PC sehr langsam und hängt oft für einige sekunden

Mex271284 · 31.07.2015, 13:10

hallo,

seit einiger zeit ist mein pc allgemein sehr langsam. ordner öffnen sich nur schleppend und auch internetseite bauen sich langsam auf bzw hacken mit langen wartepausen. auch programme die ich öffne brauchen viel länger um sich zu öffnen als normalerweise.
nun frage ich mich, ob ich einen virus o.ä. habe oder ob ich meinen pc irgendwie wieder flotter bekomme ohne alles formatieren zu müssen?
wäre super wenn mir jemand helfen könnte

schrauber · 31.07.2015, 13:13

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Mex271284 · 31.07.2015, 14:31

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:30-07-2015
durchgeführt von Mex (Administrator) auf MEX-PC (31-07-2015 15:28:31)
Gestartet von C:\Users\Mex\Desktop
Geladene Profile: Mex & UpdatusUser (Verfügbare Profile: Mex & UpdatusUser)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(brother Industries Ltd) C:\Windows\System32\brsvc01a.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(CyberLink) C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe
(brother Industries Ltd) C:\Windows\System32\brss01a.exe
(Realtek Semiconductor Corp.) C:\Program Files\REALTEK\USB Wireless LAN Utility\RtlService.exe
(Realtek Semiconductor Corp.) C:\Program Files\REALTEK\USB Wireless LAN Utility\RtWLan.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(ScanSoft, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Spotify Ltd) C:\Users\Mex\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
(Nico Mak Computing) C:\Program Files\WinZip\FAH\FAHWindow32.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [APSDaemon] => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [155648 2003-10-14] (Scansoft, Inc.)
HKLM\...\Run: [PaperPort PTD] => C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [57393 2005-03-17] (ScanSoft, Inc.)
HKLM\...\Run: [IndexSearch] => C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [40960 2005-03-17] (ScanSoft, Inc.)
HKLM\...\Run: [BrMfcWnd] => C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM\...\Run: [ControlCenter3] => C:\Program Files\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM\...\Run: [PowerDVD13Agent] => C:\Program Files\CyberLink\PowerDVD13\PowerDVD13Agent.exe [513048 2013-03-20] (CyberLink Corp.)
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-07] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [782008 2015-07-26] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3692795522-2443571778-2170560698-1000\...\Run: [KiesAirMessage] => C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-3692795522-2443571778-2170560698-1000\...\Run: [Spotify Web Helper] => C:\Users\Mex\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-22] (Spotify Ltd)
HKU\S-1-5-21-3692795522-2443571778-2170560698-1000\...\Run: [TomTomHOME.exe] => C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [248176 2015-07-13] (TomTom)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-04-19] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2015-07-29]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAH\FAHConsole.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2015-07-29]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mex\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mex\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mex\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-25] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-25] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{609297EB-7CCC-4113-9B47-DDD072709332}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{884D6D72-8A1D-4BBC-A30E-5DADC7C5E5E8}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{98E67B42-03EC-4692-957F-FC1B00CCF51C}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{BCB18027-A92E-4BE8-BEDE-14B9D7CE17B9}: [DhcpNameServer] 208.67.222.222 208.67.220.220
Tcpip\..\Interfaces\{C6DAB380-362F-4135-B6EE-881FA15C5E77}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Mex\AppData\Roaming\Mozilla\Firefox\Profiles\ktjfex7a.default-1424108997824
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2013-02-25] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-25] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @Nero.com/KM -> C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-12-19] (Nero AG)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2013-02-25] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-04-11] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3692795522-2443571778-2170560698-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2013-02-25] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-07-13]

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-07-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [461672 2015-07-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [461672 2015-07-26] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-07-26] (Avira Operations GmbH & Co. KG)
R2 Brother XP spl Service; C:\Windows\system32\brsvc01a.exe [57344 2004-06-14] (brother Industries Ltd)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S2 CyberLink PowerDVD 13 Media Server Monitor Service; C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [77576 2013-03-20] (CyberLink)
R2 CyberLink PowerDVD 13 Media Server Service; C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [323336 2013-03-20] (CyberLink)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [769432 2012-07-13] (Nero AG)
R2 RealtekCU; C:\Program Files\REALTEK\USB Wireless LAN Utility\RtlService.exe [36864 2012-05-10] (Realtek Semiconductor Corp.) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5491984 2015-05-13] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 athur; C:\Windows\System32\DRIVERS\athur.sys [1564160 2010-10-11] (Atheros Communications, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108448 2015-07-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136728 2015-07-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2015-05-19] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [37896 2015-03-17] (Avira Operations GmbH & Co. KG)
R3 LVUSBSta; C:\Windows\System32\DRIVERS\LVUSBSta.sys [22016 2005-01-31] (Logitech Inc.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-05-21] (Malwarebytes Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl.sys [18432 2012-09-10] (Apple Inc.) [Datei ist nicht signiert]
S3 PID_0920; C:\Windows\System32\DRIVERS\LV532AV.SYS [163328 2005-01-31] ()
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1345168 2012-11-07] (Realtek Semiconductor Corporation                           )
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [31848 2015-06-19] (Avira Operations GmbH & Co. KG)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2012-12-13] (Apple, Inc.) [Datei ist nicht signiert]
R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5}; C:\Program Files\CyberLink\PowerDVD13\Common\NavFilter\000.fcl [76560 2013-03-19] (CyberLink Corp.)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-07-31 15:28 - 2015-07-31 15:28 - 01673216 _____ (Farbar) C:\Users\Mex\Desktop\FRST.exe
2015-07-31 15:28 - 2015-07-31 15:28 - 00014116 _____ C:\Users\Mex\Desktop\FRST.txt
2015-07-31 11:52 - 2015-07-31 11:52 - 00000000 ____D C:\Users\Mex\Desktop\Fürstengartenstr. 13
2015-07-29 22:45 - 2015-07-31 11:28 - 00000000 ____D C:\Users\Mex\Documents\Add-in Express
2015-07-29 22:45 - 2015-07-29 22:46 - 00000000 ____D C:\ProgramData\WinZip
2015-07-29 22:45 - 2015-07-29 22:45 - 00002155 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2015-07-29 22:45 - 2015-07-29 22:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2015-07-29 22:45 - 2015-07-29 22:45 - 00000000 ____D C:\Program Files\WinZip
2015-07-29 22:41 - 2015-07-29 22:42 - 68745216 _____ C:\Users\Mex\Downloads\wz195gev-32.msi
2015-07-29 13:24 - 2015-07-29 13:24 - 00000000 ____D C:\ProgramData\TomTom
2015-07-29 13:20 - 2015-07-29 13:20 - 00000000 ____D C:\Users\Mex\Documents\TomTom
2015-07-29 13:20 - 2015-07-29 13:20 - 00000000 ____D C:\Users\Mex\AppData\Roaming\TomTom
2015-07-29 13:19 - 2015-07-29 13:19 - 00000000 ____D C:\Program Files\TomTom HOME 2
2015-07-29 13:16 - 2015-07-29 13:16 - 31109864 _____ C:\Users\Mex\Downloads\TomTomHOME2winlatest.exe
2015-07-29 11:50 - 2015-07-29 11:50 - 00010230 _____ C:\Users\Mex\Desktop\Miete.xlsx
2015-07-28 20:58 - 2015-07-25 19:51 - 00015808 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-28 20:58 - 2015-07-25 19:47 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-28 20:58 - 2015-07-25 19:47 - 00587264 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-28 20:58 - 2015-07-25 19:46 - 00924160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-28 20:58 - 2015-07-25 19:46 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-28 20:58 - 2015-07-25 19:46 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-28 20:58 - 2015-07-25 19:46 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-28 20:58 - 2015-07-25 19:40 - 00932864 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-27 18:18 - 2015-07-27 18:19 - 00000000 ____D C:\Users\Mex\AppData\Roaming\bermy
2015-07-27 18:17 - 2015-07-27 18:17 - 01668096 _____ C:\Users\Mex\Downloads\update v1.6.msi
2015-07-26 14:04 - 2015-07-26 14:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-07-23 17:02 - 2015-07-24 10:30 - 00000000 ____D C:\Users\Mex\Desktop\Focus Pdf
2015-07-23 16:56 - 2015-07-23 16:56 - 00000000 _____ C:\Users\Mex\Downloads\download.php
2015-07-23 15:07 - 2015-07-23 15:07 - 00000000 ____D C:\Users\Mex\AppData\Local\CEF
2015-07-23 10:27 - 2015-07-29 13:30 - 00011840 _____ C:\Users\Mex\Desktop\pws.xlsx
2015-07-21 14:46 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 14:46 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 14:46 - 2015-07-15 04:55 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 14:46 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 14:46 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-15 12:30 - 2015-07-09 19:43 - 02943488 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 12:30 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 12:30 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 12:30 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 12:30 - 2015-07-09 19:43 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 12:30 - 2015-07-09 19:43 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 12:30 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 12:30 - 2015-07-09 19:42 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 12:30 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 12:30 - 2015-07-09 19:42 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 12:30 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 12:30 - 2015-07-01 22:46 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 12:30 - 2015-07-01 22:46 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 12:30 - 2015-07-01 22:30 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 12:30 - 2015-07-01 22:30 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 12:30 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 12:30 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 12:30 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 12:30 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 12:30 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 12:30 - 2015-07-01 22:30 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 12:30 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 12:30 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 12:30 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 12:30 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 12:30 - 2015-07-01 22:30 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 12:30 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 12:30 - 2015-07-01 22:29 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 12:30 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 12:30 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 12:30 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 12:30 - 2015-07-01 21:18 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 12:30 - 2015-07-01 21:18 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 12:30 - 2015-07-01 21:18 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 12:30 - 2015-06-25 10:46 - 02383872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 12:30 - 2015-06-17 19:39 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 12:30 - 2015-06-15 23:47 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 12:30 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 12:30 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 12:30 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 12:30 - 2015-06-15 23:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 12:30 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 12:30 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 12:30 - 2015-06-11 19:57 - 00919552 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-15 12:30 - 2015-06-11 19:15 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-07-15 12:30 - 2015-06-11 19:15 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-07-15 12:30 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 12:30 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 12:30 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 12:30 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 12:29 - 2015-07-09 19:43 - 02057216 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 12:29 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 12:29 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 12:29 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 12:29 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 12:29 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 12:29 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 12:29 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 12:29 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 12:29 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 12:27 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 12:27 - 2015-06-19 20:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 12:27 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 12:27 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 12:27 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 12:27 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 12:27 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 12:27 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 12:27 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 12:27 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 12:27 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 12:27 - 2015-06-19 20:13 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 12:27 - 2015-06-19 20:06 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 12:27 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 12:27 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 12:27 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 12:27 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 12:27 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 12:27 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 12:27 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 12:27 - 2015-06-19 19:40 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 12:27 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 12:27 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 12:27 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-14 14:26 - 2015-07-14 14:26 - 00009363 _____ C:\Users\Mex\Desktop\malle.xlsx
2015-07-13 14:04 - 2015-07-14 11:24 - 00000000 ____D C:\Program Files\Mozilla Firefox

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-07-31 15:28 - 2002-01-01 21:28 - 00000000 ____D C:\FRST
2015-07-31 15:23 - 2013-04-18 19:43 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-31 15:22 - 2013-04-18 16:08 - 01341564 _____ C:\Windows\WindowsUpdate.log
2015-07-31 14:20 - 2009-07-14 06:34 - 00020480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-31 14:20 - 2009-07-14 06:34 - 00020480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-31 14:05 - 2014-08-11 20:50 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2015-07-31 14:05 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-31 14:05 - 2009-07-14 06:39 - 00109858 _____ C:\Windows\setupact.log
2015-07-29 23:49 - 2013-05-12 23:12 - 00000000 ____D C:\Users\Mex\AppData\Roaming\TV-Browser
2015-07-29 13:27 - 2009-11-10 20:44 - 01628044 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-29 13:20 - 2014-06-21 15:16 - 00000000 ____D C:\Users\Mex\AppData\Local\TomTom
2015-07-29 13:19 - 2014-07-11 12:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2015-07-29 13:18 - 2014-07-30 11:43 - 00000000 ____D C:\Users\Mex\AppData\Local\Downloaded Installations
2015-07-29 13:18 - 2014-06-21 15:16 - 00000000 ____D C:\Program Files\TomTom International B.V
2015-07-28 23:28 - 2014-05-12 00:54 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-26 14:02 - 2002-01-01 00:51 - 00136728 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-07-26 14:02 - 2002-01-01 00:51 - 00108448 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-07-25 10:46 - 2015-04-07 22:13 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-23 10:30 - 2002-01-02 04:46 - 00000000 ____D C:\Users\Mex\Desktop\Immobilieninfos
2015-07-21 15:26 - 2009-07-14 06:33 - 00409064 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-20 22:07 - 2015-02-16 22:17 - 00000128 _____ C:\Users\Mex\Desktop\neue pws.txt
2015-07-17 10:25 - 2014-05-30 15:37 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-16 13:23 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-07-16 12:32 - 2014-12-14 18:27 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-16 12:32 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2015-07-15 17:29 - 2013-09-13 00:26 - 00000000 ____D C:\Windows\system32\MRT
2015-07-15 17:23 - 2013-04-18 19:43 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-07-15 17:23 - 2013-04-18 19:43 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-07-15 15:29 - 2009-07-14 06:46 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-07-14 16:28 - 2015-03-20 20:40 - 00000000 ____D C:\Users\Mex\Desktop\cd
2015-07-14 16:19 - 2013-04-19 16:53 - 00507962 _____ C:\Windows\PFRO.log
2015-07-14 16:19 - 2013-04-18 19:43 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-07-03 08:49 - 2009-10-14 04:21 - 127070192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Einige Dateien in TEMP:
====================
C:\Users\Mex\AppData\Local\Temp\avgnt.exe
C:\Users\Mex\AppData\Local\Temp\ose00000.exe


==================== Bamital & volsnap Check =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-07-23 12:41

==================== Ende vom log ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:30-07-2015
durchgeführt von Mex (2015-07-31 15:29:17)
Gestartet von C:\Users\Mex\Desktop
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3692795522-2443571778-2170560698-500 - Administrator - Disabled)
Gast (S-1-5-21-3692795522-2443571778-2170560698-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3692795522-2443571778-2170560698-1003 - Limited - Enabled)
Mex (S-1-5-21-3692795522-2443571778-2170560698-1000 - Administrator - Enabled) => C:\Users\Mex
UpdatusUser (S-1-5-21-3692795522-2443571778-2170560698-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.12.408 - Avira Operations GmbH & Co. KG)
bermy (HKLM\...\{8999f0c3-d93c-4c25-10cb-177cdd28ad52}) (Version: 1.0.0 - viryimim) <==== ACHTUNG
Brother MFL-Pro Suite MFC-215C (HKLM\...\{BB9AC6BF-71B6-42A4-9689-C17D9F44E79A}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.1.4003 - CDBurnerXP)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Counter-Strike: Source (HKLM\...\Steam App 240) (Version:  - Valve)
CyberLink PowerDVD 13 (HKLM\...\InstallShield_{3CFDF154-7E60-4E98-A8DF-C693A4F8E6B6}) (Version: 13.0.2720.57 - CyberLink Corp.)
dm-Fotowelt (HKLM\...\dm-Fotowelt) (Version: 6.0.3 - CEWE Stiftung u Co. KGaA)
Dropbox (HKU\S-1-5-21-3692795522-2443571778-2170560698-1000\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
Free YouTube to MP3 Converter version 3.12.46.923 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.46.923 - DVDVideoSoft Ltd.)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 de) (HKLM\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyDriveConnect 3.3.0.1502 (HKLM\...\MyDriveConnect) (Version: 3.3.0.1502 - TomTom)
MyFreeCodec (HKU\S-1-5-21-3692795522-2443571778-2170560698-1000\...\MyFreeCodec) (Version:  - )
Nero 12 (HKLM\...\{622B6CB8-70B1-4D65-B672-093D19759BA1}) (Version: 12.5.01200 - Nero AG)
NVIDIA Grafiktreiber 307.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.83 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
PaperPort (HKLM\...\{A17EABB6-D0C6-44E5-820C-72DC7F495064}) (Version: 9.02.0823 - ScanSoft, Inc.)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.210.0 - Tracker Software Products Ltd)
Prerequisite installer (Version: 12.0.0003 - Nero AG) Hidden
REALTEK Wireless LAN Driver and Utility (HKLM\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: 1.00.0199 - REALTEK Semiconductor Corp.)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14072.12 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (Version: 3.2.14072.12 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 6.21 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3692795522-2443571778-2170560698-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 2 RC2 (HKLM\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.42650 - TeamViewer)
TomTom HOME (HKLM\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
TV-Browser 3.3a (HKLM\...\tvbrowser) (Version: 3.3a - TV-Browser Team)
Visual Studio C++ 10.0 Runtime (HKLM\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player 2.0.6 (HKLM\...\VLC media player) (Version: 2.0.6 - VideoLAN)
Welcome App (Start-up experience) (Version: 12.0.15000 - Nero AG) Hidden
Winamp (HKLM\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
WinRAR 4.20 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E8}) (Version: 19.5.11475 - WinZip Computing, S.L. )
XviD MPEG-4 Codec (HKLM\...\XviD) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3692795522-2443571778-2170560698-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Mex\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3692795522-2443571778-2170560698-1000_Classes\CLSID\{33C53A50-F456-4884-B049-85FD643ECFED}\InprocServer32 ->  Keine Datei
CustomCLSID: HKU\S-1-5-21-3692795522-2443571778-2170560698-1000_Classes\CLSID\{56FDF344-FD6D-11d0-958A-006097C9A090}\InprocServer32 -> C:\Users\Mex\AppData\Roaming\bermy\ofnuac.dll Keine Datei <==== ACHTUNG
CustomCLSID: HKU\S-1-5-21-3692795522-2443571778-2170560698-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader.dll ()
CustomCLSID: HKU\S-1-5-21-3692795522-2443571778-2170560698-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mex\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3692795522-2443571778-2170560698-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mex\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3692795522-2443571778-2170560698-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mex\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3692795522-2443571778-2170560698-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mex\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

29-07-2015 22:44:12 WinZip 19.5 wird installiert

==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:04 - 2014-03-19 17:07 - 00000705 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0A4ADDFB-65FA-4B6B-A2D8-B75127D4C840} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {9716B6C3-397C-4E68-860E-C3F393B89632} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-04-19 03:05 - 2013-01-31 11:00 - 00079648 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2010-01-30 02:41 - 2010-01-30 02:41 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-08-11 18:34 - 2012-11-06 09:47 - 00114688 _____ () C:\Program Files\REALTEK\USB Wireless LAN Utility\EnumDevLib.dll
2015-07-15 17:23 - 2015-07-15 17:23 - 17448624 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer trusted/restricted ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3692795522-2443571778-2170560698-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Mex\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{2DDD7759-3AAE-49E2-94BC-E23A34C2D568}] => (Allow) C:\Program Files\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{A6DC19CE-7B99-438C-AC56-58D438995A75}] => (Allow) C:\Program Files\TeamViewer\Version8\TeamViewer.exe
FirewallRules: [{F1FA45E1-D3CF-44F0-83DC-7CF0131C133C}] => (Allow) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{2328E596-D946-4976-AA81-B324E2135135}] => (Allow) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
FirewallRules: [{3C3775DD-5732-4D2E-B3F6-BC1E2D31362A}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{A3A9C762-3AFB-4224-9F97-E55AB2C73B4F}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{00E9C3C1-42F9-4625-ACCF-EF4B83DE2675}] => (Allow) C:\Program Files\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{9AD8C2C7-AC52-45E9-A306-58D562A1AAC4}] => (Allow) C:\Program Files\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{C94E01BA-1745-421B-998D-ED2FAB91737E}] => (Allow) C:\Program Files\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{A1E8F85E-292B-4528-BBE8-4BEADF26176E}] => (Allow) C:\Program Files\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{5346F680-6A8D-4707-A459-44450451D316}] => (Allow) C:\Program Files\Nero\KM\KwikMedia.exe
FirewallRules: [{FA34DC92-A42D-42C6-A490-2CB1D9295CD0}] => (Allow) C:\Program Files\Nero\KM\KwikMedia.exe
FirewallRules: [{A1CE8995-D104-459B-AC1C-D6D5EF8AB38D}] => (Allow) C:\Program Files\TV-Browser\tvbrowser.exe
FirewallRules: [{4EC0F63A-6A2B-4E72-97AE-22CECDDCB858}] => (Allow) C:\Program Files\TV-Browser\tvbrowser.exe
FirewallRules: [{0C87DA86-8310-4DD8-95FB-696912FA8450}] => (Allow) C:\Program Files\TV-Browser\tvbrowser_noDD.exe
FirewallRules: [{C5CFA392-D4C0-4B3E-9990-8D64FE3F55BA}] => (Allow) C:\Program Files\TV-Browser\tvbrowser_noDD.exe
FirewallRules: [{BBF68CE8-A564-4F98-8418-7E83A78956B4}] => (Allow) C:\Program Files\Java\jre7\bin\java.exe
FirewallRules: [{D510B024-13EB-4481-A5DA-D413C8133D4D}] => (Allow) C:\Program Files\Java\jre7\bin\java.exe
FirewallRules: [{2531268E-AFD0-41B2-AA18-B76B51364D48}] => (Allow) C:\Program Files\Java\jre7\bin\javaw.exe
FirewallRules: [{B303BAF2-36E5-4C42-A438-E74F7EC4C892}] => (Allow) C:\Program Files\Java\jre7\bin\javaw.exe
FirewallRules: [{2CCDCDED-BDFB-4092-A4F5-C1C92F9287D8}] => (Allow) C:\Program Files\CyberLink\PowerDVD13\PowerDVD13.exe
FirewallRules: [{D3D1ADB0-8EB5-4D13-8CDE-60C510C8D8F0}] => (Allow) C:\Program Files\CyberLink\PowerDVD13\Kernel\DMR\PowerDVD13DMREngine.exe
FirewallRules: [{99CE0E91-32D7-45D1-930F-3412CC58D1E2}] => (Allow) C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe
FirewallRules: [{36F4B308-7FA8-44E2-BD56-AFF9114420FB}] => (Allow) C:\Program Files\CyberLink\PowerDVD13\PowerDVD13Agent.exe
FirewallRules: [{FBDC7B0B-4A74-40DE-9C8D-37E269B36518}] => (Allow) C:\Program Files\CyberLink\PowerDVD13\PowerDVD13ML.exe
FirewallRules: [{05C027D4-8F27-417A-BE70-5C499D4D6957}] => (Allow) C:\Program Files\CyberLink\PowerDVD13\Movie\PowerDVD.exe
FirewallRules: [{A8440E83-B93D-407D-B4B2-34B19022FC7D}] => (Allow) C:\Program Files\CyberLink\PowerDVD13\Movie\PowerDVD Cinema\PowerDVDCinema13.exe
FirewallRules: [{43A0378D-01CD-4CA7-88DD-CB9CB1744734}] => (Allow) C:\spiele\Steam\Steam.exe
FirewallRules: [{2C794484-D57C-4252-978F-FABBB9D5832E}] => (Allow) C:\spiele\Steam\Steam.exe
FirewallRules: [{CECC8443-20C6-48B7-B0EA-A507B5509C9E}] => (Allow) C:\spiele\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{C6894834-8561-4EA9-85AB-43A7DE42C552}] => (Allow) C:\spiele\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{27B99DD7-8D98-40DE-9A64-F6F507CEC962}] => (Allow) C:\Users\Mex\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{1310FF5D-BCEE-43F4-B694-59A8F716CF79}] => (Allow) C:\Users\Mex\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{9EF818E4-EEC2-44AC-A140-10273DCC996F}] => (Allow) C:\spiele\Steam\Steam.exe
FirewallRules: [{DAF1D31E-647E-41BE-94C2-2A004668EB36}] => (Allow) C:\spiele\Steam\Steam.exe
FirewallRules: [{1594C075-888F-474E-8D42-77A70469702C}] => (Allow) C:\spiele\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{275C8120-E2B9-44C4-A489-6BC811AF4E47}] => (Allow) C:\spiele\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{418971B9-EBA8-43D3-8D2A-58FC1B78573D}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{8349652F-717D-40A2-89B5-A7E71035626C}] => (Allow) C:\Program Files\REALTEK\USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{790624CF-AA21-4550-96E8-361205777BE7}] => (Allow) C:\Program Files\REALTEK\USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{FD4741A9-40FC-48CA-934C-77303A331FFB}] => (Allow) LPort=1542
FirewallRules: [{75061347-7034-49DB-B8F5-BDE94A3F7631}] => (Allow) LPort=1542
FirewallRules: [{3BDD6EED-5ACB-4DF9-8679-3E2CBCA440F0}] => (Allow) LPort=53
FirewallRules: [{6E2E623C-CF6D-4E63-9EF9-DE15C633E537}] => (Allow) LPort=67
FirewallRules: [{0348903A-78C1-4F6F-B063-96DDB0BA3B1F}] => (Allow) LPort=68
FirewallRules: [{2F6553CD-EBE1-44DC-A2DC-6CD6BDDE27CE}] => (Allow) LPort=53
FirewallRules: [{B86C5784-BD8A-4855-8183-93454C43F134}] => (Allow) LPort=53
FirewallRules: [{460F4A9B-8C70-4075-A347-6F3B3A47FEE8}] => (Allow) C:\Program Files\REALTEK\USB Wireless LAN Utility\Rtldhcp.exe
FirewallRules: [{BF433B65-BA7D-45C6-A2CA-E1783088EE4E}] => (Allow) C:\spiele\Steam\bin\steamwebhelper.exe
FirewallRules: [{42300121-B6CB-402E-889D-FFA3976F5BCD}] => (Allow) C:\spiele\Steam\bin\steamwebhelper.exe
FirewallRules: [{24B517DF-81F4-4989-ADD4-043B546C2B04}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{E1796B78-BC20-4911-9941-FE66F053791A}] => (Allow) C:\Users\Mex\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{C6D8E9FA-42E2-4CC8-9333-CD73BF27FB50}] => (Allow) C:\Users\Mex\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{F50D7004-495A-4EA0-88EF-434766F87C3B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{CD82BF35-5F39-406F-A25C-096475D41F85}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{F75CBB57-0147-4A9D-BE85-1BFE1A0C7B1C}C:\program files\winamp\winamp.exe] => (Block) C:\program files\winamp\winamp.exe
FirewallRules: [UDP Query User{0EA6B99B-E824-4F8F-83A2-8402EA1D30DD}C:\program files\winamp\winamp.exe] => (Block) C:\program files\winamp\winamp.exe
FirewallRules: [{C82F9199-CADB-4A0C-85F5-CACE551B757A}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{AFF376A0-A46D-42E6-9DEB-8BF7627A0C21}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{B0BF1987-B235-411F-BDE8-D76CED354A13}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{A3775A3C-43D6-45F7-9DD8-44B6A993B168}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Videocontroller für Multimedia
Description: Videocontroller für Multimedia
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Multimediacontroller
Description: Multimediacontroller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/22/2015 10:08:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CLMSMonitorServicePDVD13.exe, Version: 2.2.0.11114, Zeitstempel: 0x5141af03
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18869, Zeitstempel: 0x55636303
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000566a8
ID des fehlerhaften Prozesses: 0x4dc
Startzeit der fehlerhaften Anwendung: 0xCLMSMonitorServicePDVD13.exe0
Pfad der fehlerhaften Anwendung: CLMSMonitorServicePDVD13.exe1
Pfad des fehlerhaften Moduls: CLMSMonitorServicePDVD13.exe2
Berichtskennung: CLMSMonitorServicePDVD13.exe3

Error: (07/16/2015 12:34:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CLMSMonitorServicePDVD13.exe, Version: 2.2.0.11114, Zeitstempel: 0x5141af03
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18869, Zeitstempel: 0x55636303
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000566a8
ID des fehlerhaften Prozesses: 0x77c
Startzeit der fehlerhaften Anwendung: 0xCLMSMonitorServicePDVD13.exe0
Pfad der fehlerhaften Anwendung: CLMSMonitorServicePDVD13.exe1
Pfad des fehlerhaften Moduls: CLMSMonitorServicePDVD13.exe2
Berichtskennung: CLMSMonitorServicePDVD13.exe3

Error: (06/23/2015 11:45:59 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1". Fehler in Manifest- oder Richtliniendatei "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"2" in Zeile  Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Definition: Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/23/2015 11:45:12 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/23/2015 11:44:46 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/23/2015 11:44:36 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "ACME,processorArchitecture="x86",type="win32",version="12.0.0.0"1".
Die abhängige Assemblierung "ACME,processorArchitecture="x86",type="win32",version="12.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/13/2015 01:00:44 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1". Fehler in Manifest- oder Richtliniendatei "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"2" in Zeile  Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Definition: Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/13/2015 12:59:47 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/13/2015 12:59:20 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (06/13/2015 12:59:08 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "ACME,processorArchitecture="x86",type="win32",version="12.0.0.0"1".
Die abhängige Assemblierung "ACME,processorArchitecture="x86",type="win32",version="12.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


Systemfehler:
=============
Error: (07/31/2015 02:05:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "CyberLink PowerDVD 13 Media Server Monitor Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/30/2015 11:57:42 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (07/30/2015 11:54:42 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎30.‎07.‎2015 um 23:53:24 unerwartet heruntergefahren.

Error: (07/29/2015 10:17:03 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 20.

Error: (07/29/2015 01:50:17 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR7 gefunden.

Error: (07/29/2015 01:50:16 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR7 gefunden.

Error: (07/29/2015 01:50:16 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR7 gefunden.

Error: (07/29/2015 01:50:15 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR7 gefunden.

Error: (07/29/2015 01:24:09 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden.

Error: (07/29/2015 01:24:08 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden.


Microsoft Office:
=========================
Error: (07/22/2015 10:08:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: CLMSMonitorServicePDVD13.exe2.2.0.111145141af03ntdll.dll6.1.7601.1886955636303c0000005000566a84dc01d0c4558ba45994C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exeC:\Windows\SYSTEM32\ntdll.dlld28b9fd4-3048-11e5-8b66-0019214d054e

Error: (07/16/2015 12:34:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: CLMSMonitorServicePDVD13.exe2.2.0.111145141af03ntdll.dll6.1.7601.1886955636303c0000005000566a877c01d0bfb2f26fee10C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exeC:\Windows\SYSTEM32\ntdll.dll3967e4c6-2ba6-11e5-802d-0019214d054e

Error: (06/23/2015 11:45:59 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"c:\program files\Samsung\Kies\External\firmwareupdate\GT-I9195\DeviceController64.exec:\program files\Samsung\Kies\External\firmwareupdate\GT-I9195\Microsoft.VC90.CRT.MANIFEST11

Error: (06/23/2015 11:45:12 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"c:\program files\cyberlink\powerdvd13\Movie\powerdvd cinema\mcepacifier\x64\MCEPacifier.exe

Error: (06/23/2015 11:44:46 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Nero\Nero 12\nero backitup\NBVSSTool_x64.exe

Error: (06/23/2015 11:44:36 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: ACME,processorArchitecture="x86",type="win32",version="12.0.0.0"c:\program files\Nero\Nero 12\nero recode\NeroBRServer.exe.Manifest

Error: (06/13/2015 01:00:44 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"c:\program files\Samsung\Kies\External\firmwareupdate\GT-I9195\DeviceController64.exec:\program files\Samsung\Kies\External\firmwareupdate\GT-I9195\Microsoft.VC90.CRT.MANIFEST11

Error: (06/13/2015 12:59:47 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"c:\program files\cyberlink\powerdvd13\Movie\powerdvd cinema\mcepacifier\x64\MCEPacifier.exe

Error: (06/13/2015 12:59:20 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Nero\Nero 12\nero backitup\NBVSSTool_x64.exe

Error: (06/13/2015 12:59:08 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: ACME,processorArchitecture="x86",type="win32",version="12.0.0.0"c:\program files\Nero\Nero 12\nero recode\NeroBRServer.exe.Manifest


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
Percentage of memory in use: 47%
Total physical RAM: 2047.3 MB
Available physical RAM: 1077 MB
Total Virtual: 4094.61 MB
Available Virtual: 2565.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:78.03 GB) (Free:14.18 GB) NTFS
Drive j: (Volume) (Fixed) (Total:257.22 GB) (Free:241.47 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 335.4 GB) (Disk ID: 76BE9572)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=78 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=257.2 GB) - (Type=07 NTFS)

==================== Ende vom log ============================

schrauber · 01.08.2015, 12:22

Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:

bermy
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Mex271284 · 03.08.2015, 10:42

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.08.03.02
  rootkit: v2015.07.30.01

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.17914
Mex :: MEX-PC [administrator]

03.08.2015 10:52:47
mbar-log-2015-08-03 (10-52-47).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 365953
Time elapsed: 28 minute(s), 43 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Code:

ATTFilter

11:29:18.0462 0x16d4  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
11:29:30.0952 0x16d4  ============================================================
11:29:30.0952 0x16d4  Current date / time: 2015/08/03 11:29:30.0952
11:29:30.0952 0x16d4  SystemInfo:
11:29:30.0952 0x16d4  
11:29:30.0952 0x16d4  OS Version: 6.1.7601 ServicePack: 1.0
11:29:30.0952 0x16d4  Product type: Workstation
11:29:30.0952 0x16d4  ComputerName: MEX-PC
11:29:30.0952 0x16d4  UserName: Mex
11:29:30.0952 0x16d4  Windows directory: C:\Windows
11:29:30.0952 0x16d4  System windows directory: C:\Windows
11:29:30.0952 0x16d4  Processor architecture: Intel x86
11:29:30.0952 0x16d4  Number of processors: 4
11:29:30.0952 0x16d4  Page size: 0x1000
11:29:30.0952 0x16d4  Boot type: Normal boot
11:29:30.0952 0x16d4  ============================================================
11:29:33.0173 0x16d4  KLMD registered as C:\Windows\system32\drivers\12529600.sys
11:29:33.0671 0x16d4  System UUID: {F45AFBED-070C-B668-3296-8EF93B14DC25}
11:29:34.0125 0x16d4  Drive \Device\Harddisk0\DR0 - Size: 0x53D67B6000 ( 335.35 Gb ), SectorSize: 0x200, Cylinders: 0x950B86, SectorsPerTrack: 0x4, TracksPerCylinder: 0x12, Type 'K0', Flags 0x00000050
11:29:34.0143 0x16d4  ============================================================
11:29:34.0143 0x16d4  \Device\Harddisk0\DR0:
11:29:34.0151 0x16d4  MBR partitions:
11:29:34.0151 0x16d4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:29:34.0151 0x16d4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x9C0E000
11:29:34.0151 0x16d4  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x9C40800, BlocksNum 0x20272000
11:29:34.0151 0x16d4  ============================================================
11:29:34.0172 0x16d4  C: <-> \Device\Harddisk0\DR0\Partition2
11:29:34.0208 0x16d4  J: <-> \Device\Harddisk0\DR0\Partition3
11:29:34.0208 0x16d4  ============================================================
11:29:34.0208 0x16d4  Initialize success
11:29:34.0208 0x16d4  ============================================================
11:30:03.0211 0x1788  ============================================================
11:30:03.0211 0x1788  Scan started
11:30:03.0211 0x1788  Mode: Manual; SigCheck; TDLFS; 
11:30:03.0211 0x1788  ============================================================
11:30:03.0211 0x1788  KSN ping started
11:30:16.0615 0x1788  KSN ping finished: true
11:30:17.0844 0x1788  ================ Scan system memory ========================
11:30:17.0844 0x1788  System memory - ok
11:30:17.0845 0x1788  ================ Scan services =============================
11:30:18.0606 0x1788  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:30:18.0741 0x1788  1394ohci - ok
11:30:18.0796 0x1788  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:30:18.0817 0x1788  ACPI - ok
11:30:18.0861 0x1788  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
11:30:18.0905 0x1788  AcpiPmi - ok
11:30:19.0026 0x1788  [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
11:30:19.0045 0x1788  AdobeARMservice - ok
11:30:19.0106 0x1788  [ 9B3355B29942AF67F014EA90CE1EA960, FBB155F72984045BCD99CC2059B9EDAABD3A52104C3864A290D8A355991F94D3 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:30:19.0129 0x1788  AdobeFlashPlayerUpdateSvc - ok
11:30:19.0186 0x1788  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
11:30:19.0222 0x1788  adp94xx - ok
11:30:19.0291 0x1788  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
11:30:19.0319 0x1788  adpahci - ok
11:30:19.0334 0x1788  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
11:30:19.0352 0x1788  adpu320 - ok
11:30:19.0411 0x1788  [ 12E6A172D72AFC626727B8635DD17E39, 33B3D109C39DF6EA86AFC3C89A93657906E981D3D22FF854401BC7326990CC08 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:30:19.0461 0x1788  AeLookupSvc - ok
11:30:19.0520 0x1788  [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD             C:\Windows\system32\drivers\afd.sys
11:30:19.0578 0x1788  AFD - ok
11:30:19.0624 0x1788  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
11:30:19.0643 0x1788  agp440 - ok
11:30:19.0680 0x1788  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
11:30:19.0695 0x1788  aic78xx - ok
11:30:19.0790 0x1788  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
11:30:19.0827 0x1788  ALG - ok
11:30:19.0859 0x1788  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:30:19.0878 0x1788  aliide - ok
11:30:19.0893 0x1788  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
11:30:19.0907 0x1788  amdagp - ok
11:30:19.0921 0x1788  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
11:30:19.0935 0x1788  amdide - ok
11:30:19.0955 0x1788  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
11:30:19.0988 0x1788  AmdK8 - ok
11:30:20.0007 0x1788  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
11:30:20.0038 0x1788  AmdPPM - ok
11:30:20.0065 0x1788  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:30:20.0081 0x1788  amdsata - ok
11:30:20.0104 0x1788  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
11:30:20.0122 0x1788  amdsbs - ok
11:30:20.0134 0x1788  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:30:20.0148 0x1788  amdxata - ok
11:30:20.0235 0x1788  [ 9FE1AC875A7AD7B7FF28FEC8B754968D, EEE04D4073E49332C85028B62E8A035EAA2284526A3F3820133492C8F8CBA3D5 ] AntiVirMailService C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe
11:30:20.0275 0x1788  AntiVirMailService - ok
11:30:20.0340 0x1788  [ 58FB167B287CAA05F7DD5AA1018FD52C, D9EB68E1C2B99E5F59A0DA4C9FA46E15C6E470F7445E232C03C82790F546A6AA ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
11:30:20.0370 0x1788  AntiVirSchedulerService - ok
11:30:20.0428 0x1788  [ 58FB167B287CAA05F7DD5AA1018FD52C, D9EB68E1C2B99E5F59A0DA4C9FA46E15C6E470F7445E232C03C82790F546A6AA ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
11:30:20.0450 0x1788  AntiVirService - ok
11:30:20.0537 0x1788  [ F857D22CEC14854D310C5596C8CE6006, 67448C506D3171D327A6CE3952E41BDC65587FEB45F510160A1DAFCA9491711E ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe
11:30:20.0580 0x1788  AntiVirWebService - ok
11:30:20.0624 0x1788  [ 81F97D8F8B3FB94A451CC6F7CF8B2965, 8DEBA4E47E1016D69740C0BB7CDD23852D86E0D42C1C1EA5A847ECB115C38CB1 ] AppID           C:\Windows\system32\drivers\appid.sys
11:30:20.0654 0x1788  AppID - ok
11:30:20.0678 0x1788  [ F5090F8FA6757C58E17BAEAA86093636, 5E14CF3032DF5801240F45C59AA93962EA41AA5648A0C6458D16D9B9D95A131F ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:30:20.0703 0x1788  AppIDSvc - ok
11:30:20.0733 0x1788  [ 530195DA0D84D9855020F2B80D6B267F, AB36F05991530437C7B3F25441B13BC085000F07579964A4CCA0BF029DD6DE7E ] Appinfo         C:\Windows\System32\appinfo.dll
11:30:20.0769 0x1788  Appinfo - ok
11:30:20.0795 0x1788  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
11:30:20.0841 0x1788  AppMgmt - ok
11:30:20.0867 0x1788  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\DRIVERS\arc.sys
11:30:20.0881 0x1788  arc - ok
11:30:20.0895 0x1788  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
11:30:20.0916 0x1788  arcsas - ok
11:30:21.0021 0x1788  [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
11:30:21.0102 0x1788  aspnet_state - ok
11:30:21.0127 0x1788  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:30:21.0217 0x1788  AsyncMac - ok
11:30:21.0248 0x1788  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
11:30:21.0265 0x1788  atapi - ok
11:30:21.0366 0x1788  [ 3426386F125DD820E0651E5833F9849B, 3E51D875DEA1AC1E5341702DABF37117D43DE4879F8EFBAD6028F1116AD30415 ] athur           C:\Windows\system32\DRIVERS\athur.sys
11:30:21.0481 0x1788  athur - ok
11:30:21.0540 0x1788  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:30:21.0623 0x1788  AudioEndpointBuilder - ok
11:30:21.0656 0x1788  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
11:30:21.0689 0x1788  Audiosrv - ok
11:30:21.0712 0x1788  [ 0FFC36573D7541155F84AC8F8F9D87A6, 50CE44B544CF365C4E99133C69582154C58DEB263892E3EF02C9886C8D652F60 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
11:30:21.0727 0x1788  avgntflt - ok
11:30:21.0781 0x1788  [ B9D3418110A6B4EAADCB2BD1A8CEC617, 2252E518FB0A69699ECF7A940A20E9D77822F7FF7CE14FE5E30E4DDB34546D56 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
11:30:21.0804 0x1788  avipbb - ok
11:30:21.0822 0x1788  [ F80F5DCA8A5D9D93CC5BE933D20CAF05, 2AFBB2D62127FACBCABBB3E78F3568A6BA016ED4A97A1490BAA29A1EFB7A4408 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
11:30:21.0834 0x1788  avkmgr - ok
11:30:21.0876 0x1788  [ 3303FB85532093FC6723632B5947E8C4, F8301069A8EAD7303CAE5B7CAE3F119747E7B7B4402178018EB5254087238A42 ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
11:30:21.0888 0x1788  avnetflt - ok
11:30:21.0935 0x1788  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:30:21.0997 0x1788  AxInstSV - ok
11:30:22.0040 0x1788  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
11:30:22.0097 0x1788  b06bdrv - ok
11:30:22.0128 0x1788  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
11:30:22.0165 0x1788  b57nd60x - ok
11:30:22.0208 0x1788  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
11:30:22.0239 0x1788  BDESVC - ok
11:30:22.0255 0x1788  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:30:22.0288 0x1788  Beep - ok
11:30:22.0327 0x1788  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
11:30:22.0387 0x1788  BFE - ok
11:30:22.0432 0x1788  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
11:30:22.0609 0x1788  BITS - ok
11:30:22.0633 0x1788  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
11:30:22.0668 0x1788  blbdrive - ok
11:30:22.0708 0x1788  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:30:22.0744 0x1788  bowser - ok
11:30:22.0754 0x1788  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:30:22.0793 0x1788  BrFiltLo - ok
11:30:22.0811 0x1788  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:30:22.0832 0x1788  BrFiltUp - ok
11:30:22.0866 0x1788  [ C711ED965009BDCFF9AA62CEB6FF1AAD, 083E981F983653329C2B8361963CA81D5D88E164C7738035F701A10CCB1C85CC ] Brother XP spl Service C:\Windows\system32\brsvc01a.exe
11:30:22.0890 0x1788  Brother XP spl Service - ok
11:30:22.0925 0x1788  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
11:30:22.0959 0x1788  Browser - ok
11:30:22.0987 0x1788  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
11:30:23.0032 0x1788  Brserid - ok
11:30:23.0044 0x1788  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:30:23.0071 0x1788  BrSerWdm - ok
11:30:23.0085 0x1788  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:30:23.0111 0x1788  BrUsbMdm - ok
11:30:23.0121 0x1788  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:30:23.0145 0x1788  BrUsbSer - ok
11:30:23.0160 0x1788  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
11:30:23.0177 0x1788  BTHMODEM - ok
11:30:23.0210 0x1788  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
11:30:23.0272 0x1788  bthserv - ok
11:30:23.0443 0x1788  [ FECA9F830A5C6BAB9978E6781A26AE2B, CA1681A2F4FA849815B8E823805E078DB9C050CEE86E9E394B2A37B57CC474A6 ] c2cautoupdatesvc C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
11:30:23.0504 0x1788  c2cautoupdatesvc - ok
11:30:23.0617 0x1788  [ 5B33709F7FE59BB625F113EED86AFC5C, 8D29FE242D55526FDEB2CB4009B5DE19C93972E872BE6328AD3305E360A3D44B ] c2cpnrsvc       C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
11:30:23.0706 0x1788  c2cpnrsvc - ok
11:30:23.0742 0x1788  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:30:23.0789 0x1788  cdfs - ok
11:30:23.0852 0x1788  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\drivers\cdrom.sys
11:30:23.0876 0x1788  cdrom - ok
11:30:23.0917 0x1788  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
11:30:23.0969 0x1788  CertPropSvc - ok
11:30:24.0000 0x1788  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
11:30:24.0028 0x1788  circlass - ok
11:30:24.0073 0x1788  [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS            C:\Windows\system32\CLFS.sys
11:30:24.0108 0x1788  CLFS - ok
11:30:24.0174 0x1788  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:30:24.0197 0x1788  clr_optimization_v2.0.50727_32 - ok
11:30:24.0240 0x1788  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:30:24.0355 0x1788  clr_optimization_v4.0.30319_32 - ok
11:30:24.0383 0x1788  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
11:30:24.0404 0x1788  CmBatt - ok
11:30:24.0423 0x1788  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:30:24.0438 0x1788  cmdide - ok
11:30:24.0490 0x1788  [ 3051724F223EA48968B19567DE2A81F4, DCC27DE1B2B35866FC6DBDE95A368E7D0D346B6C3F31D0BACA63DD39B0A8874E ] CNG             C:\Windows\system32\Drivers\cng.sys
11:30:24.0552 0x1788  CNG - ok
11:30:24.0586 0x1788  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
11:30:24.0606 0x1788  Compbatt - ok
11:30:24.0645 0x1788  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
11:30:24.0674 0x1788  CompositeBus - ok
11:30:24.0688 0x1788  COMSysApp - ok
11:30:24.0701 0x1788  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
11:30:24.0715 0x1788  crcdisk - ok
11:30:24.0756 0x1788  [ 33F67BBCC3C0499D3F3382473114CFA8, FDDCC41CE005B7C1BEBB6F4ACA9A3F10E5972792ADFD7D294E70A0B781460981 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:30:24.0793 0x1788  CryptSvc - ok
11:30:24.0841 0x1788  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
11:30:24.0903 0x1788  CSC - ok
11:30:24.0942 0x1788  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
11:30:24.0994 0x1788  CscService - ok
11:30:25.0093 0x1788  [ 761E6ECE78992CF730AB0777E707F520, 32003418561A3645B36EFE87CE3E2B183C1FD08C73955F15C5D11D2315DF5987 ] CyberLink PowerDVD 13 Media Server Monitor Service C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe
11:30:25.0111 0x1788  CyberLink PowerDVD 13 Media Server Monitor Service - ok
11:30:25.0141 0x1788  [ BF5D3F6CC09191C45D632AFB1D2E7F61, 2C571D971D0134BA553F712EF16B8D5BB40B7CBDCA576DF3F9ED408FC3682BCD ] CyberLink PowerDVD 13 Media Server Service C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe
11:30:25.0166 0x1788  CyberLink PowerDVD 13 Media Server Service - ok
11:30:25.0208 0x1788  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:30:25.0250 0x1788  DcomLaunch - ok
11:30:25.0279 0x1788  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
11:30:25.0334 0x1788  defragsvc - ok
11:30:25.0378 0x1788  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:30:25.0406 0x1788  DfsC - ok
11:30:25.0444 0x1788  [ 7A5FB3E4E0D77740D56E516EE6B2DC2B, 5B4636EC04903D2E512AC8FB98A484F7CEBE4EE0A081CF897CD13E8491C0D8CC ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
11:30:25.0464 0x1788  dg_ssudbus - ok
11:30:25.0512 0x1788  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:30:25.0562 0x1788  Dhcp - ok
11:30:25.0690 0x1788  [ 7AB2DE012C88870C9274E966EC88AB61, CE2098B152B9C039C29C0573C813BFBF13B2D2E6BEE83985374160884A817133 ] DiagTrack       C:\Windows\system32\diagtrack.dll
11:30:25.0756 0x1788  DiagTrack - ok
11:30:25.0786 0x1788  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
11:30:25.0813 0x1788  discache - ok
11:30:25.0841 0x1788  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
11:30:25.0856 0x1788  Disk - ok
11:30:25.0888 0x1788  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:30:25.0927 0x1788  Dnscache - ok
11:30:25.0966 0x1788  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:30:26.0021 0x1788  dot3svc - ok
11:30:26.0058 0x1788  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
11:30:26.0097 0x1788  DPS - ok
11:30:26.0153 0x1788  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:30:26.0186 0x1788  drmkaud - ok
11:30:26.0239 0x1788  [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:30:26.0297 0x1788  DXGKrnl - ok
11:30:26.0335 0x1788  [ 22EF8965101685ADD128F03A2B03CE16, 677F7B32C7A45C26F2F0DB67FFB526E9742E4B3A8BEAEA7B814CBCA2F56D6D5A ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
11:30:26.0363 0x1788  E1G60 - ok
11:30:26.0386 0x1788  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
11:30:26.0428 0x1788  EapHost - ok
11:30:26.0552 0x1788  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
11:30:26.0755 0x1788  ebdrv - ok
11:30:26.0800 0x1788  [ DC0B4400073A404B53F571126B58F480, 022F1E8431C6299D8DFA287A570B0D24C2FFDCD8BF79420BAA1637E5366B4459 ] EFS             C:\Windows\System32\lsass.exe
11:30:26.0837 0x1788  EFS - ok
11:30:26.0908 0x1788  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
11:30:26.0962 0x1788  ehRecvr - ok
11:30:26.0992 0x1788  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
11:30:27.0029 0x1788  ehSched - ok
11:30:27.0065 0x1788  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
11:30:27.0096 0x1788  elxstor - ok
11:30:27.0127 0x1788  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:30:27.0142 0x1788  ErrDev - ok
11:30:27.0184 0x1788  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
11:30:27.0237 0x1788  EventSystem - ok
11:30:27.0257 0x1788  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
11:30:27.0304 0x1788  exfat - ok
11:30:27.0323 0x1788  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:30:27.0368 0x1788  fastfat - ok
11:30:27.0416 0x1788  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
11:30:27.0466 0x1788  Fax - ok
11:30:27.0486 0x1788  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
11:30:27.0505 0x1788  fdc - ok
11:30:27.0528 0x1788  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
11:30:27.0566 0x1788  fdPHost - ok
11:30:27.0595 0x1788  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:30:27.0633 0x1788  FDResPub - ok
11:30:27.0652 0x1788  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:30:27.0666 0x1788  FileInfo - ok
11:30:27.0676 0x1788  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:30:27.0705 0x1788  Filetrace - ok
11:30:27.0723 0x1788  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
11:30:27.0739 0x1788  flpydisk - ok
11:30:27.0759 0x1788  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:30:27.0781 0x1788  FltMgr - ok
11:30:27.0841 0x1788  [ 6EC244F102C7F129678E5F7309D1366D, C30DA201AC623DA440B0A0716534557C578218C2A591FA8893CCCBD96B4518F9 ] FontCache       C:\Windows\system32\FntCache.dll
11:30:27.0900 0x1788  FontCache - ok
11:30:27.0943 0x1788  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:30:27.0957 0x1788  FontCache3.0.0.0 - ok
11:30:27.0981 0x1788  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:30:27.0995 0x1788  FsDepends - ok
11:30:28.0028 0x1788  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:30:28.0041 0x1788  Fs_Rec - ok
11:30:28.0083 0x1788  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:30:28.0123 0x1788  fvevol - ok
11:30:28.0148 0x1788  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
11:30:28.0163 0x1788  gagp30kx - ok
11:30:28.0219 0x1788  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
11:30:28.0297 0x1788  gpsvc - ok
11:30:28.0307 0x1788  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:30:28.0332 0x1788  hcw85cir - ok
11:30:28.0379 0x1788  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:30:28.0405 0x1788  HdAudAddService - ok
11:30:28.0423 0x1788  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
11:30:28.0452 0x1788  HDAudBus - ok
11:30:28.0470 0x1788  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
11:30:28.0495 0x1788  HidBatt - ok
11:30:28.0508 0x1788  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
11:30:28.0527 0x1788  HidBth - ok
11:30:28.0544 0x1788  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
11:30:28.0615 0x1788  HidIr - ok
11:30:28.0632 0x1788  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
11:30:28.0679 0x1788  hidserv - ok
11:30:28.0737 0x1788  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
11:30:28.0773 0x1788  HidUsb - ok
11:30:28.0806 0x1788  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:30:28.0857 0x1788  hkmsvc - ok
11:30:28.0893 0x1788  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:30:28.0937 0x1788  HomeGroupListener - ok
11:30:28.0980 0x1788  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:30:29.0018 0x1788  HomeGroupProvider - ok
11:30:29.0061 0x1788  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:30:29.0083 0x1788  HpSAMD - ok
11:30:29.0140 0x1788  [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:30:29.0198 0x1788  HTTP - ok
11:30:29.0230 0x1788  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:30:29.0243 0x1788  hwpolicy - ok
11:30:29.0277 0x1788  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
11:30:29.0303 0x1788  i8042prt - ok
11:30:29.0339 0x1788  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:30:29.0375 0x1788  iaStorV - ok
11:30:29.0448 0x1788  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:30:29.0500 0x1788  idsvc - ok
11:30:29.0518 0x1788  IEEtwCollectorService - ok
11:30:29.0534 0x1788  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
11:30:29.0547 0x1788  iirsp - ok
11:30:29.0619 0x1788  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
11:30:29.0705 0x1788  IKEEXT - ok
11:30:29.0740 0x1788  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
11:30:29.0753 0x1788  intelide - ok
11:30:29.0773 0x1788  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
11:30:29.0800 0x1788  intelppm - ok
11:30:29.0830 0x1788  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:30:29.0866 0x1788  IPBusEnum - ok
11:30:29.0876 0x1788  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:30:29.0914 0x1788  IpFilterDriver - ok
11:30:29.0956 0x1788  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:30:30.0003 0x1788  iphlpsvc - ok
11:30:30.0064 0x1788  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
11:30:30.0104 0x1788  IPMIDRV - ok
11:30:30.0122 0x1788  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:30:30.0172 0x1788  IPNAT - ok
11:30:30.0190 0x1788  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:30:30.0229 0x1788  IRENUM - ok
11:30:30.0259 0x1788  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:30:30.0279 0x1788  isapnp - ok
11:30:30.0315 0x1788  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:30:30.0343 0x1788  iScsiPrt - ok
11:30:30.0368 0x1788  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
11:30:30.0381 0x1788  kbdclass - ok
11:30:30.0413 0x1788  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
11:30:30.0445 0x1788  kbdhid - ok
11:30:30.0458 0x1788  [ DC0B4400073A404B53F571126B58F480, 022F1E8431C6299D8DFA287A570B0D24C2FFDCD8BF79420BAA1637E5366B4459 ] KeyIso          C:\Windows\system32\lsass.exe
11:30:30.0477 0x1788  KeyIso - ok
11:30:30.0507 0x1788  [ A1F4064171DB9F314BDABA0B43014CA4, DFAB60F6C8D00DC4AC55D32D797095E82C00F71E33F6EE989B03EE0A1D340FEF ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:30:30.0522 0x1788  KSecDD - ok
11:30:30.0541 0x1788  [ 8A8BA57DF21630B36B2FAA229AC5B1D1, D6B407D23453E8547B9F64BC8B484A593347E8252A25B9637BA8F8C067B1E057 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:30:30.0557 0x1788  KSecPkg - ok
11:30:30.0614 0x1788  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:30:30.0668 0x1788  KtmRm - ok
11:30:30.0699 0x1788  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
11:30:30.0750 0x1788  LanmanServer - ok
11:30:30.0763 0x1788  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:30:30.0802 0x1788  LanmanWorkstation - ok
11:30:30.0827 0x1788  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:30:30.0863 0x1788  lltdio - ok
11:30:30.0884 0x1788  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:30:30.0927 0x1788  lltdsvc - ok
11:30:30.0942 0x1788  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:30:30.0982 0x1788  lmhosts - ok
11:30:31.0006 0x1788  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
11:30:31.0022 0x1788  LSI_FC - ok
11:30:31.0048 0x1788  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
11:30:31.0064 0x1788  LSI_SAS - ok
11:30:31.0076 0x1788  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:30:31.0090 0x1788  LSI_SAS2 - ok
11:30:31.0100 0x1788  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:30:31.0116 0x1788  LSI_SCSI - ok
11:30:31.0130 0x1788  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
11:30:31.0159 0x1788  luafv - ok
11:30:31.0198 0x1788  [ A730FC8671A60666D6E877C544DD7CD4, 6A94097509BC1A83097709FB3B4BE753733AA60D8D9A665C646D582270F369BE ] LVUSBSta        C:\Windows\system32\DRIVERS\LVUSBSta.sys
11:30:31.0236 0x1788  LVUSBSta - ok
11:30:31.0272 0x1788  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
11:30:31.0295 0x1788  Mcx2Svc - ok
11:30:31.0320 0x1788  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
11:30:31.0339 0x1788  megasas - ok
11:30:31.0374 0x1788  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
11:30:31.0393 0x1788  MegaSR - ok
11:30:31.0448 0x1788  Microsoft SharePoint Workspace Audit Service - ok
11:30:31.0474 0x1788  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
11:30:31.0508 0x1788  MMCSS - ok
11:30:31.0524 0x1788  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
11:30:31.0561 0x1788  Modem - ok
11:30:31.0616 0x1788  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:30:31.0645 0x1788  monitor - ok
11:30:31.0681 0x1788  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
11:30:31.0695 0x1788  mouclass - ok
11:30:31.0719 0x1788  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:30:31.0747 0x1788  mouhid - ok
11:30:31.0776 0x1788  [ 644905A19D0F37F2233DFCE53BC4BC19, F52CB40AA0FD1EBF8CBF0F3BFB20C47142C637719840877FB93F10D085EB8C2B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:30:31.0796 0x1788  mountmgr - ok
11:30:31.0851 0x1788  [ 22A7042C70F90F8261840740DDBB5176, AD0075C97D2D7C568D5CFB1C3A02DCE3BC01941844A759B29CD4DE4AF2F5FC45 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:30:31.0875 0x1788  MozillaMaintenance - ok
11:30:31.0887 0x1788  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:30:31.0904 0x1788  mpio - ok
11:30:31.0926 0x1788  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:30:31.0959 0x1788  mpsdrv - ok
11:30:32.0006 0x1788  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:30:32.0058 0x1788  MpsSvc - ok
11:30:32.0092 0x1788  [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:30:32.0131 0x1788  MRxDAV - ok
11:30:32.0176 0x1788  [ 01C5B803F6E1FDF8F16F0763DA9B997D, 721B5C6E8E71453D6494971C14CFD93F1A180098D4EE35572EAACEF6FC6B0442 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:30:32.0207 0x1788  mrxsmb - ok
11:30:32.0233 0x1788  [ C48A8284F018BEAAFC7A027A570D9C84, DD29ACC08E9F57ED426D11F8A3E2F0EA53F373200D249225627124F65D1EC1BD ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:30:32.0257 0x1788  mrxsmb10 - ok
11:30:32.0277 0x1788  [ C1CC047CE391BB88350379153BC1C8FA, 2DC83A61F871A87CFC6E56BF5F164271E7E72694B33E58D842F5759A3DE8F4C7 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:30:32.0315 0x1788  mrxsmb20 - ok
11:30:32.0342 0x1788  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:30:32.0360 0x1788  msahci - ok
11:30:32.0397 0x1788  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
11:30:32.0419 0x1788  msdsm - ok
11:30:32.0439 0x1788  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
11:30:32.0458 0x1788  MSDTC - ok
11:30:32.0493 0x1788  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:30:32.0531 0x1788  Msfs - ok
11:30:32.0543 0x1788  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:30:32.0626 0x1788  mshidkmdf - ok
11:30:32.0659 0x1788  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:30:32.0676 0x1788  msisadrv - ok
11:30:32.0710 0x1788  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:30:32.0755 0x1788  MSiSCSI - ok
11:30:32.0761 0x1788  msiserver - ok
11:30:32.0789 0x1788  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:30:32.0819 0x1788  MSKSSRV - ok
11:30:32.0831 0x1788  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:30:32.0868 0x1788  MSPCLOCK - ok
11:30:32.0881 0x1788  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:30:32.0908 0x1788  MSPQM - ok
11:30:32.0927 0x1788  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:30:32.0948 0x1788  MsRPC - ok
11:30:32.0985 0x1788  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
11:30:32.0998 0x1788  mssmbios - ok
11:30:33.0024 0x1788  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:30:33.0060 0x1788  MSTEE - ok
11:30:33.0076 0x1788  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
11:30:33.0090 0x1788  MTConfig - ok
11:30:33.0110 0x1788  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
11:30:33.0125 0x1788  Mup - ok
11:30:33.0167 0x1788  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
11:30:33.0204 0x1788  napagent - ok
11:30:33.0253 0x1788  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:30:33.0300 0x1788  NativeWifiP - ok
11:30:33.0436 0x1788  [ E0E4A1F81A7D69C595A8A9DDAD084C19, 8F55F3637AE8BFFB0ACE37AFC5122026525137E0B2923899B779C1BD08DF0E22 ] NAUpdate        C:\Program Files\Nero\Update\NASvc.exe
11:30:33.0466 0x1788  NAUpdate - ok
11:30:33.0527 0x1788  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:30:33.0571 0x1788  NDIS - ok
11:30:33.0613 0x1788  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:30:33.0640 0x1788  NdisCap - ok
11:30:33.0662 0x1788  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:30:33.0686 0x1788  NdisTapi - ok
11:30:33.0733 0x1788  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:30:33.0771 0x1788  Ndisuio - ok
11:30:33.0791 0x1788  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:30:33.0820 0x1788  NdisWan - ok
11:30:33.0857 0x1788  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:30:33.0897 0x1788  NDProxy - ok
11:30:33.0938 0x1788  [ 1352E1648213551923A0A822E441553C, F9BCA299249D8E1ADF88F54554F72428E267E39911143F4C99DFF562F0EE4E70 ] Netaapl         C:\Windows\system32\DRIVERS\netaapl.sys
11:30:33.0945 0x1788  Netaapl - detected UnsignedFile.Multi.Generic ( 1 )
11:30:36.0332 0x1788  Detect skipped due to KSN trusted
11:30:36.0332 0x1788  Netaapl - ok
11:30:36.0369 0x1788  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:30:36.0416 0x1788  NetBIOS - ok
11:30:36.0457 0x1788  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:30:36.0498 0x1788  NetBT - ok
11:30:36.0512 0x1788  [ DC0B4400073A404B53F571126B58F480, 022F1E8431C6299D8DFA287A570B0D24C2FFDCD8BF79420BAA1637E5366B4459 ] Netlogon        C:\Windows\system32\lsass.exe
11:30:36.0538 0x1788  Netlogon - ok
11:30:36.0579 0x1788  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
11:30:36.0613 0x1788  Netman - ok
11:30:36.0659 0x1788  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:30:36.0753 0x1788  NetMsmqActivator - ok
11:30:36.0784 0x1788  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:30:36.0807 0x1788  NetPipeActivator - ok
11:30:36.0838 0x1788  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
11:30:36.0894 0x1788  netprofm - ok
11:30:36.0916 0x1788  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:30:36.0933 0x1788  NetTcpActivator - ok
11:30:36.0949 0x1788  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:30:36.0966 0x1788  NetTcpPortSharing - ok
11:30:36.0995 0x1788  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
11:30:37.0009 0x1788  nfrd960 - ok
11:30:37.0053 0x1788  [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:30:37.0090 0x1788  NlaSvc - ok
11:30:37.0107 0x1788  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:30:37.0144 0x1788  Npfs - ok
11:30:37.0166 0x1788  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
11:30:37.0205 0x1788  nsi - ok
11:30:37.0227 0x1788  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:30:37.0265 0x1788  nsiproxy - ok
11:30:37.0345 0x1788  [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:30:37.0405 0x1788  Ntfs - ok
11:30:37.0431 0x1788  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
11:30:37.0469 0x1788  Null - ok
11:30:37.0874 0x1788  [ 9A77B1C13BCCEDDF78DFD7AFC25B4F5E, 88FA632754A20025F03FE0970C93F572055919F53C8A50E5DB6CF1EF7B00B7FD ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:30:38.0301 0x1788  nvlddmkm - ok
11:30:38.0345 0x1788  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:30:38.0362 0x1788  nvraid - ok
11:30:38.0394 0x1788  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:30:38.0418 0x1788  nvstor - ok
11:30:38.0474 0x1788  [ 31B8835B003CAA6D31BEAD83DDBF98E5, FB7C7BD1E95BEFB9A8FFEB3FB1B6D9BCD923E48498CB23169EDAA025C84CDD33 ] nvsvc           C:\Windows\system32\nvvsvc.exe
11:30:38.0503 0x1788  nvsvc - ok
11:30:38.0610 0x1788  [ F935E817409F78FA50C5921DB39124B3, E1AB4B69E9C0AD89A5B9E99C7A0D77A1A50B4823C89E8687686B716957FBA2B3 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
11:30:38.0681 0x1788  nvUpdatusService - ok
11:30:38.0720 0x1788  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:30:38.0748 0x1788  nv_agp - ok
11:30:38.0777 0x1788  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:30:38.0799 0x1788  ohci1394 - ok
11:30:38.0837 0x1788  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:30:38.0853 0x1788  ose - ok
11:30:39.0057 0x1788  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:30:39.0273 0x1788  osppsvc - ok
11:30:39.0328 0x1788  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:30:39.0367 0x1788  p2pimsvc - ok
11:30:39.0397 0x1788  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
11:30:39.0439 0x1788  p2psvc - ok
11:30:39.0472 0x1788  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
11:30:39.0495 0x1788  Parport - ok
11:30:39.0531 0x1788  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:30:39.0564 0x1788  partmgr - ok
11:30:39.0582 0x1788  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
11:30:39.0602 0x1788  Parvdm - ok
11:30:39.0650 0x1788  [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:30:39.0688 0x1788  PcaSvc - ok
11:30:39.0732 0x1788  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
11:30:39.0756 0x1788  pci - ok
11:30:39.0787 0x1788  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
11:30:39.0805 0x1788  pciide - ok
11:30:39.0833 0x1788  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
11:30:39.0859 0x1788  pcmcia - ok
11:30:39.0875 0x1788  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:30:39.0888 0x1788  pcw - ok
11:30:39.0943 0x1788  [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:30:39.0988 0x1788  PEAUTH - ok
11:30:40.0037 0x1788  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
11:30:40.0096 0x1788  PeerDistSvc - ok
11:30:40.0147 0x1788  [ A937C4E37C0C1003CE5FCA1E5E103FDC, 53391CF3308E3F9668EA6668D6B095F9B5BAA36E9417408A55EA6291F9094DE7 ] PID_0920        C:\Windows\system32\DRIVERS\LV532AV.SYS
11:30:40.0178 0x1788  PID_0920 - ok
11:30:40.0262 0x1788  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
11:30:40.0346 0x1788  pla - ok
11:30:40.0401 0x1788  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:30:40.0438 0x1788  PlugPlay - ok
11:30:40.0451 0x1788  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:30:40.0474 0x1788  PNRPAutoReg - ok
11:30:40.0494 0x1788  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:30:40.0525 0x1788  PNRPsvc - ok
11:30:40.0574 0x1788  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:30:40.0640 0x1788  PolicyAgent - ok
11:30:40.0662 0x1788  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
11:30:40.0694 0x1788  Power - ok
11:30:40.0736 0x1788  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:30:40.0800 0x1788  PptpMiniport - ok
11:30:40.0831 0x1788  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
11:30:40.0860 0x1788  Processor - ok
11:30:40.0921 0x1788  [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc         C:\Windows\system32\profsvc.dll
11:30:40.0956 0x1788  ProfSvc - ok
11:30:40.0968 0x1788  [ DC0B4400073A404B53F571126B58F480, 022F1E8431C6299D8DFA287A570B0D24C2FFDCD8BF79420BAA1637E5366B4459 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:30:40.0993 0x1788  ProtectedStorage - ok
11:30:41.0021 0x1788  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:30:41.0063 0x1788  Psched - ok
11:30:41.0132 0x1788  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
11:30:41.0215 0x1788  ql2300 - ok
11:30:41.0233 0x1788  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
11:30:41.0249 0x1788  ql40xx - ok
11:30:41.0276 0x1788  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
11:30:41.0308 0x1788  QWAVE - ok
11:30:41.0329 0x1788  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:30:41.0346 0x1788  QWAVEdrv - ok
11:30:41.0360 0x1788  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:30:41.0392 0x1788  RasAcd - ok
11:30:41.0420 0x1788  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:30:41.0469 0x1788  RasAgileVpn - ok
11:30:41.0494 0x1788  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
11:30:41.0524 0x1788  RasAuto - ok
11:30:41.0542 0x1788  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:30:41.0582 0x1788  Rasl2tp - ok
11:30:41.0647 0x1788  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
11:30:41.0700 0x1788  RasMan - ok
11:30:41.0721 0x1788  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:30:41.0750 0x1788  RasPppoe - ok
11:30:41.0770 0x1788  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:30:41.0797 0x1788  RasSstp - ok
11:30:41.0831 0x1788  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:30:41.0874 0x1788  rdbss - ok
11:30:41.0895 0x1788  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
11:30:41.0912 0x1788  rdpbus - ok
11:30:41.0940 0x1788  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:30:41.0964 0x1788  RDPCDD - ok
11:30:42.0000 0x1788  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
11:30:42.0030 0x1788  RDPDR - ok
11:30:42.0056 0x1788  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:30:42.0088 0x1788  RDPENCDD - ok
11:30:42.0102 0x1788  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:30:42.0141 0x1788  RDPREFMP - ok
11:30:42.0184 0x1788  [ EAC76854C359D2534B25296AE425410D, B813FFD395AC0B969C56FD8B8D04DF6E72C39C8C2E714B03747A20D5723D58DD ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:30:42.0214 0x1788  RdpVideoMiniport - ok
11:30:42.0252 0x1788  [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:30:42.0276 0x1788  RDPWD - ok
11:30:42.0315 0x1788  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:30:42.0333 0x1788  rdyboost - ok
11:30:42.0400 0x1788  [ 100817619F5AE04074D10427B3A7456A, 90F50DD33D40091D3D0D6336E1BB15E40BDD8083D392DB5C39ED15C1D23E978C ] RealtekCU       C:\Program Files\REALTEK\USB Wireless LAN Utility\RtlService.exe
11:30:42.0415 0x1788  RealtekCU - detected UnsignedFile.Multi.Generic ( 1 )
11:30:44.0770 0x1788  Detect skipped due to KSN trusted
11:30:44.0770 0x1788  RealtekCU - ok
11:30:44.0791 0x1788  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:30:44.0826 0x1788  RemoteAccess - ok
11:30:44.0851 0x1788  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:30:44.0882 0x1788  RemoteRegistry - ok
11:30:44.0899 0x1788  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:30:44.0928 0x1788  RpcEptMapper - ok
11:30:44.0947 0x1788  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
11:30:44.0962 0x1788  RpcLocator - ok
11:30:44.0981 0x1788  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
11:30:45.0016 0x1788  RpcSs - ok
11:30:45.0042 0x1788  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:30:45.0084 0x1788  rspndr - ok
11:30:45.0133 0x1788  [ 5283B9A27FF230F2FF70D92451FF409A, B8BAC70E1DE4485C79CA7B47D4DCFE0223CECEA8ED75CE4F128D47051F95FE5D ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
11:30:45.0162 0x1788  RTL8167 - ok
11:30:45.0212 0x1788  [ 9CE8DEFFAFFCCBF473015D76AE8EE514, D2EC909865653C4CF56C379D60E10A607E28D69B00BF0EFE6181580C00EF5124 ] RTL8192su       C:\Windows\system32\DRIVERS\RTL8192su.sys
11:30:45.0250 0x1788  RTL8192su - ok
11:30:45.0324 0x1788  [ 383A3B35D1439FDF5E35B5F68AE1795E, CCEF20EF09A64554470CBDC6B3C7EBA02CE6FD73FD8F545B0DD2EF47BFF3910A ] RtlWlanu        C:\Windows\system32\DRIVERS\rtwlanu.sys
11:30:45.0391 0x1788  RtlWlanu - ok
11:30:45.0427 0x1788  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
11:30:45.0468 0x1788  s3cap - ok
11:30:45.0483 0x1788  [ DC0B4400073A404B53F571126B58F480, 022F1E8431C6299D8DFA287A570B0D24C2FFDCD8BF79420BAA1637E5366B4459 ] SamSs           C:\Windows\system32\lsass.exe
11:30:45.0512 0x1788  SamSs - ok
11:30:45.0541 0x1788  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:30:45.0567 0x1788  sbp2port - ok
11:30:45.0605 0x1788  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:30:45.0635 0x1788  SCardSvr - ok
11:30:45.0650 0x1788  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:30:45.0675 0x1788  scfilter - ok
11:30:45.0733 0x1788  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
11:30:45.0788 0x1788  Schedule - ok
11:30:45.0824 0x1788  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:30:45.0850 0x1788  SCPolicySvc - ok
11:30:45.0866 0x1788  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:30:45.0892 0x1788  SDRSVC - ok
11:30:45.0916 0x1788  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:30:45.0942 0x1788  secdrv - ok
11:30:45.0972 0x1788  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
11:30:46.0006 0x1788  seclogon - ok
11:30:46.0024 0x1788  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
11:30:46.0072 0x1788  SENS - ok
11:30:46.0086 0x1788  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:30:46.0119 0x1788  SensrSvc - ok
11:30:46.0136 0x1788  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
11:30:46.0151 0x1788  Serenum - ok
11:30:46.0174 0x1788  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
11:30:46.0191 0x1788  Serial - ok
11:30:46.0208 0x1788  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
11:30:46.0233 0x1788  sermouse - ok
11:30:46.0275 0x1788  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
11:30:46.0304 0x1788  SessionEnv - ok
11:30:46.0335 0x1788  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
11:30:46.0352 0x1788  sffdisk - ok
11:30:46.0368 0x1788  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:30:46.0383 0x1788  sffp_mmc - ok
11:30:46.0394 0x1788  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
11:30:46.0421 0x1788  sffp_sd - ok
11:30:46.0445 0x1788  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
11:30:46.0459 0x1788  sfloppy - ok
11:30:46.0489 0x1788  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:30:46.0543 0x1788  SharedAccess - ok
11:30:46.0573 0x1788  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:30:46.0609 0x1788  ShellHWDetection - ok
11:30:46.0630 0x1788  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
11:30:46.0644 0x1788  sisagp - ok
11:30:46.0671 0x1788  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:30:46.0685 0x1788  SiSRaid2 - ok
11:30:46.0695 0x1788  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
11:30:46.0710 0x1788  SiSRaid4 - ok
11:30:46.0804 0x1788  [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
11:30:46.0833 0x1788  SkypeUpdate - ok
11:30:46.0858 0x1788  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:30:46.0887 0x1788  Smb - ok
11:30:46.0923 0x1788  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:30:46.0939 0x1788  SNMPTRAP - ok
11:30:46.0950 0x1788  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:30:46.0963 0x1788  spldr - ok
11:30:47.0008 0x1788  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
11:30:47.0065 0x1788  Spooler - ok
11:30:47.0208 0x1788  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
11:30:47.0369 0x1788  sppsvc - ok
11:30:47.0405 0x1788  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
11:30:47.0440 0x1788  sppuinotify - ok
11:30:47.0479 0x1788  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:30:47.0510 0x1788  srv - ok
11:30:47.0536 0x1788  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:30:47.0622 0x1788  srv2 - ok
11:30:47.0642 0x1788  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:30:47.0676 0x1788  srvnet - ok
11:30:47.0697 0x1788  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:30:47.0753 0x1788  SSDPSRV - ok
11:30:47.0806 0x1788  [ 424566865D82AA4BD8D6546C1F2065FA, 37B4C04C7C0EE0F3347A9E9F35B095478299F7324CA87AAE487BF989B0E6AE03 ] ssmdrv          C:\Windows\system32\DRIVERS\ssmdrv.sys
11:30:47.0818 0x1788  ssmdrv - ok
11:30:47.0846 0x1788  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:30:47.0882 0x1788  SstpSvc - ok
11:30:47.0929 0x1788  [ 5EE6503C932CB79B493E4B4D8E23D219, 51DC712611E21F5CF3ED2322A146E167769D082E826B82601471CF782090E8B5 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
11:30:47.0945 0x1788  ssudmdm - ok
11:30:48.0028 0x1788  [ A993E6FD9549499099461A0B192EEC3F, EC17EBE9A0EF481E704E64D07D257C3380046CBB5D9CAFABA90D21A2B84191FF ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe
11:30:48.0065 0x1788  Steam Client Service - ok
11:30:48.0093 0x1788  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
11:30:48.0107 0x1788  stexstor - ok
11:30:48.0149 0x1788  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
11:30:48.0214 0x1788  StiSvc - ok
11:30:48.0249 0x1788  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
11:30:48.0268 0x1788  storflt - ok
11:30:48.0285 0x1788  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
11:30:48.0304 0x1788  storvsc - ok
11:30:48.0333 0x1788  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\drivers\swenum.sys
11:30:48.0351 0x1788  swenum - ok
11:30:48.0379 0x1788  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
11:30:48.0417 0x1788  swprv - ok
11:30:48.0435 0x1788  Synth3dVsc - ok
11:30:48.0503 0x1788  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
11:30:48.0567 0x1788  SysMain - ok
11:30:48.0618 0x1788  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
11:30:48.0648 0x1788  TabletInputService - ok
11:30:48.0671 0x1788  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:30:48.0720 0x1788  TapiSrv - ok
11:30:48.0750 0x1788  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
11:30:48.0782 0x1788  TBS - ok
11:30:48.0850 0x1788  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:30:48.0910 0x1788  Tcpip - ok
11:30:48.0966 0x1788  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:30:49.0008 0x1788  TCPIP6 - ok
11:30:49.0045 0x1788  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:30:49.0060 0x1788  tcpipreg - ok
11:30:49.0087 0x1788  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:30:49.0129 0x1788  TDPIPE - ok
11:30:49.0163 0x1788  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:30:49.0182 0x1788  TDTCP - ok
11:30:49.0210 0x1788  [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:30:49.0233 0x1788  tdx - ok
11:30:49.0484 0x1788  [ CEB90659C8C8DE208D6841176EEE3FA3, 80568CE5A951E4264D0F74C043D392A89769E4C0885E0C310B34FCEAA6E049EB ] TeamViewer      C:\Program Files\TeamViewer\TeamViewer_Service.exe
11:30:49.0651 0x1788  TeamViewer - ok
11:30:49.0680 0x1788  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\drivers\termdd.sys
11:30:49.0696 0x1788  TermDD - ok
11:30:49.0748 0x1788  [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService     C:\Windows\System32\termsrv.dll
11:30:49.0796 0x1788  TermService - ok
11:30:49.0818 0x1788  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
11:30:49.0836 0x1788  Themes - ok
11:30:49.0848 0x1788  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
11:30:49.0877 0x1788  THREADORDER - ok
11:30:49.0957 0x1788  [ 0FE2FC59C0B9A3CA3EC2B18E1CCCF2DD, 26AE50F2263DDDE3C6678566E2B198966CE870DF4B254F2D655752F742F63C12 ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
11:30:49.0973 0x1788  TomTomHOMEService - ok
11:30:50.0004 0x1788  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
11:30:50.0035 0x1788  TrkWks - ok
11:30:50.0087 0x1788  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:30:50.0134 0x1788  TrustedInstaller - ok
11:30:50.0167 0x1788  [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:30:50.0198 0x1788  tssecsrv - ok
11:30:50.0236 0x1788  [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:30:50.0274 0x1788  TsUsbFlt - ok
11:30:50.0280 0x1788  tsusbhub - ok
11:30:50.0320 0x1788  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:30:50.0365 0x1788  tunnel - ok
11:30:50.0379 0x1788  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
11:30:50.0394 0x1788  uagp35 - ok
11:30:50.0413 0x1788  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:30:50.0445 0x1788  udfs - ok
11:30:50.0471 0x1788  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:30:50.0488 0x1788  UI0Detect - ok
11:30:50.0531 0x1788  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:30:50.0545 0x1788  uliagpkx - ok
11:30:50.0581 0x1788  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\drivers\umbus.sys
11:30:50.0601 0x1788  umbus - ok
11:30:50.0661 0x1788  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
11:30:50.0708 0x1788  UmPass - ok
11:30:50.0742 0x1788  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
11:30:50.0784 0x1788  UmRdpService - ok
11:30:50.0806 0x1788  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
11:30:50.0852 0x1788  upnphost - ok
11:30:50.0893 0x1788  [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
11:30:50.0906 0x1788  USBAAPL - detected UnsignedFile.Multi.Generic ( 1 )
11:30:53.0261 0x1788  Detect skipped due to KSN trusted
11:30:53.0261 0x1788  USBAAPL - ok
11:30:53.0302 0x1788  [ A1977C315BF5691DA99235AA4A6907AF, 34B52FBA83F0E1C6B001D0AD1808B00152F731D18AAECC3C53B9918AA89BACEC ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
11:30:53.0349 0x1788  usbaudio - ok
11:30:53.0382 0x1788  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
11:30:53.0413 0x1788  usbccgp - ok
11:30:53.0436 0x1788  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:30:53.0463 0x1788  usbcir - ok
11:30:53.0492 0x1788  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
11:30:53.0523 0x1788  usbehci - ok
11:30:53.0580 0x1788  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
11:30:53.0637 0x1788  usbhub - ok
11:30:53.0670 0x1788  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
11:30:53.0694 0x1788  usbohci - ok
11:30:53.0725 0x1788  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
11:30:53.0741 0x1788  usbprint - ok
11:30:53.0772 0x1788  [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
11:30:53.0803 0x1788  usbscan - ok
11:30:53.0819 0x1788  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:30:53.0850 0x1788  USBSTOR - ok
11:30:53.0881 0x1788  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
11:30:53.0913 0x1788  usbuhci - ok
11:30:53.0959 0x1788  [ AF77716205C97E902E6C5B78DECE2CCA, ED99EABED1C7F323EE2A76413E2B260F8EE1D76FDF1E60EE35136D060E756735 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
11:30:53.0991 0x1788  usb_rndisx - ok
11:30:54.0006 0x1788  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
11:30:54.0053 0x1788  UxSms - ok
11:30:54.0053 0x1788  [ DC0B4400073A404B53F571126B58F480, 022F1E8431C6299D8DFA287A570B0D24C2FFDCD8BF79420BAA1637E5366B4459 ] VaultSvc        C:\Windows\system32\lsass.exe
11:30:54.0069 0x1788  VaultSvc - ok
11:30:54.0100 0x1788  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:30:54.0116 0x1788  vdrvroot - ok
11:30:54.0163 0x1788  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
11:30:54.0194 0x1788  vds - ok
11:30:54.0225 0x1788  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:30:54.0256 0x1788  vga - ok
11:30:54.0272 0x1788  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:30:54.0303 0x1788  VgaSave - ok
11:30:54.0319 0x1788  VGPU - ok
11:30:54.0350 0x1788  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
11:30:54.0366 0x1788  vhdmp - ok
11:30:54.0397 0x1788  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
11:30:54.0413 0x1788  viaagp - ok
11:30:54.0444 0x1788  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
11:30:54.0475 0x1788  ViaC7 - ok
11:30:54.0506 0x1788  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:30:54.0522 0x1788  viaide - ok
11:30:54.0553 0x1788  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
11:30:54.0584 0x1788  vmbus - ok
11:30:54.0600 0x1788  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
11:30:54.0616 0x1788  VMBusHID - ok
11:30:54.0631 0x1788  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:30:54.0647 0x1788  volmgr - ok
11:30:54.0678 0x1788  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:30:54.0709 0x1788  volmgrx - ok
11:30:54.0725 0x1788  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:30:54.0756 0x1788  volsnap - ok
11:30:54.0772 0x1788  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
11:30:54.0788 0x1788  vsmraid - ok
11:30:54.0866 0x1788  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
11:30:54.0944 0x1788  VSS - ok
11:30:54.0959 0x1788  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
11:30:54.0975 0x1788  vwifibus - ok
11:30:54.0991 0x1788  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:30:55.0006 0x1788  vwififlt - ok
11:30:55.0022 0x1788  [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
11:30:55.0038 0x1788  vwifimp - ok
11:30:55.0069 0x1788  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
11:30:55.0131 0x1788  W32Time - ok
11:30:55.0147 0x1788  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
11:30:55.0163 0x1788  WacomPen - ok
11:30:55.0194 0x1788  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:30:55.0241 0x1788  WANARP - ok
11:30:55.0256 0x1788  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:30:55.0272 0x1788  Wanarpv6 - ok
11:30:55.0319 0x1788  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
11:30:55.0413 0x1788  wbengine - ok
11:30:55.0444 0x1788  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:30:55.0459 0x1788  WbioSrvc - ok
11:30:55.0506 0x1788  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:30:55.0538 0x1788  wcncsvc - ok
11:30:55.0553 0x1788  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:30:55.0616 0x1788  WcsPlugInService - ok
11:30:55.0647 0x1788  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
11:30:55.0663 0x1788  Wd - ok
11:30:55.0709 0x1788  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:30:55.0756 0x1788  Wdf01000 - ok
11:30:55.0788 0x1788  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:30:55.0819 0x1788  WdiServiceHost - ok
11:30:55.0834 0x1788  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:30:55.0850 0x1788  WdiSystemHost - ok
11:30:55.0881 0x1788  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll
11:30:55.0913 0x1788  WebClient - ok
11:30:55.0944 0x1788  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:30:55.0975 0x1788  Wecsvc - ok
11:30:55.0991 0x1788  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:30:56.0038 0x1788  wercplsupport - ok
11:30:56.0053 0x1788  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
11:30:56.0100 0x1788  WerSvc - ok
11:30:56.0131 0x1788  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:30:56.0147 0x1788  WfpLwf - ok
11:30:56.0163 0x1788  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:30:56.0178 0x1788  WIMMount - ok
11:30:56.0256 0x1788  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
11:30:56.0334 0x1788  WinDefend - ok
11:30:56.0350 0x1788  WinHttpAutoProxySvc - ok
11:30:56.0397 0x1788  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:30:56.0459 0x1788  Winmgmt - ok
11:30:56.0522 0x1788  [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM           C:\Windows\system32\WsmSvc.dll
11:30:56.0616 0x1788  WinRM - ok
11:30:56.0694 0x1788  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
11:30:56.0709 0x1788  WinUsb - ok
11:30:56.0756 0x1788  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
11:30:56.0803 0x1788  Wlansvc - ok
11:30:56.0834 0x1788  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
11:30:56.0850 0x1788  WmiAcpi - ok
11:30:56.0881 0x1788  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:30:56.0913 0x1788  wmiApSrv - ok
11:30:56.0991 0x1788  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
11:30:57.0069 0x1788  WMPNetworkSvc - ok
11:30:57.0084 0x1788  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:30:57.0131 0x1788  WPCSvc - ok
11:30:57.0163 0x1788  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:30:57.0178 0x1788  WPDBusEnum - ok
11:30:57.0209 0x1788  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:30:57.0241 0x1788  ws2ifsl - ok
11:30:57.0241 0x1788  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
11:30:57.0272 0x1788  wscsvc - ok
11:30:57.0288 0x1788  WSearch - ok
11:30:57.0397 0x1788  [ B5DCDEF119A729CB493E9070BF9A7E9D, D7706CFE8521206B38F5F1B57EA2F046E14DB4C893868862BEAFC2A83E2E9098 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:30:57.0506 0x1788  wuauserv - ok
11:30:57.0538 0x1788  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:30:57.0569 0x1788  WudfPf - ok
11:30:57.0600 0x1788  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:30:57.0616 0x1788  WUDFRd - ok
11:30:57.0663 0x1788  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:30:57.0678 0x1788  wudfsvc - ok
11:30:57.0725 0x1788  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:30:57.0772 0x1788  WwanSvc - ok
11:30:57.0897 0x1788  [ 18539F85F3725BEE656E59BAC07D502C, 7D7AB2BEFBC7553D6A427365FA97030937629947B65ED5E5FF535B60AA5961BF ] {09F57980-3432-4AFC-957D-27AC45FAE1F5} C:\Program Files\CyberLink\PowerDVD13\Common\NavFilter\000.fcl
11:30:57.0913 0x1788  {09F57980-3432-4AFC-957D-27AC45FAE1F5} - ok
11:30:57.0944 0x1788  ================ Scan global ===============================
11:30:57.0975 0x1788  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
11:30:58.0006 0x1788  [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
11:30:58.0038 0x1788  [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
11:30:58.0069 0x1788  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
11:30:58.0116 0x1788  [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
11:30:58.0131 0x1788  [ Global ] - ok
11:30:58.0131 0x1788  ================ Scan MBR ==================================
11:30:58.0147 0x1788  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:30:58.0334 0x1788  \Device\Harddisk0\DR0 - ok
11:30:58.0334 0x1788  ================ Scan VBR ==================================
11:30:58.0334 0x1788  [ F5A3AD99D5A526724736F5032F6D5928 ] \Device\Harddisk0\DR0\Partition1
11:30:58.0334 0x1788  \Device\Harddisk0\DR0\Partition1 - ok
11:30:58.0350 0x1788  [ 64F9F5D305494D4D8E60A0465B821D7E ] \Device\Harddisk0\DR0\Partition2
11:30:58.0350 0x1788  \Device\Harddisk0\DR0\Partition2 - ok
11:30:58.0381 0x1788  [ AA2FD07C4AAB83D75D87882F1585B709 ] \Device\Harddisk0\DR0\Partition3
11:30:58.0381 0x1788  \Device\Harddisk0\DR0\Partition3 - ok
11:30:58.0381 0x1788  ================ Scan generic autorun ======================
11:30:58.0397 0x1788  APSDaemon - ok
11:30:58.0444 0x1788  [ 901AA7A38CE13F14B6BBEC38C0595698, 1E95F2048E2A1782807D52E9816ED267355718E24D01FF07ACE73D965EDE388A ] C:\Program Files\Microsoft Office\Office14\BCSSync.exe
11:30:58.0475 0x1788  BCSSync - ok
11:30:58.0538 0x1788  [ 1C3CA3E7807F915933BB4E08E599DDAB, F651143CB640767CC954D11E6580CCF16E7859A813A2C608AD7479C5FB9010F2 ] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe
11:30:58.0553 0x1788  SSBkgdUpdate - detected UnsignedFile.Multi.Generic ( 1 )
11:31:00.0913 0x1788  Detect skipped due to KSN trusted
11:31:00.0913 0x1788  SSBkgdUpdate - ok
11:31:00.0959 0x1788  [ C58578E2AE50C4085DC6991CACB1BD3B, 786D9A46EF6E7ABA7D9798FBBF441BB6167BA9C61A8F00FF599EE0E3089C9462 ] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
11:31:00.0975 0x1788  PaperPort PTD - detected UnsignedFile.Multi.Generic ( 1 )
11:31:03.0334 0x1788  Detect skipped due to KSN trusted
11:31:03.0334 0x1788  PaperPort PTD - ok
11:31:03.0366 0x1788  [ 065AB8E91D9675C6EFA1DBBEC92B6858, 4945644D4FFBF094475BE2E4FA64D6A40EA60D796EB01069E2CEA8F7C206B448 ] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
11:31:03.0366 0x1788  IndexSearch - detected UnsignedFile.Multi.Generic ( 1 )
11:31:05.0709 0x1788  Detect skipped due to KSN trusted
11:31:05.0709 0x1788  IndexSearch - ok
11:31:05.0819 0x1788  [ 4D5D968FE6AE6BF94A807F73F7FF6B3D, 3D5D5D775EE251C2B903AA8DA804AE4D1632DD59A8A0A36C545FE984FCFE06DD ] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
11:31:05.0866 0x1788  BrMfcWnd - detected UnsignedFile.Multi.Generic ( 1 )
11:31:08.0209 0x1788  Detect skipped due to KSN trusted
11:31:08.0209 0x1788  BrMfcWnd - ok
11:31:08.0256 0x1788  [ 4DE3EF07E0854547309C6B40235A9D44, F73D8E6D98583865D1C8DB728058D83C72A3908E21E04EF313FCB829C040A1EC ] C:\Program Files\Brother\ControlCenter3\brctrcen.exe
11:31:08.0272 0x1788  ControlCenter3 - detected UnsignedFile.Multi.Generic ( 1 )
11:31:10.0663 0x1788  Detect skipped due to KSN trusted
11:31:10.0663 0x1788  ControlCenter3 - ok
11:31:10.0694 0x1788  [ 9119B48B62562E8094FCBCCC9D21F16B, 83728AF3942D7EDA832AF8C92D47B3A49161417556B108ED0289C7F0B89CA8DB ] C:\Program Files\CyberLink\PowerDVD13\PowerDVD13Agent.exe
11:31:10.0725 0x1788  PowerDVD13Agent - ok
11:31:10.0803 0x1788  [ B895A1A6E0B59DD9A7416C176FB56893, 10BD17147FB13A31794C129220449A087FF49115C30906596E76E1B44CCD180F ] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
11:31:10.0819 0x1788  KiesTrayAgent - ok
11:31:10.0897 0x1788  [ 28DEF0EFB36D172EAA5A08EB09CF75DF, 62D07A28167AEBFB9511830BFBBEAAB17CC24D57FF8D07F1414D921135BC9024 ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
11:31:10.0928 0x1788  avgnt - ok
11:31:11.0006 0x1788  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
11:31:11.0084 0x1788  Sidebar - ok
11:31:11.0116 0x1788  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
11:31:11.0131 0x1788  mctadmin - ok
11:31:11.0178 0x1788  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
11:31:11.0209 0x1788  Sidebar - ok
11:31:11.0241 0x1788  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
11:31:11.0256 0x1788  mctadmin - ok
11:31:11.0256 0x1788  KiesAirMessage - ok
11:31:11.0459 0x1788  [ 08DFA176E4FC0E63ACD8EC854449D2B0, B8CA204C3F318CD9D12F61CDDA5C66184A48D6206F019AD11DB2605FDBEB288D ] C:\Users\Mex\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
11:31:11.0522 0x1788  Spotify Web Helper - ok
11:31:11.0538 0x1788  [ 706A181D11D8589B0A9E2625E72423CF, BC0624B3BF5312DF5B54D6B23ADD7C6E94708968E4ACC3340BE23A3E87A8D2E0 ] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
11:31:11.0553 0x1788  TomTomHOME.exe - ok
11:31:11.0616 0x1788  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
11:31:11.0647 0x1788  Sidebar - ok
11:31:11.0663 0x1788  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
11:31:11.0694 0x1788  mctadmin - ok
11:31:11.0694 0x1788  Waiting for KSN requests completion. In queue: 11
11:31:12.0694 0x1788  Waiting for KSN requests completion. In queue: 11
11:31:13.0694 0x1788  Waiting for KSN requests completion. In queue: 11
11:31:14.0772 0x1788  AV detected via SS2: Avira Antivirus, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 15.0.12.402 ), 0x40000 ( disabled : updated )
11:31:14.0772 0x1788  Win FW state via NFP2: enabled ( trusted )
11:31:17.0225 0x1788  ============================================================
11:31:17.0225 0x1788  Scan finished
11:31:17.0225 0x1788  ============================================================
11:31:17.0225 0x177c  Detected object count: 0
11:31:17.0225 0x177c  Actual detected object count: 0
11:40:39.0366 0x16d0  Deinitialize success

schrauber · 03.08.2015, 16:09

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Mex271284 · 04.08.2015, 19:45

Code:

ATTFilter

ComboFix 15-08-03.01 - Mex 04.08.2015  17:00:00.1.4 - x86
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.2047.1097 [GMT 2:00]
ausgeführt von:: c:\users\Mex\Desktop\ComboFix.exe
AV: Avira Antivirus *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Antivirus *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Mex\AppData\Local\assembly\tmp
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-07-04 bis 2015-08-04  ))))))))))))))))))))))))))))))
.
.
2015-08-04 15:07 . 2015-08-04 15:07	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2015-08-04 15:07 . 2015-08-04 15:07	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-08-02 22:27 . 2015-08-02 22:27	--------	d-----w-	c:\program files\VS Revo Group
2015-07-31 09:28 . 2015-08-04 15:07	--------	d-----w-	c:\users\Mex\AppData\Local\assembly
2015-07-29 20:45 . 2015-07-29 20:46	--------	d-----w-	c:\programdata\WinZip
2015-07-29 11:24 . 2015-07-29 11:24	--------	d-----w-	c:\programdata\TomTom
2015-07-29 11:20 . 2015-07-29 11:20	--------	d-----w-	c:\users\Mex\AppData\Roaming\TomTom
2015-07-29 11:19 . 2015-07-29 11:19	--------	d-----w-	c:\program files\TomTom HOME 2
2015-07-28 18:58 . 2015-07-25 17:47	587264	----a-w-	c:\windows\system32\generaltel.dll
2015-07-28 18:58 . 2015-07-25 17:47	628736	----a-w-	c:\windows\system32\invagent.dll
2015-07-28 18:58 . 2015-07-25 17:46	342016	----a-w-	c:\windows\system32\devinv.dll
2015-07-28 18:58 . 2015-07-25 17:46	924160	----a-w-	c:\windows\system32\appraiser.dll
2015-07-28 18:58 . 2015-07-25 17:46	58880	----a-w-	c:\windows\system32\acmigration.dll
2015-07-28 18:58 . 2015-07-25 17:46	202752	----a-w-	c:\windows\system32\aepdu.dll
2015-07-28 18:58 . 2015-07-25 17:40	932864	----a-w-	c:\windows\system32\aeinv.dll
2015-07-28 18:58 . 2015-07-25 17:51	15808	----a-w-	c:\windows\system32\CompatTelRunner.exe
2015-07-23 13:07 . 2015-07-23 13:07	--------	d-----w-	c:\users\Mex\AppData\Local\CEF
2015-07-21 12:46 . 2015-07-15 02:55	26624	----a-w-	c:\windows\system32\lpk.dll
2015-07-21 12:46 . 2015-07-15 02:55	10240	----a-w-	c:\windows\system32\dciman32.dll
2015-07-21 12:46 . 2015-07-15 02:55	34304	----a-w-	c:\windows\system32\atmlib.dll
2015-07-21 12:46 . 2015-07-15 01:52	299008	----a-w-	c:\windows\system32\atmfd.dll
2015-07-21 12:46 . 2015-07-15 02:55	70656	----a-w-	c:\windows\system32\fontsub.dll
2015-07-15 10:29 . 2015-07-09 17:43	2057216	----a-w-	c:\windows\system32\wuaueng.dll
2015-07-15 10:29 . 2015-06-01 23:47	210432	----a-w-	c:\windows\system32\cewmdm.dll
2015-07-15 10:29 . 2015-06-27 01:58	620032	----a-w-	c:\windows\system32\jscript9diag.dll
2015-07-15 10:29 . 2015-06-27 01:39	4520448	----a-w-	c:\windows\system32\jscript9.dll
2015-07-15 10:29 . 2015-07-02 21:08	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2015-07-15 10:29 . 2015-07-02 20:27	473600	----a-w-	c:\program files\Internet Explorer\ieinstal.exe
2015-07-15 10:29 . 2015-07-03 05:56	235216	----a-w-	c:\program files\Internet Explorer\sqmapi.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-08-03 08:52 . 2002-01-01 00:41	119512	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-08-03 08:51 . 2002-01-01 00:40	92888	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-07-26 12:02 . 2001-12-31 22:51	136728	----a-w-	c:\windows\system32\drivers\avipbb.sys
2015-07-26 12:02 . 2001-12-31 22:51	108448	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2015-07-15 15:23 . 2013-04-18 17:43	778416	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2015-07-15 15:23 . 2013-04-18 17:43	142512	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2015-05-25 18:07 . 2015-06-13 09:48	3989440	----a-w-	c:\windows\system32\ntkrnlpa.exe
2015-05-25 18:07 . 2015-06-13 09:48	3934144	----a-w-	c:\windows\system32\ntoskrnl.exe
2015-05-25 18:04 . 2015-06-13 09:48	1307648	----a-w-	c:\windows\system32\ntdll.dll
2015-05-25 18:01 . 2015-06-13 09:48	853504	----a-w-	c:\windows\system32\diagtrack.dll
2015-05-25 18:01 . 2015-06-13 09:48	635392	----a-w-	c:\windows\system32\tdh.dll
2015-05-25 18:01 . 2015-06-13 09:48	43008	----a-w-	c:\windows\system32\srclient.dll
2015-05-25 18:01 . 2015-06-13 09:48	400896	----a-w-	c:\windows\system32\srcore.dll
2015-05-25 18:01 . 2015-06-13 09:48	92160	----a-w-	c:\windows\system32\sechost.dll
2015-05-25 18:01 . 2015-06-13 09:48	38912	----a-w-	c:\windows\system32\csrsrv.dll
2015-05-25 18:01 . 2015-06-13 09:48	641536	----a-w-	c:\windows\system32\advapi32.dll
2015-05-25 18:00 . 2015-06-13 09:48	40448	----a-w-	c:\windows\system32\typeperf.exe
2015-05-25 18:00 . 2015-06-13 09:48	364544	----a-w-	c:\windows\system32\tracerpt.exe
2015-05-25 18:00 . 2015-06-13 09:48	69632	----a-w-	c:\windows\system32\smss.exe
2015-05-25 18:00 . 2015-06-13 09:48	262656	----a-w-	c:\windows\system32\rstrui.exe
2015-05-25 18:00 . 2015-06-13 09:48	37888	----a-w-	c:\windows\system32\relog.exe
2015-05-25 18:00 . 2015-06-13 09:48	82944	----a-w-	c:\windows\system32\logman.exe
2015-05-25 18:00 . 2015-06-13 09:48	17408	----a-w-	c:\windows\system32\diskperf.exe
2015-05-25 17:55 . 2015-06-13 09:48	6656	----a-w-	c:\windows\system32\apisetschema.dll
2015-05-25 16:53 . 2015-06-13 09:48	36864	----a-w-	c:\windows\system32\UtcResources.dll
2015-05-21 13:20 . 2015-06-13 09:51	163840	----a-w-	c:\windows\system32\aepic.dll
2015-05-19 13:47 . 2001-12-31 22:51	37896	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2015-05-09 03:14 . 2015-06-13 09:48	169984	----a-w-	c:\windows\system32\winsrv.dll
2015-05-09 03:13 . 2015-06-13 09:48	293376	----a-w-	c:\windows\system32\KernelBase.dll
2015-05-09 03:12 . 2015-06-13 09:48	271360	----a-w-	c:\windows\system32\conhost.exe
2015-05-09 03:08 . 2015-06-13 09:48	5120	---ha-w-	c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-09 03:08 . 2015-06-13 09:48	4608	---ha-w-	c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-09 03:08 . 2015-06-13 09:48	4096	---ha-w-	c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-09 03:08 . 2015-06-13 09:48	4096	---ha-w-	c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-09 03:08 . 2015-06-13 09:48	4096	---ha-w-	c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-09 03:08 . 2015-06-13 09:48	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-09 03:08 . 2015-06-13 09:48	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-09 03:08 . 2015-06-13 09:48	3584	---ha-w-	c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-09 03:08 . 2015-06-13 09:48	3584	---ha-w-	c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-09 03:08 . 2015-06-13 09:48	3584	---ha-w-	c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-09 03:08 . 2015-06-13 09:48	3584	---ha-w-	c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-09 03:08 . 2015-06-13 09:48	3584	---ha-w-	c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-09 03:08 . 2015-06-13 09:48	3584	---ha-w-	c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-09 03:08 . 2015-06-13 09:48	3072	---ha-w-	c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-09 03:08 . 2015-06-13 09:48	3072	---ha-w-	c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-09 03:08 . 2015-06-13 09:48	3072	---ha-w-	c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-09 03:08 . 2015-06-13 09:48	3072	---ha-w-	c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-09 03:08 . 2015-06-13 09:48	3072	---ha-w-	c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-09 03:08 . 2015-06-13 09:48	3072	---ha-w-	c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-09 03:08 . 2015-06-13 09:48	3072	---ha-w-	c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-09 03:08 . 2015-06-13 09:48	3072	---ha-w-	c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-09 03:08 . 2015-06-13 09:48	3072	---ha-w-	c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-09 03:08 . 2015-06-13 09:48	3072	---ha-w-	c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-09 03:08 . 2015-06-13 09:48	3072	---ha-w-	c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-09 01:59 . 2015-06-13 09:48	6144	---ha-w-	c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-09 01:59 . 2015-06-13 09:48	4608	---ha-w-	c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-09 01:59 . 2015-06-13 09:48	3584	---ha-w-	c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-09 01:59 . 2015-06-13 09:48	3072	---ha-w-	c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Mex\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Mex\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Mex\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="c:\users\Mex\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-12-22 1676344]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2015-07-13 248176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 57393]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 40960]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168]
"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688]
"PowerDVD13Agent"="c:\program files\CyberLink\PowerDVD13\PowerDVD13Agent.exe" [2013-03-20 513048]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2014-02-07 311616]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2015-07-26 782008]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2013-04-19 280576]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FAH.lnk - c:\program files\WinZip\FAH\FAHConsole.exe [2015-4-28 453808]
WinZip Preloader.lnk - c:\program files\WinZip\WzPreloader.exe [2015-4-28 126176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
R2 AntiVirMailService;Avira Email-Schutz;c:\program files\Avira\AntiVir Desktop\avmailc7.exe [2015-07-26 887128]
R2 AntiVirWebService;Avira Browser-Schutz;c:\program files\Avira\AntiVir Desktop\avwebg7.exe [2015-07-26 1213072]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2014-04-03 315008]
R3 athur;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athur.sys [2010-10-10 1564160]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2014-06-16 89856]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-06-19 102912]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [2012-09-10 18432]
R3 PID_0920;Logitech QuickCam Express(PID_0920);c:\windows\system32\DRIVERS\LV532AV.SYS [2005-01-31 163328]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2015-06-11 15872]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 603240]
R3 RtlWlanu;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtwlanu.sys [2012-11-07 1345168]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2014-06-16 184192]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2015-05-19 37896]
S2 {09F57980-3432-4AFC-957D-27AC45FAE1F5};Power Control [2013/05/13 13:15];c:\program files\CyberLink\PowerDVD13\Common\NavFilter\000.fcl [2013-03-19 09:08 76560]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2015-07-26 461672]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys [2015-03-17 37896]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-05-01 1394816]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-05-01 1772672]
S2 CyberLink PowerDVD 13 Media Server Monitor Service;CyberLink PowerDVD 13 Media Server Monitor Service;c:\program files\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [2013-03-20 77576]
S2 CyberLink PowerDVD 13 Media Server Service;CyberLink PowerDVD 13 Media Server Service;c:\program files\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [2013-03-20 323336]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2012-07-13 769432]
S2 RealtekCU;RealtekCU;c:\program files\REALTEK\USB Wireless LAN Utility\RtlService.exe [2012-05-10 36864]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2015-07-13 93040]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
utcsvc	REG_MULTI_SZ   	DiagTrack
.
Inhalt des "geplante Tasks" Ordners
.
2015-08-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-18 15:23]
.
.
------- Zusätzlicher Suchlauf -------
.
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Mex\AppData\Roaming\Mozilla\Firefox\Profiles\ktjfex7a.default-1424108997824\
FF - prefs.js: browser.startup.homepage - google.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-KiesAirMessage - c:\program files\Samsung\Kies\KiesAirMessage.exe
HKLM-Run-APSDaemon - c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
AddRemove-dm-Fotowelt - c:\program files\dm\dm-Fotowelt\uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
AddRemove-MyFreeCodec - c:\program files\MyFree Codec\1.0b beta\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{09F57980-3432-4AFC-957D-27AC45FAE1F5}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD13\Common\NavFilter\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_18_0_0_209_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_18_0_0_209_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-08-04  17:10:38
ComboFix-quarantined-files.txt  2015-08-04 15:10
.
Vor Suchlauf: 10 Verzeichnis(se), 17.590.566.912 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 17.517.072.384 Bytes frei
.
- - End Of File - - E5288E6DA7F461F87815B88DD797B1E1
A36C5E4F47E84449FF07ED3517B43A31

schrauber · 05.08.2015, 12:37

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Mex271284 · 12.08.2015, 23:30

Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 12.08.2015
Suchlaufzeit: 23:37
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.08.12.05
Rootkit-Datenbank: v2015.08.06.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: Mex

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 378756
Abgelaufene Zeit: 19 Min., 32 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)

(end)

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 12.08.2015
Suchlaufzeit: 23:37
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.08.12.05
Rootkit-Datenbank: v2015.08.06.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: Mex

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 378756
Abgelaufene Zeit: 19 Min., 32 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

Code:

ATTFilter

# AdwCleaner v4.208 - Bericht erstellt 13/08/2015 um 00:16:53
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-08-12.1 [Server]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (x86)
# Benutzername : Mex - MEX-PC
# Gestarted von : C:\Users\Mex\Downloads\AdwCleaner_4.208.exe
# Option : Suchlauf

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17937


-\\ Mozilla Firefox v39.0.3 (x86 de)


*************************

AdwCleaner[R0].txt - [2095 Bytes] - [07/05/2015 16:14:09]
AdwCleaner[R1].txt - [900 Bytes] - [01/01/2002 21:39:28]
AdwCleaner[R2].txt - [765 Bytes] - [13/08/2015 00:16:53]
AdwCleaner[S0].txt - [1940 Bytes] - [07/05/2015 16:15:33]
AdwCleaner[S1].txt - [958 Bytes] - [01/01/2002 21:41:22]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [940 Bytes] ##########

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.6 (08.10.2015:1)
OS: Windows 7 Ultimate x86
Ran by Mex on 13.08.2015 at  0:21:22,08
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\Users\Mex\Documents\add-in express



~~~ FireFox

Emptied folder: C:\Users\Mex\AppData\Roaming\mozilla\firefox\profiles\ktjfex7a.default-1424108997824\minidumps [5 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13.08.2015 at  0:23:42,11
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

schrauber · 13.08.2015, 14:49

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Mex271284 · 14.08.2015, 23:10

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=9d60371f40c1b14db5918d92c424b9c3
# engine=23798
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2002-01-01 04:24:11
# local_time=2002-01-01 05:24:11 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 0 19842 0 0
# scanned=182732
# found=8
# cleaned=0
# scan_time=4432
sh=08131ADF7C15E801A902E72ADA9DBA8EF81AD101 ft=1 fh=0e19461b6ef503f8 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Mex\AppData\Local\Temp\DMR\dmr_72.exe"
sh=A9CF41990CB60C37D9FE458A47E7B43B0832E7A0 ft=1 fh=f9b3b81e21ef69c2 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Mex\Downloads\Free Image Convert and Resize - CHIP-Installer.exe"
sh=4F3D4A1C274F6B442A42696276AE7A6798ED18D5 ft=1 fh=d31357c2e8d7b763 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Mex\Downloads\Image Resizer - CHIP-Installer.exe"
sh=E2C028A886AA7352539DEE32CBB38770C529A76E ft=1 fh=d2aeb2930bcba9f7 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Mex\Downloads\PDFCreator-1_7_3_setup.exe"
sh=A2E404DD3E80B3873FF4F61796815F2324C6A51F ft=1 fh=7d2f5c83e01b4e55 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Mex\Downloads\Skype - CHIP-Installer.exe"
sh=C370A47FB59FF2A33ABB8B4BC34A4226C90041E0 ft=0 fh=0000000000000000 vn="Variante von Win32/Systweak.L evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Mex\Downloads\wz185gev-32.msi"
sh=48C93BBDD6043054F4559780619F582DACE81949 ft=0 fh=0000000000000000 vn="Variante von Win32/Systweak.L evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Mex\Downloads\wz190gev-64.msi"
sh=C370A47FB59FF2A33ABB8B4BC34A4226C90041E0 ft=0 fh=0000000000000000 vn="Variante von Win32/Systweak.L evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\316b86.msi"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=9d60371f40c1b14db5918d92c424b9c3
# end=init
# utc_time=2015-08-14 10:50:03
# local_time=2015-08-14 12:50:03 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 25274
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=9d60371f40c1b14db5918d92c424b9c3
# end=updated
# utc_time=2015-08-14 10:54:14
# local_time=2015-08-14 12:54:14 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=9d60371f40c1b14db5918d92c424b9c3
# engine=25274
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-08-14 12:02:55
# local_time=2015-08-14 02:02:55 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 8459826 429718166 0 0
# scanned=196380
# found=7
# cleaned=0
# scan_time=4120
sh=A9CF41990CB60C37D9FE458A47E7B43B0832E7A0 ft=1 fh=f9b3b81e21ef69c2 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Mex\Downloads\Free Image Convert and Resize - CHIP-Installer.exe"
sh=4F3D4A1C274F6B442A42696276AE7A6798ED18D5 ft=1 fh=d31357c2e8d7b763 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Mex\Downloads\Image Resizer - CHIP-Installer.exe"
sh=E2C028A886AA7352539DEE32CBB38770C529A76E ft=1 fh=d2aeb2930bcba9f7 vn="Win32/InstallMonetizer.AQ evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Mex\Downloads\PDFCreator-1_7_3_setup.exe"
sh=A2E404DD3E80B3873FF4F61796815F2324C6A51F ft=1 fh=7d2f5c83e01b4e55 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Mex\Downloads\Skype - CHIP-Installer.exe"
sh=A22F56C07830EAC1BC2F5DEE843D875C0D002449 ft=0 fh=0000000000000000 vn="Win32/Adware.Hicosmea.I Anwendung" ac=I fn="C:\Users\Mex\Downloads\update v1.6.msi"
sh=777BC5300727ABB48A599766D46B35D1BB1A9C54 ft=0 fh=0000000000000000 vn="Variante von Win32/Systweak.L evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Mex\Downloads\wz195gev-32.msi"
sh=777BC5300727ABB48A599766D46B35D1BB1A9C54 ft=0 fh=0000000000000000 vn="Variante von Win32/Systweak.L evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Windows\Installer\2a88dc1.msi"

Code:

ATTFilter

 Results of screen317's Security Check version 1.006  
 Windows 7 Service Pack 1 x86 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Antivirus   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Java 8 Update 31  
 Java version 32-bit out of Date! 
 Adobe Flash Player 	18.0.0.232  
 Adobe Reader XI  
 Mozilla Firefox (40.0.2) 
````````Process Check: objlist.exe by Laurent````````  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:14-08-2015 01
durchgeführt von Mex (Administrator) auf MEX-PC (15-08-2015 00:08:55)
Gestartet von C:\Users\Mex\Desktop
Geladene Profile: Mex & UpdatusUser (Verfügbare Profile: Mex & UpdatusUser)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(brother Industries Ltd) C:\Windows\System32\brsvc01a.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(brother Industries Ltd) C:\Windows\System32\brss01a.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(CyberLink) C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe
(CyberLink) C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe
(Realtek Semiconductor Corp.) C:\Program Files\REALTEK\USB Wireless LAN Utility\RtlService.exe
(Realtek Semiconductor Corp.) C:\Program Files\REALTEK\USB Wireless LAN Utility\RtWLan.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(ScanSoft, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Spotify Ltd) C:\Users\Mex\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(Nico Mak Computing) C:\Program Files\WinZip\FAH\FAHWindow32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [155648 2003-10-14] (Scansoft, Inc.)
HKLM\...\Run: [PaperPort PTD] => C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [57393 2005-03-17] (ScanSoft, Inc.)
HKLM\...\Run: [IndexSearch] => C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [40960 2005-03-17] (ScanSoft, Inc.)
HKLM\...\Run: [BrMfcWnd] => C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM\...\Run: [ControlCenter3] => C:\Program Files\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM\...\Run: [PowerDVD13Agent] => C:\Program Files\CyberLink\PowerDVD13\PowerDVD13Agent.exe [513048 2013-03-20] (CyberLink Corp.)
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-07] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [782008 2015-07-26] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3692795522-2443571778-2170560698-1000\...\Run: [Spotify Web Helper] => C:\Users\Mex\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-22] (Spotify Ltd)
HKU\S-1-5-21-3692795522-2443571778-2170560698-1000\...\Run: [TomTomHOME.exe] => C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [248176 2015-07-13] (TomTom)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-04-19] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2015-07-29]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAH\FAHConsole.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2015-07-29]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mex\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mex\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mex\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3692795522-2443571778-2170560698-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-25] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-25] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{609297EB-7CCC-4113-9B47-DDD072709332}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{884D6D72-8A1D-4BBC-A30E-5DADC7C5E5E8}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{98E67B42-03EC-4692-957F-FC1B00CCF51C}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{BCB18027-A92E-4BE8-BEDE-14B9D7CE17B9}: [DhcpNameServer] 208.67.222.222 208.67.220.220
Tcpip\..\Interfaces\{C6DAB380-362F-4135-B6EE-881FA15C5E77}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Mex\AppData\Roaming\Mozilla\Firefox\Profiles\ktjfex7a.default-1424108997824
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2013-02-25] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-25] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @Nero.com/KM -> C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-12-19] (Nero AG)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2013-02-25] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-04-11] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3692795522-2443571778-2170560698-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2013-02-25] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-08-14]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-07-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [461672 2015-07-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [461672 2015-07-26] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-07-26] (Avira Operations GmbH & Co. KG)
R2 Brother XP spl Service; C:\Windows\system32\brsvc01a.exe [57344 2004-06-14] (brother Industries Ltd)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 CyberLink PowerDVD 13 Media Server Monitor Service; C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [77576 2013-03-20] (CyberLink)
R2 CyberLink PowerDVD 13 Media Server Service; C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [323336 2013-03-20] (CyberLink)
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [769432 2012-07-13] (Nero AG)
R2 RealtekCU; C:\Program Files\REALTEK\USB Wireless LAN Utility\RtlService.exe [36864 2012-05-10] (Realtek Semiconductor Corp.) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5491984 2015-05-13] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 athur; C:\Windows\System32\DRIVERS\athur.sys [1564160 2010-10-11] (Atheros Communications, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108448 2015-07-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136728 2015-07-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2015-05-19] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [37896 2015-03-17] (Avira Operations GmbH & Co. KG)
S3 eapihdrv; C:\Users\Mex\AppData\Local\Temp\ehdrv.sys [135760 2015-08-14] (ESET)
R3 LVUSBSta; C:\Windows\System32\DRIVERS\LVUSBSta.sys [22016 2005-01-31] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [98520 2015-08-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl.sys [18432 2012-09-10] (Apple Inc.) [Datei ist nicht signiert]
S3 PID_0920; C:\Windows\System32\DRIVERS\LV532AV.SYS [163328 2005-01-31] ()
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1345168 2012-11-07] (Realtek Semiconductor Corporation                           )
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [31848 2015-06-19] (Avira Operations GmbH & Co. KG)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2012-12-13] (Apple, Inc.) [Datei ist nicht signiert]
R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5}; C:\Program Files\CyberLink\PowerDVD13\Common\NavFilter\000.fcl [76560 2013-03-19] (CyberLink Corp.)
S3 catchme; \??\C:\Users\Mex\AppData\Local\Temp\catchme.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-15 00:08 - 2015-08-15 00:08 - 00000000 ____D C:\Users\Mex\Desktop\FRST-OlderVersion
2015-08-15 00:02 - 2015-08-15 00:02 - 00852684 _____ C:\Users\Mex\Desktop\SecurityCheck.exe
2015-08-14 12:49 - 2015-08-14 12:49 - 02870984 _____ (ESET) C:\Users\Mex\Downloads\esetsmartinstaller_deu(1).exe
2015-08-14 11:32 - 2015-08-14 19:01 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-08-14 10:28 - 2015-08-14 10:28 - 00000000 ____D C:\Users\Mex\Documents\Add-in Express
2015-08-13 00:23 - 2015-08-13 00:23 - 00000918 _____ C:\Users\Mex\Desktop\JRT.txt
2015-08-13 00:21 - 2015-08-12 00:16 - 01798040 _____ (Malwarebytes Corporation) C:\Users\Mex\Desktop\JRT.exe
2015-08-13 00:15 - 2015-08-13 00:15 - 00001208 _____ C:\Users\Mex\Desktop\mbam.txt
2015-08-12 11:26 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 08:17 - 2015-07-28 22:04 - 00015808 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 08:17 - 2015-07-28 22:00 - 00952832 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 08:17 - 2015-07-28 22:00 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 08:17 - 2015-07-28 22:00 - 00598528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 08:17 - 2015-07-28 22:00 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 08:17 - 2015-07-28 22:00 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-12 08:17 - 2015-07-28 22:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 08:17 - 2015-07-28 21:54 - 00934400 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 08:17 - 2015-07-20 19:56 - 02943488 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 08:17 - 2015-07-20 19:56 - 02061312 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 08:17 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 08:17 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 08:17 - 2015-07-20 19:56 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 08:17 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 08:17 - 2015-07-20 19:56 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-12 08:17 - 2015-07-20 19:56 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-12 08:17 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 08:17 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-12 08:17 - 2015-07-20 19:56 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-12 08:17 - 2015-07-10 19:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 08:17 - 2015-07-10 19:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-12 08:17 - 2015-07-10 19:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-12 08:17 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 08:17 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 08:17 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 08:17 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 08:16 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 08:16 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 08:16 - 2015-07-30 19:57 - 00909824 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 08:16 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-12 08:16 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 08:16 - 2015-07-30 19:57 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-12 08:16 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-12 08:16 - 2015-07-30 18:52 - 02384384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 08:16 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 08:16 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-12 08:16 - 2015-07-16 22:20 - 19870208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-12 08:16 - 2015-07-16 22:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-12 08:16 - 2015-07-16 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-12 08:16 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 08:16 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-12 08:16 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 08:16 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-12 08:16 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-12 08:16 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 08:16 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 08:16 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-12 08:16 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 08:16 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 08:16 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 08:16 - 2015-07-16 21:39 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-12 08:16 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-12 08:16 - 2015-07-16 21:32 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-12 08:16 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 08:16 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 08:16 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-12 08:16 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 08:16 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 08:16 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 08:16 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 08:16 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 08:16 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 08:16 - 2015-07-16 21:06 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-12 08:16 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-12 08:16 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 08:16 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 08:16 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 08:16 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-08-12 08:16 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 08:16 - 2015-07-15 19:59 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-12 08:16 - 2015-07-15 19:59 - 00078784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 08:16 - 2015-07-15 19:59 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-12 08:16 - 2015-07-15 19:56 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 08:16 - 2015-07-15 19:55 - 01159168 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 08:16 - 2015-07-15 19:55 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-12 08:16 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-12 08:16 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-12 08:16 - 2015-07-15 19:55 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-12 08:16 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-12 08:16 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-12 08:16 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-12 08:16 - 2015-07-15 19:55 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-12 08:16 - 2015-07-15 19:54 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-12 08:16 - 2015-07-15 19:54 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-12 08:16 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-12 08:16 - 2015-07-15 19:54 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-12 08:16 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-12 08:16 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-12 08:16 - 2015-07-15 19:54 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-12 08:16 - 2015-07-15 19:54 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 08:16 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-12 08:16 - 2015-07-15 19:54 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-12 08:16 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-12 08:16 - 2015-07-15 19:54 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 08:16 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-12 08:16 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-12 08:16 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-12 08:16 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-12 08:16 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-12 08:16 - 2015-07-15 18:36 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-12 08:16 - 2015-07-15 18:36 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-12 08:16 - 2015-07-15 18:36 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-12 08:15 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 08:15 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 08:15 - 2015-07-15 04:55 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 08:15 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-12 08:15 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-12 08:15 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 08:15 - 2015-05-09 20:09 - 00715200 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-11 20:51 - 2015-08-11 20:51 - 01797896 _____ (Malwarebytes Corporation) C:\Users\Mex\Downloads\JRT(1).exe
2015-08-11 20:50 - 2015-08-11 20:51 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Mex\Downloads\mbam-setup-2.1.8.1057.exe
2015-08-11 20:50 - 2015-08-11 20:50 - 02248704 _____ C:\Users\Mex\Downloads\AdwCleaner_4.208.exe
2015-08-04 17:10 - 2015-08-04 17:10 - 00018445 _____ C:\ComboFix.txt
2015-08-04 16:55 - 2015-08-04 17:10 - 00000000 ____D C:\Qoobox
2015-08-04 16:55 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-08-04 16:55 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-08-04 16:55 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-08-04 16:55 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-08-04 16:55 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-08-04 16:55 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-08-04 16:55 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-08-04 16:55 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-08-04 16:54 - 2015-08-04 17:08 - 00000000 ____D C:\Windows\erdnt
2015-08-04 16:51 - 2015-08-04 16:51 - 05634591 ____R (Swearware) C:\Users\Mex\Desktop\ComboFix.exe
2015-08-03 11:28 - 2015-08-03 11:29 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Mex\Downloads\tdsskiller(1).exe
2015-08-03 10:51 - 2015-08-03 11:24 - 00000000 ____D C:\Users\Mex\Desktop\mbar
2015-08-03 00:35 - 2015-08-03 00:35 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Mex\Downloads\tdsskiller.exe
2015-08-03 00:31 - 2015-08-03 00:31 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Mex\Downloads\mbar-1.09.1.1004(1).exe
2015-08-03 00:27 - 2015-08-03 00:27 - 00001186 _____ C:\Users\Mex\Desktop\Revo Uninstaller.lnk
2015-08-03 00:27 - 2015-08-03 00:27 - 00000000 ____D C:\Program Files\VS Revo Group
2015-08-03 00:26 - 2015-08-03 00:26 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Mex\Downloads\revosetup95.exe
2015-07-31 15:29 - 2015-07-31 15:29 - 00033975 _____ C:\Users\Mex\Desktop\Addition.txt
2015-07-31 15:28 - 2015-08-15 00:08 - 01678336 _____ (Farbar) C:\Users\Mex\Desktop\FRST.exe
2015-07-31 15:28 - 2015-08-15 00:08 - 00014951 _____ C:\Users\Mex\Desktop\FRST.txt
2015-07-31 11:52 - 2015-07-31 11:52 - 00000000 ____D C:\Users\Mex\Desktop\Fürstengartenstr. 13
2015-07-29 22:45 - 2015-07-29 22:46 - 00000000 ____D C:\ProgramData\WinZip
2015-07-29 22:45 - 2015-07-29 22:45 - 00002155 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2015-07-29 22:45 - 2015-07-29 22:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2015-07-29 22:45 - 2015-07-29 22:45 - 00000000 ____D C:\Program Files\WinZip
2015-07-29 22:41 - 2015-07-29 22:42 - 68745216 _____ C:\Users\Mex\Downloads\wz195gev-32.msi
2015-07-29 13:24 - 2015-07-29 13:24 - 00000000 ____D C:\ProgramData\TomTom
2015-07-29 13:20 - 2015-07-29 13:20 - 00000000 ____D C:\Users\Mex\Documents\TomTom
2015-07-29 13:20 - 2015-07-29 13:20 - 00000000 ____D C:\Users\Mex\AppData\Roaming\TomTom
2015-07-29 13:19 - 2015-07-29 13:19 - 00000000 ____D C:\Program Files\TomTom HOME 2
2015-07-29 13:16 - 2015-07-29 13:16 - 31109864 _____ C:\Users\Mex\Downloads\TomTomHOME2winlatest.exe
2015-07-29 11:50 - 2015-07-29 11:50 - 00010230 _____ C:\Users\Mex\Desktop\Miete.xlsx
2015-07-27 18:17 - 2015-07-27 18:17 - 01668096 _____ C:\Users\Mex\Downloads\update v1.6.msi
2015-07-26 14:04 - 2015-07-26 14:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-07-23 17:02 - 2015-07-24 10:30 - 00000000 ____D C:\Users\Mex\Desktop\Focus Pdf
2015-07-23 16:56 - 2015-07-23 16:56 - 00000000 _____ C:\Users\Mex\Downloads\download.php
2015-07-23 15:07 - 2015-07-23 15:07 - 00000000 ____D C:\Users\Mex\AppData\Local\CEF
2015-07-23 10:27 - 2015-08-14 12:46 - 00012031 _____ C:\Users\Mex\Desktop\pws.xlsx

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-15 00:08 - 2002-01-01 21:28 - 00000000 ____D C:\FRST
2015-08-14 23:32 - 2013-04-18 16:08 - 01253846 _____ C:\Windows\WindowsUpdate.log
2015-08-14 23:23 - 2013-04-18 19:43 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-14 21:31 - 2013-05-12 23:12 - 00000000 ____D C:\Users\Mex\AppData\Roaming\TV-Browser
2015-08-14 19:15 - 2009-07-14 06:34 - 00020480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-14 19:15 - 2009-07-14 06:34 - 00020480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-14 19:01 - 2013-04-18 19:43 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-08-14 19:00 - 2014-08-11 20:50 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2015-08-14 19:00 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-14 19:00 - 2009-07-14 06:39 - 00112224 _____ C:\Windows\setupact.log
2015-08-14 11:10 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-08-13 00:17 - 2015-05-07 16:14 - 00000000 ____D C:\AdwCleaner
2015-08-12 23:36 - 2002-01-01 02:41 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-12 23:35 - 2002-01-01 21:08 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware 
2015-08-12 21:23 - 2013-04-18 19:43 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-08-12 21:23 - 2013-04-18 19:43 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-08-12 20:04 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-08-12 19:58 - 2009-07-14 06:33 - 00409064 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-12 19:56 - 2014-12-14 18:27 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-12 19:56 - 2014-05-12 00:54 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-12 19:56 - 2009-07-14 10:47 - 00000000 ____D C:\Windows\system32\Drivers\de-DE
2015-08-12 19:56 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2015-08-12 11:31 - 2013-09-13 00:26 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 11:28 - 2009-10-14 04:21 - 129304528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-09 10:27 - 2013-04-19 16:53 - 00508864 _____ C:\Windows\PFRO.log
2015-08-04 17:10 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Default
2015-08-04 17:10 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Public
2015-08-04 17:08 - 2009-07-14 04:04 - 00000215 _____ C:\Windows\system.ini
2015-08-03 11:24 - 2002-01-01 02:41 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-08-03 10:41 - 2009-11-10 20:44 - 01628044 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-29 13:20 - 2014-06-21 15:16 - 00000000 ____D C:\Users\Mex\AppData\Local\TomTom
2015-07-29 13:19 - 2014-07-11 12:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2015-07-29 13:18 - 2014-07-30 11:43 - 00000000 ____D C:\Users\Mex\AppData\Local\Downloaded Installations
2015-07-29 13:18 - 2014-06-21 15:16 - 00000000 ____D C:\Program Files\TomTom International B.V
2015-07-26 14:02 - 2002-01-01 00:51 - 00136728 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-07-26 14:02 - 2002-01-01 00:51 - 00108448 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-07-25 10:46 - 2015-04-07 22:13 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-23 10:30 - 2002-01-02 04:46 - 00000000 ____D C:\Users\Mex\Desktop\Immobilieninfos
2015-07-20 22:07 - 2015-02-16 22:17 - 00000128 _____ C:\Users\Mex\Desktop\neue pws.txt
2015-07-17 10:25 - 2014-05-30 15:37 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

Einige Dateien in TEMP:
====================
C:\Users\Mex\AppData\Local\Temp\avgnt.exe
C:\Users\Mex\AppData\Local\Temp\Quarantine.exe
C:\Users\Mex\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-12 11:23

==================== Ende vom raportu ============================

schrauber · 15.08.2015, 11:14

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

C:\Users\Mex\AppData\Local\Temp\DMR\dmr_72.exe

C:\Users\Mex\Downloads\Free Image Convert and Resize - CHIP-Installer.exe

C:\Users\Mex\Downloads\Image Resizer - CHIP-Installer.exe

C:\Users\Mex\Downloads\PDFCreator-1_7_3_setup.exe

C:\Users\Mex\Downloads\Skype - CHIP-Installer.exe

C:\Users\Mex\Downloads\wz185gev-32.msi

C:\Users\Mex\Downloads\wz190gev-64.msi

C:\Windows\Installer\316b86.msi

C:\Users\Mex\Downloads\update v1.6.msi

C:\Users\Mex\Downloads\wz195gev-32.msi

C:\Windows\Installer\2a88dc1.msi
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2015-07-29]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).