AdwCleaner[R3].txt - [1890 Bytes] - [30/07/2015 09:30:23]
AdwCleaner[S0].txt - [24167 Bytes] - [27/07/2015 04:30:14]
AdwCleaner[S1].txt - [1869 Bytes] - [27/07/2015 13:21:57]
AdwCleaner[S2].txt - [1810 Bytes] - [30/07/2015 09:33:37]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1869  Bytes] ##########

anti malware hat mir keine chance gegeben zu speichern. das programm wollte nach dem entfernen von 16 einträgen neu starten und hat mir nicht wie die anderen danach nochmal die möglichkeit gegeben, auf die log datei zuzugreifen. die anleitung stimmt an dem punkt auch nicht.

dann noch nie jrt datei:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.4 (07.27.2015:1)
OS: Windows 7 Ultimate x64
Ran by Admin on 30.07.2015 at 10:07:56,34
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer



~~~ Files



~~~ Folders



~~~ Chrome


[C:\Users\Admin\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Admin\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Admin\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Admin\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30.07.2015 at 10:13:27,12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

als zwischenmeldung, es ist immer noch alles da. ADW cleaner hatte ich ja vorher schon mal genutzt und da hat er soweit ich mich erinnere die gleichen sachen gelöscht, scheint sich also immer wieder bei jedem start neu drauf zu packen.

M-K-D-B · 30.07.2015, 13:33

Servus,

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

RVD85 · 31.07.2015, 06:56

frst.txt:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:30-07-2015
durchgeführt von Admin (Administrator) auf LIVINGROOM (31-07-2015 07:51:35)
Gestartet von C:\Users\Admin\Desktop
Geladene Profile: Admin (Verfügbare Profile: Admin & Dori)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Advanced Micro Devices, Inc.) I:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(DATA BECKER GmbH & Co KG) C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
() I:\Program Files\ShrewSoft\VPN Client\dtpd.exe
(DTS) C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
() I:\Program Files\ShrewSoft\VPN Client\iked.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
() I:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(O&O Software GmbH) I:\Program Files\OO Software\Defrag\oodag.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Seagate Technology LLC) I:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(TomTom) I:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(ASUSTeK Computer Inc.) C:\Users\Admin\ASUS\AI Suite\AI Suite II\AsRoutineController.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Samsung) I:\Program Files (x86)\Kies\Kies.exe
(Unified Intents AB) I:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
() I:\Program Files (x86)\Launchy\Launchy.exe
(Dropbox, Inc.) C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
(ASUSTeK Computer Inc.) C:\Users\Admin\ASUS\AI Suite\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc.) C:\Users\Admin\ASUS\AI Suite\AI Suite II\AI Suite II.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTeK Computer Inc.) C:\Users\Admin\ASUS\AI Suite\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Gembird Europe B.V.) I:\Program Files (x86)\Gembird\Power Manager\pm.exe
(ZF Electronics GmbH) I:\Program Files (x86)\Cherry\KeyMan\KeyMan.exe
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) I:\Program Files\AMD\ATI.ACE\Core-Static\MOM.exe
(ZF Electronics GmbH) I:\Program Files (x86)\Cherry\CDI\cdi.exe
(Advanced Micro Devices Inc.) I:\Program Files\AMD\ATI.ACE\Core-Static\CCC.exe
(ZF Electronics GmbH) C:\Program Files (x86)\Common Files\Cherry\Common\kbdhook64.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7560296 2011-12-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-24] (CANON INC.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [7406392 2012-11-29] (Logitech Inc.)
HKLM\...\Run: [OODefragTray] => I:\Program Files\OO Software\Defrag\oodtray.exe
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [Power Manager] => I:\Program Files (x86)\Gembird\Power Manager\pm.exe [10043392 2010-12-09] (Gembird Europe B.V.)
HKLM-x32\...\Run: [CherryKeyMan] => I:\Program Files (x86)\Cherry\KeyMan\KeyMan.exe [258100 2009-07-29] (ZF Electronics GmbH)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [140640 2010-03-02] (CANON INC.)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [StartCCC] => I:\Program Files\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-06-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [708496 2015-04-20] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3730344 2015-07-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKU\S-1-5-21-500210103-394823293-4185795276-1000\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44544 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-500210103-394823293-4185795276-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22012688 2015-06-20] (Google)
HKU\S-1-5-21-500210103-394823293-4185795276-1000\...\Run: [Steam] => I:\Program Files (x86)\Steam\steam.exe [2895552 2015-07-24] (Valve Corporation)
HKU\S-1-5-21-500210103-394823293-4185795276-1000\...\Run: [DAEMON Tools Lite] => I:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3478336 2012-01-24] (DT Soft Ltd)
HKU\S-1-5-21-500210103-394823293-4185795276-1000\...\Run: [KiesPDLR] => I:\Program Files (x86)\Kies\External\FirmwareUpdate\KiesPDLR.exe [843568 2014-05-28] (Samsung)
HKU\S-1-5-21-500210103-394823293-4185795276-1000\...\Run: [KiesPreload] => I:\Program Files (x86)\Kies\Kies.exe [1563440 2014-05-28] (Samsung)
HKU\S-1-5-21-500210103-394823293-4185795276-1000\...\Run: [Unified Remote V3] => I:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe [4205776 2015-03-21] (Unified Intents AB)
HKU\S-1-5-21-500210103-394823293-4185795276-1000\...\Run: [Dropbox Update] => C:\Users\Admin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-20] (Dropbox, Inc.)
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012-01-26]
ShortcutTarget: Dropbox.lnk -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launchy.lnk [2012-01-15]
ShortcutTarget: Launchy.lnk -> I:\Program Files (x86)\Launchy\Launchy.exe ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-500210103-394823293-4185795276-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-500210103-394823293-4185795276-1000 -> {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-13] (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (CANON INC.)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-13] (Advanced Micro Devices)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> I:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-29] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> I:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-29] (Oracle Corporation)
BHO-x32: Microsoft-Webtestaufzeichnung 10.0-Hilfsprogramm -> {DDA57003-0068-4ed2-9D32-4D1EC707D94D} -> C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2010-03-19] (Microsoft Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)
Toolbar: HKU\S-1-5-21-500210103-394823293-4185795276-1000 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  Keine Datei
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - I:\Program Files (x86)\AVG\AVG2012\avgpp.dll Keine Datei
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0BEBD939-8AE5-4899-9639-03587D2994CF}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{1E3AB28C-61E6-4230-89A0-4DC7DCD53725}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{3B12CA59-DD93-43EF-B982-DADDB917290C}: [NameServer] 141.99.2.2,141.99.1.12
Tcpip\..\Interfaces\{F290B9ED-8147-463F-A2DA-056CD7A0CEE2}: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ix0ui9a2.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-30] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-30] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> I:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2012-03-06] ()
FF Plugin-x32: @canon.com/EPPEX -> I:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-04-14] (CANON INC.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2013-08-28] (DivX, LLC)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-29] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> I:\PROGRA~3\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> I:\PROGRA~3\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-18] (Google Inc.)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.19 -> I:\Program Files (x86)\Veetle\plugins\npVeetle.dll [2012-01-14] (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> I:\Program Files (x86)\Veetle\Player\npvlc.dll [2012-01-14] (Veetle Inc)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> I:\Program Files (x86)\VLC\npvlc.dll [2013-04-11] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-500210103-394823293-4185795276-1000: @acestream.net/acestreamplugin,version=2.2.4-next -> C:\Users\Admin\AppData\Roaming\ACEStream\player\npace_plugin.dll Keine Datei
FF Plugin HKU\S-1-5-21-500210103-394823293-4185795276-1000: @protectdisc.com/NPPDLicenseHelper -> C:\Users\Admin\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll [2009-06-25] ( )
FF Plugin HKU\S-1-5-21-500210103-394823293-4185795276-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-500210103-394823293-4185795276-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-18] (Google Inc.)
FF Extension: LastPass - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ix0ui9a2.default\Extensions\support@lastpass.com [2015-07-28]
FF Extension: YouTube Unblocker - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ix0ui9a2.default\Extensions\youtubeunblocker__web@unblocker.yt [2015-07-28]
FF Extension: NoScript - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ix0ui9a2.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-07-27]
FF Extension: YouTube High Definition - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ix0ui9a2.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2015-07-30]
FF Extension: {9d10929f-a4e5-4e4c-992c-2bdd7b01c19e} - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ix0ui9a2.default\Extensions\{9d10929f-a4e5-4e4c-992c-2bdd7b01c19e}.xpi [2014-11-30]
FF Extension: Adblock Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ix0ui9a2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-07-27]
FF Extension: YouTube Flash Video Player - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ix0ui9a2.default\Extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi [2015-07-30]
FF HKU\S-1-5-21-500210103-394823293-4185795276-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF HKU\S-1-5-21-500210103-394823293-4185795276-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-12-18]
StartMenuInternet: FIREFOX.EXE - C:\Users\Dori\AppData\Local\Mozilla Firefox\firefox.exe

Chrome: 
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2014-11-29]
CHR Extension: (VLC for YouTube™) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ablmclcliiiegfmpbkfhnhipoejclmel [2013-07-06]
CHR Extension: (Youtube Video Downloader) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajcdokmfhjckfhjdgjhdcjpmjgnihkad [2013-07-06]
CHR Extension: (Lucidchart Diagrams - Online) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apboafhkiegglekeafbckfjldecefkhn [2014-11-06]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-05]
CHR Extension: (ColorZilla) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2015-01-18]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-05-04]
CHR Extension: (Firebug Lite for Google Chrome™) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench [2012-12-05]
CHR Extension: (Adblock Plus) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2012-03-14]
CHR Extension: (Webpage Screenshot) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki [2012-03-14]
CHR Extension: (Google Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-05-04]
CHR Extension: (Mendeley Web Importer) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcekngoadbakijofhmkeddpbeagodnmj [2012-05-03]
CHR Extension: (Axure RP Extension for Chrome) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dogkpdfcklifaemcdfbildhcofnopogp [2015-02-09]
CHR Extension: (Zotero Connector) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2014-06-12]
CHR Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2012-03-14]
CHR Extension: (Ggoal) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gchpchgegkdmbbhdikfmplpllehnfnmk [2012-12-01]
CHR Extension: (The QR Code Generator) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcmhlmapohffdglflokbgknlknnmogbb [2012-03-14]
CHR Extension: (Full Screen Flash) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejijbmhbanhbllpkhfojmimfolkjgdl [2014-11-06]
CHR Extension: (What's My Page Rank?) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjdlgkedhmidgicfpepbdbdkhbfeoekn [2012-12-29]
CHR Extension: (TinEye Reverse Image Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2012-08-27]
CHR Extension: (Picnik Extension for Chrome) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcifofgaphfkfdcjbdogpamghiihilkl [2012-03-14]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2012-03-14]
CHR Extension: (Bitly 
 Unleash the power of the link) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic [2012-03-14]
CHR Extension: (Yulia Brodskaya) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgdloilieclkegafohackmhffbmdpko [2014-03-22]
CHR Extension: (Show Just Image 2) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkmfdgbckjnonfaeppcjoacnnfncain [2012-03-14]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (muube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfkbedgidedjmehpinfglihpnakiogac [2012-12-25]
CHR Extension: (Explain and Send Screenshots) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdddabjhelpilpnpgondfmehhcplpiin [2012-03-14]
CHR Extension: (Kein Name) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim [2015-07-30]
CHR Extension: (SEO Webpage Analysis Tool) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfhheamcohgngngnmpckfgcfmdabmno [2012-12-29]
CHR Extension: (Pinner for Pinterest) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndiedfldbpmieeknpleihpglnhgonlni [2013-08-13]
CHR Extension: (Kein Name) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nknonnojlmhnmjhpeokdbeineeajcemh [2015-07-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR Extension: (Better Pop Up Blocker) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpeeekfhbmikbdhlpjbfmnpgcbeggic [2013-10-30]
CHR Extension: (Show Apps in new tab) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nohbdifokmdgjcbbeobglcbaifinhfip [2014-03-22]
CHR Extension: (G+me for Google Plus™) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacdcllhgpddmlnhajiacfakhlilbicp [2012-03-14]
CHR Extension: (Adblock Pro) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2013-10-30]
CHR Extension: (SABconnect++) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\okphadhbbjadcifjplhifajfacbkkbod [2014-11-06]
CHR Extension: (ChopChop) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pblooemobkabfekpcecennnbfekjcadg [2012-12-25]
CHR Extension: (Google Reader) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjjhlfkghdhmijklfnahfkpgmhcmfgcm [2012-10-24]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-05-04]
CHR HKU\S-1-5-21-500210103-394823293-4185795276-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Admin\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-04]
CHR HKU\S-1-5-21-500210103-394823293-4185795276-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [heoldelcflnigdllmlopiefhkkobendj] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [ochbjojkpcmlfeagbaahkofepalngihg] - No Path Or update_url value
StartMenuInternet: Google Chrome - C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; I:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-06-22] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [922240 2011-10-07] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [915584 2011-10-07] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2011-10-07] ()
R2 avgfws; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [1528432 2015-07-07] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3518376 2015-07-07] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [314304 2015-07-07] (AVG Technologies CZ, s.r.o.)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [Datei ist nicht signiert]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R3 Cherry Device Interface; I:\Program Files (x86)\Cherry\CDI\cdi.exe [585774 2009-05-28] (ZF Electronics GmbH) [Datei ist nicht signiert]
R2 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [2650112 2010-05-28] (DATA BECKER GmbH & Co KG) [Datei ist nicht signiert]
R2 dtpd; I:\Program Files\ShrewSoft\VPN Client\dtpd.exe [56592 2010-10-08] ()
R2 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [210024 2011-05-31] (DTS)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
R2 iked; I:\Program Files\ShrewSoft\VPN Client\iked.exe [957712 2010-10-08] ()
R2 ipsecd; I:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [697616 2010-10-08] ()
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 Microsoft SharePoint Workspace Audit Service; I:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [30814400 2013-12-19] (Microsoft Corporation)
R2 MSSQL$JTLWAWI; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
R2 OODefragAgent; I:\Program Files\OO Software\Defrag\oodag.exe [1656616 2013-12-16] (O&O Software GmbH)
S3 Origin Client Service; I:\Spiele\Origin\OriginClientService.exe [1910640 2015-03-15] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-05-29] ()
R2 PSI_SVC_2_x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
S3 SandraAgentSrv; I:\Program Files\SiSoftware\SiSoftware Sandra Business 2012.SP1\RpcAgentSrv.exe [95896 2008-12-12] (SiSoftware) [Datei ist nicht signiert]
R2 Seagate Dashboard Services; I:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [14528 2012-07-02] (Seagate Technology LLC)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2011-06-16] (Microsoft Corporation) [Datei ist nicht signiert]
R2 TomTomHOMEService; I:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [92592 2012-04-20] (TomTom)
S4 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [14407384 2014-10-29] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1195920 2015-07-23] ()

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [138360 2012-01-29] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [138360 2012-01-29] (SlySoft, Inc.)
R2 AODDriver4.3; I:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2011-10-07] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-10-07] (MCCI Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [67552 2015-04-14] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [293296 2015-06-26] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [253408 2015-05-12] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [259040 2015-06-16] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [226784 2015-06-10] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [281568 2015-05-12] (AVG Technologies CZ, s.r.o.)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-02-02] (DT Soft Ltd)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-10-30] () [Datei ist nicht signiert]
S3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-22] (AVM GmbH)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66360 2012-10-03] (Logitech Inc.)
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 SANDRA; I:\Program Files\SiSoftware\SiSoftware Sandra Business 2012.SP1\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
R3 uvhid; C:\Windows\System32\DRIVERS\uvhid.sys [25592 2015-03-21] (Windows (R) Win 7 DDK provider)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2014-10-16] (Cisco Systems, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 NLNdisMP; system32\DRIVERS\nlndis.sys [X]
S3 NLNdisPT; system32\DRIVERS\nlndis.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
U4 SR; No ImagePath
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-07-31 07:51 - 2015-07-31 07:51 - 00044290 _____ C:\Users\Admin\Desktop\FRST.txt
2015-07-31 07:51 - 2015-07-31 07:51 - 00000000 ____D C:\Users\Admin\Desktop\FRST-OlderVersion
2015-07-30 10:13 - 2015-07-30 10:13 - 00001285 _____ C:\Users\Admin\Desktop\JRT.txt
2015-07-30 09:38 - 2015-07-30 09:42 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-30 09:38 - 2015-07-30 09:39 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-07-30 09:38 - 2015-07-30 09:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-07-30 09:38 - 2015-07-30 09:39 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-07-30 09:38 - 2015-07-30 09:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-30 09:38 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-30 09:38 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-30 09:38 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-30 09:26 - 2015-07-30 09:27 - 00008522 _____ C:\Users\Admin\Desktop\Rkill.txt
2015-07-30 09:25 - 2015-07-30 09:25 - 01798176 _____ (Malwarebytes Corporation) C:\Users\Admin\Desktop\JRT.exe
2015-07-30 09:24 - 2015-07-30 09:25 - 02248704 _____ C:\Users\Admin\Desktop\AdwCleaner_4.208 (1).exe
2015-07-30 09:24 - 2015-07-30 09:24 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Admin\Desktop\mbam-setup-2.1.6.1022.exe
2015-07-30 09:22 - 2015-07-30 09:22 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\Admin\Desktop\rkill.com
2015-07-30 09:22 - 2015-07-30 09:22 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-29 17:48 - 2015-07-29 17:48 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-07-29 17:48 - 2015-07-29 17:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-07-29 02:02 - 2015-07-29 16:07 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-29 02:01 - 2015-07-29 02:01 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-07-29 02:01 - 2015-07-29 02:01 - 00002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-07-28 16:05 - 2015-07-28 16:05 - 00055007 _____ C:\ComboFix.txt
2015-07-28 14:57 - 2015-07-25 20:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-28 14:57 - 2015-07-25 20:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-28 14:57 - 2015-07-25 20:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-28 14:57 - 2015-07-25 20:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-28 14:57 - 2015-07-25 20:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-28 14:57 - 2015-07-25 20:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-28 14:57 - 2015-07-25 20:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-28 14:57 - 2015-07-25 19:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-28 14:22 - 2015-07-28 16:05 - 00000000 ____D C:\Qoobox
2015-07-28 14:22 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-07-28 14:22 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-07-28 14:22 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-07-28 14:22 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-07-28 14:22 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-07-28 14:22 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-07-28 14:22 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-07-28 14:22 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-07-28 14:21 - 2015-07-28 16:02 - 00000000 ____D C:\Windows\erdnt
2015-07-28 14:18 - 2015-07-28 14:18 - 05633622 ____R (Swearware) C:\Users\Admin\Desktop\ComboFix.exe
2015-07-27 16:36 - 2015-07-31 07:51 - 00000000 ____D C:\FRST
2015-07-27 16:32 - 2015-07-31 07:51 - 02168832 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2015-07-27 14:09 - 2015-07-27 14:09 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Admin\Desktop\tdsskiller.exe
2015-07-27 04:48 - 2015-07-27 12:33 - 00002896 _____ C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
2015-07-27 04:48 - 2015-07-27 12:33 - 00002896 _____ C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-07-27 04:48 - 2015-06-08 14:13 - 00428880 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2015-07-27 04:48 - 2015-06-08 14:13 - 00348488 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2015-07-27 04:47 - 2015-07-28 14:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-07-27 03:11 - 2015-07-30 09:33 - 00000000 ____D C:\AdwCleaner
2015-07-26 20:34 - 2015-07-26 20:34 - 01522728 _____ C:\Windows\Minidump\072615-31621-01.dmp
2015-07-22 12:12 - 2015-07-22 12:12 - 00001342 _____ C:\Users\Admin\Desktop\Knuddels.de.lnk
2015-07-22 12:12 - 2015-07-22 12:12 - 00000000 ____D C:\Program Files\Java
2015-07-21 08:56 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 08:56 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 08:56 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 08:56 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 08:56 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 08:56 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 08:56 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 08:56 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 08:56 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 08:56 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-18 20:03 - 2015-07-18 20:03 - 00062779 _____ C:\Windows\SysWOW64\CCCInstall_201507182003112237.log
2015-07-18 20:03 - 2015-07-18 20:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-07-18 20:00 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-18 20:00 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-18 20:00 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-18 20:00 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-18 20:00 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-18 20:00 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-18 20:00 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-18 20:00 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-18 20:00 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-18 20:00 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-18 20:00 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-18 20:00 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-18 20:00 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-18 20:00 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-18 20:00 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-18 20:00 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-18 20:00 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-18 20:00 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-18 20:00 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-18 20:00 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-18 20:00 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-18 20:00 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-18 20:00 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-18 20:00 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-18 20:00 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-18 20:00 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-18 20:00 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-18 20:00 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-18 20:00 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-18 20:00 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-18 20:00 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-18 20:00 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-18 20:00 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-18 20:00 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-18 20:00 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-18 20:00 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-18 20:00 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-18 20:00 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-18 20:00 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-18 20:00 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-18 20:00 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-18 20:00 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-18 20:00 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-18 20:00 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-18 20:00 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-18 20:00 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-18 20:00 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-18 20:00 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-18 20:00 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-18 20:00 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-18 20:00 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-18 20:00 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-18 20:00 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-18 20:00 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-18 20:00 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-18 20:00 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-18 20:00 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-18 20:00 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-18 20:00 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-18 20:00 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-18 20:00 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-18 20:00 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-18 20:00 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-18 20:00 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-18 20:00 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-18 20:00 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-18 20:00 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-18 20:00 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-18 20:00 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-18 20:00 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-18 20:00 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-18 20:00 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-18 20:00 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-18 20:00 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-18 20:00 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-18 20:00 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-18 20:00 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-18 20:00 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-18 20:00 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-18 20:00 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-18 20:00 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-18 20:00 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-18 20:00 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-18 20:00 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-18 20:00 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-18 20:00 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-18 20:00 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-18 20:00 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-18 20:00 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-18 20:00 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-18 20:00 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-18 20:00 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-18 20:00 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-18 20:00 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-18 20:00 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-18 20:00 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-18 20:00 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-18 20:00 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-18 20:00 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-18 20:00 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-18 20:00 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-18 20:00 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-18 20:00 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-18 20:00 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-18 20:00 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-18 20:00 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-18 20:00 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-18 20:00 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-18 20:00 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-18 20:00 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-18 20:00 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-18 20:00 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-18 20:00 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-18 20:00 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-18 20:00 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-18 20:00 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-18 20:00 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-18 20:00 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-18 20:00 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-18 20:00 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-18 20:00 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-18 20:00 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-18 20:00 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-18 20:00 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-18 20:00 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-18 20:00 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-18 20:00 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-18 20:00 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-18 20:00 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-18 20:00 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-18 20:00 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-18 20:00 - 2015-06-11 19:56 - 01112576 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-18 20:00 - 2015-06-11 19:16 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-07-18 20:00 - 2015-06-11 19:15 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-07-18 20:00 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-18 20:00 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-18 20:00 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-18 20:00 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-18 20:00 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-18 20:00 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-18 20:00 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-18 20:00 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-18 20:00 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-18 20:00 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-18 19:54 - 2015-07-18 19:54 - 00000000 ____D C:\Users\Admin\AppData\Roaming\AVG2015
2015-07-18 19:53 - 2015-07-27 14:01 - 00000000 ____D C:\Program Files\Common Files\AV
2015-07-18 19:53 - 2015-07-18 19:53 - 00000981 _____ C:\Users\Public\Desktop\AVG 2015.lnk
2015-07-18 19:52 - 2015-07-24 09:41 - 00000000 ____D C:\ProgramData\AVG2015
2015-07-18 19:52 - 2015-07-18 19:52 - 00000000 ____D C:\Program Files (x86)\AVG

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-07-31 07:51 - 2012-01-14 23:13 - 00000000 ____D C:\ProgramData\MFAData
2015-07-31 07:51 - 2012-01-14 00:14 - 02083927 _____ C:\Windows\WindowsUpdate.log
2015-07-31 07:49 - 2015-03-24 09:19 - 00000000 ____D C:\ProgramData\Unified Remote
2015-07-31 07:49 - 2015-01-19 01:51 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2015-07-31 07:49 - 2012-10-02 23:22 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-31 07:49 - 2012-01-26 01:54 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Dropbox
2015-07-31 07:48 - 2015-01-18 23:49 - 00000000 ____D C:\ProgramData\VMware
2015-07-31 07:48 - 2010-11-21 05:47 - 02367998 _____ C:\Windows\PFRO.log
2015-07-31 07:48 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-31 07:48 - 2009-07-14 06:51 - 00204108 _____ C:\Windows\setupact.log
2015-07-30 21:54 - 2012-09-07 10:34 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-30 21:43 - 2009-07-14 06:45 - 00026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-30 21:43 - 2009-07-14 06:45 - 00026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-30 21:28 - 2015-06-20 00:13 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-500210103-394823293-4185795276-1000UA.job
2015-07-30 21:28 - 2012-10-02 23:22 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-30 21:28 - 2012-01-14 02:10 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-500210103-394823293-4185795276-1000UA.job
2015-07-30 20:26 - 2012-01-14 02:10 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-500210103-394823293-4185795276-1000Core.job
2015-07-30 15:29 - 2012-09-07 10:34 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-30 15:29 - 2012-09-07 10:34 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-30 15:29 - 2012-01-19 05:40 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-30 15:00 - 2011-04-12 09:43 - 00855206 _____ C:\Windows\system32\perfh007.dat
2015-07-30 15:00 - 2011-04-12 09:43 - 00209274 _____ C:\Windows\system32\perfc007.dat
2015-07-30 15:00 - 2009-07-14 07:13 - 02032322 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-30 10:00 - 2012-01-16 03:11 - 00000000 ____D C:\Windows\Sun
2015-07-30 02:08 - 2012-01-28 14:33 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Skype
2015-07-29 17:50 - 2013-11-10 07:42 - 00000000 ____D C:\ProgramData\Oracle
2015-07-29 17:48 - 2014-11-22 05:21 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-29 15:51 - 2014-10-31 21:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-29 03:00 - 2014-05-06 22:22 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-29 02:01 - 2012-01-17 01:42 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-07-28 16:05 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-07-28 16:00 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-07-28 15:59 - 2009-07-14 04:34 - 25165824 _____ C:\Windows\system32\config\SYSTEM.bak
2015-07-28 15:59 - 2009-07-14 04:34 - 134479872 _____ C:\Windows\system32\config\SOFTWARE.bak
2015-07-28 15:59 - 2009-07-14 04:34 - 05242880 _____ C:\Windows\system32\config\DEFAULT.bak
2015-07-28 15:59 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2015-07-28 15:59 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2015-07-27 14:01 - 2015-03-10 14:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-07-27 13:24 - 2015-06-20 00:13 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-500210103-394823293-4185795276-1000Core.job
2015-07-27 13:24 - 2012-02-05 16:46 - 00000000 ____D C:\Windows\pss
2015-07-27 13:23 - 2015-03-19 18:46 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Raptr
2015-07-27 13:18 - 2012-01-17 01:41 - 00000000 ____D C:\ProgramData\Adobe
2015-07-27 03:03 - 2012-01-14 00:14 - 00000000 ____D C:\Users\Admin
2015-07-26 20:34 - 2012-01-30 15:59 - 00000000 ____D C:\Windows\Minidump
2015-07-25 12:03 - 2015-04-07 01:34 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-23 17:53 - 2012-01-14 11:01 - 00000000 ____D C:\Users\Admin\AppData\Roaming\vlc
2015-07-23 13:26 - 2014-11-07 13:42 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2015-07-22 12:12 - 2014-11-22 05:23 - 00001346 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Knuddels.de.lnk
2015-07-22 12:12 - 2014-11-22 05:23 - 00001342 _____ C:\Users\Dori\Desktop\Knuddels.de.lnk
2015-07-22 04:36 - 2012-01-15 01:07 - 00000000 ____D C:\Users\Admin\AppData\Roaming\foobar2000
2015-07-21 13:10 - 2009-07-14 06:45 - 00429888 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-20 20:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-20 14:44 - 2012-01-19 04:22 - 00000000 ____D C:\ProgramData\CanonIJPLM
2015-07-19 21:38 - 2014-11-07 13:42 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2015-07-19 13:19 - 2015-06-20 00:13 - 00004198 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-500210103-394823293-4185795276-1000UA
2015-07-19 13:19 - 2015-06-20 00:13 - 00003802 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-500210103-394823293-4185795276-1000Core
2015-07-19 03:35 - 2015-04-07 01:34 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-19 03:35 - 2014-12-12 08:08 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-19 03:35 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-19 03:16 - 2012-01-14 23:34 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-19 03:11 - 2013-08-14 03:00 - 00000000 ____D C:\Windows\system32\MRT
2015-07-19 01:32 - 2012-10-02 23:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-07-18 20:46 - 2012-01-28 14:33 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-18 20:46 - 2012-01-28 14:33 - 00000000 ____D C:\ProgramData\Skype
2015-07-18 20:21 - 2012-10-02 23:22 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-18 20:21 - 2012-10-02 23:22 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-18 20:21 - 2012-01-14 02:10 - 00004094 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-500210103-394823293-4185795276-1000UA
2015-07-18 20:21 - 2012-01-14 02:10 - 00003698 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-500210103-394823293-4185795276-1000Core
2015-07-18 20:03 - 2015-03-19 18:46 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-07-18 20:02 - 2012-03-15 03:18 - 00000000 ____D C:\Program Files\AMD
2015-07-18 20:02 - 2012-03-15 03:17 - 00000000 ____D C:\ProgramData\AMD
2015-07-18 19:54 - 2012-08-28 16:20 - 00000000 ____D C:\$AVG
2015-07-18 19:47 - 2012-08-12 14:18 - 00000000 ____D C:\AMD
2015-07-06 16:40 - 2015-03-16 18:42 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Audacity
2015-07-03 23:36 - 2012-01-15 00:47 - 00646551 _____ C:\Windows\DirectX.log
2015-07-03 08:43 - 2012-01-15 22:58 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2012-01-16 00:29 - 2012-03-15 03:47 - 11296768 _____ () C:\Users\Admin\AppData\Roaming\Sandra.mdb
2013-04-24 00:01 - 2013-04-24 00:01 - 0026900 _____ () C:\Users\Admin\AppData\Local\dt.dat
2015-03-25 15:02 - 2015-03-25 15:02 - 0007605 _____ () C:\Users\Admin\AppData\Local\Resmon.ResmonCfg
2015-01-29 00:18 - 2015-01-29 00:18 - 0000032 RSHOT () C:\Users\Admin\AppData\Local\t70rc.dat
2012-02-09 05:32 - 2014-08-28 10:49 - 0000124 ___SH () C:\ProgramData\.zreglib

==================== Bamital & volsnap Check =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe
[2011-06-16 19:09] - [2011-06-18 01:30] - 2871808 ____A (Microsoft Corporation) 5740B1555D51D56547043181789027A5

C:\Windows\SysWOW64\explorer.exe
[2011-06-16 19:09] - [2011-06-18 01:35] - 2616320 ____A (Microsoft Corporation) 88B413E78ADB75A062AB947C1BF6D49A

C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-07-23 14:47

==================== Ende von log ============================

28.07.2015, 14:06	#10
M-K-D-B /// TB-Ausbilder	JollyWallet, Coupon Werbung und unsichtbare Links in Chrome Servus, ok, evtl. im abgesicherten Modus mit Netzwerkunterstützung probieren. Wenn es wieder nicht geht, bitte einfach sagen.

30.07.2015, 13:33	#14
M-K-D-B /// TB-Ausbilder	JollyWallet, Coupon Werbung und unsichtbare Links in Chrome Servus, Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen. FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt). Poste mir beide Logdateien mit deiner nächsten Antwort.

JollyWallet, Coupon Werbung und unsichtbare Links in Chrome

Plagegeister aller Art und deren Bekämpfung: JollyWallet, Coupon Werbung und unsichtbare Links in Chrome